Doomscroll News

Category: Security

  • The California Insurrection: A Planned Betrayal

    The California Insurrection: A Planned Betrayal

    The chaos that erupted in Los Angeles is no spontaneous uprising; it is a meticulously planned and ongoing insurrection fueled by a toxic alliance of foreign enemies and domestic traitors. The betrayal runs from the streets to the highest offices of the state. It’s a conspiracy where federal taxpayer money is funneled to the very groups organizing the insurrection. This support was made explicit on August 30, 2024, when Mayor Karen Bass’s office announced she had secured major federal support for the Coalition for Humane Immigrant Rights (CHIRLA), creating a direct pipeline from the U.S. government to a key organizer of the insurrection. CHIRLA’s own action fund listed her as a supporter of the DREAM Act in late 2017.

    At the heart of the violence is the Party for Socialism and Liberation (PSL), a disciplined Marxist cadre providing the ideological framework for the insurrection; they actively engage in propaganda efforts that mirror Chinese state media, defending the CCP’s actions in Hong Kong and its internal policies. The PSL’s connection to this insurrection is not incidental; they are the ideological core, providing the anti-American framework and organizational discipline for the insurrection you see on the streets.

    (more…)
  • Don’t Ground ‘Quiet Skies’: A Proposal for Smarter, Safer Aviation Security

    Don’t Ground ‘Quiet Skies’: A Proposal for Smarter, Safer Aviation Security

    The recent announcement that the TSA is ending its “Quiet Skies” program has been framed as a victory against wasteful spending and political misuse. While any program that costs taxpayers millions and is used to target political opponents deserves scrutiny, scrapping Quiet Skies entirely is a dangerously simplistic solution. I have a nuanced critique: the core concept of the program is not only sound but essential. The problem wasn’t the mission; it was the flawed execution and political weaponization. Instead of ending the program, we should be reforming it into a smarter, more effective tool that truly secures our nation.

    First, the idea of using dedicated analysts and undercover air marshals is a good one. However, their mission should be dovetailed with other tangible needs in our struggling aviation sector. Imagine if their observational data could be used for quality control or to assist our overburdened Air Traffic Control system. This would add immense value beyond pure counter-terrorism and justify the program’s existence on multiple fronts.

    (more…)
  • America’s Solar Achilles’ Heel: BRICS’ Dominance and the Path to Energy Insecurity

    America’s Solar Achilles’ Heel: BRICS’ Dominance and the Path to Energy Insecurity

    Here are key problems with relying heavily on solar energy, particularly when facing a dominant manufacturing bloc like BRICS:

    1. The BRICS’ Leverage (Supply Chain Manipulation): With BRICS, and overwhelmingly China, controlling over 80% of all solar panel manufacturing stages (and nearing 95% for crucial upstream components like polysilicon and wafers), they hold immense leverage. They can strategically restrict the export of panels, components, or raw materials, effectively throttling another nation’s ability to build, maintain, or repair its solar infrastructure. This creates a powerful tool for geopolitical pressure.
    2. Cost Competitiveness (Exploitable Dependency): China is the most cost-competitive location for manufacturing all solar PV components due to massive state investment and economies of scale. This makes it difficult for other nations to establish their own fully competitive domestic supply chains. BRICS could exploit this by manipulating prices—either by gouging during periods of high demand or undercutting nascent industries in other countries to maintain their dominance, making a dependent nation’s solar ambitions economically unviable or perpetually reliant.
    3. Quality Control Weaponization (Undermining Reliability): Given their control over manufacturing, BRICS nations could, in a conflict scenario, subtly degrade the quality or introduce hidden flaws (hardware or software backdoors) into solar components destined for adversaries. This could lead to premature failures, reduced efficiency, increased maintenance burdens, and a general loss of faith in the reliability of solar infrastructure, all while being difficult to detect upfront.
    4. Trade Vulnerability (Economic Weak Point): Heavy reliance on imported solar panels and components makes a nation’s currency and economy susceptible. Any devaluation of the importing nation’s currency would drastically increase the cost of these essential goods. Furthermore, the dominant bloc could impose targeted tariffs or engage in other trade actions that specifically penalize the solar sector of a rival, exploiting this dependency. The US, for instance, imported eight times the solar modules it manufactured in 2023, showcasing this vulnerability.
    5. Investment Chill (Perceived Risk): The clear and present risk of supply chain disruption, price manipulation, or sabotage by a dominant, potentially adversarial, manufacturing bloc would create significant uncertainty. This “investment chill” would deter both domestic and foreign investment in the solar sector of the vulnerable nation. Investors would be wary of committing capital to projects that could be easily undermined by geopolitical factors beyond their control, thus slowing down the transition to solar energy and reinforcing reliance on the dominant bloc or other energy sources.
  • Thinking About Newark’s Radar Glitches: A Personal List of Ideas

    Thinking About Newark’s Radar Glitches: A Personal List of Ideas

    The following is basically a laundry list of things that personally came to my mind about what might be causing those radar screen flickers or glitches at Newark. It’s just a collection of thoughts, nothing more, nothing less.

    If this list seems pretty long or touches on a lot of different ideas, some of which might seem a bit out there, it’s just me spit-balling possibilities as a layperson. I’m no pro, so this definitely isn’t some exhaustive or official investigation plan – just my own brainstorming on what could be going on, because even a flicker could be something to look into.

    (more…)

  • Actionable Initiatives for NASA Budget Cuts

    AI Data Mining Core (Oracle): Establish an AI center to intensively mine consolidated historical astronomical datasets (all wavelengths). Focus: Find previously missed threat precursors (SNe variability, solar patterns, NEO behavior) and predictive anomalies.

    AI Ground Observation Network (Argus): Network existing/low-cost ground telescopes (university, amateur) using AI for optimized scheduling and real-time analysis. Fund essential connectivity/automation upgrades. Focus: Top Priority: NEO detection & rapid orbit confirmation. Also, targeted monitoring of AI-flagged threats (solar activity, SNe candidates) and rapid transient response.

    Minimalist SmallSat Monitors (Styx): Design and deploy narrowly focused, ultra-low-cost CubeSats for critical space-based data unobtainable from the ground. Focus: Prioritize essential solar monitoring (vector magnetograms for flare precursors), potentially adding basic transient detection (X-ray/gamma-ray flash alerts).

    AI Predictive Simulation Hub (Delphi): Utilize high-performance computing for AI-accelerated simulations of threat phenomena physics. Focus:Model solar flare initiation, SNe/GRB mechanisms, and NEO dynamics to identify critical warning thresholds and improve risk assessment.

  • Signal’s Group Verification Blind Spot: An Analysis of Socio-Technical Vulnerability

    Signal’s Group Verification Blind Spot: An Analysis of Socio-Technical Vulnerability

    David’s Note: This article was substantially revised on October 10, 2025 to incorporate new research and provide a more comprehensive analysis.

    Section 1: Introduction: The Paradox of Signal’s Security

    Imagine a team of investigative journalists working to expose a corrupt regime. They communicate exclusively through Signal, trusting its “gold standard” reputation to protect their sources and their lives. One evening, the lead journalist adds a new contact—a supposed whistleblower—to their core group chat. The next morning, their primary source is arrested. The breach didn’t come from a government spy agency cracking Signal’s world-class encryption; it came from a simple, devastating mistake. The “whistleblower” was an imposter, and the journalist, lulled into a false sense of security by the app’s brand, never performed the crucial step of verifying their identity.

    This scenario, while hypothetical, highlights the real-world stakes of a profound paradox. How can the world’s most secure messaging app, the “gold standard for private, secure communications,” become the vector for a catastrophic security leak? 1 This is the paradox of Signal. The end-to-end encrypted messaging application, developed by the non-profit Signal Foundation, has cultivated an unparalleled reputation. It is built upon state-of-the-art, open-source cryptography lauded by security experts and figures like Edward Snowden.2

    The Signal Protocol is the app’s core cryptographic engine. It has become the industry standard, protecting billions of conversations daily across major platforms like WhatsApp and Google Messages.4 The organization is also committed to a privacy-focused mission. It refuses to collect user data or monetize through advertising. This cements its image as a trustworthy bastion against digital surveillance.5

    This celebrated cryptographic fortress, however, contrasts with an unsettling reality. That reality emerged with startling clarity in March 2025. A widely reported security lapse occurred when a journalist was mistakenly added to a private Signal group chat. This group included senior U.S. government officials, such as the Vice President and the Secretary of Defense. Inside this group, officials discussed sensitive operational details of impending military strikes.10 The breach was not a sophisticated cryptographic attack. It was a simple act of human error: a wrong number added to a group.6 This incident exposed a profound vulnerability, not in Signal’s code, but in its use within the complex social dynamics of group communication.

    This report argues that Signal’s group chat architecture has a critical blind spot. Despite its cryptographic strength, this vulnerability exists at the intersection of technology and human behavior. The app relies on a practically unusable identity verification model, which makes high-stakes security failures not just possible, but inevitable.

    The thesis is as follows: Signal’s protocol provides robust end-to-end encryption. However, its group chat design creates a socio-technical gap between cryptographic identity verification and practical user behavior. This gap stems from the usability challenges of manual, pairwise verification in groups. It creates a vulnerability to insider threats and human error that technology alone cannot mitigate. High-profile security lapses have vividly demonstrated this weakness.

    The very strength of Signal’s brand contributes to this vulnerability. The public and even technically sophisticated users develop a monolithic perception of the app’s security. They unconsciously transfer their trust from the one-to-one protocol to the group context. This fosters a belief that the same level of automatic protection applies everywhere. This overconfidence comes from a simplified mental model where “Signal equals secure.” It masks the critical procedural responsibilities that fall upon the user, namely identity verification. This responsibility is manageable in one-to-one chats. In group chats, it becomes practically impossible. Yet, the user’s perception of security remains unchanged. This disparity between perceived and actual security creates a dangerous environment where predictable human errors can lead to catastrophic breaches.

    To substantiate this thesis, this report will proceed through a systematic analysis:

    • First, it will deconstruct the cryptographic fortress of Signal’s one-to-one protocol to establish a baseline of its technical excellence.
    • Second, it will dissect the architectural compromises and design trade-offs made to enable group chat functionality, identifying the precise location of the verification blind spot.
    • Third, it will conduct an in-depth analysis of the 2025 leak as the primary case study demonstrating the real-world impact of this vulnerability.
    • Fourth, it will anticipate and dismantle key counterarguments to fortify the thesis.
    • Finally, it will look toward the future, examining emerging protocols like Messaging Layer Security (MLS) and the broader imperative for designing security systems that are not only cryptographically sound but also resilient to the realities of human use.
    (more…)
  • A Question of Trust: An Analysis of Ethereum Classic’s Foundational Security and Its Place on Premier Exchanges

    A Question of Trust: An Analysis of Ethereum Classic’s Foundational Security and Its Place on Premier Exchanges

    David’s Note: This article was substantially revised on October 10, 2025 to incorporate new research and provide a more comprehensive analysis.

    Introduction: The Chasm Between Perceived Legitimacy and Proven Fragility

    A “51% attack” occurs when a single entity seizes control of a blockchain’s computational power. This is not a distant, theoretical risk. Between 2019 and 2020 alone, researchers at the MIT Digital Currency Initiative documented over 40 such attacks on various cryptocurrencies.1 These events represent a recurring and tangible danger to the integrity of many networks.

    When a digital asset is listed on a prominent, regulated exchange like Coinbase, Kraken, or Gemini, it sends a powerful signal to the market.2 This listing acts as an implicit endorsement. It suggests the asset has passed a rigorous vetting process and meets a baseline standard for technical soundness.3 This report contends that in the case of Ethereum Classic (ETC), this perception of security is dangerously misaligned with its documented history of catastrophic, fundamental breaches.

    This analysis will demonstrate a critical flaw in ETC’s security narrative. While protocol changes were implemented after these failures, a key defense mechanism was later deliberately rolled back. This action signals a return to a security posture that has already proven inadequate.

    The core of this investigation is not a philosophical debate over blockchain immutability. Instead, it is a critical risk assessment grounded in empirical evidence. The central thesis is this: a profound dissonance exists between the implied security of a premier exchange listing and the proven fragility of the underlying asset. This gap represents a significant, underappreciated risk to market participants.

    The case of Ethereum Classic in August 2020 stands as a glaring example of this vulnerability. The network suffered three successful 51% attacks in a single month.4 This report will proceed in a structured manner to build a comprehensive case:

    • First, it will establish the foundational principles of Proof-of-Work (PoW) security, focusing on the direct relationship between computational power (hash rate) and network integrity.
    • Second, it will present a detailed forensic analysis of the 2020 attacks.
    • Third, it will scrutinize the primary response from exchanges—imposing extreme transaction confirmation times—and argue this is a localized tactic, not a fundamental solution.
    • Fourth, it will systematically deconstruct and refute the common counterarguments defending ETC’s security.
    • Finally, the conclusion will synthesize these findings, offer a forward-looking analysis, and provide specific recommendations for exchanges, regulators, and investors.
    (more…)