#AxisOfEasy 194: Canada’s Bill C-10 Lets CRTC Regulate User-Generated Content


Weekly Axis Of Easy #194


Last Week’s Quote was  “Most of the greatest evils that man has inflicted upon man have come through people feeling quite certain about something which, in fact, was false” … was Bertrand Russell, I don’t think anybody got it.

This Week’s Quote:  “Most of the energy of political work is devoted to correcting the effects of mismanagement of government”… by???

THE RULES: No searching up the answer, must be posted to the blog – the place to post the answer is at the bottom of the post, in the comments section.

The Prize: First person to post the correct answer gets their next domain or hosting renewal is on us.

 


In this issue:
  • New BIND vulnerabilities
  • iOS 14.5 comes with new privacy alert pop-ups
  • Google’s contact tracing app has privacy flaws
  • Digital Ocean has data breach while DC police suffer ransomware attack
  • MS researchers find Remote Code Execution in IoT Devices
  • France to use algos in detection of extremism
  • Canada’s Bill C-10 lets CRTC regulate user-generated content
  • Trudeau says vaccination passports will likely be required to travel
  • Sheryl Atkinsson on the possibilities of lab origin  
  • This week on the Axis
 
New BIND vulnerabilities

Also, a set of three vulnerabilities have been found in the BIND nameserver, which is one of the most widely used nameserver packages across the internet.

The first is within the “GSSAPI security policy negotiation mechanism for the GSS-TSIG protocol” and can be triggered remotely to crash the server. The good news there is that the default configuration of BIND doesn’t expose the exploit path, you have to have changed or set the “tkey-gssapi-keytab/tkey-gssapi-credential” for that to happen. This apparently happens most often in environments where BIND is integrated with Samba or used with Active Directory domain controllers.

This one is CVE-2021-25216.

The second one is CVE-2021-25215 has to do with how DNAME’s are processed and can lead to a crash in the server.

The last one is  CVE-2021-25214 is that a malformed IXFR request (incremental zone transfer) can also crash the server.

Read: https://www.zdnet.com/article/isc-urges-updates-of-dns-servers-to-wipe-out-new-bind-vulnerabilities/


iOS 14.5 comes with new privacy alert pop-ups

Apple’s latest iOS 14.5 comes with a new set of privacy alert pop-ups that let you know when the various apps you have installed want to share or access your data. It’s called App Tracking Transparency.

“The privacy feature requires any app that wants to track your activity and share it with other apps or websites to ask for permission.”

I think some apps may actually do this before 14.5, my Uber Eats prompted me about this the other night and I realize now that I was still on 14.4.5, I’m downloading 14.5 right now.

Read: https://www.wsj.com/articles/ios-14-5-a-guide-to-apples-new-app-tracking-controls-11619457425


Google’s contact tracing app has privacy flaws

Over on the other side of the mobile device duopoly, things aren’t going as well.

The MarkUp reports that Google’s contact tracing app, despite promising to be secure and private, had a flaw. Turns out hundreds of preinstalled apps are able to access a log file created by the contact tracing app which contains sensitive information.

Worse, when researchers from a privacy watchdog called AppCensus discovered the flaw, they notified Google in February who has so far failed to fix it. AppCensus discovered the issue in the course of work they were doing under contract with the Department of Homeland Security.

Apparently Google is moving to correct this now that The Markup has broken this story.

Read: https://themarkup.org/privacy/2021/04/27/google-promised-its-contact-tracing-app-was-completely-private-but-it-wasnt


Digital Ocean has data breach while DC police suffer ransomware attack

TechCrunch has obtained a copy of an email Digital Ocean has sent to affected customers advising them of a data breach to their customer billing data. The breach occurred over a two week stretch between April 9 and April 22 and attackers were able to access names, billing addresses, phone numbers, last 4-digits and issuing bank of customer credit cards.

DO stressed in the email that no customer logins, passwords or access to client droplets occurred in the breach.

We have not received such a notice so we’re guessing only impacted users have been notified.

Read: https://techcrunch.com/2021/04/28/digitalocean-customer-billing-data-breach/

Meanwhile the Washington DC police force was forced to admit it had been hit with the Barbuk ransomware strain after some of the data was leaked on the web. In a statement to BleepingComputer a DC spokesperson wrote:

“”We are aware of unauthorized access on our server. While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter.” – Metropolitan Police Department.”

The gang says they have obtained 205GB of unencrypted filed.
 
Read: https://www.bleepingcomputer.com/news/security/dc-police-confirms-cyberattack-after-ransomware-gang-leaks-data/


MS researchers find Remote Code Execution in MS IoT Devices

Security researchers from Microsoft have found over 25 vulnerabilities in Internet of Things (IoT) devices that utilizes memory allocation or integer overflow bugs in widely used libraries. They can lead to denial of service by crashing the devices or even Remote Code Execution.

The entire set of flaws has been called BadAlloc. The US CISA has issued advisory ICSA-21-119-04 on this, and a list of impacted devices follows:

  • Amazon FreeRTOS, Version 10.4.1
  • Apache Nuttx OS, Version 9.1.0
  • ARM CMSIS-RTOS2, versions prior to 2.1.3
  • ARM Mbed OS, Version 6.3.0
  • ARM mbed-uallaoc, Version 1.3.0
  • Cesanta Software Mongoose OS, v2.17.0
  • eCosCentric eCosPro RTOS, Versions 2.0.1 through 4.5.3
  • Google Cloud IoT Device SDK, Version 1.0.2
  • Linux Zephyr RTOS, versions prior to 2.4.0
  • Media Tek LinkIt SDK, versions prior to 4.6.1
  • Micrium OS, Versions 5.10.1 and prior
  • Micrium uCOS II/uCOS III Versions 1.39.0 and prior
  • NXP MCUXpresso SDK, versions prior to 2.8.2
  • NXP MQX, Versions 5.1 and prior
  • Redhat newlib, versions prior to 4.0.0
  • RIOT OS, Version 2020.01.1
  • Samsung Tizen RT RTOS, versions prior 3.0.GBB
  • TencentOS-tiny, Version 3.1.0
  • Texas Instruments CC32XX, versions prior to 4.40.00.07
  • Texas Instruments SimpleLink MSP432E4XX
  • Texas Instruments SimpleLink-CC13XX, versions prior to 4.40.00
  • Texas Instruments SimpleLink-CC26XX, versions prior to 4.40.00
  • Texas Instruments SimpleLink-CC32XX, versions prior to 4.10.03
  • Uclibc-NG, versions prior to 1.0.36
  • Windriver VxWorks, prior to 7.0

Read: https://www.bleepingcomputer.com/news/security/microsoft-finds-critical-code-execution-bugs-in-iot-ot-devices/


France to use algos in detection of extremism

In France, certain temporary measures which were enacted in the wake of the 2015 terror attacks there are about to be made permanent by the Macron government. Citing a new wave of lone actor terror attacks, the French government says this is necessary because these lone wolves are increasingly self-radicalizing, without being in contact with known terror groups or operatives.

This means they have to be detected algorithmically, by monitoring communications flows via non-telecom channels (social media networks, chat forums) as well as web searches. A recent knife attack was cited in which an attacker searched and viewed videos of Islamic terror attacks in the hours before the act.

Read: https://www.theguardian.com/world/2021/apr/28/france-planning-allow-use-algorithms-detect-extremist-activity


Canada’s Bill C-10 lets CRTC regulate user-generated content

Canada’s forthcoming Bill C-10 will designate the internet as a “broadcast undertaking” and put it under the purview of the CRTC for regulation and content moderation purposes. Heritage Minister Stephen Guilbeault is driving this process, he’s already said he wants to create a new entity to actively censor political speech and is willing to create a so-called “internet killswitch” to remove content that insults or denigrates politicians.

The text of Bill C-10 did include an amendment that would specifically exempt user-generated content uploaded to social media platforms from being under the purview of the incoming regulatory framework. Then, in a subsequent revision to the proposed bill, that amendment was removed. That implies that user-generated content will be subject to this new framework, although Guilbeault, when asked about this by CBC’s David Common in a video interview, stammered and jabbered like a blithering idiot for a few minutes before muttering something resembling “it doesn’t matter.”

But it probably does matter, as University of Ottawa law professor Michael Geist outlines here, and former CRTC chairman Tim Denton lays out here.

Read: http://tmdenton.com/index.php/easyblog/entry/bill-c10-and-elite-panic

And: https://www.michaelgeist.ca/2021/05/the-guilbeault-interview/

Breaking update: The NDP has announced that they will be supporting a motion to wait for a Department of Justice review of C10 for compliance with the Charter of Rights. Given the Liberals have a minority government, this is looks to put Bill C10 on ice for now (unless the CPC votes with the Libs, which these days, wouldn’t surprise me at all).  https://www.ndp.ca/news/ndp-statement-bill-c-10


Trudeau says vaccination passports will likely be required to travel

There is an old political maxim attributed to Otto Von Bismarck (apparently a distant relation, by marriage, according to family lore) that advises “never believe anything until it has been officially denied.” Today’s equivalent would be former Eurozone head Jean-Claude Junker: “When it gets serious, you have to lie.”

In January Canada’s Trudeau the 2nd said that there were “no plans for vaccine passports,” citing them as “divisive.” As recently as March he warned that they would raise questions of “fairness.”

Now, it appears, Trudeau has gotten the memo: Canadians should expect vaccine passports as a requirement to travel. Having said that, he declined to clarify what that meant exactly, whether vaccinated travellers can enter Canada, or whether returning Canadians who are vaccinated would still have to be incarcerated at these accursed internment hotels.

Read: https://www.ctvnews.ca/politics/vaccine-passports-to-be-expected-but-canada-not-ready-to-set-terms-yet-trudeau-1.5404349

Speaking of the latter, the Justice Center for Constitutional Freedom went to bat on that very issue, seeking an injunction against the federal government from forcing their applicants to quarantine at designated hotels, instead of at home, as travellers entering via land are permitted to do.

While the injunction was denied, the judge did acknowledge that serious Section 7 and 9 issues exist (In the Charter of Rights and Freedoms), the Constitutionality of which will be assessed at a hearing June 1 – 3. I’m glad somebody is putting many of these measures to the legal test, and that’s why I am personally 
donating monthly to the JCCF.

Read: https://www.jccf.ca/federal-court-rules-isolation-hotels-violate-charter-protection-against-arbitrary-detention-declines-to-issue-injunction/


Sheryl Atkisson on the possibilities of COVID lab origin  

It’s not really permissible to talk about the possibility that COVID-19 originated in a lab. Zerohedge was deplatformed for being the first to connect a few dots about it, but after about a year, and at least one Nobel Laureate for Medicine and a former CDC head going on record as saying this came from a lab in Wuhan; a few intrepid news outlets and journalists are finally touching this third-rail of civil discourse.

I’ve read Sharyl Attkisson’s previous books on media bias and read some of her material on big pharma and overall find her to be credible. She’s done a deep dive into this story and put out a comprehensive exposé, meticulously documented and easily checkable, which is accompanied by a 10-minute mini-documentary. The bullet points are:

  • Numerous scientific insiders are signing onto the “lab origin” theory for Covid-19 and a link to controversial research funded by your tax dollars.
  • High profile health figures who have worked to “debunk” lab origin questions are linked to funding and vaccine research partnerships with China’s Wuhan Institute of Virology (WIV).
  • The U.S.- Chinese research involved genetically engineering bat coronavirus to make it infect human airway cells in mice, in order to invent vaccines and other therapeutics.
  • U.S. taxpayer money supported the controversial vaccine research with Chinese scientists through the National Institutes of Health (NIH) and the U.S. Agency for International Development (USAID). Some support came from the National Institute of Allergy and Infectious Diseases (NIAID), led by Dr. Anthony Fauci.

What she’s detailing here is in line with previous data points we’ve covered before here in AxisOfEasy, specifically that former Nobel Laureate Luc Montagnier’s belief that COVID-19 had to have been modified in a lab (western media diligently ignoring him).

Read: https://sharylattkisson.com/2021/05/video-exclusive-investigation-separating-rumor-from-fact-on-covid-19s-origin/

While the origin of the COVID-19 virus might appear out of our wheelhouse, I mention it here as an example of a narrative that seems to be marginalized by the incumbent press, not to mention a frequent target of institutional and coordinated deplatforming campaigns.



This week on the Axis

There was no AxisOfEasy Salon last week, we should be on for this Thursday, in the meantime I was a guest on Brian Jackson’s Tech Insights show to discuss the mystery move of that YUGE block of IP addresses from the US DoD to a shadowy pentagon contractor.

Also an interview I did several weeks ago with Dr. Bradley Werrell just came out yesterday. Fascinating guy and an interesting talk.

Watch: https://www.bradleywerrell.com/podcast-library/how-to-prepare-for-the-great-reset-and-win-mark-jeftovic

And: https://anchor.fm/techinsights/episodes/Who-took-control-of-the-Pentagons-IP-space-and-why-e105iqa
 

3 thoughts on “#AxisOfEasy 194: Canada’s Bill C-10 Lets CRTC Regulate User-Generated Content

  1. Re Sharyl Attkisson and her Batshit-crazy ideas…
    So she says Covid-19 originated in a lab, huh? And she’s in company with that nutbar Nobel Prize winner from France, who has universally been pooh-poohed by the ‘normal’ scientific community. So he won a Nobel Prize. So did Bobby Dylan, but I wouldn’t want the latter teaching my grand-kids English Literature.

    What next? Will Axis of Easy promote Montagnier’s theories about how water has “memory”? And that is how homeopathy works?
    How about having Robert F. Kennedy Jr. as a guest panelist? He could explain to us why computer viruses are all in your head, because there was Mercury in your laptop’s batteries!

  2. Sharyl Attkisson – come on she’s a conspiracy nut job – please keep this crap out of your briefings. About to loose yet another subscriber

Leave a Reply

Your email address will not be published. Required fields are marked *