Hi everyone, this is my first ever post here.
I run a little website called The Thought Experiment where I talk about various issues, some of them Singapore related. And one of my main interests is Singaporean politics. With the GE2020 election results, I thought I should pen down my take on what us as the electorate were trying to say.
If you like what I wrote, I also wrote another article on the state of play for GE2020 during the campaigning period, as well as 2 other articles related to GE2015 back when it was taking place.
If you don't like what I wrote, that's ok! I think the beauty of freedom of expression is that everyone is entitled to their opinion. I'm always happy to get feedback, because I do think that more public discourse about our local politics helps us to be more politically aware as a whole.
Just thought I'll share my article here to see what you guys make of it :D
Article Starts Here:
During the campaigning period, both sides sought to portray an extreme scenario of what would happen if voters did not vote for them. The Peoples’ Action Party (PAP) warned that Singaporeans that their political opponents “might eventually replace the government after July 10”
. Meanwhile, the Worker’s Party (WP) stated that “there was a real risk of a wipeout of elected opposition MPs at the July 10 polls”
Today is July 11th. As we all know, neither of these scenarios came to pass. The PAP comfortably retained its super-majority in Parliament, winning 83 out of 93 elected MP seats. But just as in GE2011, another Group Representation Constituency (GRC) has fallen to the WP. In addition, the PAP saw its vote share drop drastically, down almost 9% to 61.2% from 69.9% in GE2015.
Singapore’s electorate is unique in that a significant proportion is comprised of swing voters: Voters who don’t hold any blind allegiance to any political party, but vote based on a variety of factors both micro and macro. The above extreme scenarios were clearly targeted at these swing voters. Well, the swing voters have made their choice, their roar sending 4 more elected opposition MPs into Parliament. This article aims to unpack that roar and what it means for the state of Singaporean politics going forward. 1. The PAP is still the preferred party to form Singapore’s Government
Yes, this may come across as blindingly obvious, but it still needs to be said. The swing voter is by its very definition, liable to changes of opinion. And a large factor that determines how a swing voter votes is their perception of how their fellow swing voters are voting.
If swing voters perceive that most swing voters are leaning towards voting for the opposition, they might feel compelled to vote for the incumbent. And if the reverse is true, swing voters might feel the need to shore up opposition support.
Why is this so? This is because the swing voter is trying to push the vote result into a sweet spot – one that lies between the two extreme scenarios espoused by either side. They don’t want the PAP to sweep all 93 seats in a ‘white tsunami’. Neither do they want the opposition to claim so much territory that the PAP is too weak to form the Government on its own. But because each swing voter only has a binary choice: either they vote for one side or the other (I’m ignoring the third option where they simply spoil their vote), they can’t very well say “I want to vote 0.6 for the PAP and 0.4 for the Opposition with my vote”. And so we can expect the swing voter bloc to continue being a source of uncertainty for both sides in future elections, as long as swing voters are still convinced that the PAP should be the Government. 2. Voters no longer believe that the PAP needs a ‘strong mandate’ to govern. They also don’t buy into the NCMP scheme.
Throughout the campaign period, the PAP repeatedly exhorted voters to vote for them alone. Granted, they couldn’t very well give any ground to the opposition without a fight. And therefore there was an attempt to equate voting for the PAP as voting for Singapore’s best interests. However, the main message that voters got was this: PAP will only be able to steer Singapore out of the Covid-19 pandemic if it has a strong mandate from the people.
What is a strong mandate, you may ask? While no PAP candidate publicly confirmed it, their incessant harping on the Non-Constituency Member of Parliament (NCMP) scheme
as the PAP’s win-win solution for having the PAP in power and a largely de-fanged opposition presence in parliament shows that the PAP truly wanted a parliament where it held every single seat.
Clearly, the electorate has different ideas, handing Sengkang GRC to the WP and slashing the PAP’s margins in previous strongholds such as West Coast, Choa Chu Kang and Tanjong Pagar by double digit percentages. There is no doubt from the results that swing voters are convinced that a PAP supermajority is not good for Singapore. They are no longer convinced that to vote for the opposition is a vote against Singapore. They have realized, as members of a maturing democracy surely must, that one can vote for the opposition, yet still be pro-Singapore. 3. Social Media and the Internet are rewriting the electorate’s perception.
In the past, there was no way to have an easily accessible record of historical events. With the only information source available being biased mainstream media, Singaporeans could only rely on that to fill in the gaps in their memories. Therefore, Operation Coldstore
became a myth of the past, and Chee Soon Juan became a crackpot in the eyes of the people
, someone who should never be allowed into Parliament.
Fast forward to today. Chee won 45.2% of the votes in Bukit Batok’s Single Member Constituency (SMC). His party-mate, Dr. Paul Tambyah did even better, winning 46.26% of the votes in Bukit Panjang SMC. For someone previously seen as unfit for public office, this is an extremely good result.
Chee has been running for elections in Singapore for a long time, and only now is there a significant change in the way he is perceived (and supported) by the electorate. Why? Because of social media and the internet, two things which the PAP does not have absolute control over. With the ability to conduct interviews with social media personalities
as well as upload party videos on Youtube
, he has been able to display a side of himself to people that the PAP did not want them to see: someone who is merely human just like them, but who is standing up for what he believes in. 4. Reserved Election Shenanigans and Tan Cheng Block: The electorate has not forgotten.
Tan Cheng Bock almost became our President in 2011. There are many who say that if Tan Kin Lian and Tan Jee Say had not run, Tony Tan would not have been elected. In March 2016, Tan Cheng Bock publicly declared his interest to run for the next Presidential Election that would be held in 2017. The close result of 2011 and Tan Cheng Bock’s imminent candidacy made the upcoming Presidential Election one that was eagerly anticipated.
That is, until the PAP shut down his bid for the presidency just a few months later in September 2016, using its supermajority in Parliament to pass a “reserved election” in which only members of a particular race could take part. Under the new rules that they had drawn up for themselves, it was decreed that only Malays could take part. And not just any Malay. The candidate had to either be a senior executive managing a firm that had S$500 million in shareholders’ equity, or be the Speaker of Parliament or a similarly high post in the public sector (the exact criteria are a bit more in-depth than this, but this is the gist of it. You can find the full criteria here
). And who was the Speaker of Parliament at the time? Mdm Halimah, who was conveniently of the right race (Although there was some hooha about her actually being Indian). With the extremely strict private sector criteria and the PAP being able to effectively control who the public sector candidate was, it came as no surprise that Mdm Halimah was declared the only eligible candidate on Nomination Day. A day later, she was Singapore’s President. And all without a single vote cast by any Singaporean.
Of course, the PAP denied that this was a move specifically aimed at blocking Tan Cheng Bock’s bid for the presidency. Chan Chun Sing, Singapore’s current Minister of Trade and Industry, stated in 2017 that the Government was prepared to pay the political price
over making these changes to the Constitution.
We can clearly see from the GE2020 results that a price was indeed paid. A loss of almost 9% of vote share is very significant, although a combination of the first-past-the-post rule
and the GRC system ensured that the PAP still won 89.2% of the seats in Parliament despite only garnering 61.2% of the votes. On the whole, it’s naught but a scratch to the PAP’s overwhelming dominance in Parliament. The PAP still retains its supermajority and can make changes to the Constitution anytime that it likes. But the swing voters have sent a clear signal that they have not been persuaded by the PAP’s rationale. 5. Swing Voters do not want Racial Politics.
In 2019, Heng Swee Keat, Singapore’s Deputy Prime Minister and the man who is next in line to be Prime Minister (PM) commented that Singapore was not ready to have a non-Chinese PM
. He further added that race is an issue that always arises at election-time in Singapore.
Let us now consider the GE2015 results. Tharman Shanmugaratnam, Singapore’s Senior Minister and someone whom many have expressed keenness to be Singapore’s next PM, obtained 79.28% of the vote share in Jurong GRC. This was above even the current Prime Minister Lee Hsien Loong, who scored 78.63% in Ang Mo Kio GRC. Tharman’s score was the highest in the entire election.
And now let us consider the GE2020 results. Tharman scored 74.62% in Jurong, again the highest scorer of the entire election, while Hsien Loong scored 71.91%. So Tharman beat the current PM again, and by an even bigger margin than the last time. Furthermore, Swee Keat, who made the infamous comments above, scored just 53.41% in East Coast.
Yes, I know I’m ignoring a lot of other factors that influenced these results. But don’t these results show conclusively that Heng’s comments were wrong? We have an Indian leading both the current and future PM in both elections, but yet PAP still feels the need to say that Singapore “hasn’t arrived” at a stage where we can vote without race in mind. In fact, this was the same rationale that supposedly led to the reserved presidency as mentioned in my earlier point.
The swing voters have spoken, and it is exceedingly clear to me that the electorate does not care what our highest office-holders are in terms of race, whether it be the PM or the President. Our Singapore pledge firmly states “regardless of race”, and I think the results have shown that we as a people have taken it to heart. But has the PAP? 6. Voters will not be so easily manipulated.
On one hand, Singaporeans were exhorted to stay home during the Covid-19 pandemic. Contact tracing became mandatory, and groups of more than 5 are prohibited.
But on the other hand, we are also told that it’s absolutely necessary to hold an election during this same period, for Singaporeans to wait in long lines
and in close proximity to each other as we congregate to cast our vote, all because the PAP needs a strong mandate.
On one hand, Heng Swee Keat lambasted the Worker’s Party, claiming that it was “playing games with voters”
over their refusal to confirm if they would accept NCMP seats.
But on the other hand, Heng Swee Keat was moved to the East Coast GRC at the eleventh hour in a surprise move to secure the constituency. (As mentioned above, he was aptly rewarded for this with a razor-thin margin of just 53.41% of the votes.)
On one hand, Masagos Zulkifli, PAP Vice-Chairman stated that “candidates should not be defined by a single moment in time or in their career, but judged instead by their growth throughout their life”
. He said this in defense of Ivan Lim, who appears to be the very first candidate in Singaporean politics to have been pushed into retracting his candidacy by the power of non-mainstream media.
But on the other hand, the PAP called on the WP to make clear its stand on Raeesah Khan, a WP candidate who ran (and won) in Sengkang GRC for this election, stating that the Police investigation into Raeesah’s comments made on social media was “a serious matter which goes to the fundamental principles on which our country has been built”
On one hand, Chan Chun Sing stated in 2015, referring to SingFirst’s policies about giving allowances to the young and the elderly, “Some of them promised you $300 per month. I say, please don’t insult my residents. You think…. they are here to be bribed?”
On the other hand, the PAP Government has just given out several handouts under its many budgets to help Singaporeans cope with the Covid-19 situation. [To be clear, I totally approve of these handouts. What I don’t approve is that the PAP felt the need to lambast similar policies as bribery in the past. Comparing a policy with a crime is a political low blow in my book.]
I could go on, but I think I’ve made my point. And so did the electorate in this election, putting their vote where it counted to show their disdain for the heavy-handedness and double standards that the PAP has displayed for this election. Conclusion
I don’t say the above to put down the PAP. The PAP would have you believe that to not support them is equivalent to not wanting what’s best for Singapore. This is a false dichotomy that must be stamped out, and I am glad to see our swing voters taking a real stand with this election.
No, I say the above as a harsh but ultimately supportive letter to the PAP. As everyone can see from the results, we all still firmly believe that the PAP should be the Government. We still have faith that PAP has the leadership to take us forward and out of the Covid-19 crisis.
But we also want to send the PAP a strong signal with this vote, to bring them down from their ivory towers and down to the ground. Enough with the double standards. Enough with the heavy-handedness. Singaporeans have clearly stated their desire for a more mature democracy, and that means more alternative voices in Parliament. The PAP needs to stop acting as the father who knows it all, and to start acting as the bigger brother who can work hand in hand with his alternative younger brother towards what’s best for the entire family: Singapore.
There is a real chance that the PAP will not listen, though. As Lee Hsien Loong admitted in a rally in 2006
, “if there are 10, 20… opposition members in Parliament… I have to spent my time thinking what is the right way to fix them”.
Now, the PAP has POFMA at its disposal. It still has the supermajority in Parliament, making them able to change any law in Singapore, even the Constitution at will. We have already seen them put these tools to use for its own benefit. Let us see if the PAP will continue as it has always done, or will it take this opportunity to change itself for the better. Whatever the case, we will be watching, and we will be waiting to make our roar heard once again five years down the road.
Article Ends Here.
Here's the link to the actual article: https://thethoughtexperiment.org/2020/07/11/ge2020-the-roar-of-the-swing-vote
And here's the link to the other political articles I've written about Singapore: https://thethoughtexperiment.org/2020/07/07/ge2020-the-state-of-play/ https://thethoughtexperiment.org/2015/09/10/ge2015-voting-wisely/ https://thethoughtexperiment.org/2015/09/05/expectations-of-the-opposition/
Stop attacks before ”zero day” and stop the Advanced Persistent Threat (APT)
We live in a dangerous world — our information technology systems face that danger every single day. Hackers are constantly attempting to infiltrate systems, steal information, damage government and corporate reputations, and take control of systems and processes.
Hackers share and use a variety of tools and techniques to gain access to, and
maintain access to, IT systems, including groups and techniques so dangerous
they have their own category - the Advanced Persistent Threat (APT). At the
center of the APT are sophisticated techniques using malware to exploit vulnerabilities in systems. Traditional cyber security technologies use file signatures to locate these tools and hacker malware, but hackers are now actively camouflaging their tools by changing, customizing, and “morphing” them into new files that do not match any known signatures (‘Polymorphic Malware’). This introduces a massive gap in malicious file detection which leaves the enterprise open to exploitation — and it’s just not possible for traditional signature-based systems to keep up. In fact, signature-based anti-virus and anti-malware systems are only around 25% effective today. BlindSpot™ sees through it all, even as the files morph and change in a futile attempt to remain camouflaged.
Digital File Fingerprints
Any File Type, Any Language, Partial Matches, Exact Matches
BlindSpot™, the adaptive security solution from BlindSpot™, can see through the
Polymorphic camouflage used by the worlds most advanced hackers by utilizing
digital file fingerprints and our proprietary adaptive BlindSpot™ ‘brain’ that constantly analyzes the fingerprints of known malicious files and tools to locate partial matches within the files on your systems - servers, laptops, desktops, USB drives, and even mobile devices. BlindSpot™ can cut right through the Polymorphic files, revealing the true hacking tools underneath, even if they are only fragments or pieces of a more complete set of hacking tools and technologies.
Most cyber attacks happen weeks or even months after their initial penetration and access to a network or system, and even the simplest attacks tend to have a fuse that is typically several days. It takes them time to map out a system, probe for the information they want, and obtain or forge credentials with the type of access they need. But from the moment their tools first land on your network and systems, BlindSpot™ sees them. If fact, BlindSpot™ can see them sitting on a newly inserted USB drive even if the files are not copied to your systems. This means BlindSpot™ can identify and alert you to malicious files and potential illicit activities before the attack happens - before zero day!
How does BlindSpot™ work? BlindSpot™ sits on the endpoint and continuously monitors file activity. Digital fingerprints, which can be used to find partial matches of any file type in any language, are reported back where they are kept forever in a temporal repository.
BlindSpot™ looks through all of the digital fingerprints — both those from files on your systems and those in a constantly updated database of known malicious files and hacking tools, to locate and alert you to any indication of hacking, malicious files, or illicit activity. BlindSpot™ is a disruptive technology that can see polymorphic malware and stop attacks before zero day.
Digital File Fingerprints are created from a file or a piece of digital data/information by using advanced mathematics to look at all of the small pieces of data that make up the file to create a very small, unique piece of mathematical data — a digital file fingerprint. Files may be of any file type and in any language - digital fingerprints can find partial and exact matches regardless of what is in the file itself.
Just like with humans, once a fingerprint has been taken, you no longer need the
person to identify them. The fingerprint is enough. Even a partial fingerprint is
enough, and sometimes a smudge will do. Digital fingerprints work on the same
principle. Once BlindSpot™ has taken a digital fingerprint of a file, the file is no longer needed to identify it or to compare it with other files. And because digital fingerprints are tiny, they are easy to store. Even a multi-gigabyte file has a digital fingerprint that is no larger than 10k bytes.
Once you have two sets of digital fingerprints, you can compare them. Because BlindSpot™ starts with full fingerprints of known malicious files, it can identify matching files even when the digital fingerprint is only partially there. And with BlindSpot™’s advanced processing capabilities, file fragments, recovered data from a hard drive, partially downloaded documents, damaged files (both intentional and accidental) and other incomplete file structures can be properly fingerprinted in a way that still allows matches to be found.
Other technologies and software use static signatures, which do not work if any part of a file, regardless of how small, is different from another, or if the file is damaged in any way. BlindSpot™ and digital fingerprints enable partial matching, and can see through the camouflage that has become the industry standard for hackers across the globe. Static signature based solutions simply cannot do this.
Imagine your favorite detective drama on TV. The prosecutor says “This partial
fingerprint was found at the crime scene and the video camera across the
street recorded a perfect image of the person’s face.” The jury deliberates and
compares the picture and fingerprints of the defendant that were taken the day
before. They conclude, because the fingerprint was not all there and was not 100% identical, and because one picture showed a mustache that looked identical but was one millimeter longer than the other picture, that the two people were not identical - and set the criminal free. Well, that show wouldn’t be on TV long because crime would run rampant. Now imagine they had BlindSpot™. Criminals would be caught, the town would be a much safer place, and the show would be on for years to come.
Now imagine your network and systems without BlindSpot™, where traditional
exact match signature software is on your front line of defense. All kinds of
malicious files could walk right through and sit down on your hard drives, just
waiting for hackers to activate them. But you don’t have to imagine what your
systems would be like with BlindSpot™ — instead, simply contact us, get BlindSpot™ in place, and we’ll work with you to show you what’s really on your systems and help you keep those systems safe.
Ensuring System Compliance
Take the guesswork out of compliance assessment
All Government systems go through Certification and Accreditation. BlindSpot™ can help you with malicious code protection, for both security considerations and required compliance. Guidelines found in NIST 800-53 Revisions 3+ Security Requirements for System Integrity, SI-3 Malicious Code Protection, state that malicious code protection mechanisms must be employed at information system entry and exit points, including workstations, notebook computers, and mobile devices, to detect and eradicate malicious code.
BlindSpot™, with its continuous monitoring of the files on your endpoints and its
continuous updating of its known malicious file repository, will provide the
required real-time and full monthly re-scans of your files, will alert your
administrative staff when malicious code is found, will provide reports on
potential malicious files, illicit activity, and follow-up with very short false positive reports. BlindSpot™’s false positive rate is less than 0.01%. BlindSpot™ helps organizations meet the security requirements set forth and ensure compliance.
Intellectual Property Protection
Track sensitive information as it changes and moves around the enterprise
BlindSpot™ uses digital file fingerprints to identify partial and exact matches between files, regardless of file type or language. This ability can be used to track movements of and changes to files on a network of computers.
Government entities and corporations need to addresses the issue of monitoring
documents and files that contain sensitive information intellectual property, and it
is no longer sufficient to simply store them on a secure server and require specific credentials to access the information. People, both unintentionally and sometimes with malicious intent, copy and paste parts of documents, move files to USB drives, and otherwise edit and transfer files in order to get them on to a laptop, share them with a co-worker, or exfiltrate confidential information to outside networks and systems. BlindSpot™ carefully watches all of the files on your network, including what’s going with USB drives. If someone copies part of a file that has sensitive data to another file, BlindSpot™ sees it. Furthermore, BlindSpot™ can alert you when it sees questionable activity with certain documents/files or with specific computers/individuals.
Your sensitive files now have a watchdog that catches both unintentional and
malicious exposure to non-secure systems. Use BlindSpot™ to set up a custom
database of the locations where your sensitive files are stored, and BlindSpot™ will create a set of digital file fingerprints that can be used to track those files across your network and systems. This ensures that an organization can know where its proprietary and sensitive information is 365/7/24, in real-time.
Supervisory Control and Data Acquisition (SCADA) Systems
Supervisory Control and Data Acquisition (SCADA) is a system for remote monitoring and control that operates with coded signals over communication channels (using typically one communication channel per remote station).
SCADA networks contain computers and applications that perform key functions in providing essential services and commodities (e.g. electricity, natural gas, gasoline, water, waste treatment, transportation) to all Americans. They are part of the nation’s critical infrastructure, provide great efficiency, are widely used, and require protection from a variety of cyber threats.
One of the most significant threats is benign files residing on the computers on
the network that morph into tools that hackers can use to gain access to the
network and the equipment it monitors and/or controls. These files might be part
of the operating system (binary files), might be a normal file that includes
scripting, or can even be a general data file moved onto the computer through a
network or a USB drive. By morphing, these files circumvent detection and
countermeasures. This is just one example of how a hacker can compromise and
exploit the system and the worst part is that you will never know until it is too late!
The recent Department of Justice announcement charging Iranian hackers
believed to be tied to the 2013 hacking of a New York dam illustrates this threat
Enter BlindSpot™’s BlindSpot™ Adaptive Security — BlindSpot™ monitors all files of all types (any format or language) without the requirement of a translator or human operator. BlindSpot™ can see right through the hacker’s camouflage of
morphing files to quickly identify problems and threats before hackers have the
opportunity to active and use their tools. For U.S. and foreign based systems,
BlindSpot™ is a must have cyber security solution.
The BlindSpot™ team has extensive experience with SCADA systems and critical infrastructure. Our BlindSpot™ solution is critical to the overall security framework of such systems as it was designed to find the morphing, malicious files and associated illicit file activity that can lead to compromise of the integrity, confidentiality and/or availability of the system. Threats loom on both the inside and outside, and the dynamic nature of these systems require continuous, temporal monitoring to stop cyber attacks before they happen.
Identify and remove Ransomware before it encrypts your files
Ransomware attacks are on the rise and affect Fortune 500 companies, Federal
organizations, and consumers. This vicious type of attack affects your user’s ability to get their work done and prevents users from accessing files on a device or network by making the device or network unusable, by encrypting the files your users need to access, and/or by stopping certain applications from running (e.g. the web browser). A ransom is then demanded (an electronic payment of currency or bitcoins) with the promise that your data will be unencrypted and accessible again following the payment.
If the ransom payment is made, there is no guarantee that the data will be
unencrypted or returned to a state of integrity and/or availability. Furthermore,
there is also no guarantee that the people behind the ransom will not re-infect
your systems again with a variant of what was initially used. Payment encourages future attacks because they know you cannot detect it and will pay again next time. Surprisingly, there are only a handful of known ransomware files in use today (e.g. Crowti, Fakebsod). Safeguards exist that use static signatures to find exact matches for these known files, but the moment these files morph or are changed in any way they become undetectable by these solutions. BlindSpot™ digs deeper with digital file fingerprints and can find the new files, enabling you to analyze, quarantine, or delete them before they activate. This pro-active approach can be the difference between a system being protected and a system being made completely unavailable with encrypted data being held hostage for a ransom. The image below is an actual Fakebsod notification message.
BlindSpot™ uses digital file fingerprints to detect the ransomware by looking at
both partial and exact matches and can report the problem before it happens.
Ransomeware of the past attacked your personal computer and today’s variant
attacks the servers — BlindSpot™ can detect both.
Case Study: March 2016 - Two more healthcare networks are hit by ransomware targeting servers. Advice from law enforcement — pay the ransom! (They did). File backups are insufficient. Paying ransoms is costly and only encourages repeat attacks.
BlindSpot™ is the most comprehensive solution available to detect and root out
ransomware. Take charge of the situation and put BlindSpot™ to work continuously monitoring your systems.
Get BlindSpot™ Now
Commercial or Government, with multiple contract vehicles available
How Can I Get BlindSpot™?
CYBR develops and sells its adaptive enterprise cyber security software product, BlindSpot™, and provides professional services and support for BlindSpot™ implementations.
BlindSpot™ Adaptive Security is a continuous monitoring enterprise solution that tracks file-based activity on the endpoint using digital file fingerprints, can identify problems and cyber threats before zero day, and can see through morphing, camouflaged (polymorphic) files to make accurate determinations of malicious files and illicit activity.
BlindSpot™ can deployed as a secure cloud application for maximum flexibility, a standalone Enterprise implementation for maximum security, or the two combined in an Enterprise implementation augmented through a secure cloud gateway.
Professional Services and Training
BlindSpot™’s team of cyber security experts have the expertise to support
you by creating a holistic, enterprise security framework that consists of people,
policy, procedures and technology that will ensure a security posture that implements the best risk management strategies, tactics and operations available.
Email us at [[email protected]
) for more information.
BlindSpot Solution Brief
June 29, 2018
POC: Shawn R. Key CEO, President
Executive Summary and Estimated Pricing
CYBR’s BlindSpot is an enterprise cyber security solution that pro-actively identifies unknown and known malicious files and circumventive activity on endpoint devices. It is designed to interact with the CYBR Ecosystem and associated Web Portal. Distributed clients serve as the connection to the various BlindSpot server tiers.
BlindSpot identifies Illicit File Activity (IFA) and associated hacker activity via perceptive, industry standard algorithms. BlindSpot identifies exact AND similar files regardless of file type and/or language. This applies to ALL file types (e.g. documents, images, audio and video, carrier, etc.). Currently implemented safeguards and counter measures (such as anti-virus (AV), content filters and malware analysis tools) cannot address polymorphic/adaptive files and emerging threats. This introduces a massive gap in illicit file detection and leaves the enterprise open to exploitation. BlindSpot fills that void.
Additionally, corporations and government entities have a need to address known files and associated activity with regards to content and data management. The uncertainty of Intellectual Property (IP) location and propagation poses significant risk to the organization. The ability to identify the life cycle of a file (origin, source, destination, attributes and proliferation) ensures an organization knows where its proprietary, sensitive and privacy information is 365/24/7, in near real-time.
BlindSpot, is significantly different from solutions in the emerging Specialized Threat Assessment and Protection (STAP) marketplace, as it scales to meet the needs of enterprise organizations and the commercial marketplace. BlindSpot’s proprietary database consists of millions of unique, digital identifiers (hash values) that identify exact AND similar, modified files. This ensures that files existing in their original state or those which have been intentionally modified, do not circumvent detection. Our algorithms ensure near zero false positive return rates. The combinatory effect and the rare expertise of our executives and development thwarts potential competition as BlindSpot is an enterprise solution; not a tool.
The enterprise solution is provide as a license per IP address with associated appliance and/or server hardware requirements.
CYBR BlindSpot Technical Deep Dive
CYBR’s BlindSpot product is currently available as a Software as a Service) (SaaS) deployment blockchain solution and will be available as a full enterprise-install by Q2 2019. In both implementations, end-point agent software monitors the hard drive(s) of a computer or server, analyses any files that change, and reports [multiple] file hashes back to the main system. This enables the main system to effectively monitor which files could be malicious or represent intellectual property on the computers and servers within the customer’s network. By using fuzzy hashing algorithms, the system can detect polymorphic malware and intellectual property that has been partially hidden or obfuscated.
End-point (client) agent: native to each major OS as a fat client. Currently we have end-point agents for Microsoft Windows-based systems using MS .NET c# 2.0/4.5 and C++, although the c# portion will be replaced with all c++ code to increase scalability, efficiency, and security, in Q1 2016. End-point agents for Mac OS (written in Objective-C) and popular Linux platforms (written in c++) will ship in Q1/Q2 2016. Development work on the CentOS linux agent will begin in December 2015.
The Control Application enables system administrators to configure each end-point agent, the system itself, and to actively monitor and access reports on files that have been identified by the system as problematic or of interest. At this time the Control Application is able to provide configuration and monitoring services but is not yet ready for customer on-site deployment and is therefore only available in a SaaS model.
The middle-tier of the system, the Portal sever, currently runs in MS .NET and is written in c#. This tier will be upgraded to a full c++ implementation to increase scalability, efficiency, and security, in Q1 2016, and will run as a standard web server extension on a Linux platform (CentOS/Apache).
The data-tier of the system currently is running in MS SQL Server 2008/2012 and uses transact-SQL tables, but does not use any stored procedures or transactions. Although this tier is sufficient for scalability through mid to late 2016, a no-SQL version of the data tier will be developed in 2016.
The Crush server (hashing services) currently runs on MS Server 2008/2012, is written in c#/c++ and is a) being ported to run as a (c++) daemon on a standard Linux (CentOS) server, and b) being re-engineered to function as a massively parallel application (c/c++) running on NVIDIA Tesla GPU accelerated systems. The Crush server communicates with the data-tier directly and the C2 server indirectly. Multiple Crush servers can run simultaneously and are horizontally scalable and fault-tolerant.
The C2 (Command and Control) server, written in c# and being moved to c++, communicates with the data-tier directly and the Crush server and Control Application indirectly to provide scheduling, system health and integrity, and prioritization services, as well redirecting jobs to maintain fault tolerance of the back-end server components. Multiple C2 servers can run simultaneously and are horizontally scalable.
Hardware and Network:
The basic architecture of the system has two different stacks of software. First, a typical 3-tier approach isolates data storage from end-point and Control Application access with a middle-man protocol altering Portal server. In the SaaS model, the end-point and Control Application software reside on-site with the customer, and the remaining stack components reside at the SaaS hosting datacenter. The second stack consists of multiple horizontally-scalable server components that run entirely in the backend as daemons and interact primarily through the data area to provide the services that are being marketed and sold to the customers. The two stacks are kept somewhat separate from each other in order to buffer one against the other in times of extreme load and for enhanced security.
Following is a description of each software module in the system and how it relates to the others:
The system has one component for data collection (the end-point agent software, which resides on the desktop computers and servers within a deployed customer site), one component for system administration (the Control Application, which resides on a desktop computer that the customer has access to or that an analyst can access through the SaaS system), and a collection of software processes/daemons and a data storage area that comprise the back-end.
The end-point agent collects data from the end-point computer, passes it to the Portal server, which in turn stores it in the data area.
The C2 server monitors the in-flow of data from the end-points, and tasks the Crush server(s) to analyze the data and compare it to databases of known good, known bad, and watch list files, in an efficient manner.
The C2 server also provides notification to the customer of any problematic or watch-list files following the completion of the Crush server tasks.
The Crush server monitors the data area, and performs batch or real-time processing of data as instructed to by the C2 server.
CYBR’s BlindSpot software is a commercially available product that combines a small footprint end-point agent with a centralized monitoring and management system to track files and file changes on the end-point using partial-match digital fingerprints rather than rigid full-match-only file signatures. As files and data buffers are created, edited/altered, and moved either through the network or via removable media devices including USB drives, the product uses its unique and proprietary technologies in combination with industry standard technologies to identify and locate both known malware and unknown [polymorphic] malware on end-points that are continuously monitored by the product. Staff is notified, depending on the urgency or type of digital fingerprint identified, through integrations with 3rd party SIEM solutions, email/SMS transmissions, and reports that are available using the central management system. A false positive rate of partial digital fingerprint matching of ~1 in 10-12 means staff will not be bombarded with unnecessary alerts, maintaining staff efficiency.
Overview: Traditional anti-malware products use static file signatures to locate known malware but have no means of detecting unknown malware, CYBR’s product uses digital file fingerprints that can identify both partial file matches as well as full file signature matches and in doing so can locate and identify both known and unknown malware within the deployed enterprise. A combination of industry standard and publicly available algorithms and CYBR’s own proprietary algorithms, trade secrets, methods, optimizations, and intellectual property for which a patent is currently pending (which is owned solely by CYBR) are combined to form a comprehensive anti-malware platform and continuous end-point monitoring product that is completely unique in the marketplace. Through the use of our proprietary algorithms and optimizations, the product has the ability to scale to the enterprise level and can track desktops/servers as well as mobile/phone/tablet/Internet of Things (IoTs) devices.
Project Implementation: The implementation of this product would include both the commercially available BlindSpot product as well as prototypes of integration packages to connect with the on-site Security Information and Event Management (SIEM) and other systems and prototypes of end-point agents running on operating systems that are not yet available in the currently available version of the product. Both the integration and end-point agent prototypes would be based on existing modular code/functionality and would extend functionality past the currently available modules to ensure the full needs and requirements of the project are met. A full version of BlindSpot would be deployed on servers at/on the enterprise site, and prototypes of both SIEM integrations and new end-point agents would be deployed to augment the full production system. Information flow between all areas of the full system and prototypes would be tested and verified with increasing scale to ensure the level of performance required is available prior to the completion of the project.
End-point Agents: Each end-point is installed with native low-profile proprietary agent software that minimizes both its file system footprint and CPU use. The current product has a native end-point available for Microsoft Windows OSs (both desktops/tablets and servers) in production, and has native end-point agents in development/prototype stage for iOS, Android, MacOS, and RHEL/CentOS, with additional popular Linux derivatives to follow. The main job of the end-point agent is to communicate with the OS and monitor the file system for any changes in files that occur. When changes are detected, a digital file fingerprint of the file is taken and reported to the centralized data store, or cached until a later time if the centralized data store is unreachable (e,g, no cell coverage, laptop not connected to internet). The agent normally runs in “stealth-mode” and uses minimal CPU, RAM, and file system footprint so as not to disrupt the end-user’s workflow or impact system performance. Taking a digital fingerprint of a file and reporting it is very fast and thus the main job of the end-point agent is not system resource intensive. The “heavy lifting” is done on the back-end and does not burden the users or the end-point devices. Configuration of each end-point agent is conducted through the centralized management system, and changes in configuration are transmitted to the end-point agent within a few seconds (provided there is network connectivity).
Central Data Store: A collection of databases on the back end store file watch lists, known good and known bad digital file fingerprints (whitelists and blacklists containing digital file fingerprints of known malware), priority lists and configurations, end-point configurations, last-seen lists, and the full temporal accounting of all digital file fingerprints reported by end-point agents. As new threats are identified they are added to the central data store. As files on end-points change or are edited, their new digital fingerprints are added to the central data store as well. As new threats are identified though polymorphic partial matching, they are added to the known bad list as well.
Scale, System Throughput, and Priority: A single Crush server can serve a small enterprise (100s or 1,000s of end-points), and a horizontally scalable array of Crush servers can be used to provide identification of malware for large enterprises. Similarly, databases in the central data store can be split and maintained/mirrored on several servers or run in a monolithic configuration. This makes the system highly scalable and able to be adapted to enterprises of varying sizes/scales while maintaining a good price/performance ratio. Priority lists can be designated for Crush servers such that high-priority end-points and/or high-priority malware fingerprints can be compared and identified in real-time, and similarly, low-priority lists (e.g. malware fingerprints that have not been seen in months or years) can be run in the evenings or when the system is running below normal load to ensure both immediate analysis of high-priority threats and comprehensive analysis of low-priority threats.
Integration: Several modular integration points within the product enable the straight-forward integration with 3rd party SIEM software and other reporting/management tools and systems. Distinct “notification channels” within the product are used based on the type of threat detected, the priority level of the specific threat detected, the confidence of the match (low percentage match of digital fingerprint vs high), and the location of the match (specific end-point list). Each notification channel has integration points that can be linked in with 3rd party systems so that staff are notified using software and procedures they are already familiar with and trained on (i.e., through a SIEM solution that is already begin monitored by dedicated, trained staff). Prototypes of each specific integration would need to be developed as a part of this project to match/communicate with the exact SIEM (or other) system that is in use at the deployment site in the mannemethod desired. Such a prototype would be developed for the purpose of evaluating the technical interconnectivity between systems to meet the requirements of the deployment, and following the prototype testing period, would be load-tested and stress-tested to ensure it’s performance meets the demands of a highly scalable environment, leading to a mature integration over a period of 3-6 months following the initial prototype period of 1-3 months.
Technology Section Summary: With end-points being continuously monitored by the product, both known and unknown malware threats delivered by the network and removable media will be detected and reported through SIEM system integration and direct email/SMS messages with minimal impact to the end-point (on all major OSs, including desktop and mobile). Centralized management and temporal monitoring of digital fingerprints enables the system to proactively locate and identify malware threats before zero day as well as enabling the staff to conduct their own investigations of systems either in the present or the past for forensic investigations. This makes CYBR’s BlindSpot a complete product that reaches all of the end-point devices to ensure safety and security from all types of malware threats.
The blockchain’s cyber security posture will be greatly enhanced by BlindSpot. CYBR’s executive team works with various military and federal organizations and has a deep understanding of the cyber security challenges that face the enterprise today including advanced persistent threat (APT), polymorphic and pleomorphic malware, zero day attacks and the need to locate white and black files in real time. These threats have now permeated to the blockchain and must be secured.
Company and Customers
The proposed team includes CYBR, Inc. executive management and staff. The company is a works closely with its sister company, 21st Century Technologies, Inc. (21CT), which is a HUBZone certified, Small Business entity. 21CT serves as a value added reseller (VAR) for CYBR, Inc. and is currently a teammate on the DOMino classified DHS contract as a subcontractor to Raytheon.
Existing, paying customers include Stratford University, Test Pros and Devitas. The company also has integrator and VAR partner relationships with Anomali (formerly Threatstream), Lockheed Martin (Cyber and Space) and various commercial entities, which the company believes will become paying customers in 2019.
Transition and Commercialization
Our technology is a commercially available product and commercial sales have been made. The company is actively working to scale this solution to hundreds of thousands of users, which the company has deemed do-able and is in the process of horizontally scaling.
Data Rights Assertions
CYBR, Inc. currently holds a provisional patent and incorporates other trade secrets into the solution. No unreasonable restrictions (including ITAR) are placed upon the use of this intellectual property with regards to global sales.
TRIGGER WARNING: Facts are going to be discussed. If you cannot handle facts and insist having fun your way, then NO ONE IS STOPPING YOU. submitted by
BY POLISH TAMALES JUNE 18, 2015
Lately, I've been asked questions about specific character builds in the game, many of which are the common Journalistic Integrity
teams. So after the "umpteen" time, let me break down why every little detail in the game matters. FUTURE FIGHT ISN'T JUST A BEAT-EM UP
There are some unique aspects to the game that completely separates it from Double Dragon or your average side-scrolling action game. If anything, the designers of the game already envisioned how each characters is suppose to be played are are simply stripped down for the RPG elements of faux progression. Think of it like the beginning of Castlevania: Symphony of the Night
where Alucard rolls into the castle completely God-like, only to be stripped of all his gear and power minutes later. For the rest of the game, you basically rebuild Alucard from the ground up.
So it's basically up to the players to discover what was the optimal build for each character in Future Fight. Before they were stripped of their intended power. What was Spider-Man's ISO-8 combo at Lv.50? Was Black Panther suppose to have maxed out Defense Penetration?
Before we get into the discussion further, please understand that I am not here to tell you how to have fun in the game.
You're welcome to do whatever you want in your own game. It's not my business, let alone me caring. If you're the type of person that's sensitive to game design, mechanics, etc, this isn't for you.
In other words, if you don't want to see Pluto taking off his head to reveal there's a person inside sweating profusely in Southern California summer weather, then stop reading. Ignorance is bliss.
However, if you want what's best for your characters, read on. FOCUSING
These are just some of the random gear stats that are thrown at you in the beginning of the game. Not even limited to only gear, but also ISO-8 crystals. RPGs are always open to give it's player's options to customize their characters in anyway they want. Sometimes, however, there are incorrect ways of doing it.
For most people & millennials specifically, Pokemon Red or Blue
was their first true RPG experience. The idea that you could make your Pokemon stronger by giving it more Protein or Calcium to boost their Special attacks. The wide selection gave variety to every kid's Pikachu or Charizard, but which was the correct way to go about it?
Going back, this isn't about stifling someone's fun, this is about making the correct choices to optimally build a character. To make the most out of your favorites. Marvel Future Fight shares this element of design and makes full use of ever small aspect of the game. STATS & NUMBERS
Each character is unique in Future Fight. There are no Shotos or clones. There are, however, distinct categories we can assign each character to.
More specifically, narrowing down each character's distinct play style to assign them categories, which are:
- Tank (Stationary)
- Ranged (Hit & Run)
- Rush Down (Burst Damage)
Understanding where your character falls into which category will be based on either your personal preference or more reliably, based on the majority of your peers. Tank-Type
characters rely on damage through their stationary DPS of normal attacks and specials. They need to heavily rely on high-hit points and defense in order to remain stationary for their DPS of normals to count.
An example of a Tank-type would be Captain America. Suggested ISO-8 combos would be: Stark Backing & Binary Power Ranged-type
character would have to rely on constant movement to avoid trading 1-for-1 blows and deal damage through special attacks primarily. Basically a kiting character for those MMO folks. Their Special attacks generally do not require the characters to be in close proximity to hit their target. High movement speed is recommended and HP regeneration is also a bonus in terms of ISO-8 bonuses.
An example of a Ranged-type would be Iron Man. Suggested ISO-8 combos would be: Stark Backing & Blessing of Asgard Rush Down
type characters focus primarily on maximizing all aspects of their damage output, including attack speed, damage penetration and any ability to chase down their targets ASAP through range attacks or lunging. Their focus isn't so much to survive, but to have constant pressure on their target.
An example of a Rush down character would be Daredevil. Suggested ISO-8 combos would be: Spy Tactics & Power of the Angry Hulk
So there's an additional layer of Rock/PapeScissors to this other than the in-game types as well. For these categories:
- Rush Down-type beats Ranged
- Ranged-type beats Tank
- Tank-type beats Rush Down
In order to know which category your character belongs to (before assigning them an ISO-8 combination), be aware of the gear-set bonuses assigned to them. Each character has 2 base stats per gear slot that accumulates over each upgrade.
After checking that off, see what their passive ability offers. This is rather important
since you'll see some key stats in some passive abilities. Spider-Man nullifies certain status effects for example or how Sharon Carter has a 3% Critical Ht bonus. You want to stack stats supporting this whenever possible. So in the case of Sharon, you will want to stack more Critical Hit Rate in her gear slots when you can or re-roll if possible.
Some characters aren't locked as Tank or Ranged. This is still up to your personal preference, but do not ignore signals
that the developers have set up on each character. Some characters are more customizable than others, such as Venom. Venom's passive gives him additional offensive stat boosts when he is at a weakened state. This can be effective for a "yolo" rush down character or as options that make him deadlier as a tank character in a mirror match.
Some characters are linear and are forever stuck in their categories. Captain America keeps getting more buffs through his costume and his move sets make it difficult for him to be an effective rush down/range-type. TEAM WORK MATTERS
After figuring out what roles your characters play and their optimal stats, it's time to further enhance and stack more buffs to it. The reason being is that a lot of buffs in the game will not be apparent until you stack additional bonuses to make a difference.
You could get Venom to say a 10% critical hit rate, but that won't be noticeable or as noticeable until you reach the 20% mark or higher. This goes for most stats in the game, especially Attack Speed, which is a stat you want if your character deals most of it's damage at a stationary position.
This is why Team bonus combinations are important.
They help your team reach the necessary tier for your ISO-8 & Gear slots to actually work and function.
For example, let's use the most popular team in Arena as of June 18, 2015, Journalistic Integrity.
Journalistic Integrity All Attack +5.0% Attack Speed +4.9% Max HP +5.2%
Symbiote Shock All Attack +5.5% Attack Speed +5.0% Critical Rate +4.2%
So when you look at the combined bonuses, you'll see that developers intended the team members to be built like Tanks or Rush Down characters. Closer inspection, you'll notice that there aren't any defensive buffs, at all other than the Hit Point boost. In order to make the final call, let's examine each character's Leadership ability, which will shape the team overall (assuming they're at 6-stars).
- Captain Marvel: Warbird - Energy Attack + 30%
- Spider-Man: Amazing Spider-Man - Dodge +6%
- Venom: We are Venom! - Crowd Control Time 24%
Captain Marvel's leadership only boosts herself, leaving the rest of the team without any thing. Spider-Man gives a significant boost to his already high dodge stat, if you also include his ISO-8 combo (Spider-Sense or Hawk's Eye). Depending on the rest of the team's ISO-8 combination, the extra dodge might not be enough to be noticeable. Venom's leadership is kinda okay, it just depends how the meta-game will evolve over time. Being able to resist a Web-status effect or Lightning/Fear might be huge.
Our only conclusion would be a non-linear mix of options given the buffs of Attack Speed and HP bonuses. The synergy would be determined if their ISO-8 combos gave them Attack Speed bonuses to make it worth while. If we wanted a much more focused team, you would replace Captain Marvel with Daredevil as leader. Here are the bonuses you would gain instead:
Misfortune of Fate Critical Rate +4.8% Dodge +4.6% Critical Damage +4.4%
Symbiote Shock All Attack +5.5% Attack Speed +5.0% Critical Rate +4.2%
Daredevil - Concentration of Sense - while dodging with 25% rate. Critical Rate +12% ↑ (18 sec.). Critical Damage +12% ↑ (18 sec.) (30 sec. CD)
As you can see, this set-up rewards the team members ISO-8 combinations that grant them dodge bonuses, such as Spider-Sense, Stark Backing or Blessing of Asgard. Depending on how the rest of the team is built through ISO-8, it's possible to switch between rush down to tank.
By planning ahead and reviewing the possible team combinations, you can build a much more "focused" team that utilizes their best strengths. A team like Journalistic Integrity doesn't offer much synergy, if anything, only offers throw backs and winks at comic readers and fans. Much like how Net Marble added Beauty and the Beast in the recent update between Black Widow and Hulk (their romance in Age of Ultron).
It's important to make evaluations based on ISO-8 combinations and seeing if your final team composition synergizes with it. You want to make the most out of your buffs and focus the stats that matter, not just a sprinkle across the board. You're not a five-year old playing Pokemon anymore. FINAL FANTASY REMAKE REMAKE
So that should wrap up things.
The majority of the synergy for endgame revolves around:
- Knowing what the character-type is and maximizing it
- Maxing out the correct IOS-8 combo according to the character's type, gear buffs and passive trait
- Using Team Bonuses to further enhance the IOS-8 combinations of the character
- Using the best Leadership buff to support the whole package
Questions or comments below! If you enjoyed this article and would like to see more, be sure to follow me on Tumblr (polish tamales) or on Twitter - @polishtamales
Best Binary Options Trading Signals Software 2015 - Top Binary Options Trading Signal Service Analysis Bot online Free Call and put Automated Real Time Live Signal Stream Alerts For Currency Pairs Review Best Forex Binary Options Trading Strategy 2015 Watch This Video Of 60 seconds Demo Trades Review Works in just about anywhere worldwide which includes new zealand, canada, Australia, Austria ... Best Binary Options Signals; Auto Binary Signals; Binary Options Scams; Top 10 Best Binary Options Brokers 2015. October 11, 2015 By Jordan Leave a Comment. It is fact that most people fail in trading due to improper selection of a good Binary Broker. Selection of a Binary Broker plays a vital role in trading. At present there were around 400-450 broker trading platforms. There were around ... There are numerous signals services designed for 2014 and 2015. To make money trading binary options you must make the right decision out of two possible effects. You have in order to win your trading. Over the long run, you have to win the majority of your trades. Anyone can win just one binary option trade. Just like any person can win a single hand of texas holdem. However, to win virtually ... Best Binary Options Signals Review. Best Binary Options Signals is a binary options notification of the right market situation depending on the market. People know that before starting the trade, any trader has to do a proper investigation of the asset as well as the market. This analysis can assist the trader in knowing more about the market situation and executing a better trade. http://tinyurl.com/o4d67o82015 Best Binary Options Trading Signals and Alerts in Real Time 2015,Best,Binary,Options,Trading,Signals,and,Alerts,in,Real,Time Best-Binary-Options-Signals©, its owners, employees and partners are not responsible for any losses that may result from using the services offered on this website. The information contained in these pages is provided for reference only. It should not be treated as a substitute for specific advice concerning individual situations and professional advice. It is strongly recommended that ... All new forecasts issued by Best Binary Options Signals contains all information you need to make a trade. It is very easy to understand what each signal means. From the example, you can see two signals. The first one that was sent at 12:20:03 means: the price for the asset GBPJPY at 12:30:00 will be lower than 152.322.When you will see that the price for the asset during current 15 minute ...
Free demo account https://clck.ru/RrWGe _____ binary options,binary options strategy,binary o... CLICK HERE = http://clktr4ck.com/85usbinaryoptions ----- Binary Options Pro Signals Review - Best Binary Options Make $50,000 Per Month ... Hi, guys Hi guys and welcome to NerdsHD, In today's Video Binary Options Indicator Ultimate Trend Signals. We will do a short review about Ultimate Trend Signals and how you can use it to increase ... Do not miss! DEMO ACCOUNT: https://bit.ly/2Lq3NUt You can use this strategy in binary options to win every time but you have to keep following things in mind... Binary Options Trading Signals Reviews - Learn the Best Strategies to Trade Forex Several things need to be put into consideration if you are interested in t... One minute strategy to trade price action trading signals. Watch how I use simple trading rules to increase win rate. Get 10x Trading System: https://trading... BINARY OPTIONS TRADING FOR BEGINNERS - How to Find Best Binary Options Strategy ️ TRADE ON DEMO http://iqopts.com/start ️ TRADE ON REAL MONEY http://iq... Hello Trader Toady i will share you "Best Binary Option Auto Signal Indicator" Characteristics of Indicator 1. Platform - Metatrader4. 2. Asset - Show On Ind... Welcome to the worlds most accurate binary options signals software with multiple trading platforms supported: http://bin-trade.com/ytdesc-binsoft Live Finan...