An affordable price is probably the major benefit persuading people to buy drugs at www.americanbestpills.com. The cost of medications in Canadian drugstores is considerably lower than anywhere else simply because the medications here are oriented on international customers. In many cases, you will be able to cut your costs to a great extent and probably even save up a big fortune on your prescription drugs. What's more, pharmacies of Canada offer free-of-charge shipping, which is a convenient addition to all other benefits on offer. Cheap price is especially appealing to those users who are tight on a budget
Service Quality and Reputation
Although some believe that buying online is buying a pig in the poke, it is not. Canadian online pharmacies are excellent sources of information and are open for discussions. There one can read tons of users' feedback, where they share their experience of using a particular pharmacy, say what they like or do not like about the drugs and/or service. Reputable online pharmacy canadianrxon.com take this feedback into consideration and rely on it as a kind of expert advice, which helps them constantly improve they service and ensure that their clients buy safe and effective drugs. Last, but not least is their striving to attract professional doctors. As a result, users can directly contact a qualified doctor and ask whatever questions they have about a particular drug. Most likely, a doctor will ask several questions about the condition, for which the drug is going to be used. Based on this information, he or she will advise to use or not to use this medication.
(Reuters) – Poland expects the NATO alliance to step up its military exercises around the Baltic Sea after a flurry of activity by Russian warships and jet fighters in the area last month, Defence Minister Tomasz Siemoniak told Reuters in an interview.
“What happened in December was indeed rather unprecedented,” Siemoniak said. “We will definitely want the Baltic Sea to be taken into account to a greater extent, and I think that in terms of military exercises planned by NATO, there will be such a reaction,” he said. The interview was conducted on Monday but authorised for release by the ministry on Thursday.
The Atlantic alliance has already increased the frequency of air patrols in the region, part of a revival of Cold War tensions sparked by Russia’s annexation of Crimea from Ukraine and its support for Ukraine’s pro-Russian rebels.
Siemoniak said Moscow did not have an exit strategy, and that NATO and the European Union, which has imposed sanctions on Russia together with the United States, should brace themselves for years of conflict.
“We shouldn’t talk about lifting the sanctions too soon,” he said, adding that they were the most effective tool at the West’s disposal.
The French government in November put on hold a contract to supply Mistral warships to Russia after coming under pressure from NATO allies.
Asked if French-based companies such as Airbus and the Thales could suffer as they bid for contracts in Poland’s $41 billion army modernisation programme, Siemoniak said: “I’m counting on France‘s decision (not to deliver) being permanent, so the problem has been solved. It seems that Russia has also accepted that.”
Siemoniak also denied that a U.S. Senate report, which in December made clear by implication that Poland had allowed the CIA to run secret detention facilities on its soil, had damaged the relationship between the two allies.
Polish officials have expressed disappointment that the published version of the report contained enough detail to implicate Poland, putting it at risk of reprisal attacks.
“I think that, at the moment, the cooperation between our intelligence agencies is the best in history,” Siemoniak said, “so the publication of the report has not made it more difficult.”
In an 800-page document dump, the U.S. government revealed critical vulnerabilities.
On Friday, December 19, the FBI officially named North Korea as the party responsible for a cyber attack and email theft against Sony Pictures. The Sony hack saw many studio executives’s sensitive and embarrassing emails leaked online. The hackers threatened to attack theaters on the opening day of the offending film, The Interview, and Sony pulled the plug on the movie, effectively censoring a major Hollywood studio. (Sony partially reversed course, allowing the movie to show in 331 independent theaters on Christmas Day, and to be streamed online.)
Technology journalists were quick to point out that, even though the cyber attack could be attributable to a nation-state actor, it wasn’t particularly sophisticated. Ars Technica’s Sean Gallagher likened it to a “software pipe bomb.”
But according to cybersecurity professionals, the Sony hack may be a prelude to a cyber attack on United States infrastructure that could occur in 2015, as a result of a very different, self-inflicted document dump from the Department of Homeland Security in July.
Here’s the background: On July 3, DHS, which plays “key role” in responding to cyber attacks on the nation, replied to a Freedom of Information Act (FOIA) request on a malware attack on Google called “Operation Aurora.”
Unfortunately, as Threatpost writer Dennis Fisher reports, DHS officials made a grave error in their response. DHS released more than 800 pages of documents related not to Operation Aurora but rather the Aurora Project, a 2007 research effort led by Idaho National Laboratory demonstrating how easy it was to hack elements in power and water systems.
Oops.
The Aurora Project exposed a vulnerability common to many electrical generators, water pumps, and other pieces of infrastructure, wherein an attacker remotely opens and closes key circuit breakers, throwing the machine’s rotating parts out of synchronization causing parts of the system to break down.
In 2007, in an effort to cast light on the vulnerability that was common to many electrical components, researchers from Idaho National Lab staged an Aurora attack live on CNN. The video is below.
The Aurora vulnerability affects much more than rotating equipment inside power plants. It affects nearly every electricity system worldwide and potentially any rotating equipment—whether it generates power or is essential to an industrial or commercial facility.
The article was written by Michael Swearingen, then manager for regulatory policy for Tri-County Electric Cooperative (now retired), Steven Brunasso, a technology operations manager for a municipal electric utility, Booz Allen Hamilton critical infrastructure specialist Dennis Huber, and Joe Weiss, a managing partner for Applied Control Solutions.
Weiss today is a Defense Department subcontractor working with the Navy’s Mission Assurance Division. His specific focus is fixing Aurora vulnerabilities. He calls DHS’s error “breathtaking.”
The vast majority of the 800 or so pages are of no consequence, says Weiss, but a small number contain information that could be extremely useful to someone looking to perpetrate an attack. “Three of their slides constitute a hit list of critical infrastructure. They tell you by name which [Pacific Gas and Electric] substations you could use to destroy parts of grid. They give the name of all the large pumping stations in California.”
The publicly available documents that DHS released do indeed contain the names and physical locations of specific Pacific Gas and Electric Substations that may be vulnerable to attack.
Defense One shared the documents with Jeffrey Carr, CEO of the cybersecurity firm Taia Global and the author of Inside Cyber Warfare: Mapping the Cyber Underworld. “I’d agree…This release certainly didn’t help make our critical infrastructure any safer and for certain types of attackers, this information could save them some time in their pre-attack planning,” he said.
Perpetrating an Aurora attack is not easy, but it becomes much easier the more knowledge a would-be attacker has on the specific equipment they may want to target.
* * *
In a 2011 paper for the Protective Relay Engineers’ 64th Annual Conference, Mark Zeller, a service provider with Schweitzer Engineering Laborites lays out—broadly—the information an attacker would have to have to execute a successful Aurora attack. “The perpetrator must have knowledge of the local power system, know and understand the power system interconnections, initiate the attack under vulnerable system load and impedance conditions and select a breaker capable of opening and closing quickly enough to operate within the vulnerability window.”
“Assuming the attack is initiated via remote electronic access, the perpetrator needs to understand and violate the electronic media, find a communications link that is not encrypted or is unknown to the operator, ensure no access alarm is sent to the operators, know all passwords, or enter a system that has no authentication.”
That sounds like a lot of hurdles to jump over. But utilities commonly rely on publicly available equipment and common communication protocols (DNP, Modbus, IEC 60870-5-103,IEC 61850, Telnet, QUIC4/QUIN, and Cooper 2179) to handle links between different parts their systems. It makes equipment easier to run, maintain, repair and replace. But in that convenience lies vulnerability.
In their Power Magazine article, the authors point out that “compromising any of these protocols would allow the malicious party to control these systems outside utility operations.”
Defense One reached out to DHS to ask them if they saw any risk in the accidental document dump. A DHS official wrote back with this response: “As part of a recent Freedom of Information Act (FOIA) request related to Operation Aurora, the Department of Homeland Security (DHS) National Programs and Protection Directorate provided several previously released documents to the requestor. It appears that those documents may not have been specifically what the requestor was seeking; however, the documents were thoroughly reviewed for sensitive or classified information prior to their release to ensure that critical infrastructure security would not be compromised.”
Weiss calls the response “nonsense.”
The risk posed by DHS accidental document release may be large, as Weiss argues, or nonexistent, as DHS would have you believe. But even if it’s the latter, Aurora vulnerabilities remain a key concern.
Perry Pederson, who was the director of Control Systems Security Program at DHS in 2007 when the Aurora vulnerability was first exposed, said as much in a blog post in July after the vulnerability was discovered. He doesn’t lay blame at the feet of DHS. But his words echo those of Weiss in their urgency.
“Fast forward to 2014. What have we learned about the protection of critical cyber-physical assets? Based on various open source media reports in just the first half of 2014, we don’t seem to be learning how to defend at the same rate as others are learning to breach.”
* * *
In many ways the Aurora vulnerability is a much harder problem to defend against than the Sony hack, simply because there is no obvious incentive for any utility operator to take any of the relatively simple costs necessary to defend against it. And they are simple. Weiss says that a commonly available device installed on vulnerable equipment could effectively solve the problem, making it impossible to make the moving parts spin out of synchronization. There are two devices on the market iGR-933 rotating equipment isolation device (REID) and an SEL 751A, that purport to shield equipment from “out-of-phase” states.
To his knowledge, Weiss says, Pacific Gas and Electric has not installed any of them anywhere, even though the Defense Department will actually give them away to utility companies that want them, simply because DOD has an interest in making sure that bases don’t have to rely on backup power and water in the event of a blackout. “DOD bought several of the iGR-933, they bought them to give them away to utilities with critical substations,” Weiss said. “Even though DOD was trying to give them away, they couldn’t give them to any of the utilities because any facility they put them in would become a ‘critical facility’ and the facility would be open to NERC–CIP audits.”
Aurora is not a zero-day vulnerability, an attack that exploits an entirely new vector giving the victim “zero days” to figure out a patch. The problem is that there is no way to know that they are being implemented until someone, North Korea or someone else, chooses to exploit them.
Can North Korea pull of an Aurora vulnerability? Weiss says yes. “North Korea and Iran and are capable of doing things like this.”
Would such an attack constitute an act of cyber war? The answer is maybe. Speaking to reporters at the Pentagon on Friday, Pentagon Press Secretary Rear Adm. John Kirby said “I’m also not able to lay out in any specificity for you what would be or wouldn’t be an act of war in the cyber domain. It’s not like there’s a demarcation line that exists in some sort of fixed space on what is or isn’t. The cyber domain remains challenging, it remains very fluid. Part of the reason why it’s such a challenging domain for us is because there aren’t internationally accepted norms and protocols. And that’s something that we here in the Defense Department have been arguing for.”
Peter Singer, in conversation with Jason Koebler at Motherboard, says that the bar for actual military engagement against North Korea is a lot higher than hacking a major Hollywood movie studio.
“We didn’t go to war with North Korea when they murdered American soldiers in the 1970s with axes. We didn’t go to war with North Korea when they fired missiles over our allies. We didn’t go to war with North Korea when one of their ships torpedoed an alliance partner and killed some of their sailors. You’re going to tell me we’re now going to go to war because a Sony exec described Angelina Jolie as a diva? It’s not happening.”
Obama said Friday that there would be some sort of response to the hack, but declined to say what. “We have been working up a range of options. They will be presented to me. I will make a decision on those based on what I believe is proportional and appropriate to the nature of this crime,” he said.
Would infrastructure vandalism causing blackouts and water shutdowns constitute an act of war? The question may be moot. Before the United States can consider what sort of response is appropriate to cyber attacks, it must first be able to attribute them.
The FBI was able to finger North Korea for the hack after looking at the malware in the same way a forensics team looks for signs of a perpetrator at the scene of the crime. “Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks,” according to the FBI statement. (Attribution has emerged as a point of contention in technology circles, with many experts suggesting that an inside hack job was more likely.)
An Aurora vulnerability attack, conversely, leaves no fingerprints except perhaps a single IP address. Unlike the Sony hack, it doesn’t require specially written malware to be uploaded into a system—malware that could indicate the identity of the attacker, or at least his or her affiliation. Exploiting an Aurora attack is simply a matter of gaining access, remotely, possibly because equipment is still running on factory-installed passwords, and then turning off and on a switch.
“You’re using the substations against whatever’s connected to them. Aurora uses the substations as the attack vector. This is the electric grid being the attack vector,” said Weiss, who calls it “a very, very insidious” attack.
The degree to which we are safe from that eventuality depends entirely on how well utility companies have put in place safeguards. We may know the answer to that question in 2015.
Nusra Front Islamist militants linked to al-Qaeda have blown up the 13th century tomb of a revered Islamic scholar in southern Syria, Syrian state news agency SANA and monitoring group, the Syrian Observatory for Human Rights, reported.
The mausoleum of Imam Nawawi is in Nawa in Deraa province near the Jordanian border, a town captured by groups fighting the Syrian government in November.
The Nusra Front follows the same puritanical interpretation of Sunni Islam adopted by the Islamic State group that has also destroyed shrines in areas of eastern and northern Syria that it controls. They see tombs as sacrilegious.
UNITED NATIONS — Chemical weapons investigators concluded “with a high degree of confidence” that chlorine gas was used as a weapon against three opposition-controlled villages in Syria last year, affecting between 350 and 500 people and killing 13, according to a report obtained Tuesday by The Associated Press.
The third report by a fact-finding mission from the Organization for the Prohibition of Chemical Weapons didn’t apportion blame but said 32 of 37 people interviewed “saw or heard the sound of a helicopter over the village at the time of the attack with barrel bombs containing toxic chemicals.”
The investigators said 26 people heard the distinctive “whistling” sound of the falling barrel bombs containing toxic chemicals and 16 visited the impact sites and saw the bombs or their remnants. They said 29 people smelled “the distinctive odor of the gas cloud” released after the bombs hit the ground, mainly describing it “as intense, chlorine-like, similar to cleaning material used to clean toilets, but much stronger.”
The report includes a description of 142 videos and 189 pieces of material obtained by the investigators as well as photos of impact sites and the inner chlorine cylinder from a barrel bomb.
The mission was established by the OPCW on April 29 to establish the facts surrounding allegations of the use of chlorine “for hostile purposes” in Syria. Chlorine gas is readily available and is used in industry around the world, but it can also be used as a weapon.
The U.N. Security Council has been intensely involved in the issue of alleged chemical weapons use in Syria. After an August 2013 sarin gas attack near Damascus in which the U.S. says more than 1,400 people were killed, the Security Council unanimously adopted a resolution backed by the U.S. and Russia on Sept. 27, 2013, ordering Syria’s chemical weapons stockpile to be destroyed. U.N. investigators could not find enough evidence to assess blame for the sarin attack. Syria’s declared chemical weapons stockpiles have since been destroyed under international supervision, but questions remain about whether it may still be hiding deadly chemical agents.
Chlorine gas is not listed as a chemical weapon. But eight council members, including the United States, said in a Dec. 30 letter accompanying the OPCW report that the 2013 resolution also states that any use of chemical weapons threatens international peace and security and must be condemned.
The 15 council members discussed the fact-finding mission’s report behind closed doors Tuesday, and diplomats said the U.S. and other Western nations who signed the letter along with Jordan urged Security Council action in response to the findings. But Russia, Syria’s closest ally, insisted that the report on chlorine attacks was an issue for the OPCW, which polices the Chemical Weapons Convention, the diplomats said, speaking on condition of anonymity because consultations were private.
Syria’s Deputy Foreign Minister Faysal Mekdad told an OPCW meeting on Dec. 1 that his government has never used chemical weapons or chlorine gas during the country’s four-year civil war, which has claimed over 200,000 lives and displaced one third of the country’s population. He said terror groups “have used chlorine gas in several of the regions of Syria and Iraq.”
But U.S. Ambassador Samantha Power tweeted that “only Syrian regime uses (helicopters).” She also tweeted that the Syrian “Regime must be shown it is not enough to destroy declared CW (chemical weapons); must stop dropping chemical-laden explosives on civilians.”
The investigators interviewed 14 people from the village of Talmenes in Idlib governorate about barrel bomb attacks on April 21 and April 24. At two houses that were hit, a 7-year-old boy, a teenage girl, and the matriarch of a family died from exposure to chlorine gas, they said. Domestic animals including cows, goats and sheep also died at both houses.
Fourteen people from the village of Al Tamanah, also in Idlib, were interviewed by the mission’s investigators about five incidents in April and May – all but one at night. Eight members of two families who had sought refuge in the village died shortly after separate attacks involving the toxic chemical, the report said.
Investigators said they interviewed nine people from Kafr Zita in Hama Governorate in northern Syria and were told that the village had been the target of hundreds of attacks with conventional weapons and 17 attacks using toxic chemicals between April and August.
The State of the Union speech is right around the corner and Barack Obama flying Air Force 1 into overdrive pushing items he wants to take credit for including lower gas prices.
The Veterans Affairs system is still broken. Though the House and Senate passed the start of good reform last year, the bureaucracy still needs major reforms so that veterans get the care they need in time. But the President still hasn’t taken the time to offer a long-term plan to fix the VA. President Obama needs to change his priorities.
It’s time for the White House to stop blocking bipartisan bills that the people want and get to work on real solutions and genuine reform. Don’t drive past the problems, Mr. President. Start helping us fix them.
In the first two days of the new Congress, President Obama has already issued three veto threats against bipartisan bills. Despite the bills having strong support on both sides of the aisle, President Obama has indicated that he will veto bills restoring the 40-hour workweek under Obamacare, approving the Keystone XL pipeline, and delaying a part of the flawed Dodd-Frank regulations.
President visits Ford’s Michigan Assembly Plant today
“I would strongly advise American consumers to continue to think about how you save money at the pump because it is good for the environment, it’s good for family pocketbooks and if you go back to old habits and suddenly gas is back at $3.50, you are going to not be real happy,” the President told The Detroit News in a phone interview, ahead of his visit to Ford’s Michigan Assembly Plant today.
“The American people should not believe that … demand for oil by China and India and all these emerging countries is going to stay flat,” Obama told The Detroit News. “Just demographics tell us demand is going to continue to grow, that over the long term it will grow faster than supply and we have to be smart about our energy policy,” he said.
Obama is using the stop at the Ford facility in Wayne, Michigan to tout his administration’s auto industry bailout. The facility, where Ford produces the Focus and C-Max, is currently idle due to slow sales.
China Pledged Billions of Dollars of Financing to Venezuela and Ecuador, Two South American Energy Exporters Battered by Falling Oil Prices
China pledged billions of dollars of financing to Venezuela and Ecuador, two South American energy exporters battered by falling oil prices, as Beijing moved to secure resources and allies in the region.
China has increased its diplomatic clout throughout Latin America by extending over $100 billion in credit to the region since 2005, according to figures from Boston University’s Global Economic Governance Initiative.
Beijing has become the biggest foreign financier of both Venezuela and Ecuador, two oil-rich, leftist allies eager to help counter U.S. sway in the region.
Following a meeting with Chinese President Xi Jinping , his Venezuelan counterpart Nicolás Maduro announced bilateral accords that would bring $20 billion in new investment to Venezuela. Ecuador said it secured $7.5 billion in financing.
Both Mr. Maduro and his Ecuadorian counterpart, Rafael Correa, were in Beijing along with officials from various Latin American nations to take part in a regional gathering.
Both Latin countries, highly dependent on oil exports to pay for heavy public spending, were in dire need of a helping hand as crude prices tumble to less than half of their level from several months ago. A barrel of oil sold for about $50 on Wednesday.
Last week, Venezuela’s central bank released long-delayed figures, revealing the country entered a recession in 2014.
Venezuela needs oil to average around $117.50 a barrel to balance its 2015 budget, according to Deutsche Bank estimates.
In Ecuador, officials have reported a slowing economy, with growth of 3.4% in the third quarter, down from 5.6% in the July-through-September period in 2013.
Mr. Maduro, who has seen his approval rating swoon along with oil prices, offered few details on the new accords with China, which he said involved projects in the energy, industrial and housing sectors.
The Venezuelan leader, who has struggled to keep supporters happy amid shortages of basic goods, praised China for coming to the rescue.
“The economic war against our people and the oil price war is an opportunity to grow closer to our allies,” said Mr. Maduro, who has blamed Venezuela’s spiraling economy on an alleged plot by enemies of his leftist government.
Venezuela is slated to hold hotly contested legislative elections in December that many analysts see as a referendum on Mr. Maduro’s performance.
At a daily press briefing on Wednesday, Chinese Foreign Ministry spokesman Hong Lei said “Relevant financing cooperation is going smoothly” with Venezuela. State-run China Central Television paraphrased Chinese President Xi Jinping as calling for “promoting oil development” in a meeting with Mr. Maduro.
Experts said it was unclear without further details what kind of impact the new financing would have on the Venezuelan and Ecuadorian economies.
China has extended to Caracas some $50 billion in credit since 2007 in exchange for guaranteed oil. It has committed more than $12 billion in financing to Ecuador between 2009 and 2014.
Wednesday’s agreement underscored China’s continuing support for Mr. Maduro despite his political woes, said Risa Grais Targow, senior Latin America analysts for Eurasia Group.
“This is because the Chinese are heavily exposed to Venezuela and are likely concerned about the prospect of regime change,” she said in a client note.
Since 2005, China has provided upwards of $87 billion in loan commitments to Latin American countries. China’s loan commitments of $37 billion in 2010 were more than those of the World Bank, Inter-American Development Bank, and U.S. Export-Import Bank combined. This interactive database provides up-to-date information on Chinese lending in Latin America by country, lender, sector and year.
for Ukraine’s pro-Russian rebels.
