Russian Trolls, DAVOS and President Trump

Posted on January 23, 2018January 23, 2018 by Denise Simon

So, while President Trump has again changed his schedule to attend the DAVOS World Economic Forum, there are some key items on the agenda.

With cybersecurity a top concern at the annual World Economic Forum meeting in Davos, Switzerland, Yahoo Finance asked experts: What is the topic or topics that business and government leaders should be focusing on when it comes to cybersecurity and policy in 2018?

Jason Glassberg, co-founder of Casaba Security, responded that currently the most pressing topics are “cryptocurrency ecosystems, election security, ‘DevSecOps’ (this may sound dull, but think: IoT, cars, airline computer systems, smart homes, smart cities, Intel chips, Juniper routers, Huawei, the Internet, basically everything digital under the sun), increased regulation, cyber warfare, and attribution.”

Glassberg broke down each of these six issues:

“Cryptocurrency is obviously a major financial story these days. Everybody and their brother is looking into how to capitalize on it. These markets are notoriously murky, however – fraud and scams are rampant, as are the cyber attacks. So how do you make it safe? How do you take a Wild West gunslinging town, and turn it into the suburbs? It’s a tough issue, and I think we’ll have to look at the gambling industry as an example. The key to this is establishing better security within this ecosystem for the real players. The next step is finding a way to guarantee losses due to theft, similar to the FDIC [Federal Deposit Insurance Corporation] or SIPC [Securities Investor Protection Corporation].

Election security needs no introduction. But while everybody has been freaking out about voter suppression via phony Facebook ads, the reality is that the 2016 election interference was just a sample. It was a nation-state gently dipping its toe in the water, but deciding not to go all the way in. If a country wanted to get serious about election attacks, it could go much further. This is what we need to be prepared for.

It would be possible for a serious player to delete or alter voter registration databases, DDoS the servers used to run those database or the actual voting machines; not to mention, hack the voting machines themselves. The latter would definitely cross a red line, if for instance we found out that Russia had re-tabulated voting machines to directly affect the outcome of an election. But what if the attack was a little less black-and-white? For instance, what if the machines were just infected with random malware that didn’t actually do anything, other than make itself known to the IT team? That would send shockwaves through the system and call into question the voting results, even though the votes weren’t actually affected. This is what we need to be thinking about.

DevSecOps is one of those terms that causes people’s eyes to glaze over when they hear it (if they ever do), but it’s actually very relevant to our lives today. What it refers to is incorporating security into the software or hardware development process. This is hugely significant today because as we’re seeing with the Internet of Things devices that are flooding the market, and the connected cars that are rolling out onto our public streets, software security is usually not the first priority of these manufacturers.

But not to just pick on those two markets, the reality is that DevSecOps is a problem for every industry on the planet, even the security field. Businesses aren’t doing enough to bake in rigorous security into the DNA of their products from the very beginning. Too often they are relying on software updates and patches to fix the problem after the fact, and that is never an ideal solution. This will continue to become a bigger issue in the months and years ahead.

Increased regulation is another issue that businesses could face, as governments try to contend with the growing risk of data breaches and attacks on key infrastructure, whether it’s the GDPR [General Data Protection Regulation] in Europe or the Singapore Cybersecurity Bill. In my own opinion, I think that companies that store consumer data (whether it’s credit card numbers or credit reports), as well as private infrastructure entities like telecom and power companies, are probably most at risk of higher costs due to regulation.

Cyber warfare is another pressing issue today, as more countries are investing in offensive cyber operations. This often puts businesses in the crosshairs and it sticks government in a tough position too because there is no easy solution for preventing or responding to these incidents. A key question when it comes to cyber warfare is do we engage in “active defense”?

That is more commonly referred to as hack-back, but it’s a more complex concept than simply tit-for-tat cyber retaliation. Active defense can mean anything from advanced investigative techniques to disabling the servers behind an attack or turning a city’s lights off for 30 minutes in order to send a message to a rival nation. How we deter and respond to cyber warfare tactics will be a key question for policymakers and businesses over the next five to 10 years.

Attribution is another ongoing issue for governments and businesses, and it’s related directly to the cyber warfare question, although it also encompasses cybercrime as well. What’s also key with attribution is that the pressure to solve these cases could lead to encroachments on digital privacy. In fact, I’d be very surprised if that did not happen. Potential targets here include Tor, VPNs, and encryption tools in general.”

Top U.S. Intel Officials Hacked by U.K. Teen

Posted on January 22, 2018January 22, 2018 by Denise Simon

Data lives matter, yet while we little people seem to remain vulnerable and victims of phishing and hacking, even those tasked with working to protect against cyber attacks, too are themselves victims.

This story is extraordinary given all the cyber intelligence officials have in their possession and the protections they should have at the taxpayer expense, while others fend for themselves with off the shelf protections.

Even more remarkable is the media was quite thin on reporting any of this in detail in 2017 until the case heard in a United Kingdom courtroom.

British 15-year-old gained access to intelligence operations in Afghanistan and Iran by pretending to be head of CIA, court hears

A 15-year-old gained access to plans for intelligence operations in Afghanistan and Iran by pretending to be the head of the CIA to gain access to his computers, a court has heard.

From the bedroom of the Leicestershire home he shared with his mother, Kane Gamble used “social engineering” – where a person builds up a picture of information and uses it manipulate others into handing over more – to access the personal and work accounts of some of America’s most powerful spy chiefs .

photo

The teenager persuaded call handlers at an internet giant that he was John Brennan, the then director of the CIA, to gain access to his computers and an FBI helpdesk that he was Mark Giuliano, then the agency’s Deputy Director, to re-gain access to an intelligence database.

He also targeted the US Secretary of Homeland Security and Barack Obama’s Director of National Intelligence from his semi-detached council house in Coalville.

Gamble taunted his victims online, released personal information, bombarded them with calls and messages, downloaded pornography onto their computers and took control of their iPads and TV screens, a court heard.

Mr Justice Haddon-Cave noted: “He got these people in his control and played with them in order to make their lives difficult.

John Lloyd-Jones QC, prosecuting, said that Gamble founded Crackas With Attitude (CWA) in 2015, telling a journalist: “It all started by me getting more and more annoyed about how corrupt and cold blooded the US Government are so I decided to do something about it.”

Mr Lloyd-Jones said that it was a common misconception that the group were hackers when in fact they used “social engineering” to gain access to emails, phones, computers and law enforcement portals.

“It involves manipulating people, invariably call centre or help desk staff, into permitting acts or divulging confidential information,” the prosecutor said.

Gamble, who has pleaded guilty to ten offences under the computer misuse act, first targeted Mr Brennan and gained access to his Verizon internet account by pretending first to be employee of the company and then Mr Brennan himself, building up an increasingly detailed picture.

At first he was denied access to his computers as he could not name Mr Brennan’s first pet, but on later calls the handler changed the pin and security questions.

He used similar methods to access Mr Brennan’s AOL account and eventually Gamble was able to access his emails, contacts, his iCloud storage account and his wife’s iPad remotely.

Mr Lloyd-Jones QC said: “He accessed some extremely sensitive accounts referring to, among other things, military operations and intelligence operations in Afghanistan and Iran.”

Gamble, who is now 18, later posted sensitive information on Twitter and Wikileaks and taunted officials about his access, sometimes using the tag #freePalestine and claiming it was because the US Government was “killing innocent people”.

Gamble used similar techniques to hack the home broadband of Jeh Johnson, the Secretary of Homeland Security, and was able to listen to his voicemails and send texts from his phone.

He bombarded Mr Johnson and his wife with calls, asking her: “Am I scaring you?” and left messages threatening to “bang his daughter”, the court heard.

Around October 2015, when Gamble turned 16, gained access to Mr Giuliano’s home accounts by pretending to be the FBI boss and using the information gained he accessed the FBI’s Law Enforcement Enterprise Portal (Leap).

Mr Lloyd-Jones QC described it as “a gateway providing law enforcement agencies, intelligence groups and criminal justice agencies access to beneficial resources”.

This included criminal intelligence and details of police officers and government employees, and Gamble boasted: “This has to be the biggest hack, I have access to all the details the Feds use for background checks.”

The FBI had realised that their system was breached and the password was changed, but at one point Gamble managed to change it and regain access by pretending to be Mr Giuliano in a call to the helpdesk.

He used his access to steal and post online personal details of Officer Darren Wilson who shot and killed black teenager Michael Brown in Ferguson Missouri.

At the same time he harassed the Giuliano family and people associated with them and bombarded them with calls, meaning that they were forced to seek protection from the intelligence agencies and an armed guard was placed at their home.

Mr Obama’s senior science and technology adviser John Holdren had his personal accounts hacked and Gamble passed all of his personal details to an accomplice who used them to make hoax calls to the local police claiming that there was a violent incident at Mr Holdren’s house resulting in an armed swat team being deployed.

His eight month reign of chaos was brought to an end in February 2016 after he gained access to the US Department of Justice’s network over a number of days, accessing details of 20,000 FBI employees and case files including that on the Deepwater Horizon Oil Spill.

The FBI and the US secret service had such concern over the material that he had seen that they immediately called police in the UK and he was arrested at his home.

The Old Bailey also heard that he accessed the private calls and emails of Avril Haines, the White House deputy national security adviser and FBI Special Agent Amy Hess.

In the case of Ms Hess he downloaded films on to her computer, including one called Hackers and V for Vendetta as well as a pornographic title. He changed an equipment list on her computer to a list of derogatory terms.

James Clapper, Director of National Intelligence under President Obama, was also targeted and all of his home phone calls were diverted to the Free Palestine Movement.

Vonna Weir Heaton, the former intelligence executive of the US National Geospatial Intelligence Agency. Had her social media accounts access by Gamble who sent messages pretending to be her.

At one point on an internet chat he said that he had considered not sharing any more information “because it put lives at risk, but then I thought they are killing innocent people every day”, the court heard.

Medical experts for the defence argue that he is on the autism spectrum and at the time of his offending had the mental development of a 12 or 13-year-old.

He has no friends to speak off and is closest to his mother Ann, a cleaner who reportedly won a £1.6million lottery jackpot in 1997 but “lost all the money on doomed property deals”.

William Harbage QC said that after his arrest he told doctors “it was kind of easy” and that he had little consequences of his actions “in his bedroom on the internet thousands of miles away”.

Mr Justice Haddon-Cave will sentence him on a date to be fixed.

White House First Draft on Nuclear Weapons First Use

Posted on January 17, 2018January 17, 2018 by Denise Simon

WASHINGTON — A newly drafted United States nuclear strategy that has been sent to President Trump for approval would permit the use of nuclear weapons to respond to a wide range of devastating but non-nuclear attacks on American infrastructure, including what current and former government officials described as the most crippling kind of cyberattacks.

For decades, American presidents have threatened “first use” of nuclear weapons against enemies in only very narrow and limited circumstances, such as in response to the use of biological weapons against the United States. But the new document is the first to expand that to include attempts to destroy wide-reaching infrastructure, like a country’s power grid or communications, that would be most vulnerable to cyberweapons.

The draft document, called the Nuclear Posture Review, was written at the Pentagon and is being reviewed by the White House. Its final release is expected in the coming weeks and represents a new look at the United States’ nuclear strategy. The draft was first published last week by HuffPost.

It called the strategic picture facing the United States quite bleak, citing not only Russian and Chinese nuclear advances but advances made by North Korea and, potentially, Iran.

As an aside, Reuters is reporting that President Donald Trump complained on Wednesday that Russia was helping North Korea to evade international sanctions, signaling frustration with a country he had hoped to forge friendly relations with after his 2016 election win.

Image result for nuclear posture review photo

But back to the nuclear posture review and first strike options.

The draft document is here.

trump nuclear posture review cyberattacks

Russia and China are reportedly working on fourth-generation nuclear weapons, nuclear weapons in which certain nuclear effects are enhanced and others diminished, for example, nuclear weapons with enhanced radiation or electromagnetic-pulse effects.18

According to General Paul Selva, Vice Chairman of the Joint Chiefs of Staff, Russia is “developing new nonstrategic nuclear weapons.”19

It is very hard to harden the infrastructure, whether civilian or military, when one does not properly understand how these effects might impact current systems. Yield-producing experiments would help the U.S. better understand what kind of shielding and hardening its systems might need in order to remain survivable in the case of a nuclear attack. There are also countries, such as North Korea, India, and Pakistan, that have (recently, in the case of North Korea) conducted relatively large underground nuclear weapon tests.

History teaches that unless regularly exercised, skills to conduct a meaningful nuclear warhead experiment atrophy quickly. The United States agreed to a nuclear-test moratorium between 1958 and 1961. In just three years, the skills needed to conduct a meaningful experiment had deteriorated, and lessons learned had to be painfully re-learned. The United States conducted its last yield-producing nuclear weapon test in 1992. It seems likely that the nation would not be able to perform a meaningful nuclear weapons test even if it needed to, for instance, if an error in the stockpile were discovered that required an experiment to ensure that this error was corrected.20

The concern does not have to do with the U.S. ability to detonate a nuclear weapon as much as it does with the U.S. ability to prepare the grounds, people, and necessary technical equipment to collect data from the test itself. There are fewer and fewer people in the United States who have hands-on experience with such equipment and its instrumentation. As with many hard skills, these can be only properly learned by doing.

There is no demonstrated link between the number of U.S. nuclear weapons and the number of nuclear-armed states. Countries have their own reasons for pursuing nuclear weapons.

U.S. experts with nuclear-testing experience are worried about “the steady degradation of U.S. nuclear test readiness” and question whether the Department of Energy has “any realistic appreciation for what nuclear testing involves or how to stay prepared to do it again within 24–36 months, as legally required by Presidential Decision Directive 15 (1993).”21

The United States lacks specialized skills and equipment to conduct a meaningful nuclear weapons test. Even more seriously, it lacks the skills that would allow such a test to be conducted. Reconstitution of this important capability is not a viable option as the whole process would have to be reinvented. Read the summary argument for why this review is required.

Hawaii False Alarm vs. U.S. Interceptors and Don’t Travel Warnings

Posted on January 15, 2018January 15, 2018 by Denise Simon

WASHINGTON — The final ground-based interceptor for the Ground-based Midcourse Defense system — designed to protect the homeland from intercontinental ballistic missiles threats from North Korea and Iran — is now in place at Fort Greely, Alaska, the U.S. Missile Defense Agency has confirmed.

Image result for Ground-based Midcourse Defense photo

“MDA and Boeing emplaced the 44th interceptor in its silo at the Missile Defense Complex at Ft. Greely on Thursday, Nov. 2,” the agency said in a statement sent to Defense News.

The agency planned to have all 44 required interceptors in the ground and ready to respond to threats by the end of 2017. The Pentagon and the MDA have indicated in recent months a serious move to build up beyond 44 interceptors. In September, the Pentagon proposed reprogramming $136 million in fiscal 2017 to start raising the number of ground-based interceptors from 44 to 64 in a new Missile Field 4 at Fort Greely. The boost was part of a $416 million reprogramming request targeting missile defense needs. And the White House submitted a supplemental budget request for FY18 on Nov. 6 that asked for further funding to increase the number of ground-based interceptors by 20 and to build an additional missile field at the Alaska base.

While the left is quick to blame President Trump on the matter of a nuclear North Korea, including Congresswoman Tulsi Gabbard and those in Hollywood, Kim Jung Un has been collaborating and testing nuclear weapons and missiles long before Trump entered the White House. They omit the fact that in the last 8 years, Obama did nothing….NOTHING.

Americans can travel to North Korea, if they wish — but it may just be a death wish, the U.S. State Department cautioned.

The State Department last week issued a stark warning to people setting out for the Hermit Kingdom, cautioning that anyone heading to the dangerous dictatorship should prepare for the possibility of not returning.

“The U.S. government is unable to provide emergency services to U.S. citizens in North Korea as it does not have diplomatic or consular relations with North Korea,” the State Department published Wednesday on its website.

Those who wish to travel to North Korea must be approved for a special validation, which are handed out on “very limited circumstances.” U.S. travelers given the approval to experience Kim Jong Un’s regime should then prepare for the worst — including drafting a will and making funeral and property arrangements with family and friends.“Draft a will and designate appropriate insurance beneficiaries and/or power of attorney; discuss a plan with loved ones regarding care/custody of children, pets, property, belongings, non-liquid assets (collections, artwork, etc.), funeral wishes, etc.,” according to the recommendations. More here.

“On December 28, there was a large number of personnel (~100 to 120) observed in seven different formations whose purpose is unknown in the Southern Support Area,” it adds.

“It is rare to observe personnel in this area,” the report says.

The report concludes that such activities “underscore North Korea’s continued efforts to maintain the Punggye-ri site’s potential for future nuclear testing.”

News of apparent active nuclear test site comes just days after North Korean officials met with South Korean officials for the first time in more than two years. More here.

*** Image result for hawaii false alarm missile photo

Meanwhile there is the matter of the false alarm in Hawaii….

Hawaii Gov. David Ige claimed Saturday that alert was the result of an official simply “[pressing] the wrong button” during an employee shift change, but broader questions remain. Why didn’t I get the notification here in San Diego, well within the range of intercontinental ballistic missiles that North Korea has tested in recent months? And assuming you weren’t lucky enough to be on a beach in Hawaii when the alert went out, why didn’t the average U.S. citizen receive one where they live?

To understand today’s scare, it’s important to understand how our national emergency alert system functions. The National Incident Management System (NIMS) is the systematic approach laid out by the federal government for departments and agencies at all levels of government, nongovernmental organizations, and the private sector to prevent, respond to, recover from, and mitigate any and all kinds of incidents, no matter the size or scope. NIMS dictates that the initial authority for disaster response resides at the county level, so that’s where most Mass Notification Systems that participate in the Emergency Alert System network reside.

The Emergency Alert System network is layered between federal, state, county, and local authorities through a system called the Integrated Public Alert and Warning System (IPAWS) and controlled through the IPAWS Program Management Office at FEMA. The IPAWS PMO encourages partners to regularly test public alert and warning systems; in fact, the IPAWS Modernization Act of 2015, ratified in April 2016, requires IPAWS PMO to test the system not less than once every three years.

All systems compatible with IPAWS use the Common Alerting Protocol, an international standard, to send public alerts and warnings between systems and jurisdictions. State and local agencies, like Hawaii’s Emergency Management Agency (HI-EMA), have their own systems, produced by a variety of manufacturers, to alert the public when a natural or manmade disaster is occurring or imminent. These mass notification systems use a variety of mediums to communicate danger to wide (or very narrow) swaths of people: they’re capable of desktop alerts, text messaging, reverse 9-1-1, email, Wireless Emergency Alerts, announcement or siren over a loudspeaker, and more. All systems in use on bases, municipalities, and other agencies are IPAWS compatible but not all can send information two-way; most of the bases operate in a receive-only manner.

Related: Ballistic Missile False Alarm That Sparked Panic In Hawaii Caused By Wrong Button, Officials Say »

These systems, the modern version of the CONELRAD (Control of Electromagnetic Radiation) method of emergency broadcasting established in 1951 at the outset of the Cold War, are powerfully effective in their ubiquity and power. Mass notification systems happen to be excellent tools for public awareness, and required testing can take any form. On many military bases, for example, the systems are tested each morning and night by using loudspeakers to play colors. Pretty smart, eh?

The specific kind of alert that Hawaiians received while they slept in or ate breakfast this morning was a Wireless Emergency Alert (WEA). WEAs use a different technology than voice calls or text messages and can only be used in three situations: 1. Alerts issued by the President; 2: Alerts involving imminent threats to safety or life; or 3: Amber Alerts. Participating carriers may block all but Presidential alerts.

The good news about WEAs are that they are location specific: even if you happened to be a tourist visiting Hawaii this morning, you would’ve received the alert (so long as your carrier participates). Carriers who do not participate are required to notify consumers, but the major carriers have all opted in. But the big problem, obviously, is that they’re more subject to human error than their military counterparts.

Now, civilian agencies probably don’t have the capability to detect ballistic missile launches, so in a real-life incident that message would have to come from the military, likely U.S. Pacific Command (PACOM) headquartered right there in Hawaii. PACOM would notify their base Emergency Operations Center (EOC) who would pass it up to the Regional EOC. Of note, the bases usually don’t have control of the WEA tech and can notify only those registered in their systems (but can receive all IPAWS notifications). Because of that, the base or regional EOC would have to notify Hawaii EMA for transmission. That didn’t happen today because there wasn’t a ballistic missile inbound.

The governor of Hawaii claims that during a shift change, an operator simply hit the wrong button. Well, it doesn’t exactly work that way. These alerts are not actuated by physically pushed buttons because the number of buttons that would require, for all of the different types of alerts, would be unwieldy. An operator would either type in the desired alert (or select from canned messages), select which communications mediums they’d like to use and the populations they’d like to alert, and then hit “send” and then again confirm that they really want to send that message. The canned messages might be available as electronically selectable on a computer screen (like a Windows button) but a “confirm” dialogue would still be required.

Time will tell what really happened, but as a Certified Emergency Manager (CEM) who helped set up the Mass Notification System for a major military base, I know that what likely occurred was a serious breach in procedure at Hawaii EMA. The authority who issued today’s alert and then took 40 minutes to send a retraction on WEA. PACOM immediately released a message saying that there was no threat, so why didn’t Hawaii EMA immediately send a retraction via WEA? There are serious implications associated with false alerts. What happens when an alert about a tsunami, wildfire, or active shooter are real and people ignore them?

Maybe we were hacked, as some have alleged, but probably not. No matter what happened, someone must be held accountable for this egregious breach of professionalism — and that person is almost definitely sitting at HI-EMA. Let’s hope that this scare motivates agencies across the nation to take a look at their own procedures. And let’s hope Gov. Ige holds his team accountable. Hat tip.

Google Worked for Democrats Against Republicans

Posted on January 15, 2018January 15, 2018 by Denise Simon

3. Throughout the Class Periods, and in violation of California law, Google employees

who expressed views deviating from the majority view at Google on political subjects

raised in the workplace and relevant to Google’s employment policies and its business, such as “diversity” hiring policies, “bias sensitivity,” or “ social justice,” were/are singled out, mistreated, and systematically punished and terminated from Google, in violation of their legal rights.

4. Google’s open hostility for conservative thought is paired with invidious

discrimination on the basis of race and gender, barred by law. Google’s management goes to extreme—and illegal—lengths to encourage hiring managers to take protected categories such as race and /or gender into consideration as determinative hiring factors, to the detriment of Caucasian and male employees and potential employees at Google.

5. Damore, Gudeman, and other class members were most racized, belittled, and punished

for their heterodox political views, and for the added sin of their birth circumstances of being

Caucasians and/or males. This is the essence of discrimination —Google formed opinions about and

then treated Plaintiffs not based on their individual merits, but rather on their membership in groups

with assumed characteristics.

***

Sounds precisely like the Obama IRS when it did the same thing. It is yet another kind of cyber war.

If there is any doubt about Google CEO Eric Schmidt and Obama and Hillary –>

Clinton Status Memo Mentioning Google’s Eric Schmidt by Joe Schoffstall on Scribd

More here.

Yup that commie phrase we have come to know well…white privilege…in the case of Google it was ‘white male privilege’.

Google Punished Gudeman for His Views on Racism and Discrimination

88. After being reported to Google, Google HR spoke with Gudeman in or around

September 2015 regarding his posts.

89. Google HR discussed Gudeman’s viewpoints on race and/or gender equality, and his

political viewpoints. Google HR chastised him for attempting to stand up for Caucasian males and his conservative views.

90. At the end of the HR meeting, Gudeman was issued a verbal warning.

91. Gudeman complained to his colleagues about the lack of fairness that conservatives

received at Google, and the leeway Google provided for liberals to express their thoughts and opinions without repercussions.

92. After the 2016 presidential election, many employees at Google began to panic, having

expected a different outcome fully in line with their political views.

The Corporate Internal Blacklist

131. Google’s management-sanctioned blacklists were directed at specific Google

employees who tactfully expressed conservative viewpoints in politically-

charged debates. In one case, Jay Gengelbach, a L6 SWE Manager, publicly bragged about blacklisting an intern for failing to change his conservative views.

133. Kim Burchett (“Burchett”), a L7 SWE Manager, proposed creating an online

companywide blacklist of political conservatives inside Google. She was kind enough to suggest to her readership that they might deserve “something resembling a trial” before being added.

134. On August 7, 2015, another manager, Collin Winter, posted threats directed at a Google employee as a result of raising concerns of harassment and discrimination

to Urs Holzle. Winter stated: “I keep a written blacklist of people whom I will never allow on or near my team, based on how they view and treat their coworkers. That blacklist got a little longer today.”

135.

Also on August 7, 2015, another manager, Paul Cowan, reshared Collin Winter’s threat

to express his agreement with it and to indicate that he had also blacklisted Google employees with perceived conservative views. Cowan stated: “If you express a dunderheaded opinion about religion, about politics, or about ‘social justice’, it turns out I am allowed to think you’re a halfwit… I’m perfectly within my rights to mentally categorize you in my dickhead box… Yes, I maintain (mentally, and not (yet) publicly) [a blacklist]. If I had to work with people on this list, I would refuse, and try to get them removed; or I would change teams; or I would quit.”

Heck you can read the 161 page lawsuit here complete with screen captures of internal employee chats with each other. Swell place eh?