Cyberpunk is Dead!

Yeah sure, on the 1st of April only! Enjoy this marvelous cyberpunk compilation with Juno Reactor as a background music. A group whose works such as Pistolero and Rotor Blade continue reminding me of the good old school psychedelic vortexes we used to spin in -- that's of course in a previous life.

Continue reading →

Cyber Traps for Wannabe Jihadists

I guess that's what happens when you don't have a single clue on where the real conversation and recruitment is happening, so you decide to create your own controlled jihadi communities to monitor. A case study on false feeling of effectiveness in Australia :

"FEDERAL police are setting up bogus jihadist websites to track extremists who use cyberspace to recruit followers and plan attacks. The undercover operation, disclosed yesterday by Australian Federal Police Commissioner Mick Keelty, is an assault on arguably the most powerful weapon of the global jihadist movement, the internet. Mr Keelty said police were working closely with foreign governments and the military's Defence Signals Directorate. "We have worked with some foreign countries through our undercover program, establishing our own websites, to capture some of the activities that are going on on the internet," he told a security conference in Sydney."

"Some of the activities" will have absolutely nothing to do with the real situation, and even if someone bothers to open up a discussion on your second hand jihadi site, it'll be a classic example of a moron. Fighting for a share of the online jihadi traffic is so unpragmatic, unnecessary, time and resource consuming that you'd better rethink the entire idea, emphasize on intelligence data sharing with other countries in case you cannot monitor the emergence of local communications, and keep an eye on them.

Meanwhile, a talk on the street is heating up :
- Hello underaged kids, I see you're having trouble getting hold of some quality Russian vodka over here in front of that store, I can probably give you hand with this?
- Yes, please, please!!!
- Aha! Agent Temptation from the Thought Police here, you're busted for desiring to drink alcohol even without drinking it! Put your tongues on your head so I can see them!

In the long term we may actually have a real-life bomber confessing of visiting online jihad community before the plot took place, that, ooops, happens to be one of the fake ones. Now we have double ooops. Many other related posts to provide you with an overview of the big picture and a countless number of budget allocation myopia failures that emphasize on technological approaches to detecting radical jihadi propaganda, whereas cyber jihadists and future terrorists are getting efficient in generating "noise sites", ones your crawlers are so good at picking up. Continue reading →

IMSafer Now MySpace Compatible

MySpace, the world's most popular social networking site, and an online predator's dream come true has been actively discussed since the very beginning in respect to the measures News Corp's property takes to prevent child abuse through the site. Let's face the facts, of course underaged kids will confirm they're over 18/21 in order to use the site, and of course online predators will continue finding ways to socially engineer a online contact with the ultimate idea to meet in the physical world. Why? Because children provide way too much sensitive information in order to virtually socialize and meet new buddies, thus indirectly helping pedophiles pinpoint key "contact points" in the future. If you as a parent start paranoia-ing around, you'll end up with the wrong conclusion that the risks are not worth the benefits, totally forgetting that forbidden fruits taste much better and it's children we're talking about -- they break the established rules in principle. No matter the registration procedures in place, you cannot stop an online predator registering and communicating with children at the site, what you can do however is educating your children, and emphasizing on filtering not spying activities in order to protect them.

The team behind IMSafer, a service which I covered in a previous post, have realized the potential benefits of introducting a MySpace compatibility, and so it recently became a reality :

"IMSafer's updated language-analysis engine can scan individual MySpace postings for potentially dangerous, threatening or sexually explicit content, the company said. Users can download the tool from the company's Web site, said Brandon Watson, CEO and founder of the company. Traditional parental control software generally can filter and block Web sites but can't identify possible dangerous interactions on increasingly popular social networking sites such as MySpace, he said. While most sexual solicitations of children still come through instant messaging software, online predators are increasingly using MySpace to initiate contact with potential victims, Watson added."

Don't forget the bottom line, if you're in a fragile relationship with your kids, pretty much anyone online could take advantage of their vulnerable condition. The irony goes that people you've never met will show more respect to you than the people you actually fight to get respect from. From a children's perspective that's you parents! Here are several more articles worth going through, especially this post-event response to what's an internal problem to me. Continue reading →

Real Time Spam Shredding

Wednesday's portion of hahaha-ing. This is the work of a pragmatic genious, the revenge of the nerds or call it whatever you want the idea is simple - what gets detected as spam gets printed and shred in real-time for interactivity. How much would it cost for a Fortune 500 organization to implement such a feature, a "fortune" by itself for sure, but an anti-spam vendor looking to differentiate its headquarters might be interested in implementing such a system for their corporate clients to see while walking around.

"Spamtrap" is an interactive installation piece the prints, shreds and blacklists spam email. It interacts with spammers by monitoring several email addresses I have created specifically to lure in spam. I do not use these email addresses for any other communication. I post individual email addresses on websites and online bulletin boards that cause them to be harvested by spambots and then to start receiving spam. Because I know that all email sent to these email addresses are spam, I have set the installation to print and then shred each email as it arrives."

Read more about the Spamtrap in this blog. There's simply so much spam these days, you can even create large data sets in order to render surrealistic spam art paintings, no kidding. Continue reading →

You've Got Something in Your Eye

Or that's what the always getting bigger, Big Brother says :

"Avigilon's 16 megapixel cameras are the first surveillance cameras that can continuously monitor large fields of view while maintaining high levels of detail. In the past, security professionals have had to rely on opto-mechanical PTZ cameras for wide field of view surveillance and were forced to make a tradeoff between field of view and image detail. Avigilon's 16 megapixel cameras provide a superior solution for post incident investigation because they provide detailed images of the entire field of view, without the requirement of an operator to control the camera."

I like the press release debunking the idea of real-time incident prevention due to CCTV surveillance compared to historical performance and analyzing past events. Not that's it's not possible, but the investments are not worth the ROI, and if self-regulation is the single most visible return on investment here, that's a bad deal. But in reality, keep on living in a CCTV myopia world, where covering the "blind spot" of one camera gets covered by installing another one, and the "blind spot" of the second one gets covered by a third one. It's about time your CCTV expenditures start declining given reasonable metrics defining a successful investment appear soon.

Now let's hope these cameras never get installed in public restrooms, shall we? Continue reading →

Ghosts in the Keyboard

KeyGhost is a nasty type of hardware keylogger that if ignored as a concept can truly expose a lot of data, with one downsize - the logged data has to be retrieved physically in the very same fashion the keylogger got installed. Here's how the six-year-olds do it :

"A six-year-old girl has successfully hacked into the UK Parliament's computer system, installing a keylogger onto an MPs machine. Guildford MP Anne Milton agreed to leave her computer unattended for 60 seconds as part of a test of House of Commons IT security by the BBC's Inside Out programme. Brianagh, a schoolgirl from Winchester, took just a quarter of that time to install the keylogging software without being noticed. Such easily available applications record all the keystrokes made on a machine and can therefore be used to steal passwords, financial data and personal information."

The article starts by mentioning the software and ends up with a quote on the "device" itself. The story is a great wake up call, especially the six-year-old girl part, as it will position the computer system's security as an extremely weak one in the minds of the masses, no wait the tax payers. But age doesn't really matter here, it's the idea that the majority of insecurities have an outside-towards-inside trend, namely they come from the Internet, not from within as we see in this case. In case you're interested, there're already various business development activities in releasing a laptop based PCI card keylogger given the obvious incompatibilities with a PC.

Related posts:
USB Surveillance Sticks
Espionage Ghost Busters
Continue reading →

Take this Malicious Site Down - Processing Order..

Yet another pay-pal-secure-login.tld domain gets registered, and even more ironic in its directory listings you'll be able to digg out several other financial institutions and online companies logins, even competitors. Financial institutions cannot cope with the level of such registered domains and some -- even after reported to the usual abuse account -- remain active for weeks to come. So how do you protect these businesses and cash in between for doing so? Looks like RSA are diversifying their service from phishing hosting sites to malware hosting ones :

"EMC's RSA division plans to launch a new service next month that will help financial institutions take down Web sites associated with malicious Trojan Horse software. The service is planned as an extension to the FraudAction phishing takedown service already offered by RSA, said Louie Gasparini, co-chief technical officer with RSA's Consumer Solutions unit. "We're leveraging the same infrastructure we already have in place... and now we're focusing our attention on how Trojans work," he said. Gasparini said he expects financial services companies, auction sites, and online merchants to use the service. "It's really allowing the institution to better protect its customers," he said."

Can RSA really cash in by re-intermediating the current communication model, and most importantly do a better job? It can sure allow the targeted companies to focus on innovation and growth, not on online impersonation attacks so I find this a sound product line extension, but need more performance stats to offer valuable recommendations.

According to the latest Anti-Phishing.org report, the threatscape looks very favorable in respect to communicating with the major country hosting phishing sites - the U.S, followed by China and South Korea. In between companies diversifying their portfolios of services and products, there's one other thing to keep in mind and that's how can you achieve the same results in more cost effective way than the commercial propositions? And can you actually? Do you even have to dedicate financial resources to shut down these sites compared to educating your customers on how to use their brains? Ask yourself these questions before losing it in a budget allocation myopia. Something else to keep in mind - ISPs will also start getting interested in the idea of equal distribution of revenues given the sound business model.

Related posts:
The Phishing Ecosystem
Anti-phishing Toolbars - Can You Trust Them?
Google's Anti-phishing Black and White Lists
Continue reading →

Tricking an UAV's Thermal Imagery

Give me a hug so that we become "thermally one" for the thermal paparazi to see. When you know how it works you can either improve, abuse or destroy it. Very interesting abuse of technology by the people knowing how it works :

"The Marines cuffed Awad and took him to a nearby bomb crater. At this point the drone approached for its first pass overhead. One of the group moved forward and dug a hole at the crater, while the others posed with Awad behind a wall. The recorded thermal imagery from the aircraft seemed to show troops watching an insurgent digging by the road, perhaps to place a bomb. After the drone had passed, the group moved Awad forward to the hole. But at this point the surveillance platform returned, so one of the Marines wrapped himself around Awad so as to create a single thermal signature, disguising the captive's presence."

If you're under thermal surveillance a cold shower's your invisibility coat if one's available. Wired has some photos on this story. Continue reading →

Zoom Zoom Zoom - Boom!

If you could only eradicate the radicalization of immature islamic youth over the Internet with the push of a button. Great surgical shot!

Continue reading →

A Documentary on CCTVs in the U.K

Every breath you take, every move you make, I'll be watching you. Used to be a great song, but has a disturbing context these days. Nino Leitner's EveryStepYouTake documentary on the state of surveillance in the U.K will premier this month, and I suspect the full version will be made available for the world to see too :

"Trying to answer questions like these, Nino Leitner’s one-hour documentary “EVERY STEP YOU TAKE” digs deep into an entirely British phenomenon: nation-wide video surveillance. It features formal interviews with the surveillance researcher Professor Clive Norris, Deputy Chief Constable Andy Trotter from the British Transport Police, a representative of Britain’s largest civil rights group Liberty, a CCTV manager from a public local CCTV scheme, experts in the field of transport policing and many more. The surveillance reality in Britain is compared with another member of the E.U., Austria. Compared to the UK, it can be seen as a developing country in terms of CCTV, but just as elsewhere all over the world, politicians are eager to extend the surveillance gaze."

Here's an animation to help you explain what surveillance means to your cat, another one fully loaded with attitude, and let's not exclude the big picture.

Related posts:
London's Police Experimenting with Head-Mounted Surveillance Cameras
Head Mounted Surveillance System
Eyes in London's Sky - Surveillance Poster
External links
Continue reading →

Unsigned Code Execution in Windows Vista

Nitin Kumar and Vipin Kumar are about to present the Vbootkit at the upcoming Blackhat and HITB cons :

"We have been recently researching on Vista. Meanwhile, our research for fun lead us to some important findings. Vista is still vulnerable to unsigned code execution.vbootkit is the name we have chosen ( V stands for Vista and boot kit is just a termed coined which is a kit which lets you doctor boot process).vbootkit concept presents how to insert arbitrary code into RC1 and RC2, thus effectively bypassing the famous Vista policy for allowing only digitally signed code to be loaded into kernel. The presented attack works using the custom boot sectors.Custom boot sector are modified boot sectors which hook booting process of the system & thus, gains control of the system. Meanwhile, the OS continues to boot and goes on with normal execution."

Vulnerabilities are an inevitable commodity, they will always appear and instead of counting them on an OS or software basis, consider a vendor's response time while following the life of the security threat. I never actually liked the idea of an insecure OS, to me there're well configured and badly configured OSs in respect to security, but then again if you're a monocultural target the way Microsoft is, you'll always be in the zero day spotlight. A security breach will sooner or later hit your organization, don't talk, act and pretend you're 100% secure because you cannot be. Instead a little bit of proactive measures balanced with contingency planning to minimize the impact is what should get a high priority in your strategy. Here's a related post.

Cartoon courtesy of Userfriendly.org Continue reading →

A Fortune 500 Blogosphere? Not Yet

Enterprise 2.0 is slowly gaining grounds and you cannot deny it despite top management's neutral position on yet another major "Reengineering of the Corporation". Supply chain management was perhaps among the first departments to really utilize the power of real-time information, and interoperable data standarts -- a mashup-ed ecosystem -- but improving your employees productivity through Web 2.0 tools such as intranet blogs and wikis remains just as unpopular as actual Fortune 500 companies blogging? But how come? Lack of evangelists? Not at all. There's one minor obstacle, you cannot teach an old dog new tricks, unless of course you dedicate extra investments into training him, which is exactly what I feel is happening at the corporate stage - everyone's patiently waiting for the concepts to mature before training and implementation happen for real. What's the current attitude towards external Web 2.0 activities? A Fortune 500 blogosphere isn't emerging as fast as the mainstream one is according to the Fortune 500 Business Blogging Wiki :

"a directory of Fortune 500 companies that have business blogs, defined as: active public blogs by company employees about the company and/or its products. According to our research, 40 (8%) of the Fortune 500 are blogging as of 10/05/06. The navigation sidebar to the right lists all the Fortune 500 companies. The list below are the ones that we've found so far that have public blogs as defined above. Please help us by entering data on those we've missed. ONLY Fortune 500 companies, please. If you're not sure if it's on the F500 list (it includes US companies only), check the sidebar. If it's not there, consider adding it to the Global 1,000 Business Blogging page instead."

I think the main reason behind this are the inevitable channel conflicts that will arise from let's say Pfizer's blogging compared to using the services of their traditional advertising and PR agencies -- I also imagine a links density analysis of their blog indicating the highest % of links pointing to Erowid.org. But ask yourself the following, what if these very same agencies start offering bloggers-for-hire in their portfolio of services, would the big guys get interested then? Or when will they start understanding the ROI of blogging? Continue reading →

Video on Analyzing and Removing Rootkits

Courtesy of WatchGuard part three of their malware analysis series walks you through various commercial and free utilities for detecting and removing rootkits :

"In this episode, Corey and his Magic White Board show how kernel mode rootkits work. Also covered: recommended tools and techniques for detecting and removing rootkits."

Continue reading →

Jihadists Using Kaspersky Anti Virus

I wonder what are the low lifes actually protecting themselves from? Malware attacks in principle, or preparing to prevent a malware infection courtesy of an unamed law enforcement agency given their interest in coding malware :

"German police officials have expressed interest in developing software tools to help them surveil computer users who may be involved in crime. The tools might include types of software similar to those used in online fraud and theft schemes, such as programs that record keystrokes, logins and passwords. Security companies, however, are asserting that they wouldn't make exceptions to their software to accommodate, for example, Trojan horse programs planted by law enforcement on users' computers."

This is a very contradictive development that deserves to be much more actively debated around the industry than it is for the time being. Law enforcement agensies and intelligence agencies have always been interested in zero day vulnerabilities and firmware infections, thus gaining a competitive advantage in the silent war. Among the most famous speculations of an intelligence agency using malicious code for offensive purposes is the infamous CIA infection/logicbomb of Russian gas pipeline :

"While there were no physical casualties from the pipeline explosion, there was significant damage to the Soviet economy. Its ultimate bankruptcy, not a bloody battle or nuclear exchange, is what brought the Cold War to an end. In time the Soviets came to understand that they had been stealing bogus technology, but now what were they to do? By implication, every cell of the Soviet leviathan might be infected. They had no way of knowing which equipment was sound, which was bogus. All was suspect, which was the intended endgame for the operation. The faulty software was slipped to the Russians after an agent recruited by the French and dubbed "Farewell" provided a shopping list of Soviet priorities, which focused on stealing Western technology."

Excluding the spy thriller motives, nothing's impossible the impossible just takes a little while, and the same goes for SCADA devices vulnerabilities and on purposely shipping buggy software. Anti virus vendors will get even more pressure trying to protect their customers from not only the malware released by malware authors, but also from the one courtesy of law enforcement agencies. Cyber warfare is here to stay, no doubt about it, but using malware to monitor suspects will perhaps prompt them to keep an eye on the last time their AV software got updated, and still keep pushing the update button in between. Continue reading →

ASCII Art Spam

A spammer's biggest trade off - making it through anti-spam filters doesn't mean the email receipt will even get the slightest chance of understanding what he's about to get scammed with.

"We have seen SPAM using ASCII ART in order to avoid being detected by antispam filters. Most of the times, they try to show different words (Viagra, etc.) using this technique, but this is the first time I have seen them showing a picture. It is not a very high quality one, but I’ve tried it with some different antispam filters and they have been fooled."

Here's an old school ASCII generator you can play around with, and a related image from a previous post on overperforming spammers. Continue reading →

The Underground Economy's Supply of Goods

Symantec (SYMC) just released their latest Internet Security Threat Report, a 104 pages of rich on graphs observations, according to the data streaming from their sensor network :

"Volume XI includes a new category: “Underground Economy Servers”. These are used by criminals and criminal organizations to sell stolen information, including government-issued identity numbers, credit cards, bank cards and personal identification numbers (PINs), user accounts, and email address lists. To reduce facilitating identity theft, organizations should take steps to protect data stored on or transmitted over their computers. It is critical to develop and implement encryption to ensure that any sensitive data is protected from unauthorized access."

In between their coverage on various segments such as vulnerabilities, phishing, spam, and yes malware despite that I'm having my doubts on SMTP as the major propagation vector on a worldwide scale, I came across to a nice figure summarizing their encouterings while browsing around various forums and web sites.

The question is - why are these underground goods cheaper than a Kids' menu at McDonalds as I've once pointed out at O'Reilly's Radar post on spamonomics? Because in 2007 we can easily speak of "malicious economies of scale" thus, profit margin gains despite the ongoing zero day vulnerabilities cash bubble at certain forums, doesn't seem to be that very important. So can we therefore conclude that greed isn't the ultimate driving force, but trying to get rid of the stolen information in the fastest way possible in between taking into consideration its dissapearing exclusiveness with each and every minute? The principle goes that a dollar earned today is worth more than a dollar earned tomorrow, but how come? Simple, by tomorrow the exclusiveness of your goods might by just gone, because the affected parties detected the leaks and took actions to prevent the damage.

Issues to keep in mind regarding the graph:
- Harvested spam databases have been circulating around for years and so turned into a commodity, for instance, I often come across geographically segmented databases or per email provider segmented ones, not for sale, but for free. So how come the "good" is offered for free? It's obviously fine for the "good" to be offered for free when there's a charge for service, the service of verifying the validity of the emails, the service of encoding the message in a way to bypass anti spam filters, and the service of actually sending the messages

- Where's the deal of a malicious party when selling an online banking account with a $9,900 balance for just $300? For me, it's a simple process of risk-forwarding to a party that is actually capable of getting hold of the cash

- Yahoo and Hotmail email cookies per piece? Next it will be an infected party's clickstream for sale, and you'll have the malicious parties competing with major ISPs who are obviously selling yours for the time being.

- Compromised computers per piece? Not exactly. Entire botnets or the utilization of the possible services offered on demand for a price that's slightly a bit higher than the one pointed out here.

Psychological imagation is just as important as playing a devil's advocate to come up with scenario building tactics in order to protect your customers and yourself from tomorrow's threats.

Related images:
- surveying potential buyers of zero day vulnerabilities in order to apply marginal thinking in their proposition
- advertisement for selling zero day vulnerabilities
- listing of available exploits
- zero day vulnerabilities shop, I'm certain it's a PHP module that's currently hosted somewhere else
- the WebAttacker toolkit
- The RootLauncher
- The Nuclear Grabber and geolocated infections-- site dissapeared already
Continue reading →

Subconscious Search Monopoly Sentiments

And hey, that's from someone attending the Microsoft MVP for N-th time :

"I was invited to attend the Microsoft MVP Summit last week. If you want to know what the Summit is about or what a MS MVP is, Google is your friend."

Microsoft's MVP is a great corporate citizenship tool, whereas empowering and crediting the individual on a wide scale compared to internal reputation benchmarking is an indirect use of the "act as an owner" management tactic -- implement it. Supporting existing standarts -- look up interoperability -- benefits us all, reinventing the wheel without an unique vision besides ever increasing (projected) profit margins, wouldn't even benefit the company in the long term.

If you truly want to disrupt, disrupt by first (legally) taking the advantage of using someone else's already developed foundations to do so, the rest is attitude and hard to immitate competitive advantages. Good brainstorming questions in Anil's post whatsoever. Continue reading →

Spam Comments Attack on TechCrunch Continuing

In a previous post I commented on O'Reilly.com's war on spam according to their statistics, and thought you might find the most recent TechCrunch blog spam stats they've recently provided, informative as well :

"On January 4 we reported that the Akismet filter had stopped a million spam comments from reaching TechCrunch. At that point we’d been using it for about nine months. The number of blocked spam comments is now two million, just ten weeks later. That works out to about 15,000 spam comments hitting TechCrunch every day. If we did not have Akismet, we couldn’t allow anonymous commenting here on TechCrunch. We used to go through all spam comments to pick out the occasional false positive and accept it. Now, there are just too many to go through. All comments marked by Akismet as spam get deleted almost immediately."

I turned blog comments off quite a while ago and to be honest, the best comments, recommendations and tips, as well as people I've met through this blog, I received over email and backlinks. Keep 'em coming! Moreover, it's not just the inability of service providers to keep up with the aggresive generation of splogs, but malicious parties are already exploiting some of the fancy features that make blogs so flexible when it comes to personalization and social networking. Next time Fortinet will come up with another advisory, this time discussing MySpace so consider it as a cyclical shift from one provider to another depending on the current defenses in place -- blackhat SEO. Continue reading →

Personal Data Security Breaches Spreadsheet

Some stats try to emphasize on the number of people affected while forgetting the key points I outlined in a previous post related to why we cannot measure the real cost of cybercrime, and yes, duplicates among the affected people in any of the statistics available. The number of people affected will continue to rise, but that's not important, what's important is to identify the weakest link in this process, and for the time being, you're a "data hostage" in order to enjoy your modern lifestyle -- ever asked yourself what's gonna happen with your digital data after you're gone?

Spreadsheet nerds, here's something worth taking the time to around with, most importantly this huge dataset debunks the common myth of hackers taking the credit for the majority of personal data security breaches, whereas as you can see in the figures, on the majority of occasions -- and it's an ongoing trend -- companies themselves should get into the spotlight :

"On average, in 2005 personal records were compromised at a rate of 5.2 million a month. On average, in 2005 personal records were compromised at a rate of 5.8 million a month. Assuming a similar rate of growth, by November or December this year we we should cross the 2.0 billion mark. This is a conservative estimate because many of the news stories we archived were conservative on their own estimates of how many records were lost in particular incidents, and because a small number of incidents are reported without details of how many personal records were compromised.

View figures and tables of this paper as a *.pdf. View pre-publication draft of paper as a *.pdf. View dataset of incidents as a *.xls. View University of Washington Press office news release on this research."

Graphic presenting the risk of identity theft in the U.S only, based on the severity of data breaches, courtesy of the Danny Dougherty.

Continue reading →

Complexity and Threats Mind Mapping

The folks at Security-Database.com -- who by the way expressed their excitement over my blog -- just released an outstanding mind mapping graph on the most common firefox security extensions used for various purposes starting from information gathering, and going up to data tampering :

"FireCAT is based upon a paper we wrote some weeks before (Turning firefox to an ethical hacking platform) and downloaded more than 25 000 times. We also thank all folks that encouraged us and sent their suggestions and ideas to make this project a reality. This initial release is presented as a mindmap and we are open to all your suggestions to make it a really good framework for all the community of security auditors and ethical hackers. We will make a special page for this framework soon to let you monitor this activity."

Great idea, reminds of Ollie Whitehouse's excellent mind mapping of mobile device threats. The semantics of security when applied in a visualized manner have the potential to limit the "yet another malware variant in the wild" type of news articles, or hopefully help the mainstream media break out of the "echo chamber" and re-publishing myopia, thus covering the basics.

Anyway, which is the most useful tool you'll ever encounter? It's called experience. Which is the most important threat to keep an eye on? It's your inability of not knowing what's going on at a particular moment, lack of situational awareness. Continue reading →