Milton William Cooper FOIA Oklahoma City Waco Texas Timothy McVeigh

See document:

Windows devices with newest CPUs are susceptible to data damage

Microsoft has warned today that Windows devices with the newest supported processors are susceptible to "data damage" on Windows 11 and Windows Server 2022.

"Windows devices that support the newest Vector Advanced Encryption Standard (AES) (VAES) instruction set might be susceptible to data damage," the company revealed today.

Devices affected by this newly acknowledged known issue use AES-XTS (AES XEX-based tweaked-codebook mode with ciphertext stealing) or AES-GCM (AES with Galois/Counter Mode) block cipher modes on new hardware.

While Microsoft mentions the data loss risks on affected systems, the company does not elaborate on what customers should expect if they're hit by this issue.

Issue fixed in May and June Windows updates

Microsoft says the issue was addressed to prevent further data damage in preview and security releases issued on May 24 and June 14, respectively.

However, these Windows updates also come with a performance hit since AES-based operations might be two times (2x) slower after installing them on affected systems running Windows Server 2022 and Windows 11 (original release).

Scenarios impacted by the performance hit might include BitLocker, Transport Layer Security (TLS) (specifically load balancers), and disk throughput (especially for enterprise customers).

"We added new code paths to the Windows 11 (original release) and Windows Server 2022 versions of SymCrypt to take advantage of VAES (vectorized AES) instructions," Microsoft said when describing the cause of the issue.

"SymCrypt is the core cryptographic library in Windows. These instructions act on Advanced Vector Extensions (AVX) registers for hardware with the newest supported processors."

Workaround for the performance hit

Customers experiencing performance degradation are advised to install June 23 preview update (Windows 11, Windows Server 2022) or the July 12 security update (Windows 11, Windows Server 2022) for their OS version as a workaround.

Microsoft says these Windows updates will restore initial performance metrics once installed on affected devices.

"If this affects you, we strongly urge you to install the May 24, 2022 preview release or the June 14, 2022 security release, as soon as possible, to prevent further damage," Microsoft added.

"Performance will be restored after you install the June 23, 2022 preview release or the July 12, 2022 security release."

Comment:

h_b_s

"Data damage" the new marketing gloss over for "data loss" and "filesystem corruption". Don't be fooled. It's yet another case where Microsoft's bungled agile development practices have screwed the pooch. Their testing harnesses are entirely inadequate to support the massive legacy code bases they have to support in the time scales they need to release.

Source:bleepingcomputer.com

Digital ID parties at Dictator Dan's

Dan Andrews support teams are having a digital identification chip implanted into their bodies in order to conduct cashless transactions and celebrating this fact preemptively that it will be 'mandated' on the Victorian population after his election win in November 2022.

Information has been obtained from a source close to Andrews with regards to what he is planning after an election win.

Cashless transactions are a priority of the 'Nanny State' agenda authorities around the world are implementing on the serfs.

'Tap & Go' has been a feature of your physical (credit/debit) card for a while now, where data is only exchanged between two devices, where that data's initial journey is to the financial services institution where it gets distributed to unknown entities to you.

With the advent of the smart phone together with apps, the tap & go feature has been embedded in the phone, but now other parties can have access to data emanating from your phone.

This is great news for 'advertisers', who can be quite easily masquerading as government actors or 'NGOs' (Non Government Organisations) and corporations that support this nanny state style of commerce.

The smartphone is so large and cumbersome and is so 'last year' where you can also use a smart watch for cashless transactions.

Why use a smart watch as it is large cumbersome and so 'last month' compared to a smart ring.

What the Andrews government will do is 'promote' the use of an implanted RFID chip for those who wish to participate in the trial.

Remember the CallerID 'trial' in Victoria that became a standard?

The Australian population has also participated in another trial, as stated by the health minister Greg Hunt on the 21^st of February 2021, where now the serfs are urged to get a 'quadrella' of shots, which the judiciary is exempt from (What??? !!! ???? Don't Judicial Lives Matter too???), but that is digression.

See Hunt's statement:

“The world is engaged in the largest clinical trial, the largest global vaccination trial ever, and we will have enormous amounts of data. “

within the link:

https://www.health.gov.au/ministers/the-hon-greg-hunt-mp/media/interview-with-david-speers-on-abc-insiders-on-the-covid-19-vaccine-rollout

This nanny state agenda will not come into force akin to the frog in boiling water trick.

Over time, services will be decreased for those who do not have a cashless transaction method available to them, limiting their movements and participating in the 'digital economy' (or rather society) the governments are now starting to promote heavily.

As you have seen over the past few years Victoria has a be test bed, a PsyOp as to what governments and corporations can get away with.

Your silence and participation is acquiescence.

Data breach disclosure law in Australia

The colony has taken quite some time to enact law that may protect consumers/workers/public servants with regards to the I.T world in particular that of data breaches, which have been going on for a few decades now, and the lack of reporting them.

The law is ultra quick to act with regards to gazetting speed measuring equipment which is heavily relied upon for revenue raising, under the pretext of safety.

On February 22, 2018 the Federal Government’s new Scheme for the mandatory reporting of cybersecurity breaches that result in the loss of personal data came into effect. Every private and public company with annual turnover of $3 million or more, listed or not, is now required to report a cyber breach to the Office of the Australian Information Commissioner (OAIC) and notify affected customers as soon as they become aware of a breach.

The threshold for notification under the new Act is more onerous than most other global jurisdictions, with the test based on whether the breach “is likely to result” in serious harm to an affected individual. Mandatory reporting relieves companies from having to make judgement calls about materiality – ANY breach that ‘is likely to result in serious harm’ to an individual will be reportable. This could occur when there is unauthorised access to, disclosure or loss of customer information held by an entity. Such information includes personal details, credit reporting information, credit eligibility information, and tax file number information. Companies must report the breach within 72 hours.

On 22 February 2018, the Privacy Act 1988 (Cth) (the Act) was amended to introduce a mandatory data breach notification regime, the Notifiable Data Breaches scheme (NDB scheme). Australian Privacy Principle (APP) entities bound by the Act must now report specified breaches of privacy.  

Such data breaches must be notified to the Office of the Australian Information Commissioner (OAIC). In addition, individuals that are likely to suffer serious harm as a result of that breach must also be notified. Businesses need to act quickly to contain and address such privacy breaches, and practitioners need to be aware of the requirements and the time frames for action.

The Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth) amended the Act to bring into force the NDB scheme. The legislation introduces a set of onerous reporting obligations for those already bound by privacy obligations under the Act. The OAIC is already reporting a flurry of activity in this area. This article outlines the provisions of the NDB scheme and provides examples of how it may apply in practice.

The new data breach notification regime will apply to those already bound by the Act, including businesses with an annual turnover of $3 million or more. Such entities are called APP entities.

news.com.au behind the scenes data collection

One of the most important metrics in data collection is that of your identity or your device's identity which can then be used to identify your 'person'.

Corporations want or rather need you use apps for their online content (also classified as 'entertainment') in order to profit from you.

In the case of Rupert Murdoch's 'news' empire, a catchy phrase was coined "be on it", meaning be on the platform, as in download the app, even though using a browser will suffice.

In the above example we can see that a request is made to obtain your device identity prior to viewing a video.

You can either allow or block this.

If an app was downloaded, then this permission would be automatically granted and bother parties Google and the 'entertainment' empire would have your device identity, which would then identify you.

A recommendation would be not to download entertainment company's apps where open source apps are recommended, rather than the closed source apps that corporations hide privacy invading data grabbing code.