As the Olympics Near, Brazil and Rio Let the Bad Times Roll

We are getting closer and closer to the Summer Olympics and, as they approach, more critical eyes are turned to Rio and the city’s state of preparation. The New York Times, in particular, has done a good job of synthesizing the various concerns and critiques associated with Brazil hosting the games: corruption and a functional coup have absorbed the electorate’s attention, costs are overrunning and major projects may only barely be finished on time, pollution at venues may lead to health issues with athletes, and the general economic and security conditions of the city are poor at best.

There is almost no doubt that Rio would not win the bid were they bidding for the games, today, given the state of things. But I also think that it’s important to remember that almost all countries and host-cities face incredible criticism in the run-up to any games. This was true of Beijing, of Vancouver, and of the various venues which have recently held the World Cup.

What will perhaps be most telling is the impact of the games after everyone has left. Will it be the case that the spending on infrastructure for the games prevents Rio from investing in desperately needed additional kinds of services for those worst off? Or will it be that many of the legacy improvements — such a the alert system that was set up to warn those in favelas of forthcoming major storms that could lead to mudslides — that are less talked about will genuinely improve the status of the most impoverished? And what, if anything, will be the lasting effects of Pacification that has taken place in recent years after the major events are over and the economy continues to contract?


Grand Visions Fizzle in Brazil

The NYT has an incredibly depressing view of the way that Brasil is moving forward; while much of it is shared by the citizens of that country the article is overly one-sided and generally lacks a comprehensive understanding of why some of the cost overruns and setbacks have happened. We read that environmental protections and efforts to work with aboriginal people’s have led to railroads being delayed: why were there such expectations of a smooth and quick development of such railroads in the first place? Perhaps because the ‘frictions’ of such development (i.e. environment and people living on the land) had been cast aside?

What is largely missing throughout the piece is the context: why were certain projects put forward and then abandoned? In the absence of such context we’re left with the impression that the setbacks are the result of poor management and bureaucracy but is this the case, or simply the projection of American values onto specific South American infrastructure decisions?


Did Canadian Oil Companies Get a Tip-Off from CSEC?

The Globe and Mail reports on discussions in the Canadian Senate. Specifically, Liberal Senator Wilfred Moore asked:

“Can the [Senate] leader enlighten this chamber as to what was done with the data obtained by CSEC from the Brazilian Ministry of Mines and Energy?”

Alleging that CSEC’s “cyberhacking” was intended to probe Brazil’s claims about discovering billions of barrels of oil in a new offshore-field find, Mr. Moore noted that no Canadian or U.S. corporations have joined the bidding for drilling rights in an auction that was held earlier this week in Brazil.

This is an incendiary question. If it turns out that Canadian companies didn’t bid because CSEC found Petrobras has overestimated the oil reserves in the Libra field, or if CSEC found that it was going to be harder to extract the oil that stated by the Brazilian government, then it’s a very, very big deal on the basis that the Canadian government (and extension of the department of national defence) would then be engaging in espionage on the behalf of Canadian companies.




Ian and I are going to Texas De Brazil in less than two weeks:

Treat yourself to our 50-60 item seasonal salad area including appetizers, gourmet vegetables, soups, and salads. Turn your place card to green and prepare to be swarmed by a troop of carvers generously serving various cuts of seasoned beef, lamb, pork, chicken and Brazilian sausage, all accompanied by traditional side items and house-baked Brazilian cheese bread. As you dine endlessly on Brazilian fare, let one of our in-house wine connoisseurs select the perfect pairing from our extensive, award-winning wine lists, or sip on a freshly-made signature cocktail-the Caipirinha. Complete your dining experience with one of our many decadent dessert selections, and then relax with an after-dinner drink, steaming espresso or a hand-rolled cigar and enjoy the ambiance and service perfection that is uniquely Texas de Brazil.

So, I mean, if we die in Ron Swanson’s wet dream, it’s been real, y’all. I’ll just be singing MEAT to the tune of LMFAO’S SHOTS until then (EVERY ANIMAL!).

Apologies to my non-meat-eating followers, but “Ron Swanson’s wet dream” is right; next to being in the same room as my wife, this is the thing I’m most excited for. As I said to Anaïs, we are going to feel so awesome/horrible after.

Brazilian BBQ is just a terrific experience. Was sad to not get a chance to enjoy it last time I was in Rio.


Banking Trojan Ships With Its Own Certificate

This is all kinds of badness, and speaks to malware vendors becoming increasingly sophisticated in how they are targeting low hanging fruit (i.e. random users). In essence, the attack involved getting a certificate issued and then using it to create valid digital signatures for .pdf invoice documents. Once individuals opened the invoices the malware associated with the .pdf would burrow into the OS and act as a key logger that targeted banking information.

Unfortunately, I’ve not yet seen a media article discuss the mediocre effectiveness of revoking the certificate used to sign the .pdf. The OCSP protocol is incredibly susceptible to being defeated, especially if malware already resides on the target’s computer or a point in between the target and the revocation server is controlled by the attacker (possible by setting a compromised computer to proxy traffic to a host controlled by the attacker). So, while while the cert has been revoked, this actions does not necessarily stop the malware from functioning, but just reduces the prospective attack surface. Moreover, if browser/operating system CA stores are not updated – again, possible if the attacker already controls the host – then the same attacker can convince the browser or OS to continue trusting an expired certificate.


IBM’s efforts to add ‘intelligence’ to cities – and thus make them more manageable – is an ongoing effort. While what they’ve developed in Rio is interesting, I suspect that several facets of the ‘defence mechanism’ obfuscate residents’ economic realities.

Specifically, the video notes that residents of favelas may receive text messages that warn of oncoming disasters. This is good, but misses the point that a warning system without a capacity to absorb/protect residents who are fleeing poorly-build environments is effectively useless.

While the IBM ‘smart city’ project may  make the city more intelligent, and improve daily operations, such intelligence doesn’t necessarily mean that the city can temporarily house residents of favelas in ‘safe’ areas of the city if a major disaster occurs. Unfortunately, the sale of technology in this video obfuscates this key truth of disaster preparation.