Meet the Italian government’s Orwellian new automated tax snitch

By the end of the 3rd century AD, the finances of ancient Rome were in terminal crisis.

Years and years of debasing the currency had resulted in severe hyperinflation– a period of Roman history known as the Crisis of the Third Century (from AD 235 through AD 284).

During the time of Julius Caesar, for example, the Roman silver denarius coin was nearly 98% pure silver.

Two centuries later in the mid-100s AD, the silver content had fallen to 83.5%.

And by the late 200s AD, the silver content in the denarius was just 5%.

As the money continued to be devalued, prices across the Empire skyrocketed.

Wheat, for example, rose in price by over 4,000% during the first three decades of the third century.

Rome was on the brink of collapse. And when Emperor Diocletian came to power at the end of the third century, he tried to stabilize the economy with his ill-fated Edict on Wages and Prices.

Diocletian’s infamous decree fixed the price of everything in the Empire. Food. Lumber. Salaries. Everything.

And anyone caught violating the prices set forth in his edict would be put to death.

Another one of Diocletian’s major policies was reforming the Roman tax system.

He mandated widespread census reports to determine precisely how much wealth and property each citizen had.

They counted every parcel of land, every piece of livestock, every bushel of wheat, and demanded from the population increasing amounts of tribute.

And anyone found violating this debilitating tax policy was punished with– you guessed it– the death penalty.

Needless to say, Diocletian’s reforms didn’t work.

Every high school economics student knows that wage and price controls don’t work… and that excessive taxation bankrupts the population.

But that doesn’t stop governments from trying the same tactics over and over again.

Fast forward about seventeen centuries and Italy is once again in the same boat.

The Italian government is one of the most bankrupt in the world; its debt level is an unbelievable 132% of GDP– and rising.

In other words, the Italian government’s debt is substantially larger than the value of the entire Italian economy.

It’s almost as bad as Greece, and it grows worse each year as the national government routinely runs budget deficits.

Their only solution, of course, is hiking taxes and increasing regulation… exactly the opposite of what they should be doing.

And, just like the ancient Romans, the government is on a witch hunt for anyone they think (in their sole discretion) might be dodging taxes.

They already have a system in place called the redditometro, an automated tool for the tax authorities to comb through income and expense records of Italian residents.

The algorithm finds anyone whose expenses were higher than his/her income and presumes that s/he has been evading taxes.

The irony here is pretty profound given that the Italian government itself has expenses that are higher than its income.

After all, that’s how it ended up with such a prodigious debt level.

Earlier this month, however, the Italian tax authorities rolled out a brand new tool called risparmiometro. And this one is really insidious.

Risparmiometro goes through ALL financial records– credit card transactions, bank accounts, investment accounts, etc. to determine whether or not someone has too much savings relative to his/her occuption.

Think of the implication.

Under the redditometro system, if you spend too much money, they think you’re evading taxes.

But under the risparmiometro system, if you save too much money, they think you’re evading taxes.

Unbelievable.

But it gets better.

Risparmiometro (the new tool) also looks at bank activity to see how frequently you’re using the account.

And if you’re not using the account frequently enough, the government assumes that it’s because you’re dealing in cash… and evading taxes.

I have no doubt that there’s a substantial amount of tax evasion in Italy.

I spend several weeks in the country every summer, and I see how much people and businesses are suffering.

And they’re definitely coming up with creative ways to survive.

But rather than take the necessary steps to liberate the economy, the government continues to double down on more taxes and more regulation… and then invest their remaining energy to develop new tools to spy on their citizens.

Two key points here:

1) Nearly ALL bankrupt governments invariably resort to this tactic at some point.

2) It’s also a great way to engineer a banking crisis.

Think about it– Italy’s banks are already teetering on collapse. Some have already failed, others are almost there.

If Italians know that the government is spying on every transaction they make (or don’t make), who in his/her right mind would want to keep money in an Italian bank?

Anyone with half a brain will be moving funds to Switzerland or Austria.

Italy’s banks are so fragile, though, that they won’t be able to survive if even a small percentage of their depositors flee.

So as the Italian government rolls out this new tool in the latest campaign of its tax jihad, they’re all but guaranteeing widespread bank failure.

It’s genius.

Advertisements

NEW ESR19! GLOBAL BANKING & FINANCIAL SYSTEM SHIFT: ​SATURN IN CAPRICORN 2018-2020 PREDICTIONS​

via NEW ESR19! GLOBAL BANKING & FINANCIAL SYSTEM SHIFT: ​SATURN IN CAPRICORN 2018-2020 PREDICTIONS​

Hacker News: A Single-Character Message Can Crash Any Apple iPhone, iPad Or Mac

iphone-crash

Only a single character can crash your iPhone and block access to the Messaging app in iOS as well as popular apps like WhatsApp, Facebook Messenger, Outlook for iOS, and Gmail.

First spotted by Italian Blog Mobile World, a potentially new severe bug affects not only iPhones but also a wide range of Apple devices, including iPads, Macs and even Watch OS devices running the latest versions of their operating software.

Like previous ‘text bomb’ bug, the new flaw can easily be exploited by anyone, requiring users to send only a single character from Telugu—a native Indian language spoken by about 70 million people in the country.

Once the recipient receives a simple message containing the symbol or typed that symbol into the text editor, the character immediately instigates crashes on iPhones, iPads, Macs, Apple Watches and Apple TVs running Apple’s iOS Springboard.

Apps that receive the text bomb tries to load the character, but fails and refuses to function properly until the character is removed—which usually can be done by deleting the entire conversation.

iphone-crash-telugu-character

The easiest way to delete the offending message is by asking someone else to send a message to the app that is crashing due to the text bomb. This would allow you to jump directly into the notification and delete the entire thread containing the character.

The character can disable third-party apps like iMessage, Slack, Facebook Messenger, WhatsApp, Gmail, and Outlook for iOS, as well as Safari and Messages for the macOS versions.

Telegram and Skype users appear to be unaffected by the text bomb bug.

Apple was made aware of the text bomb bug at least three days ago, and the company plans to address the issue in an iOS update soon before the release of iOS 11.3 this spring.

The public beta version of iOS 11.3 is unaffected.

Since so many apps are affected by the new text bomb, bad people can use the bug to target Apple users via email or messaging or to create mass chaos by spamming the character across an open social platform.

Wang Wei - Hacking News
Security Researcher and Consultant for the government, Financial Securities and Banks. Enthusiast, Malware Analyst, Penetration Tester.

Hacker News: Microsoft Won’t Patch a Severe Skype Vulnerability Anytime Soon

skype-hacking

A serious vulnerability has been discovered in Microsoft-owned most popular free web messaging and voice calling service Skype that could potentially allow attackers to gain full control of the host machine by granting system-level privileges to a local, unprivileged user.

The worst part is that this vulnerability will not be patched by Microsoft anytime soon.

It’s not because the flaw is unpatchable, but because fixing the vulnerability requires a significant software rewrite, which indicates that the company will need to issue an all-new version of Skype rather than just a patch.

The vulnerability has been discovered and reported to Microsoft by security researcher Stefan Kanthak and resides in Skype’s update installer, which is susceptible to Dynamic Link Libraries (DLL) hijacking.

According to the researcher, a potential attacker could exploit the “functionality of the Windows DLL loader where the process loading the DLL searches for the DLL to be loaded first in the same directory in which the process binary resides and then in other directories.”The exploitation of this preferential search order would allow the attacker to hijack the update process by downloading and placing a malicious version of a DLL file into a temporary folder of a Windows PC and renaming it to match a legitimate DLL that can be modified by an unprivileged user without having any special account privileges.

When Skype’s update installer tries to find the relevant DLL file, it will find the malicious DLL first, and thereby will install the malicious code.

Although Kanthak demonstrated the attack using the Windows version of Skype, he believes the same DLL hijacking method could also work against other operating systems, including Skype versions for macOS and Linux.

Kanthak informed Microsoft of the Skype vulnerability back in September, but the company told him that the patch would require the Skype update installer go through “a large code revision,” Kanthak told ZDNet.

So rather than releasing a security update, Microsoft decided to build an altogether new version of the Skype client that would address the vulnerability.It should be noted that this vulnerability only affects the Skype for the desktop app, which uses its update installer which is vulnerable to the DLL hijacking technique. The Universal Windows Platform (UWP) app version available from the Microsoft Store for Windows 10 PCs is not affected.

The vulnerability has been rated as “medium” in severity, but Kanthak said, “the attack could be easily weaponized.” He gave two examples, which have not been released yet.

Until the company issues an all-new version of Skype client, users are advised to exercise caution and avoid clicking on attachments provided in an email. Also, make sure you run appropriate and updated anti-virus software that offers some defence against such attacks.

This is not the first time Skype has been dealing with a severe security flaw. In June 2017, a critical flaw in Skype was revealed before Microsoft released a fix for the issue that allowed hackers to crash systems and execute malicious code in them.

Last month, among several messaging applications, Skype was also dealing with a critical remote code execution vulnerability in Electron—a popular web application framework widely-used in desktop applications.

Swati - Hacking News
Technical Writer, Security Blogger and IT Analyst. She is a Technology Enthusiast with a keen eye on the Cyberspace and other tech related developments.