On July 4, 2017, North Korea tested a missile which it claims to be its first intercontinental missile. North Korea claimed, and Japan’s Chief Cabinet Secretary confirmed, the missile dubbed the Hwasong-14 ICBM flew for 40 minutes up to an altitude of 1,500 miles, well above the orbital altitude of the International Space Station. A more depressed trajectory, this mid-range missile could reach Alaska. They followed their test with threats of widespread destruction against the United States. Shinzo Abe, the Prime Minister of Japan, declares that North Korea continues to “ignore the repeated warning from the international community.”
On July 5, 2017, Nikki Haley, U.S. Ambassador to the United Nations, delivered the following speech to the United Nations:
Thank you, Mr. President.
To my friends on the Security Council, I must say that today is a dark day. It is a dark day because yesterday’s action by North Korea made the world a more dangerous place. Their illegal missile launch was not only dangerous, but reckless and irresponsible. It showed that North Korea does not want to be part of a peaceful world. They have cast a dark shadow of conflict on all nations that strive for peace.
Yesterday’s act came from the same vicious dictator who sent a young college student back home to his parents unresponsive and in a coma. For Americans, the true nature of the North Korean regime was painfully brought home with the images of two guards holding Otto Warmbier up as they transported him from a prison he should never have been in.
Otto Warmbier is but one person out of millions who have been killed, tortured or deprived of their human rights by the North Korean regime. To Americans, the death of one innocent person can be as powerful as the death of millions because all men and women are created in God’s image. Depravity toward one is a sure sign of willingness to do much more harm.
The nature of the North Korean regime is clear. Only the scale of the damage it does could become different. That’s why yesterday’s escalation is so alarming. If North Korea will treat an innocent young student the way it treated Otto Warmbier, we should not be surprised if it acts barbarically on a larger scale.
The United States does not seek conflict. In fact, we seek to avoid it. We seek only the peaceful denuclearization of the Korean peninsula and an end to the threatening actions by North Korea. Regrettably, we’re witnessing just the opposite. Make no mistake, North Korea’s launch of an ICBM is a clear and sharp military escalation.
The North Korean regime openly states that its missiles are intended to deliver nuclear weapons to strike cities in the United States, South Korea and Japan. And now it has greater capacity to do so.
In truth, it is not only the United States and our allies that are threatened. North Korea’s destabilizing escalation is a threat to all nations in the region and beyond. Their actions are quickly closing off the possibility of a diplomatic solution.
The United States is prepared to use the full range of our capabilities to defend ourselves and our allies. One of our capabilities lies with our considerable military forces. We will use them if we must, but we prefer not to have to go in that direction. We have other methods of addressing those who threaten us and of addressing those who supply the threat.
We have great capabilities in the area of trade. President Trump has spoken repeatedly about this. I spoke with him at length about it this morning. There are countries that are allowing, even encouraging, trade with North Korea in violation of U.N. Security Council resolutions. Such countries would also like to continue their trade — such countries would also like to continue their trade arrangements with the United States. That’s not going to happen.
Our attitude on trade changes when countries do not take international security threats seriously. Before the path to a peaceful solution is entirely closed, however, there remains more that the international community can and must do diplomatically and economically. In the coming days, we will bring before the Security Council a resolution that raises the international response in a way that is proportionate to North Korea’s new escalation.
I will not detail the resolution here today, but the options are all known to us. If we are unified, the international community can cut off the major sources of hard currency to the North Korean regime. We can restrict the flow of oil to their military and their weapons program. We can increase air and maritime restrictions. We can hole senior regime officials accountable.
The international community has spoken frequently against the illegal and dangerous actions of the North Korean regime. For many years, there have been numerous U.N. sanctions against North Korea, but they have been insufficient to get them to change their destructive course.
So in order to have an impact, in order to move North Korea off its military escalation, we must do more. We will not look exclusively at North Korea. We will look at any country that chooses to do business with this outlaw regime. We will not have patience for stalling or talking our way down to a watered-down resolution.
Yesterday’s ICBM escalation requires an escalated diplomatic and economic response. Time is short. Action is required. The world is on notice. If we act together, we can still prevent a catastrophe and we can rid the world of a grave threat. If we fail to act in a serious way, there will be a different response.
Much of the burden of enforcing U.N. sanctions rests with China; 90 percent of trade with North Korea is from China. We will work with China. We will work with any and every country that believes in peace.
But we will not, repeat, the inadequate approaches of the past that have brought us to this dark day.
We cannot forget the multiple missile tests this year, or yesterday’s escalation.
We cannot forgot Otto Warmbier and others North Korea continues to hold. We cannot forget the threats to our friends and allies around the world.
We will not forget, and we will not delay.
Let’s examine North Korea’s position:
Impeachment headlines are all the rage these days, and Google images is fully of all sorts of Impeach Trump buttons, banners, and bumper stickers, but it’s an utterly mindless rage, one fueled by hate and ignorance, not rationality, sound reasoning, or understanding of the law.
People, listen up! Please get an education so you know what you’re talking about.
Speaking of impeachment (and education):
“The House of Representatives shall chuse their Speaker and other Officers; and shall have the sole Power of Impeachment.” – Article I, Section 2.
Do you really think a House controlled by conservatives/Republicans will impeach Donald Trump? No more than a House controlled by liberals/Democrats impeached Obama for his impeachable offenses. Unlike Trump, Obama actually committed impeachable offenses.
“The Senate shall have the sole Power to try all Impeachments. When sitting for that Purpose, they shall be on Oath or Affirmation. When the President of the United States is tried, the Chief Justice shall preside: And no Person shall be convicted without the Concurrence of two thirds of the Members present.” – Article I, Section 3
Do you really think you will ever be able to get a two-thirds majority of the Senate to rule against President Trump with more than half the Senate is conservative/Republican? Good luck with that…
“Judgment in Cases of Impeachment shall not extend further than to removal from Office, and disqualification to hold and enjoy any Office of honor, Trust or Profit under the United States…” – Article I, Section 3
Hillary stepped down so that she wouldn’t be impeached over Benghazigate. Had she been impeached, she would have been ineligible to run for President. The Demoncrap party saw the handwriting on the wall and chose the lesser of two evils so that she might actually have a shot at the Presidency in 2016. It was clear she was being groomed for that very role for a long time. Thankfully, enough voters recognized her for the crook she is.
“The President … shall have Power to grant Reprieves and Pardons for Offences against the United States, except in Cases of Impeachment.” – Article II, Section 2
When Obama pardoned over 2,000 criminals, he grossly violated Constitutional authority as most of those criminals had not committed any crimes “against the United States.” Rather, most of them had violated various state laws, over which Obama had ZERO authority to grant either a reprieve or pardon. That state’s governor, yes. Obama, no.
“The President, Vice President and all civil Officers of the United States, shall be removed from Office on Impeachment for, and Conviction of, Treason, Bribery, or other high Crimes and Misdemeanors.” – Article II, Section 4
President Donald Trump has committed absolutely zero instances of treason, bribery, high crimes, or misdemeanors. In fact, he personally hired a rather large legal team in order to prevent any such discretion.
BOTTOM LINE: President Donald Trump will NEVER be impeached, and for some very sound reasons:
1. He’s never committed any impeachable offences as defined by and required by the Constitution in order to be impeached.
2. You’ll never get a conservative/Republican House to impeach a Republican president.
3. You’ll never get a conservative/Republican Senate to cough up the two thirds votes required to convict.
Our Founding Fathers knew that one day, there would be a bunch of blithering idiots throughout our land who would incessantly cry “Impeach Trump! Impeach Trump! Impeach Trump!” They made impeachment difficult for precisely that reason, to prevent blithering idiots from disrupting the normal operations of government on the basis of nothing other than mob rule.
Now, while libtards and Demoncraps have every Constitutional right to continue blathering on about this issue if it makes them feel better, much like all babies need a good cry every now and then, it’ll never happen, because of the aforementioned reasons, unless Donald Trump actually does, one day in the future, commit a clearly impeachable offense.
And no, you cannot make this happen simply by whining about it louder, longer, harder, or by throwing more money at it. The U.S. Constitution is “the supreme Law of the Land” for a reason, and We the People are going to follow it, whether you like it or not.
After spending a couple of hours on a post, I inadvertently forgot to:
1. Copy my work
2. Log back in
3. Recreate the title
4. Post my work
However, no message forum user should ever have to remember to follow these four steps during a single session. Unfortunately, since one of my favorite message forum’s installation of vBulletin does not preserve the post (it does on most other vBulletin forums, including my own), the inevitable result is that the post (and my time) is lost. A user’s long, hard work winds up being met with the following message, along with the complete loss of his or her work:
Therefore, I’m going to ask them again to please change the timeout from its current setting.
Here’s why: Overly short timeouts are the least effective way to increase forum security. By changing other parameters, you can make your forum many millions of times more secure than by greatly inconveniencing users with puny timeouts.
Only slightly complicating this problem is the fact that there are two issues at work. Actually, there are many, but given what the admins can quickly and easily change, it only involves two issues: Brute-force attacks and man-in-the-middle attacks. The login timeout involves man-in-the-middle attacks. Put simply, while you’re logged in, someone listening in to the data transmissions between your computer and the forum’s servers can easily locate the session key. However, that’s useless to them unless they’re able to crack it while the session key is in play, then use it to log into using the sniffed user’s account, and change their password, e-mail information, etc.
All that nets them, however, is that individual user’s login credentials. It cannot hack the system itself. Furthermore, even the guest session uses a 32 character session hash. Given 96 available characters, that’s a keyspace of 2.70819E+63. In case you’re wondering, and according to Steve Gibson of Gibson Research Corporation, it would take a massive cracking array capable of one hundred trillion guesses per second at least 6.22 thousand trillion trillion trillion centuries to exhaust this session hash. If one wanted to be 99.9999% certain it couldn’t be found, then it would still take 6.22 billion trillion trillion centuries to crack.
Not only is that an extremely long time, more than a trillion trillion times longer than the age of the entire universe, it’s also the reason why maintaining a short login time is not merely petty, but it’s pathetic, as well.
Let’s work through some examples to see how this works:
– Login timeout: 20 min
– Min password length: 7 characters
– Max number of retries: 5
– Retry lockout: 15 minutes
Example 1: Change login timeout to 10 min
Result: This halves the time a man-in-the-middle attack can intercept a login. However, these attacks are only good during that particular session. Unless the attack cuts off communication with the user, the moment that user logs off, that key is cleared and the attack is halted. In the meantime, users are greatly inconvenienced by constantly being booted off the server every time they grab a lock snack, make dinner, or are busy working on a long post.
Result: It only makes the bad guys work twice as hard.
Bottom line: Login timeouts are so pathetically and ridiculously ineffective (see the 6.22 trillion trillion trillion centuries explanation above) that it’s best to set them to 12 hours, if not 24 hours, and use other, far, far, far more effective means as described below:
Example 2: Change the min password length to 8 characters.
Result: Since 96 characters are available for passwords, this makes the bad guys work 96 times harder. That’s 48 times more effective than halving the login timeout.
Bottom line: Increase the min password length to 8, thereby gaining 48 times more effectiveness in deterring a brute-force attack.
Speaking of passwords, you can also enforce a ban on dictionary passwords and/or the use of at least one each of upper, lower, numbers, and special characters. That results in an increase in security of between several thousand-fold to trillions.
Example 3: Reduce the max number of retries to 2 (total of 3 tries)
Result: This halves the number of times a brute-force approach can crack the password. However, if the min password length is set to 7, that’s 75,144,747,810,816 possible passwords. Thus, instead of giving them 6 chances to work miracles, you’re giving them 3 chances to work miracles. Regardless, merely by using reasonable values for the max retries and retry lockout, you’ve already defeated the brute force approach, completely.
Bottom line: It’s better to leave it at 5 retries.
Example 4: Increase the Retry Lockout to 30 minutes.
Result: This just ticks people off. The whole point of combining the use of the min password retries and retry lock out is to limit the long-term ability of anyone to brute-force attack any particular user’s login.
Bottom line: Leave it at 15 minutes.
With 5 total tries and a retry delay of 15 minutes, you’re limiting the system to a maximum of 20 tries per hour, or 480 tries in a 24-hour period. Compared to 75,144,747,810,816 possible passwords, that’s nothing. Well, actually, it’s next to nothing. Specifically, it’s 6.387671e-12. Put another way, you’re at least 99.999999999361% “safe.” However, that’s simply by combining an attempt limit and retry lockout with an 8 character password minimum. Those who use a 9 or 10 char password receive 96 to 9,216 times more protection.
With all of the above in mind, here’s an expert vBulletin administrator’s advice:
– Login timeout: 24 hours (1,440 min)
– Min password length: 8 characters
– Enforce no dictionary words: Yes
– Enforce the use of upper, lower, numbers, and special chars: No
– Max number of retries before lockout: 3
– Retry lockout: 5 minutes
Now, if you’d like to double the trillion trillion trillion centuries (or more) level of protection afforded with the settings above, for just $18 a year, you can Convert Your vBulletin Installation to HTTPS (SSL/TLS).
There are even four pages on Facebook’s user community wherein a growing number of people are reporting the same issue.
These facts and the details I provide below form the basis of my belief that Facebook’s “malicious software” detection is either riddled with errors or is totally bogus, perhaps even Facebook’s way of getting people to download their “partnered” anti-“malicious software” on an individual’s computer in order to spy on users’ machines.
When this happened two weeks ago, I wrote them the following letter. I promised I would hide this blog post if they permanently removed the “malicious software” flag in their system. After five days, they did just that and I was able to log in. This morning, however, I receive the “malicious software” message again, so I made this blog post visible once more, and will likely keep it until Facebook publically acknowledges that at the very least, their “malicious software” flag has nothing to do with whatever Facebook detects on a users’ computer (it can’t, due to the browser’s security), but rather, it’s tied to individual user accounts.
On the afternoon of June 6th, 2017, while in the middle of typing a post on Facebook via my primary FB account, I received the following popup message from Facebook that states:
“Hi (name), we’re continuously working to keep your account secure. We’ve noticed that this device may be infected with malicious software. To continue to use Facebook, you can either use other devices or clean this device by downloading the scanner provided by Facebook and Trend Micro.”
In your Terms of Service, under Section 2, “Sharing Your Content and Information,” you specifically state, “You [the user] own all of the content and information you post on Facebook.”
Since that’s indeed the case under U.S. Copyright Law, why are you blocking MY access to MY information?
I am an IT security specialist with 29 years of experience. I have written 24 security-related articles for Network World, and authored security-related documentation during my 20+ years as an officer in the U.S. Air Force. Therefore, please take me seriously when I affirm this problem does not exist on any local computer which I have used to log into Facebook, but rather, on your network, and specifically, my account on your network.
Just to be absolutely certain, however, I conducted the following series of tests:
I tried “other devices.” In fact, I tried 7 completely different machines:
- neighbor 1
- neighbor 2
- public library 1
- public library 2
- my spare computer
- my local machine
I tried them in 6 different geographic locations, using 3 different ISPs:
- Peak Internet
I also tested two browsers (Chrome and Firefox) on all of those, along with Opera on two of them.
In all seven cases (19 test cases, total), the following results remained consistent: Logging in with my primary account resulted in the “malicious software” error message on all machines, locations, and ISPs, but logging in with any other account resulted in a clean login regardless of machine, location, or ISP. Of these 7 machines, four were running Norton Security, and the other three ran Kaspersky, Avast, and AVG.
Therefore, it is unequivocally clear that this issue is not a problem inherent in any of the local machines, subnets, geographical locations, browsers, Internet Service Providers, or antivirus software.
Rather, it is most certainly a problem with either Facebook’s servers in general, or with my primary Facebook account as hosted on your servers.
Since that is without a doubt the case, running your mandated software from any four of your partners on my local machine would accomplish absolutely nothing, yet risks unauthorized disclosure of my personal information, infection of my computer, or even the introduction of a virus at the local machine’s administrator level by whoever hacked my Facebook account.
To be quite fair, as a direct result of your non-communication policy, I have absolutely no way of knowing whether or not this “malicious software” pop-up is legitimate or if it is itself a malicious hack of my account designed to get me to run ransomware as an administrator on my local machine. At the very least, the way you go about holding the account hostage and forcing us to download the software not from one of your security partners but from some other site is highly suspicious.
However, to that end, I made a note of your partners: Trend Micro, Kaspersky, ESET, and F-Secure. I then proceeded to use their trial versions (only three had trial versions) to thoroughly scan and clean my machine.
I then repeated the above tests to see if my local machine had absolutely anything to do with the issue, at all.
No. The results of the tests remained the same. Furthermore, five people successfully logged onto Facebook using both my primary and backup machines, regardless of their geographic location, the browser used, or the ISP.
Clearly, my machine is not the issue. It’s my account. Either Facebook wrongly blocked my account with their “malicious software” hack, believing that a virus exists on my side of their firewall (absolutely not, as has been abundantly demonstrated by the test procedures given above), or my account has been hacked from inside of Facebook’s firewalls by someone who really is trying to use it as a way of hacking my local machine.
Facebook: The problem resides solely on your side of the net. Please stop trying to get us to run your software on our machines. We’re already running the world’s best anti-virus and anti-malware software, including from at least one of your four security partners. As I have clearly demonstrated, there is absolutely nothing I can do on my end that will fix this problem, and that includes running your mandated software. The problem is on your end. Fix the problem on your end, and the problem will be solved.
Again, I am an IT security specialist with 29 years of experience. I have written 20+ security-related articles for Network World, and authored security-related documentation during my 20+ years as an officer in the U.S. Air Force. Therefore, please take me seriously when I affirm this problem does not exist on local computers, but rather, on your network.
Name witheld by request
M.S. Management (Project Management)
MBA (Technology Management)
B.S. Finance, Insurance, and Business Law