Skip to main content

The Hack on HACK

Pull up Bing (www.bing.com) and search on "Hack Fund." There you will see the PureFunds ISE Cyber Security ETF [2]. This is an exchange traded fund [1], meaning that a constellation of computers is constantly monitoring this fund's price and making long and short positions to take micro profits all through the trading day.

The fund is made up of security technology companies who are directly involved in the infosec world. You will have to become an investor in the fund to get the full prospectus of the funds that are being traded. On the PureFunds web site [2] you can see the top 10 holdings in the fund, such as IL, SAIC, PFPT, FTNT, SPLK. Wait, Splunk? Indeed, the log file analysis company, Splunk, Inc. [3], is part of the HACK fund. That's an interesting addition to the fund.

This post is not about the analysis of the holdings, but rather a warning about the fund. Recently Kaspersky Labs claimed to have been hacked by external "nation state" hackers [4]. You have to wonder why Kaspersky would ever disclose their own security breach. Kaspersky benefits from claiming to be hacked because it shows their vulnerability and lessens their "untouchable" status. This is exactly why the C.I.A. claims to have had their public web sites hacked in the past. You should doubt the sincerity of these claims from Kaspersky, or any AV software provider. These companies are just trying to manipulate the hacker's opinion on whether or not these companies are worthy of attack.

Back to the HACK fund and what it means to you. Every company listed in the holdings is an attack vector for the young and aspiring "Wind Ninja." I call them Wind Ninjas because I once tracked a team down to Uruguay and their monikers were the Japanese names for some mythical "Ninja" spirits, one in particular was a "Wind Ninja." These hackers, like you, have money in their pockets, time on their hands, but unlike you, they enjoy disrupting public opinion. Now they have a passive way of making use of their time and money. You won't be seeing much from the ransom ware people anymore because they can invest their $18M [5] in the HACK fund. Once invested in HACK, the hackers will then continue to drive more and more hacker activity, raising the public awareness (and scare-o-meter) of hacking, and thus increasing the value of their equity position.

This all reminds me of the Dilbert "$10 bug fix." (no citation, sorry) Remember that strip, where Dilbert's team gets paid $10 per bug fixed. So what does he do? Make lots and lots of bugs, and then fix them quickly, thus printing his own money. You can bet the hackers of the world are reading Dilbert and they are all moving their money into the HACK fund [8]. The growth of the fund has exceeded $1B in assets [10], which is serious money now. You can bet there will be some hefty manipulation in this fund. We have already seen some hints of it [8] after the SONY hack.

Now for some stock advice. First you get a team of hackers together, some kids from a local high school. Then you invest your money in HACK. Next, teach the kids how to hack and get them to go after some mid-level business. Once the hack is exposed, the HACK fund will go up in value, and you sell. Boom, you owe me 1% bro!

[1] https://en.wikipedia.org/wiki/Exchange-traded_fund
[2] http://www.pureetfs.com/etfs/hack.html
[3] http://www.splunk.com/
[4] http://www.eweek.com/security/kaspersky-hack-reveals-conflict-between-spy-agencies-security-firms.html
[5] http://www.darkreading.com/endpoint/fbi-cryptowall-ransomware-cost-us-users-$18-million/d/d-id/1321030
[6] http://etfdb.com/2014/inside-the-cyber-security-etf-hack-qa-with-christian-magoon
[7] http://seekingalpha.com/article/2680305-finally-a-cyber-security-etf
[8] http://www.ibtimes.com/new-cybersecurity-etf-hack-sees-shares-jump-after-sony-hack-increased-security-1763538
[9] http://www.theguardian.com/uk-news/2015/may/21/trinity-mirror-alleged-phone-hacking-payout-fund-sunday-people
[10] http://www.businesswire.com/news/home/20150618005830/en/PureFunds-ISE-Cyber-Security-ETF%E2%84%A2-HACK-Surpasses#.VZK3Bk_bKUk

Popular posts from this blog

DNS Custom Logs and selinux

If you google "named custom logs selinux" you will find quite a bit of chatter about setting up custom logs outside of /var/log for DNS (named). These posts are interesting, but they tend to be run on posts about learning selinux and becoming an expert on named. What you need to know? If you have setup custom logging locations in your /etc/named.conf file, such as:     channel default_file {         file "/var/log/named/default.log" versions 3 size 5m;         severity dynamic;         print-time yes;     }; Then you will likely see errors like this in /var/log/messages: Oct 26 11:41:13 namedsvr setroubleshoot: SELinux is preventing /usr/sbin/named from write access on the directory /var/named/chroot/var/log/named. For complete SELinux messages. run sealert -l 6eab4aaf-e615-4ade-9e88-4efdc789eaf2 Then you run the sealert command as suggested by the very friendly selinux audit log and you are told: #============= named_t ============== #!
Read more

THE RISE OF FASCIST SOCIAL MEDIA

The Merriam-Webster dictionary defines fascism as: a tendency toward or actual exercise of strong autocratic or dictatorial control .  The phrase "dictatorial control" is important for the case that I am going to make about fascism in social media. The word "dictatorial" means "of or relating to a dictator," and a dictator is "one ruling in an absolute and often oppressive way." In 2020, social media has seen a rise in the number of autocratic events of censorship. The two social media outlets that I am going to focus on are Facebook and Twitter.  Background Facebook is a semi-private curated blogging platform where you, the user, share information at your leisure. The public part of Facebook is in Facebook Groups. With a group, outside people who are not privy to your "Facebook Wall" will join your group and establish a communal discourse. This can be private, by invitation only, or public. The Facebook is auth-walled so that you must
Read more

Why Taxes Make You Feel Empty

The IRS published the tax brackets for 2022 here [1]. The tax brackets are important because they tell you how tax burden is calculated. If you've never calculated your taxes, then understand that you are taxed on a marginal bracket schedule. If you are married and a joint filer, then the schedule starts with $20,550, and has steps at $83,550, $178,150, $340,100, $431,900, and $647,850. Each bracket is a bucket of burden where the tax rate changes from 12%, to 22%, to 24%, then 32%, 35%, and finally 37%. As you fill buckets your marginal tax rate changes. This complexity is why tax accountants make bank throughout the year. Or not ... Inline is an image that is the graph of the marginal rate by income. It's the gray line that is scaled according to the right hand side axis. It's also the only line always increasing. Your taxes are always increasing, no matter how much you make. That's the start of the misery. The hyperbolic-like lines are the relative changes of income
Read more