Is The TikTok Truthfully a Security Threat to U. S. National Security?

Is The TikTok Truthfully a Security Threat to U. S. National Security?

Many people are excited about the TikTok technologies takeover by U.S. companies. Will that resolve the national security interest? Anyone with technical knowledge of how these IT systems are developed and IT security infrastructures knows that it is all semantics and empty talk of how to remake something that was flawed in its conception. If the issue is truthfully to protect our national security, indebt analysis will show that every fruit of a poisoned tree is poisoned and kills whoever ate of it. In computer programing, we say garbage in = garbage out.

If the U.S. companies are buying over TikTok to kill the technology and no one will use it, then it is safe. If it is to buy it and use the popular name to rebrand something else or another wholly new technology, it will work, so long everything of the old is destroyed, and whole new system is built on that name brand. Such take over, break down, and repackage new of new systems, will take some amount of time though: research and work to write new codes and algorithm with the required artificial intelligence and infrastructural network, takes time and resources. I doubt that anyone will do such, when it will cost less to have new system made and put the name TikTok on another device and systems.

If it is good to buy TikTok and rework it, it must not be that bad. If U.S. company can rework the old system, then it had no serious national security issue in the first place, but simply a reciprocal U. S. government intervention against a Chinese government that always took American companies and their technologies. How much a security threat is TikPok and what is the price tag on its security flaws?

If it is as huge as reported, how can anyone fix a software and/or hardware they did not build, do not know where the backdoors are, and all the bugs hidden in it, and can they rework it? IT core systems flaws are not simply resolved by buying the company and running it, as normal purchases that occur regularly. Even at that, it often fails. Is that not why Sprint became huge liability for the company that took it over? Did Nextel survive and what was the cost to the company that purchased it? How about Blackberry? One of the most secured cell phone America produced is still struggling to find its feet. If you can trust the Chinese to tell you everything they have built into TikTok, why not ask them instead of tearing it down? We know better not to trust an untrustworthy foe.

IT system is not a piece of metal or wood that you can analyze the chemical composition in a lab and come up with exact component or impurities. Building any IT system starts with carefully planned and thoughtful design process, development, core, platform, structure, clientele, and all other infrastructure and it has to be very futuristic, or else it will flop. It is easy to say that one can use computer or hire specialist to go through the codes line by line, byte by byte, and bit by bit to find any security flaw. Such process will cost more to go through than building brand new system and it makes no business or technology sense.

So, President Trump, beware of what they are presenting to you. Remember these investors are the same globalist, protecting their friends and business interest first before our national security or Americans’ lives, rights, and properties, and trust not any promise or guarantees. Verify, authenticate, validate, test, retest, monitor, and protect.

Ebelechukwu Elochukwu

CEO/Chief Technology Officer

usqualities.com

Privacy and IT Security in App Development

Jesus came and saved humans from destructive nature of hell, but he was a carpenter at the same time. The creative nature of God was evident in him. Sometimes I comment about secular works we do alongside our works of faith. Ministers must all work as the Apostles and disciples of Christ did. To depend solely on Church for living is not what Christ showed us and not what God had commanded. Genesis 2:9-15, 2 Thessalonians 3:3-16.

Today, I comment on my discovery that Adobe shared my personal information on the dark web, which they had no permission to do. I also had been suspicious of Adobe cloud technology as fascinating products but in a weak system. For instance, I sent someone an encrypted file for signature but before I could send the person the key to decrypt it and sign it. He called me to discuss the content of the document. I was confused at first and had to make sure that I did not previously send him the encryption key before asking him how he opened the document.

Once I did that, I inquired from the person how he accessed the document. He opened the encrypted document and read it on both his phone and computer without password, just like that. No encryption key was requested from the document recipient. I went back to my cloud storage to access the file, it required the encryption key that I created before opening it for me. The question then is, how come the recipient who had no computer training or hacking skill opened the document without the acrobat file demanding the encryption key before opening? Adobe told me he must have hacked into the document. Their response is the same old fashion denial of issue instead of acknowledging and solving the problem.

Lots of conversation is going on now about China and their stealing of our patents and intellectual properties but more need to be done about protecting it, especially regarding its security. We cannot open our front and back doors; creating escape tunnels and turn around and complain that thieves have stolen our properties or robbed us.

What happened to the good old days? When I was a kid, we used to play car games. Boys loved Mercedes Benz because of the ad saying then that the manufacturers guaranteed all Mercedes Benz by sealing their engines built to last forever and if it ever breaks down, overturns in any speed on the road or failed to protect you and your family from death during accident, you will come and get a new car and huge compensation. Then, BMW was separate from Mercedes Benz and has exact same promise. Volvo made the same promise too, like almost their competitors. Then the strength and culture of every company is to build the highest quality that anyone can ever build. Competition was never about profit or how cheap it is made. It was about what quality is the product and consumers patronize manufacturers based on their quality standards. It is all gone!

Global commerce has placed the means of production in places where the integrity and standard of production may not be urgent or important therefore depriving consumers great value for their money paid and creating many issues like privacy and security flaws. If God wanted humans to disregard our privacies, He would have shared the secrets in your heart with the public, hence He knows everything, and nothing is hidden from God. Men-of-God with such gift of secret knowledge would have been permitted by God to share such personal and private revelations with the public. Imagine a world where everyone secret is made public.

We should reconsider our cultural values and rethink our standard of production of goods and services at a competitive rate and markets.

Greed is not the same as profit and that is why God forbids greed. Luke 12:15 and Colossians 3:5 speak to this. Whoever engages in honest works or does good is rewarded with abundance harvest. 2 Corinthians 9:8. Why cheat is abundance has been promised. That is why such companies do not last. They disappear over time.

In conclusion, It is my hope and desire that our U.S. government, especially the United States JAB and 3 PAO’s through its Cybersecurity Asset Management tools ensures that systems, particularly foreign domiciled ones or persons comply with the risk management framework established in NIST standards and FedRAMP requirements and processes.

Google, Apple, and many company built its core products and principles by welcoming inputs from users and consumers and letting the technology evolve into the best around their consumers. Now, we are observing more and more erratic behaviors and outright punishment of anyone who provides constructive criticism or disagreement with companies at the core of these technological innovations.

If you disagree with any company, they ban you from their community or environment. Such behavior will kill inventions and innovations as the core value of western civilization. In college, we teach people and build our educational systems around robust constructive criticism without which research is useless. Our educational systems and institutions that hold modern civilization together will disintegrate because it will not even be tested for validity, authenticity, accuracy, integrity and strength. Without constructive criticism, human reasoning and rational will be too flawed to support any progressive society. If everyone is right, no one is right.

The public needs the protection of their governments as oversight and eagle eyes watching and testing what people are offering the public. Packaging the same products over and over again without any reasonable changes or development to maximize profit while lying to the public and deceiving unsuspecting people who are ignorant of how these systems work is stone cold greed. It proves the death of humanity because conscience is entirely absent in such conducts.

Ebelechukwu Elochukwu

IT Security is very challenging and only vigilance and preventive measure can protect your systems

IT Security is very challenging and only vigilance and preventive measure can protect your systems

Facebook just reported this week about an Israeli security firm called NSO development of a spyware which they sell to governments around the world to hack into communication devices. This spyware was used to hack into the Whatsapp calling function to call the target phone and install the surveillance app. NSO client use buffer overflow vulnerabilities in the Whatsapp Voice over Internet Protocol (VoIP) stacks to enforce remote code execution via series of Secured Real-time Transport Protocol (SRTCP) packets sent to a target phone number.

This attack occurred because it is most likely that there is no code signing technology deployed in Whatsapp and its encryption and digital signature could not keep the spyware out. The fact that there was code injection using this vulnerability shows deeper flaw in the development of the app core or root of trust and its code signing and input validation capabilities. If the Whatsapp code is not signed, how come any data injection is not stopped by impute validation system?

Hence specific details are not provided (it is standard IT security policy though), it is also possible the NSO spyware attack utilized the Dynamic Link Library (DLL) injection, which compromises system memory and manipulating it into running the spyware as an authentic command. It does not seem that Whatsapp has a detective control or deterrent control or preventive control systems to prevent this kind of attacks.

With the money they spent in purchasing the app, you will think they will invest in thorough security sweep of the app to ensure this kind of flaws are prevented. Anyway, without boring you with IT technical terms, it goes to the unconscionable conducts of big tech which undermines to ethical and professional standard of the whitehat hackers and computer programmers.

We have heard how Boeing offered security features of something as big and critical system like aircraft as an optional feature and we have people showing sympathy for them. It is all about dollar and no emphasis on the security and privacy of consumers in protecting human life.

Anyway, I am mentioning this because it is a lie that this problem was recently found in Whatsapp. I suffered same attack since over two years now, warned people, mentioned about the surveillance on my devices on Facebook and Twitter posts, and this problem is not just on Whatsapp alone. Other communication networks like AT & T and T – Mobile has been compromised and so was Viber app, different communication systems like calling card technologies, conference calls and internet calls.

These Tech companies should start taking the ethics of this very important future industry for the world (IT) very serious and take the fiduciary duty of care to include consumers just as they take their shareholders’. Like NSO responded, it is all about money. No more privacy, after all, the consumers do not care about their own privacy. They share everything in social media. So, there is no motivation for the industry to spend more money providing security feature that the people do not care about having.

I have been telling people that many of these apps are not safe, that there is spyware hidden in my phones by people surveilling me, I have changed phones and each time, they find their way into new phones using the same or other vulnerabilities. The congress has been silent and provides no oversight over the irresponsibility of these tech people and blackhat hackers. Every cybersecurity specialist should be ashamed of this kind of embarrassment and cover ups. It makes us look bad!

Ebelechukwu P. Elochukwu

Technology

Computer & IT Systems Securities

Information Technology Infrastructure and Computer System Securities

Inventions and innovations change the world! Although, our major operations serve more individuals and small businesses, enterprise clientele possesses great wealth of opportunity and investment that change the world. We are an original and authentic enterprise solution provider. We cannot invent, innovate, and manufacture computer technologies without cloud and enterprise infrastructure.

Enterprise Infrastructures

Enterprise architectural models like TOGAF, IBM, Amazon, Google, Apple, and Microsoft is the direction of enterprise IT infrastructure today. They all have the same principle. Big and cheap is good in resource scaling and management. No matter the modifications or the programing differences, we are on top of the demands of rapid changes in the computer industry.

We work with each enterprise to understand its specific needs or business model or type and therefore, support modifications that best suits the client. There are other models, which may be integrated or combined with TOGAF or IBM etc. Due to many modifications and many IT business desires to develop their own cloud infrastructure or reseller programs, many hybrid models exist. To be clear, Cloud and Enterprise infrastructure are two different systems, but are scalable and interoperable. Both systems are more complimentary than most people understand. However, it requires the right engineers and technicians to put them together and maintain them. That is where we come in!

Cloud Infrastructures

Cloud solutions are dramatically changing the way we design information technology and system securities, redundancy, resiliency, and disaster recovery. The cloud infrastructure changes the fundamentals of base designs. For instance, the ability to design for low-side, base-level traffic flows, and higher water-mark or hybrid systems are excellent and efficient, if properly executed. Designing for anticipated high-watermark levels is futuristic, projective, fore sighting, and visionary. It stimulates inventions and innovations. If you share these views, then, you are at the right one stop business and investment center. We have the solutions you need!

While still talking about cloud, you should know that your footprint size and the amount of redundant infrastructure have been dramatically changed by the cloud technology in both footprint size and the amount of redundant infrastructure needed in single site and multiple site designs. The Cloud has also changed the way we design global load balancing, database and data center, storage, and failover systems resiliency. Interoperability is huge when developing enterprise infrastructure. For instance, how to develop two different infrastructural systems for resiliency, e.g., cloud and web farm servers working together from two different platforms and locations of the world, is challenging and should be well planned.

Planning and development is mostly about scalability and integrability of systems. Whether the enterprise architecture is cloud or not, its development could be IaaS, PaaS, SaaS and TaaS (Tool as a Service) or BPaaS (Business Process as a Service) or CaaS (Communication as a Service). Our IT Team skills encompass all these infrastructures and inclusive of security perspectives, in design, integrating emerging technologies, and prevention and defense of threats in the initiation/development of such systems.

Information Technology and System Securities

We perform data collection, information management, business and supply acquisitions, research, and development. Part of these technology development processes is the implementation, operations and sunset management. We also provide Enterprise Architectures’ (EA) solutions for the main sectors: business, community, private or hybrid information, application, integration, security, and technology systems or components. We manage emerging changes that will affect EA design, e.g., cloud, deployment, development, governance, strategy, management, and sustenance. We follow well developed ethical standards for these developments, operations, maintenance, and sunset.

FedRAMP and RMF protocols from the US government and other international standards like ISO provides us strict guidelines and manuals needed in computer industry, Payment Card Industry (PCI), cloud enterprise architecture, and enterprise infrastructures in general.

Information Technology Services

EBICC provide cybersecurity services. We are vigilant performer and delivers excellent Risk Management Framework & FedRAMP compliance services, ensuring no network gap or network gap; according to the needs of the clients. We provide system security control initiation/categorization, selection, implementation, authorization process and continuous monitoring. We test, detect, and remedy system security control issues. We are highly proficient in implementing FIPPS 199 & 200 and NIST (800-60 Vol. 1 & 2, 800-18, 800-53 rev. 4, 800-63, and 800-137 for monitoring the systems) in all contracted systems within the network.

We also direct or manage efficient and effective system security controls administration with 99.99% uptime by applying preemptive and preventive methodology at all steps: categorization, security planning, security control selection, implementation, security assessment, vulnerability scanning, pentest, standard test & evaluation (ST & E), security plan of action & milestone (PoA & M), authorization to operate (ATO)/E-authorization assessment and process, and continuous monitoring. We conduct threat, risk, and vulnerability assessment, mitigation, and analysis of CIA core security goals.

Additionally, we conduct Business Impact Analysis (BIA). Our IT service team use Security Life Cycle Approach using NIST 800?37 Rev 1 in delivering FedRAMP: CSP, 3PAOs, JAB & P-ATO Security services.

We build custom made enterprise, business and personal computers, Network, VPN, VMs, RDA and configurations, installations, IT database administration, and security services. We conduct CJIS security awareness training and system security training.

IT Service Team Professional Skills and Competencies

? Cyber-Law ? IT Governance ? IT Risk Assessment ? Certification and Accreditation (C&A) activities (Assessment & Authorization) ? Security Core Goals: Confidentiality-Integrity-Availability (CIA) ? IT security ? Security Architecture Management ? Risk Management Framework ? FedRAMP ? System Categorization ? Selection of Security Controls ? Implementation of the Security Controls ? Assessment of the Security Controls ? Authorization ? Continuous Monitoring ? Systems Security Plans (SSP) ? Security Tests and Evaluations (ST&Es) ? System Life Cycle Development & Applications ? Security Assessment & Authorization (SAA) ? Plan of Action & Milestone (PoA & M) ? Security Assessment Plan (SAP) ? E-Authorization (Digital Identity) ? Interconnection Agreement Drafting ? Business Impact Analysis (BIA) ? Systems Management and Application Virtualization ? Websites Apps Integration and Configuration ? Web Server System Administration & Analysis ? Web Information, Infrastructural and Technology Designing ? Ecommerce Web Portal Designing ? FISMA Reporting ? IT System Administration ? Research & Development ? Security Policy & Technical Writing ? Information Assurance & Privacy Compliance.

Conclusion

Information System Security is changing, cybersecurity threat is a real critical system challenge that damages any personal, business, and government infrastructure and institutions. IT systems are the new front of national, personal, public, internal, and international security, war, activism, and crime. Modern civilization, society and people are always threatened by the risk and vulnerability exposures to competitors, enemies, criminals, and nations. Without protection or adequate protection, chance of survival is slim, and damage or disaster is inevitable. We can help you prevent these disastrous realities. EBICC have been doing this since 1996 and 2002 in the United States.

Our team have extensive skills, education, certifications, and understanding of security laws, policies, procedures, and best practices that can protect government, system owners, information owners, businesses, persons, and institutions, who cannot function without adequate security and protection from malicious attacks, corporate espionage and activism.

We bring peace of mind to you and your enterprise and your security problems become ours to solve by detecting, identifying, containing, and preventing security threats, vulnerabilities, and risks facing your IT systems, organization or institutions. Give us a call at 1-800-792-3126 Ext 100

Ebelechukwu Elochukwu

Chief Technology Officer

Know your wood!!!

Wood can change color depending on its finish, its exposure to light, and its exposure to the environment. Appearance can differ depending on the type of wood, and other natural processes mineral streaks and grain. As a result, there might be variations in the way the furniture you have purchased appears when you receive it. However, whenever you look at it, you will appreciate the outstanding natural beauty of woodcraft. Please take a moment to review some characteristics associated with your choices of wood. As you have seen, we list our furniture by wood type. This shows you how particular we are about the type of wooden furniture we sell you . We will give you the best your money can buy. You will get all your money’s worth, PLUS MORE!

Maple

Maple is close-grained strong hardwood. It is mostly off-white in color and sometimes has light shades of yellow-brown and pink. The grains can be straight, wavy or curly. During the finishing process, the streaks cause the stain to darken.

Oak

Oak is open-grained wood which may vary from closely-knitted grain to a sweeping arch pattern. Its color varies from white to yellow or reddish-brown. Its streak varies it can have green, yellow or black deposits.

Pine

Pine is a softwood with a straight and closely patterned grain. It is known for its many knots that gives it different color changes within the same piece. Its color varies from white to yellow or pink

Cherry

Cherry is a hardwood loved for its elegant multicolored nature. Sometimes it has a pinkish-brown shade with a white, green, pink or gray tone. These color variations may be improved by the stains. This beautiful looking hardwood may darken with time. However, it will continue to look elegant.