Binary Options Trading Signals Review 2020: Is It a SCAM ...

Immediate Edge Review, Is Immediate Edge SCAM Or Legit Trading App?

Immediate Edge Review, Is Immediate Edge SCAM Or Legit Trading App?

Immediate Edge Review: Is This Crypto Robot Legit or Scam
Immediate Edge Review and investigation 20twenty. The Immediate Edge app is a crypto, forex and choices trading robot utilized by folks to automatically obtain and sell Bitcoin and create profits. Wanting at the website, many people claim it helped them move from rags-to-riches trading Bitcoin. Further, some claims linked it to Ronaldo and Sir Alex Ferguson

https://preview.redd.it/rttn3i4hohm51.jpg?width=1280&format=pjpg&auto=webp&s=8f0dc345c3ace4032d571d44fabe356f13ff1a33
Is Immediate Edge app legit or scam? Whereas the claims of its linkage to the higher than celebrities are unverifiable, we tend to can verify that the app is not a scam and permits individuals to trade Bitcoin using the Fibonacci strategy with ten minutes time frames
The app, that allows people to deposit at least $250 through mastercard and Sofort, scores 88% rate and a 5 stars as a real software
Since there are several scam cryptos, forex and options brokers who trick individuals to depositing money, and then they run away with the funds, we have taken time to review this software to determine if it is real or a scam.
Is Immediate Edge scam or legit
High success rate is reported by users with this software.
The Immediate Edge web site provides truthful claims about the service though it will not mean the crypto trading risks are eliminated with its use.
Customers should start with the minimum investment and increase it when satisfied with the utilization of the app.
Click the link to access Immediate Edge official web site or keep reading to understand more
This software will not seem to be a scam and users report that it helped them make real money trading on it.b site
What is Immediate Edge App?
Immediate Edgecould be a robot or auto-trading software that allows folks to trade forex, crypto and binary choices. A user deploys the algorithm-primarily based bot, which relies on a trading strategy that's automatically executed on a broker trading platform once deployed.
The strategy is coded or set like to permit the user to automatically get and sell crypto, stock or choices on the broker platform at favorable prices, to form profits. It can do automatic market analysis by analyzing a vast amount of knowledge from completely different sources, at intervals seconds and with high accuracy, then use the data to predict the costs. It can then come up with a transparent buy or sell tradable signal and then execute it automatically by shopping for and/or selling on the broker platform.
The software can, therefore, save a trader thousands of manual hours and labor they might have spent analyzing information to form trading choices and to follow the markets and to position and close trades. You conjointly do not want to understand anything concerning crypto, stock or option trading to use this auto trading app, although it is suggested to possess this information to keep improving on trading.
Trading bots will achieve high success rates of more than 90p.c and have been tested to work. You may be searching for Immediate Edge scam but the website can tell you that you can expect to earn between $950 and $a pair of,two hundred per day using the software but that depends on your expertise. As a newbie, you'll not start making that a lot of immediately and conjointly it depends on how a lot of you invest. With an investment of $250, you'll be able to expect to form a lot of lesser although some people claim to own made $12a pair of in a very few hours using this software.
That will not mean Immediate Edge is error-free. There still is a heap of unpredictable high volatility in crypto and bots will make mistakes and errors to create losses. Auto trading robots are better employed in combination with manual trading strategies.

https://preview.redd.it/1zkt9v3johm51.jpg?width=1280&format=pjpg&auto=webp&s=85f7e7f5d0e9d6b60b4a8a6e37bb344dbbb8305c
Immediate Edge Review
How will Immediate Edge work?
All a user has to try and do is join up at the Immediate Edge web site, then deposit funds to have access to the robot, when which they can begin trading by switching on the bot. It will would like no control or intervention from humans, beyond beginning and stopping it.
You additionally need to stay checking, daily, to observe the performance of the software in doing its job and ensure that it is earning any returns needless to say. From there, you can confirm whether or not to extend or decrease your investment towards crypto, options or stock trading using this robot.
You'll be able to also monitor performance to be ready to regulate the trading settings from your dashboard and optimize totally different features of the trading bot for instance set amount of trades or amount to invest in every trade.
Founder of Immediate Edge
In line with the Immediate Edge website, this trading bot was founded by Edwin James. Reportedly, he created billions with forex, crypto, and binary options trading and still shares his strategies on the way to trade the assets on the app.
He founded the app to create it potential for brand spanking new traders to create cash in less than 3 minutes of signing up.
How to sign up on Immediate Edge:
Registration: Registering or signing up on the website is free but to start trading, you want to deposit no less than $250. You discover a registration type on the top right of the page, on that you type in your email, full names and phone numbers and country code. Create a password to be used for logging in later.
Deposit funds: Depositing funds allows you to connect to a robot broker and then you'll begin the bot to start out trading. You'll deposit with Visa, Wire Transfers, Klarna or Skrill. The currencies supported are Swiss Franc, British Pound, US Greenback, and Euro and using a credit or debit card limits deposits to less than $/£/€/?10,00zero in one day and $/£/€/?40,000 in an exceedingly month.
Immediate Edgeisn’t licensed to handle your funds, it works with brokers to handle the cash once it's deposited.
Demo trading: Relying on the broker you're connected to, you can begin to practice trading with the Immediate Edge software. Some brokers do not have this feature on their platforms. Still, with the latter, you can test their options before you deposit cash to try and do live trading. With the demo options, you'll be able to familiarize yourself with the trading house before beginning to use real money to trade.
Trading: Before and when you've got switched on auto-trading, you would like to check the trading settings daily. You'll regulate some things including stop-loss orders and when to try to to them, amount to speculate per trade and how several trades to try to to per day. You'll be able to also choose that cryptocurrencies to trade, and you'll be able to select all the most in style ones together with Bitcoin and Ethereum. You also get to observe the profits/losses and decide if to continue and/or when to prevent.

https://preview.redd.it/c9scw5fkohm51.jpg?width=1280&format=pjpg&auto=webp&s=3d127be2887c4c8960023a8cf1b1f55297dbf250
Withdrawals, user verification, cost of using the app and alternative options

The payouts or withdrawals are made by filling letter of invitation type on the funds’ management page and it can take two operating days to replicate in your checking account. No fee is charged on withdrawals. You'll withdraw your cash including the capital while not a lot of problem on this app, that is better than several that don't enable withdrawals at any time
While some bots need verifications by asking for your ID and statements, this one will not. You are done once uploading your payment details. The bot charges a commission on profit. Besides, you get twenty fouseven client support on Immediate Edge
Immediate Edge may be a legit, secure, user-friendly trading application for crypto, stocks, and choices. It has a zealous customer service and reports a high success rate. Another smart robot we have recently reviewed is Bitcoin Professional
We tend to hope that this review helped you to make a decision concerning this trading app. Additionally, subscribe to our web site to be invariably notified concerning new software from this industry. For live reviews subscribe to our Youtube Channel or FB Page.

https://www.immediateedge.org/
https://www.facebook.com/immediateedge/
https://www.pinterest.co.uk/immediateedge/
https://twitter.com/EdgeImmediate
https://www.instagram.com/immediateedge/
submitted by EggNecessary9499 to u/EggNecessary9499 [link] [comments]

Binary Options Review; Best Binary Options Brokers

Binary Options Review; Best Binary Options Brokers

Binary Options Review; Best Binary Options Brokers
We have compared the best regulated binary options brokers and platforms in May 2020 and created this top list. Every binary options company here has been personally reviewed by us to help you find the best binary options platform for both beginners and experts. The broker comparison list below shows which binary trading sites came out on top based on different criteria.
You can put different trading signals into consideration such as using payout (maximum returns), minimum deposit, bonus offers, or if the operator is regulated or not. You can also read full reviews of each broker, helping you make the best choice. This review is to ensure traders don't lose money in their trading account.
How to Compare Brokers and Platforms
In order to trade binary options, you need to engage the services of a binary options broker that accepts clients from your country e.g. check US trade requirements if you are in the United States. Here at bitcoinbinaryoptionsreview.com, we have provided all the best comparison factors that will help you select which trading broker to open an account with. We have also looked at our most popular or frequently asked questions, and have noted that these are important factors when traders are comparing different brokers:
  1. What is the Minimum Deposit? (These range from $5 or $10 up to $250)
  2. Are they regulated or licensed, and with which regulator?
  3. Can I open a Demo Account?
  4. Is there a signals service, and is it free?
  5. Can I trade on my mobile phone and is there a mobile app?
  6. Is there a Bonus available for new trader accounts? What are the Terms and
  7. conditions?
  8. Who has the best binary trading platform? Do you need high detail charts with technical analysis indicators?
  9. Which broker has the best asset lists? Do they offer forex, cryptocurrency, commodities, indices, and stocks – and how many of each?
  10. Which broker has the largest range of expiry times (30 seconds, 60 seconds, end of the day, long term, etc?)
  11. How much is the minimum trade size or amount?
  12. What types of options are available? (Touch, Ladder, Boundary, Pairs, etc)
  13. Additional Tools – Like Early closure or Metatrader 4 (Mt4) plugin or integration
  14. Do they operate a Robot or offer automated trading software?
  15. What is Customer Service like? Do they offer telephone, email and live chat customer support – and in which countries? Do they list direct contact details?
  16. Who has the best payouts or maximum returns? Check the markets you will trade.
The Regulated Binary Brokers
Regulation and licensing is a key factor when judging the best broker. Unregulated brokers are not always scams, or untrustworthy, but it does mean a trader must do more ‘due diligence’ before trading with them. A regulated broker is the safest option.
Regulators - Leading regulatory bodies include:
  • CySec – The Cyprus Securities and Exchange Commission (Cyprus and the EU)
  • FCA – Financial Conduct Authority (UK)
  • CFTC – Commodity Futures Trading Commission (US)
  • FSB – Financial Services Board (South Africa)
  • ASIC – Australia Securities and Investment Commission
There are other regulators in addition to the above, and in some cases, brokers will be regulated by more than one organization. This is becoming more common in Europe where binary options are coming under increased scrutiny. Reputable, premier brands will have regulation of some sort.
Regulation is there to protect traders, to ensure their money is correctly held and to give them a path to take in the event of a dispute. It should therefore be an important consideration when choosing a trading partner.
Bonuses - Both sign up bonuses and demo accounts are used to attract new clients. Bonuses are often a deposit match, a one-off payment, or risk-free trade. Whatever the form of a bonus, there are terms and conditions that need to be read.
It is worth taking the time to understand those terms before signing up or clicking accept on a bonus offer. If the terms are not to your liking then the bonus loses any attraction and that broker may not be the best choice. Some bonus terms tie in your initial deposit too. It is worth reading T&Cs before agreeing to any bonus, and worth noting that many brokers will give you the option to ‘opt-out’ of taking a bonus.
Using a bonus effectively is harder than it sounds. If considering taking up one of these offers, think about whether, and how, it might affect your trading. One common issue is that turnover requirements within the terms, often cause traders to ‘over-trade’. If the bonus does not suit you, turn it down.
How to Find the Right Broker
But how do you find a good broker? Well, that’s where BitcoinBinaryOptionsReview.com comes in. We assess and evaluate binary options brokers so that traders know exactly what to expect when signing up with them. Our financial experts have more than 20 years of experience in the financial business and have reviewed dozens of brokers.
Being former traders ourselves, we know precisely what you need. That’s why we’ll do our best to provide our readers with the most accurate information. We are one of the leading websites in this area of expertise, with very detailed and thorough analyses of every broker we encounter. You will notice that each aspect of any broker’s offer has a separate article about it, which just goes to show you how seriously we approach each company. This website is your best source of information about binary options brokers and one of your best tools in determining which one of them you want as your link to the binary options market.
Why Use a Binary Options Trading Review?
So, why is all this relevant? As you may already know, it is difficult to fully control things that take place online. There are people who only pose as binary options brokers in order to scam you and disappear with your money. True, most of the brokers we encounter turn out to be legit, but why take unnecessary risks?
Just let us do our job and then check out the results before making any major decisions. All our investigations regarding brokers’ reliability can be seen if you click on our Scam Tab, so give it a go and see how we operate. More detailed scam reports than these are simply impossible to find. However, the most important part of this website can be found if you go to our Brokers Tab.
There you can find extensive analyses of numerous binary options brokers irrespective of your trading strategy. Each company is represented with an all-encompassing review and several other articles dealing with various aspects of their offer. A list containing the very best choices will appear on your screen as you enter our website whose intuitive design will allow you to access all the most important information in real-time.
We will explain minimum deposits, money withdrawals, bonuses, trading platforms, and many more topics down to the smallest detail. Rest assured, this amount of high-quality content dedicated exclusively to trading cannot be found anywhere else. Therefore, visiting us before making any important decisions regarding this type of trading is the best thing to do.
CONCLUSION: Stay ahead of the market, and recover from all kinds of binary options trading loss, including market losses in bitcoin, cryptocurrency, and forex markets too. Send your request via email to - [email protected]
submitted by Babyelijah to u/Babyelijah [link] [comments]

Comprehensive Guide for getting into Home Recording

I'm going to borrow from a few sources and do my best to make this cohesive, but this question comes up a lot. I thought we had a comprehensive guide, but it doesn't appear so. In the absence of this, I feel that a lot of you could use a simple place to go for some basics on recording. There are a couple of great resources online already on some drumming forums, but I don't think they will be around forever.
Some background on myself - I have been drumming a long time. During that time, home recording has gone from using a cassette deck to having a full blown studio at your finger tips. The technology in the last 15 years has gotten so good it really is incredible. When I was trying to decide what I wanted to do with my life, I decided to go to school for audio engineering in a world-class studio. During this time I had access to the studio and was able to assist with engineering on several projects. This was awesome, and I came out with a working knowledge of SIGNAL CHAIN, how audio works in the digital realm, how microphones work, studio design, etc. Can I answer your questions? Yes.

First up: Signal Chain! This is the basic building block of recording. Ever seen a "I have this plugged in but am getting no sound!" thread? Yeah, signal chain.

A "Signal Chain" is the path your audio follows, from sound source, to the recording device, and back out of your monitors (speakers to you normies).
A typical complete signal chain might go something like this:
1] instrument/sound source 2] Microphone/TransducePickup 3] Cable 4] Mic Preamp/DI Box 5] Analog-to-Digital Converter 6] Digital transmission medium[digital data get recoded for usb or FW transfer] 7] Digital recording Device 8] DSP and Digital summing/playback engine 9] Digital-to-Analog Converter 10] Analog output stage[line outputs and output gain/volume control] 11] Monitors/Playback device[headphones/other transducers]
Important Terms, Definitions, and explanations (this will be where the "core" information is):
1] AD Conversion: the process by which the electrical signal is "converted" to a stream of digital code[binary, 1 and 0]. This is accomplished, basically, by taking digital pictures of the audio...and this is known as the "sampling rate/frequency" The number of "pictures" determines the frequency. So the CD standard of 44.1k is 44,100 "pictures" per second of digital code that represents the electrical "wave" of audio. It should be noted that in order to reproduce a frequency accuratly, the sampling rate must be TWICE that of the desired frequency (See: Nyquist-Shannon Theorem). So, a 44.1 digital audio device can, in fact, only record frequencies as high as 22.05khz, and in the real world, the actual upper frequency limit is lower, because the AD device employs a LOW-PASS filter to protect the circuitry from distortion and digital errors called "ALIASING." Confused yet? Don't worry, there's more... We haven't even talked about Bit depth! There are 2 settings for recording digitally: Sample Rate and Bit Depth. Sample rate, as stated above, determines the frequencies captured, however bit depth is used to get a better picture of the sample. Higher bit depth = more accurate sound wave representation. More on this here. Generally speaking, I record at 92KHz/24 bit depth. This makes huge files, but gets really accurate audio. Why does it make huge files? Well, if you are sampling 92,000 times per second, you are taking each sample and applying 24 bits to that, multiply it out and you get 92,000*24 = 2,208,000 bits per second or roughly 0.26MB per second for ONE TRACK. If that track is 5 minutes long, that is a file that is 78.96MB in size. Now lets say you used 8 inputs on an interface, that is, in total, 631.7MB of data. Wow, that escalates quick, right? There is something else to note as well here: Your CPU has to calculate this. So the amount of calculations it needs to perform for this same scenario is ~17.7 million calculations PER SECOND. This is why CPU speed and RAM is super important when recording digitally.
2] DA conversion: the process by which the digital code (the computer representation of a sound wave) is transformed back into electrcal energy in the proper shape. In a oversimplified explanation, the code is measured and the output of the convertor reflects the value of the code by changing voltage. Think of a sound wave on a grid: Frequency would represent the X axis (the horizontal axis)... but there is a vertical axis too. This is called AMPLITUDE or how much energy the wave is generating. People refer to this as how 'loud' a sound is, but that's not entirely correct. You can have a high amplitude wave that is played at a quiet volume. It's important to distinguish the two. How loud a sound is can be controlled by the volume on a speaker or transducer. But that has no impact on how much amplitude the sound wave has in the digital space or "in the wire" on its way to the transducer. So don't get hung up on how "loud" a waveform is, it is how much amplitude it has when talking about it "in the box" or before it gets to the speakeheadphone/whatever.
3] Cables: An often overlooked expense and tool, cables can in fact, make or break your recording. The multitudes of types of cable are determined by the connector, the gauge(thickness), shielding, type of conductor, etc... Just some bullet points on cables:
- Always get the highest quality cabling you can afford. Low quality cables often employ shielding that doesnt efectively protect against AC hums(60 cycle hum), RF interference (causing your cable to act as a gigantic AM/CB radio antenna), or grounding noise introduced by other components in your system. - The way cables are coiled and treated can determine their lifespan and effectiveness. A kinked cable can mean a broken shield, again, causing noise problems. - The standard in the USA for wiring an XLR(standard microphone) cable is: PIN 1= Cold/-, PIN 2= Hot/+, PIN 3=Ground/shield. Pin 3 carries phantom power, so it is important that the shield of your cables be intact and in good condition if you want to use your mic cables without any problems. - Cables for LINE LEVEL and HI-Z(instrument level) gear are not the same! - Line Level Gear, weather professional or consumer, should generally be used with balanced cables (on a 1/4" connector, it will have 3 sections and is commonly known as TRS -or- TipRingSleeve). A balanced 1/4" is essentially the same as a microphone cable, and in fact, most Professional gear with balanced line inputs and outputs will have XLR connectors instead of 1/4" connectors. - Hi-Z cable for instruments (guitars, basses, keyboards, or anything with a pickup) is UNBALANCED, and should be so. The introduction of a balanced cable can cause electricity to be sent backwards into a guitar and shock the guitar player. You may want this to happen, but your gear doesn't. There is some danger here as well, especially on stage, where the voltage CAN BE LETHAL. When running a guitabass/keyboard "Direct" into your interface, soundcard, or recording device, you should ALWAYS use a "DIRECT BOX", which uses a transformer to isolate and balance the the signal or you can use any input on the interface designated as a "Instrument" or "Hi-Z" input. It also changes some electrical properties, resulting in a LINE LEVEL output (it amplifies it from instrument level to line level).
4] Digital Data Transmissions: This includes S/PDIF, AES/EBU, ADAT, MADI. I'm gonna give a brief overview of this stuff, since its unlikely that alot of you will ever really have to think about it: - SDPIF= Sony Phillips Digital Interface Format. using RCA or TOSLINK connectors, this is a digital protocol that carries 3 streams of information. Digital audio Left, Digital Audio Right, and CLOCK. SPDIF generally supports 48khz/20bit information, though some modern devices can support up to 24bits, and up to 88.2khz. SPDIF is the consumer format of AES/EBU - AES/EBU= Audio Engineering Society/European Breadcasters Union Digital protocol uses a special type of cable often terminated with XLR connectors to transmit 2 channels of Digital Audio. AES/EBU is found mostly on expensive professional digital gear. - ADAT= the Alesis Digital Audio Tape was introduced in 1991, and was the first casette based system capable of recording 8 channels of digital audio onto a single cartridge(a SUPER-VHS tape, same one used by high quality VCR's). Enough of the history, its not so important because we are talking about ADAT-LIGHTPIPE Protocol, which is a digital transmission protocol that uses fiberoptic cable and devices to send up to 8 channels of digital audio simultaneously and in sync. ADAT-Lightpipe supports up to 48khz sample rates. This is how people expand the number of inputs by chaining interfaces. - MADI is something you will almost never encounter. It is a protocol that allows up to 64 channels of digital audio to be transmitted over a single cable that is terminated by BNC connectors. Im just telling you it exists so in case you ever encounter a digital snake that doesnt use Gigabit Ethernet, you will know whats going on.
digital transmission specs: SPDIF -> clock->2Ch->RCA cable(consumer) ADAT-Lightpipe->clock->8Ch->Toslink(semi-pro) SPDIF-OPTICAL->clock->2Ch->Toslink(consumer) AES/EBU->clock->2Ch->XLR(Pro) TDIF->clock->8Ch->DSub(Semi-Pro) ______________ MADI->no clock->64Ch->BNC{rare except in large scale pofessional apps} SDIF-II->no clock->24Ch->DSub{rare!} AES/EBU-13->no clock->24Ch->DSub
5] MICROPHONES: There are many types of microphones, and several names for each type. The type of microphone doesn't equate to the polar pattern of the microphone. There are a few common polar patterns in microphones, but there are also several more that are less common. These are the main types- Omni-Directional, Figure 8 (bi-directional), Cardioid, Super Cardioid, Hyper Cardioid, Shotgun. Some light reading.... Now for the types of microphones: - Dynamic Microphones utilize polarized magnets to convert acoustical energy into electrical energy. there are 2 types of dynamic microphones: 1) Moving Coil microphones are the most common type of microphone made. They are also durable, and capable of handling VERY HIGH SPL (sound pressure levels). 2) Ribbon microphones are rare except in professional recording studios. Ribbon microphones are also incredibly fragile. NEVER EVER USE PHANTOM POWER WITH A RIBBON MICROPHONE, IT WILL DIE (unless it specifically requires it, but I've only ever seen this on one Ribbon microphone ever). Sometimes it might even smoke or shoot out a few sparks; applying phantom power to a Ribbon Microphone will literally cause the ribbon, which is normally made from Aluminum, to MELT. Also, windblasts and plosives can rip the ribbon, so these microphones are not suitible for things like horns, woodwinds, vocals, kick drums, or anything that "pushes air." There have been some advances in Ribbon microphones and they are getting to be more common, but they are still super fragile and you have to READ THE MANUAL CAREFULLY to avoid a $1k+ mistake. - CondenseCapacitor Microphones use an electrostatic charge to convert acoustical energy into electrical energy. The movement of the diaphragm(often metal coated mylar) toward a ceramic "backplate" causes a fluctuation in the charge, which is then amplified inside the microphone and output as an electrical signal. Condenser microphones usually use phantom power to charge the capacitors' and backplate in order to maintain the electrostatic charge. There are several types of condenser microphones: 1) Tube Condenser Microphones: historically, this type of microphone has been used in studios since the 1940s, and has been refined and redesigned hundreds, if not thousands of times. Some of the "best sounding" and most desired microphones EVER MADE are Tube Condenser microphones from the 50's and 60's. These vintage microphones, in good condition, with the original TUBES can sell for hundreds of thousands of dollars. Tube mics are known for sounding "full", "warm", and having a particular character, depending on the exact microphone. No 2 tubes mics, even of the same model, will sound the same. Similar, but not the same. Tube mics have their own power supplies, which are not interchangeable to different models. Each tube mic is a different design, and therefore, has different power requirements. 2) FET Condenser microphones: FET stands for "Field Effect Transistor" and the technology allowed condenser microphones to be miniturized. Take for example, the SHURE beta98s/d, which is a minicondenser microphone. FET technology is generally more transparant than tube technology, but can sometimes sound "harsh" or "sterile". 3) Electret Condenser Microphones are a condenser microphone that has a permanent charge, and therefore, does not require phantom power; however, the charge is not truly permanent, and these mics often use AA or 9V batteries, either inside the mic, or on a beltpack. These are less common.
Other important things to know about microphones:
- Pads, Rolloffs, etc: Some mics have switches or rotating collars that notate certain things. Most commonly, high pass filters/lowcut filters, or attenuation pads. 1) A HP/LC Filter does exactly what you might think: Removes low frequency content from the signal at a set frequency and slope. Some microphones allow you to switch the rolloff frequency. Common rolloff frequencies are 75hz, 80hz, 100hz, 120hz, 125hz, and 250hz. 2) A pad in this example is a switch that lowers the output of the microphone directly after the capsule to prevent overloading the input of a microphone preamplifier. You might be asking: How is that possible? Some microphones put out a VERY HIGH SIGNAL LEVEL, sometimes about line level(-10/+4dbu), mic level is generally accepted to start at -75dbu and continues increasing until it becomes line level in voltage. It should be noted that linel level signals are normally of a different impedance than mic level signals, which is determined by the gear. An example for this would be: I mic the top of a snare drum with a large diaphragm condenser mic (solid state mic, not tube) that is capable of handling very high SPLs (sound pressure levels). When the snare drum is played, the input of the mic preamp clips (distorts), even with the gain turned all the way down. To combat this, I would use a pad with enough attenuation to lower the signal into the proper range of input (-60db to -40 db). In general, it is accepted to use a pad with only as much attentuation as you need, plus a small margin of error for extra “headroom”. What this means is that if you use a 20db pad where you only need a 10db pad, you will then have to add an additional 10db of gain to achieve a desireable signal level. This can cause problems, as not all pads sound good, or even transparent, and can color and affect your signal in sometimes unwanted ways that are best left unamplified. - Other mic tips/info: 1) when recording vocals, you should always use a popfilter. A pop filter mounted on a gooseneck is generally more effective than a windscreen made of foam that slips over the microphone. The foam type often kill the highfrequency response, alter the polar pattern, and can introduce non-linear polarity problems(part of the frequency spectrum will be out of phase.) If you don't have a pop filter or don't want to spend on one, buy or obtain a hoop of some kind, buy some cheap panty-hose and stretch it over the hoop to build your own pop filter. 2) Terms Related to mics: - Plosives: “B”, “D”, “F”, “G”, “J”, “P”, “T” hard consonants and other vocal sounds that cause windblasts. These are responsible for a low frequency pop that can severly distort the diaphragm of the microphone, or cause a strange inconsistency of tonality by causing a short term proximity effect.
- Proximity effect: An exponential increase in low frequency response causes by having a microphone excessivly close to a sound. This can be cause by either the force of the air moving actually causes the microphone’s diaphragm to move and sometimes distort, usually on vocalists or buy the buildup of low frequency soundwaves due to off-axis cancellation ports. You cannot get proximity effect on an omnidirectional microphone. With some practice, you can use proximity effect to your advantage, or as an effect. For example, if you are recording someone whispering and it sounds thin or weak and irritating due to the intenese high mid and high frequency content, get the person very close to a cardioid microphone with two popfilters, back to back approx 1/2”-1” away from the mic and set your gain carefully, and you can achieve a very intimite recording of whispering. In a different scenario, you can place a mic inside of a kick drum between 1”-3” away from the inner shell, angled up and at the point of impact, and towards the floor tom. This usually captures a huge low end, and the sympathetic vibration of the floor tom on the kick drum hits, but retains a clarity of attack without being distorted by the SPL of the drum and without capturing unplesant low-mid resonation of the kick drum head and shell that is common directly in the middle of the shell.
6) Wave Envelope: The envelope is the graphical representation of a sound wave commonly found in a DAW. There are 4 parts to this: Attack, Decay, Sustain, Release: 1) Attack is how quickly the sound reaches its peak amplitude; 2) Decay is the time it takes to reach the sustain level; 3) Sustain how long a sound remains at a certain level (think of striking a tom, the initial smack is attack, then it decays to the resonance of the tom, how long it resonates is the sustain); 4) Release is the amount of time before the sustain stops. This is particularly important as these are also the settings on a common piece of gear called a Compressor! Understanding the envelope of a sound is key to learning how to maniuplate it.
7) Phase Cancellation: This is one of the most important concepts in home recording, especially when looking at drums. I'm putting it in this section because it matters so much. Phase Cancellation is what occurs when the same frequencies occur at different times. To put it simply, frequency amplitudes are additive - meaning if you have 2 sound waves of the same frequency, one amplitude is +4 and the other is +2, the way we percieve sound is that the frequency is +6. But a sound wave has a positive and negative amplitude as it travels (like a wave in the ocean with a peak and a swell). If the frequency then has two sources and it is 180 degrees out of phase, that means one wave is at +4 while the other is at -4. This sums to 0, or cancels out the wave. Effectively, you would hear silence. This is why micing techniques are so important, but we'll get into that later. I wanted this term at the top, and will likely mention it again.

Next we can look at the different types of options to actually record your sound!

1) Handheld/All in one/Field Recorders: I don't know if portable cassette tape recorders are still around, but that's an example of one. These are (or used to) be very popular with journalists because they were pretty decent at capturing speech. They do not fare too well with music though. Not too long ago, we saw the emergence of the digital field recorder. These are really nifty little devices. They come in many shapes, sizes and colors, and can be very affordable. They run on batteries, and have built-in microphones, and record digitally onto SD cards or harddiscs. The more simple ones have a pair of built-in condenser microphones, which may or may not be adjustable, and record onto an SD-card. They start around $99 (or less if you don't mind buying refurbished). You turn it on, record, connect the device itself or the SD card to your computer, transfer the file(s) and there is your recording! An entry-level example is the Tascam DR-05. It costs $99. It has two built in omni-directional mics, comes with a 2GB microSD card and runs on two AA batteries. It can record in different formats, the highest being 24-bit 96KHz Broadcast WAV, which is higher than DVD quality! You can also choose to record as an MP3 (32-320kbps) if you need to save space on the SD card or if you're simply going to record a speech/conference or upload it on the web later on. It's got a headphone jack and even small built-in speakers. It can be mounted onto a tripod. And it's about the size of a cell phone. The next step up (although there are of course many options that are price and feature-wise inbetween this one and the last) is a beefier device like the Zoom H4n. It's got all the same features as the Tascam DR-05 and more! It has two adjustable built-in cardioid condenser mics in an XY configuration (you can adjust the angle from a 90-120 degree spread). On the bottom of the device, there are two XLR inputs with preamps. With those, you can expand your recording possibilities with two external microphones. The preamps can send phantom power, so you can even use very nice studio mics. All 4 channels will be recorded independantly, so you can pop them onto your computer later and mix them with software. This device can also act as a USB interface, so instead of just using it as a field recorder, you can connect it directly to your computer or to a DSLR camera for HD filming. My new recommendation for this category is actually the Yamaha EAD10. It really is the best all-in-one solution for anyone that wants to record their kit audio with a great sound. It sports a kick drum trigger (mounts to the rim of the kick) with an x-y pattern set of microphones to pick up the rest of the kit sound. It also has on-board effects, lots of software integration options and smart features through its app. It really is a great solution for anyone who wants to record without reading this guide.
The TL;DR of this guide is - if it seems like too much, buy the Yamaha EAD10 as a simple but effective recording solution for your kit.

2) USB Microphones: There are actually mics that you an plug in directly to your computer via USB. The mics themselves are their own audio interfaces. These mics come in many shapes and sizes, and offer affordable solutions for basic home recording. You can record using a DAW or even something simple like the stock windows sound recorder program that's in the acessories folder of my Windows operating system. The Blue Snowflake is very affordable at $59. It can stand alone or you can attach it to your laptop or your flat screen monitor. It can record up to 44.1kHz, 16-bit WAV audio, which is CD quality. It's a condenser mic with a directional cardioid pickup pattern and has a full frequency response - from 35Hz-20kHz. It probably won't blow you away, but it's a big departure from your average built-in laptop, webcam, headset or desktop microphone. The Audio Technica AT2020 USB is a USB version of their popular AT2020 condenser microphone. At $100 it costs a little more than the regular version. The AT2020 is one of the finest mics in its price range. It's got a very clear sound and it can handle loud volumes. Other companies like Shure and Samson also offer USB versions of some of their studio mics. The AT2020 USB also records up to CD-quality audio and comes with a little desktop tripod. The MXL USB.009 mic is an all-out USB microphone. It features a 1 inch large-diaphragm condenser capsule and can record up to 24-bit 96kHz WAV audio. You can plug your headphones right into the mic (remember, it is its own audio interface) so you can monitor your recordings with no latency, as opposed to doing so with your computer. Switches on the mic control the gain and can blend the mic channel with playback audio. Cost: $399. If you already have a mic, or you don't want to be stuck with just a USB mic, you can purcase a USB converter for your existing microphone. Here is a great review of four of them.
3) Audio Recording Interfaces: You've done some reading up on this stuff... now you are lost. Welcome to the wide, wide world of Audio Interfaces. These come in all different shapes and sizes, features, sampling rates, bit depths, inputs, outputs, you name it. Welcome to the ocean, let's try to help you find land.
- An audio interface, as far as your computer is concerned, is an external sound card. It has audio inputs, such as a microphone preamp and outputs which connect to other audio devices or to headphones or speakers. The modern day recording "rig" is based around a computer, and to get the sound onto your computer, an interface is necessary. All computers have a sound card of some sort, but these have very low quality A/D Converters (analog to digital) and were not designed with any kind of sophisticated audio recording in mind, so for us they are useless and a dedicated audio interface must come into play.
- There are hundreds of interfaces out there. Most commonly they connect to a computer via USB or Firewire. There are also PCI and PCI Express-based interfaces for desktop computers. The most simple interfaces can record one channel via USB, while others can record up to 30 via firewire! All of the connection types into the computer have their advantages and drawbacks. The chances are, you are looking at USB, Firewire, or Thunderbolt. As far as speeds, most interfaces are in the same realm as far as speed is concerned but thunderbolt is a faster data transfer rate. There are some differences in terms of CPU load. Conflict handling (when packages collide) is handled differently. USB sends conflict resolution to the CPU, Firewire handles it internally, Thunderbolt, from what I could find, sends it to the CPU as well. For most applications, none of them are going to be superior from a home-recording standpoint. When you get up to 16/24 channels in/out simultaneously, it's going to matter a lot more.
- There are a number of things to consider when choosing an audio interface. First off your budget, number of channels you'd like to be able to record simultaneously, your monitoring system, your computer and operating system and your applications. Regarding budget, you have to get real. $500 is not going to get you a rig with the ability to multi-track a drum set covered in mics. Not even close! You might get an interface with 8 channels for that much, but you have to factor in the cost of everything, including mics, cables, stands, monitors/headphones, software, etc... Considerations: Stereo Recording or Multi-Track Recording? Stereo Recording is recording two tracks: A left and right channel, which reflects most audio playback systems. This doesn't necessarily mean you are simply recording with two mics, it means that what your rig is recording onto your computer is a single stereo track. You could be recording a 5-piece band with 16 mics/channels, but if you're recording in stereo, all you're getting is a summation of those 16 tracks. This means that in your recording software, you won't be able to manipulate any of those channels independantly after you recorded them. If the rack tom mic wasn't turned up loud enough, or you want to mute the guitars, you can't do that, because all you have is a stereo track of everything. It's up to you to get your levels and balance and tone right before you hit record. If you are only using two mics or lines, then you will have individual control over each mic/line after recording. Commonly, you can find 2 input interfaces and use a sub-mixer taking the left/right outputs and pluging those into each channel of the interface. Some mixers will output a stereo pair into a computer as an interface, such as the Allen&Heath ZED16. If you want full control over every single input, you need to multi-track. Each mic or line that you are recording with will get it's own track in your DAW software, which you can edit and process after the fact. This gives you a lot of control over a recording, and opens up many mixing options, and also many more issues. Interfaces that facilitate multitracking include Presonus FireStudio, Focusrite Scarlett interfaces, etc. There are some mixers that are also interfaces, such as the Presonus StudioLive 16, but these are very expensive. There are core-card interfaces as well, these will plug in directly to your motherboard via PCI or PCI-Express slots. Protools HD is a core-card interface and requires more hardware than just the card to work. I would recommend steering clear of these until you have a firm grasp of signal chain and digital audio, as there are more affordable solutions that will yield similar results in a home-environment.

DAW - Digital Audio Workstation

I've talked a lot about theory, hardware, signal chain, etc... but we need a way to interpret this data. First off what does a DAW do? Some refer to them as DAE's (Digital Audio Editors). You could call it a virtual mixing board , however that isn't entirely correct. DAWs allow you to record, control, mix and manipulate independant audio signals. You can change their volume, add effects, splice and dice tracks, combine recorded audio with MIDI-generated audio, record MIDI tracks and much much more. In the old days, when studios were based around large consoles, the actual audio needed to be recorded onto some kind of medium - analog tape. The audio signals passed through the boards, and were printed onto the tape, and the tape decks were used to play back the audio, and any cutting, overdubbing etc. had to be done physically on the tape. With a DAW, your audio is converted into 1's and 0's through the converters on your interface when you record, and so computers and their harddiscs have largely taken the place of reel-to-reel machines and analog tape.
Here is a list of commonly used DAWs in alphabetical order: ACID Pro Apple Logic Cakewalk SONAR Digital Performer FL (Fruity Loops) Studio (only versions 8 and higher can actually record Audio I believe) GarageBand PreSonus Studio One Pro Tools REAPER Propellerhead Reason (version 6 has combined Reason and Record into one software, so it now is a full audio DAW. Earlier versions of Reason are MIDI based and don't record audio) Propellerhead Record (see above) Steinberg Cubase Steinberg Nuendo
There are of course many more, but these are the main contenders. [Note that not all DAWs actually have audio recording capabilities (All the ones I listed do, because this thread is about audio recording), because many of them are designed for applications like MIDI composing, looping, etc. Some are relatively new, others have been around for a while, and have undergone many updates and transformations. Most have different versions, that cater to different types of recording communities, such as home recording/consumer or professional.
That's a whole lot of choices. You have to do a lot of research to understand what each one offers, what limitations they may have etc... Logic, Garageband and Digital Performer for instance are Mac-only. ACID Pro, FL Studio and SONAR will only run on Windows machines. Garageband is free and is even pre-installed on every Mac computer. Most other DAWs cost something.
Reaper is a standout. A non-commercial license only costs $60. Other DAWs often come bundled with interfaces, such as ProTools MP with M-Audio interfaces, Steinberg Cubase LE with Lexicon Interfaces, Studio One with Presonus Interfaces etc. Reaper is a full function, professional, affordable DAW with a tremendous community behind it. It's my recommendation for everyone, and comes with a free trial. It is universally compatible and not hardware-bound.
You of course don't have to purchase a bundle. Your research might yield that a particular interface will suit your needs well, but the software that the same company offers or even bundles isn't that hot. As a consumer you have a plethora of software and hardware manufacturers competing for your business and there is no shortage of choice. One thing to think about though is compatability and customer support. With some exceptions, technically you can run most DAWs with most interfaces. But again, don't just assume this, do your research! Also, some DAWs will run smoother on certain interfaces, and might experience problems on others. It's not a bad thing to assume that if you purchase the software and hardware from the same company, they're at least somewhat optimized for eachother. In fact, ProTools, until recently would only run on Digidesign (now AVID) and M-Audio interfaces. While many folks didn't like being limited to their hardware choices to run ProTools, a lot of users didn't mind, because I think that at least in part it made ProTools run smoother for everyone, and if you did have a problem, you only had to call up one company. There are many documented cases where consumers with software and hardware from different companies get the runaround:
Software Company X: "It's a hardware issue, call Hardware Company Z". Hardware Company Z: "It's a software issue, call Software Company X".
Another thing to research is the different versions of softwares. Many of them have different versions at different pricepoints, such as entry-level or student versions all the way up to versions catering to the pros. Cheaper versions come with limitations, whether it be a maximum number of audio tracks you can run simultaneously, plug-ins available or supported Plug-In formats and lack of other features that the upper versions have. Some Pro versions might require you to run certain kinds of hardware. I don't have time nor the will to do research on individual DAW's, so if any of you want to make a comparison of different versions of a specific DAW, be my guest! In the end, like I keep stressing - we each have to do our own research.
A big thing about the DAW that it is important to note is this: Your signal chain is your DAW. It is the digital representation of that chain and it is important to understand it in order to properly use that DAW. It is how you route the signal from one spot to another, how you move it through a sidechain compressor or bus the drums into the main fader. It is a digital representation of a large-format recording console, and if you don't understand how the signal gets from the sound source to your monitor (speaker), you're going to have a bad time.

Playback - Monitors are not just for looking at!

I've mentioned monitors several times and wanted to touch on these quickly: Monitors are whatever you are using to listen to the sound. These can be headphones, powered speakers, unpowered speakers, etc. The key thing here is that they are accurate. You want a good depth of field, you want as wide a frequency response as you can get, and you want NEARFIELD monitors. Unless you are working with a space that can put the monitor 8' away from you, 6" is really the biggest speaker size you need. At that point, nearfield monitors will reproduce the audio frequency range faithfully for you. There are many options here, closed back headphones, open back headphones, studio monitors powered, and unpowered (require a separate poweramp to drive the monitor). For headphones, I recommend AKG K271, K872, Sennheiser HD280 Pro, etc. There are many options, but if mixing on headphones I recommend spending some good money on a set. For Powered Monitors, there's really only one choice I recommend: Kali Audio LP-6 monitors. They are, dollar for dollar, the best monitors you can buy for a home studio, period. These things contend with Genelecs and cost a quarter of the price. Yes, they still cost a bit, but if you're going to invest, invest wisely. I don't recommend unpowered monitors, as if you skimp on the poweramp they lose all the advantages you gain with monitors. Just get the powered monitors if you are opting for not headphones.

Drum Mic'ing Guide, I'm not going to re-create the wheel.


That's all for now, this has taken some time to put together (a couple hourse now). I can answer other questions as they pop up. I used a few sources for the information, most notably some well-put together sections on the Pearl Drummers Forum in the recording section. I know a couple of the users are no longer active there, but if you see this and think "Hey, he ripped me off!", you're right, and thanks for allowing me to rip you off!

A couple other tips that I've come across for home recording:
You need to manage your gain/levels when recording. Digital is NOT analog! What does this mean? You should be PEAKING (the loudest the signal gets) around -12dB to -15dB on your meters. Any hotter than that and you are overdriving your digital signal processors.
What sound level should my master bus be at for Youtube?
Bass Traps 101
Sound Proofing 101
submitted by M3lllvar to drums [link] [comments]

[Megathread] XMG FUSION 15 (with Intel)


On September 6 at IFA, press released their first reports about our collaboration project with Intel: XMG FUSION 15.
Community Links:

Press Links:

Video Links:

The following key facts have already been revealed:
Prices and availability will be announced on September 17. → Countdown to xmg.gg
Teaser Trailer on YouTube: XMG FUSION 15 Laptop | A Design Collaboration with Intel
We look forward to your questions and your feedback!

XMG FUSION 15 - FREQUENTLY ASKED QUESTIONS (FAQ)

This FAQ represents Q&A's over the last few days here. Fellow redditor u/iterateandgit was so kind to help me putting this document together. Big shout out to him please! The FAQ will be further extended over the coming days and weeks. Please keep the questions coming!

Sales, Shipping, Warranty


Q: Are you going to sell this on Amazon in the EU?
A: We are working on getting the product up and running on Amazon. But our own BTO shop at www.bestware.com will always be our primary sales channel and will be the only one where you can customize and configure memory, storage, OS, extend your warranty and pick other options.

Q: Do you offer student discounts or other sales compaigns like black friday?
A: In general, we don't offer student discounts. Sales campaigns are planned just in time, depending on stock level and cannot be announced early. If you want to keep up to date about sales campaigns, please subscribe to our newsletter.

Q: Do you ship to the UK? Can I pay in GBP?
A: We ship to the UK - the pricing will be in EUR, so your bank will do the conversion. Warranty services will be available from UK, shipping to Germany. Currently, in the single markets, these resturn shipments are free for the end-user. In the worst case there might be additional customs fees for shipping.

Q: What warranty options do you offer?
A: All our laptops come with 2 year warranty. Warranty repairs in the first 6 months are promised to be done within 48 hours (+shipping). Both the "instant repair" service and the warranty itself can be extended to up to 3 years.

Q: Do you sell outside of Europe?
A: We are able to ship anywhere, but warranty for customers outside the region would always involve additional customs cost and paperwork for sending the laptop back to Germany in the rare event of an RMA. There is currently no agreement to let other Local OEMs (like Eluktronics in the US) carry the warranty for XMG customers and vice-versa. Some parts are customized (in our case the LCD lid and the keyboard) and it won't be easy to agree on how to share handling fees etc. - so I wouldn't expect a global warranty anytime soon.


Hardware, Specs, Thermals


Q: What is the difference between XMG FUSION 15 and other laptops based on Intel's reference design?
A: The hardware of the barebone will be identical. Other Local OEMs might use different parts for RAM and SSDs. Our branding and service/warranty options might be different. We apply our own set of performance profiles in the Control Center. This will rebalance the differentiation between Silent, Balanced and Enthusiast modes.

Q: What is the TGP of the NVIDIA RTX 2070 Max-Q?
A: Officially, it is 80W in Balanced profile and 90W in Enthusiast profile. You can toggle between these modes in real-time with a dedicated mode switch button. Inofficially, the TGP can go up to 115W in Enthusiast profile thanks to the Overboost mechanic, working in the background. However, those 115W may only be sustained until the system has reached thermal saturation, i.e. when the GPU is approaching the GPU Temperature Target of 75°C.

Q: Can I upgrade the storage and memory after I buy?
A: On storage: The laptop has two m.2 PCI-Express SSD slots. This will give you currently up to 4 TB of SSD storage. There is no 2.5" HDD slot available. Instead, the battery is enlarged to 93.48Wh. You can see pictures of the interior layouts here, here and here.
On memory: the laptop has two SO-DIMM DDR4 memory sockets. You can chose during BTO configuration, if you want to occupy both of them when you order the product. We recommend running the laptop in Dual Channel for high-performance usage.

Q: How easy is to upgrade and repair this laptop?
A: Here are the key facts:
We would give this a solid 8 out of 10 which is pretty high for such a thin&light design. The 2 remaining points are substracted for BGA CPU and GPU, which is unfortunately unavoidable in such a thin design.

Q: Does it support Windows Hello?
A: A Fingerprint-Reader is not available, but the HD webcam comes with Infrared and supports Windows Hello.

Q: Can I get a smaller, lighter charger for this laptop?
A: XMG FUSION 15 requires a 230W power adaptor to provide full performance. If you max out CPU and GPU with furmark and prime, the 230W adapter will be fully utilized.
There are currently two compatible 230W adapters. They have different dimensions but similar weight. Please refer to this comparison table:
XMG FUSION 15 Power Supply Comparsion Table (Google Drive)
Includes shop links. Will be updated with precise weight numbers in the next few days. I also included 120W, 150W and 180W in this table. They all share the same plug (5.5/2.5,, diameter, 12.5mm length). But 120W and 150W are only rated for 19V but the laptop expect 19.5V. Usually this will be compensated by tolerance but we haven't tested how a system would behave under long-term usage with such an adaptor.
In theory, 120W to 180W are enough for charing the laptop and for browsing/web/media. Even a full CPU stress test could easily be handled. But as soon as you use CPU and GPU together, you'll run into the bottleneck and your performance will be reduced.
Comparison pictures:
These 5 pictures show only the relevant 230W chargers.
Again, the weight is about the same.

Q: Is it possible to boot and run the laptop while the lid is kept closed?
A: Closing the lid under load is not recommended because it will limit the airflow and have a bad effect on keyboard and screen. The laptop likes to take air in from the keycaps. With lid closed, the performance might be limited due to reaching temp targets earlier.

Q: Can I get the laptop without the XMG logo? I will be using it in public presentations and I would not like any brand names visible.
A: We cannot ship without XMG logo, but you can use a dbrand skins to cover our logo. We have not yet decided if we want to invest into integrating XMG FUSION 15 into the dbrand shop. But you can already buy 100% compatible skins by using the page of the Eluktronics MAG-15 at dbrand. The chassis dimensions are exactly the same. Please be aware: you have to manually select the option "No Logo Cutout" if you want to buy these skins for your XMG FUSION 15. According to dbrand, there will be most likely no import fees when ordering from the EU as long as the order is below 100€. Check this thread for details.

Q: Will you offer thermal paste upgrades like Thermal Grizzly Kryonaut or Liquid Metal?
A: Our ODMs are using silicon-based, high-performance thermal compund from international manufacturers like Shin-Etsu (Japan) and M.G. (USA). Intel is using MG-860 in this reference design.
These products are used in the industrial sector, so they have no publicly known brand name. Nevertheless, their high thermal conductivity and guaranteed durability provide optimal and long-lasting cooling of your high-performance laptop. The thermal compounds are applied and sealed automatically by the vendor of the thermal components. They are applied in a highly controlled, standardized manner and provide the best balance of thermal performance, production tolerance and product lifetime.
We are considering offering an upgrade to Thermal Grizzly Kryonaut due to popular demand. Will keep you posted on that.

Q: Could you please provide an estimate for how much regular usage (~10 browser tabs + some IDE) battery backup would this have? Will there be any way to trade-off battery backup with performance?
A: Battery life vs. peak performance can be traded off by using the "Silent" performance profile. You can switch between profiles using a dedicated button on the machine. Your scenario (10 tabs + some IDE) sounds like mostly reading and writing. I would estimate to get at least 7 hours of solid battery life in such a scenario, maybe more. We have achieved 8 hours in 1080p Youtube streaming on WiFi with 50% screen brightness. Adblock and NoScript helps to keep your idle browser tabs in check.


I/O Ports, Peripherals


Q: Why are there not more USB-A 3.1 Gen2 or even USB 3.2 Gen2x2 ports?
A: USB-A 3.1 Gen1 is basically the same as USB 3.0. There aren't a lot of USB-A devices that support more than USB 3.0 speed. Faster devices typically use USB-C connectors and can be used on Thunderbolt 3, which is down-compatible to USB-C 3.1 Gen2. One of the USB-A ports actually supports Gen2 speed.
For the following remarks, please keep in mind that I am not an Intel rep, so everything is based on our own experience.
The mainboard design and the I/O port decisions have been made by Intel. Feedback and requests from LOEM customers have been taken into consideration. We would assume that USB 3.2. Gen2x2 (20 Gbit/s) was not considered to be important enough to safe space for 3rd party IC (integrated circuits) on the motherboard. Right now, all the USB ports and Thunderbolts are supplied by Intel's own IC, so they have full control over the hardware, firmware and driver stack and over power saving and performance control. The more IC you add, the higher your Idle power consumption will be, plus adding potential compatibility or speed issues as it often happens with 1st generation 3rd party USB implementations. I very well remember from my own experience the support stories during the first years of USB 3.0, before it was supported in the Intel chipset. On the one hand, Intel is aiming high in terms of performance and convenience, on the other hand: support and reliability still seem to be Intel's goal #1. Thus they seem to play it safe where they deem it to be reasonable.
Intel is gearing up for USB 4.0 and next-gen Thunderbolt. USB 3.2 2x2 is probably treated as little more than a roadmap accident. Peripheral vendors might see it the same way.

Q: Do you support charging over USB-C/Thunderbolt? Does it support docking stations?
A: The Thunderbolt 3 port in Intel's reference design does not support charging. As you probably know, the 100W limit would not be enough to power the whole system and it would make the mainboard more complex to combine two different ways of charging. Intel consciously opted against it and will probably do so again on future high-end gaming/studio models.
The USB-C/Thunderbolt port supports Dual-Link DisplayPort signals, directly connected to the NVIDIA Graphics. This makes proper docking station usage very convenient. The user still needs to connect the external power adaptor. Both ports (Thunderbolt and DC-in) are in the back of the laptop, making the whole setup appear very neat on the desk.

Q: How many PCIe lanes does the Thunderbolt 3 provide? Are they connected to CPU or Chipset?
A: XMG FUSION 15 supports Thunderbolt 3 with 4 lanes of PCIe 3.0. The lanes come from the chipset because all of the CPU lanes (x16) are fully occupied by the dedicated NVIDIA graphics. We are not aware of any side-effects of running Thunderbolt from the chipset. It is common practice for high-end laptops with high-end graphics. The Thunderbolt solution is of course fully validated and certified by Intel's Thunderbolt labs.

Q: Does it have a standby USB to power USB devices without turning on the laptop?
A: Yes, the USB-A port on the left side supports this feature.


LCD Screen


Q: Which LCD panel is being used? Are there plans for 1440p or 4K panels in the laptop? How about PWM flickering?
A: The panel is BOE NV156FHM-N4G. It is currently not known if the panel will change in later batches. This depends on logistics and stock. At any rate, the panel key specs will remain the same. There are currently no plans to offer resolutions above FHD in the current generation of this laptop.
There are very wide ranges on reports of Backlight Brightness PWM control on this panel in different laptops. Ranging from 200Hz to 1000Hz to no PWM at all - all on the same panel model number. Intel informs us that there are many factors (e.g. freq., display driver, BIOS settings implementation, type of dimmers & compatibility with the driver etc.) that impacts the quality of panel dimming performance. To Intel's knowledge, no kind of flickering has been reported during the validation process. Furthermore, first hands-on data from Notebookcheck indicates that no PWM occurs on this panel. With a DSLR test (multiple burst shots at 1/4000s exposure time) I can confirm that there is not a single frame of brightness dipping or black screen, not even at minimum LCD brightness. Hence, we can confirm: BOE NV156FHM-N4G in XMG FUSION 15 (with Intel) does not use PWM for backlight control.

Q: Some BTO shops, for an additional fee, manually pick out display panels with the least back-light bleed. Do you offer that? Even better, do you do that without the extra fee?
A: Intel has validated this design to avoid backlight bleed as much as possible. Currently no plans to do further binning. All dozens of MP samples we have seen so far have been exceptionally good.

Q: I'm coming from a 13" MacBook with Retina display. How am I going to fare with this 15.6" FHD screen in content creation?
A: If you got used to editing high-res visual content (photography, artwork) on your 13inch retina, things will change. On the one hand, your canvas will be larger and more convenient and ergonomic to work with. On the other hand, you will find yourself zooming in more often in order to make out fine-detail. Assuming that you have sharp 20:20 vision.
As it is, the screen resolution and specs are not planned to change within the lifetime of this product. The first realistic time-window for a refresh would be whenever Intel is releasing the next "H" series CPU generation. But even then, an upgrade on resolution will not be guaranteed.
Comparison:
Laptop Resolution Pixel per inch dot pitch
13.3" MacBook Pro Retina (late 2013) 2560x1600 226.98 PPI 0.1119mm
15.6" XMG FUSION 15 (late 2019) 1920x1080 141.21 PPI 0.1799mm
To compare: 141.21 is ~62% from 226.98. This represents the the metric difference in pixel density and peak sharpness between these two models.
If you know the diagonal size and resolution of your screen, you can make this comparison yourself with the DPI/PPI calculator.


Keyboard, Backlight, Switches, Layout


Q: What can you tell us about the mechanical keyboard of XMG FUSION 15?
A: The keyboard has already been reviewed in our XMG NEO series as being more crisp than typical membrane keyboards. Most reviewers attested it a very good score, both for gaming and for writing long texts.
The keyboard backlight can be configured per-key. Default mode is all white.
Keyboard Switch Specs:
Having no frame around the keycaps actually helps the thermals. The fans can pull in additional air from the top. This improves airflow and helps to keep the keyboard temperature at low levels during gaming. It also prevents long-term RMA issues on the keyboard. This specific keyboard switch is already in its 3rd generation and very mature by now.

Q: Is it possible to dampen the mechanical keyboard with o-rings?
A: The switch design does not lend itself to further dampening. The switch mechanic is too complex and has more moving parts than cherry. The 2mm travel distance also plays a role in not allowing more dampening.
For reference, please use this video (Youtube). We compared XMG NEO with another membrane-type keyboard. XMG NEO and FUSION share the same keyboard mechanics with the silent tactile switch and the same sound profile.

Q: Do you have LED keyboard backlight on the secondary key function, like Fn key icons?
A: Please have a look at this picture.
Btw, my working sample has blank keycaps. I took the 3 printed keycaps (F8, F9, F10) from a different sample just to demonstrate the Fn lighting for this picture.
Facts:
In my assesment, the Fn function symbols are clearly visible from the backlight in a dark room. A user should have no difficulty to recognize the icon and reach its function.

Q: Which keyboard layouts do you offer in the EU?
A: The following layouts are available, in alphabetic order: Belgium, Czech, Danish, Dvorak German, Dvorak US, Estonia, French, German, Greek, Italian, Norwegian, Polish for Typists, Portuguese, Russia Latin, Slovakish, Spanish, Swedish / Finnish, Swiss, Turkish, UK, US International (ISO)All these layouts are based on the ISO matrix. See differences between ANSI vs. ISO here.


Operating System


Q: Do you support Linux and dual-boot on XMG FUSION 15?
A: We are in discussion to sell XMG FUSION 15 over Tuxedo with official Linux support. It might take 1 or 2 months to get this running.

Q: Which LAN, Audio and WiFi card vendors will be used? Asking for a friend.
A: From our HWiNFO64 report. (Google Drive link)
LAN: RealTek Semiconductor RTL8168/8111 [PCI\VEN_10EC&DEV_8168&SUBSYS_20868086&REV_15]Audio: Intel(R) Smart Sound Technology (Intel(R) SST) Audio Controller [PCI\VEN_8086&DEV_A348&SUBSYS_20868086&REV_10]WiFi: Intel(R) Wi-Fi 6 AX200 [PCI\VEN_8086&DEV_2723&SUBSYS_00848086&REV_1A], can be replaced.
For more information, please check the linked report file.


Other questions


Q: What would you say are the advantages and differences with other laptops due to the fact the laptop was designed in collaboration with Intel?
A: Disclaimer: I am \not* an Intel rep. The following remarks are based on my personal experience and opinion.*
Advantages:
  1. Very strict quality control on all levels. I can't quote numbers due to NDA, but Intel NUC has extremely low RMA rates, compared to average PC mainboards and systems. Intel is driven by strict internal regulation that strifes for perfection - this applies to the whole chassis, assembly and firmware, not only the mainboard. There are also certain regulations in place, for example in terms of electro-magnetic regulation and skin temperatures. The rating label is littered with regulatory seals from every region of the world, making this laptop especially safe to use.
  2. Access to high-quality material: we have not seen any Gaming Laptops based on Magnesium alloy yet, especially not in the ODM/LOEM ecosystem. The battery cells are also much more dense than what we usually see. Intel has the buying power and the vision to not settle for mediocre parts.
  3. Down-to-earth design: Intel has made this reference design for the ODM/LOEM eco-system. The design does not try to follow any specific corporate identity, thus it does not have any unneccessary "bling bling" like all the others have. Even the Razer Blade with it's sleek shape is quite obnoxious (iny my oppinion) with it's big backlit green snake logo. With XMG FUSION however, we can continue our typical style of "Undercover Gaming".
  4. Security: you can expect stellar support in terms of BIOS and Firmware (TPM, Management Engine) updates whenever any security issues are found. This might also apply to global brands, but ODM/LOEM systems have not always been so quick to react. This is due to the huge fragmentation/customizations in ODM/LOEM systems. Intel however does now allow any fragmentation: every LOEM partner is getting the same firmware. There are many hooks for configurations in this firmware, but the source code / binaries are always the same. This makes support much easier down the line.
Disadvantages:
  1. I can't name many, of course. But I would say the strict validation also makes the partnership less flexible from a product management perspective. There is no plan currently to phase-in any 4K or 300Hz screen (FHD/144Hz ought to be enough for everyone this year) or any Core i9 in this system. Other ODMs might be more open for costly modifications based on low quantities. Intel however has streamlined their production and logistics in a way that gives us (the LOEM) very short lead times and competitive pricing, but will not allow any short-notice upgrades or customizations.

Q: Will there be a 17 inch version?
A: We can neither confirm nor deny plans for a 17 inch version at this point.


[to be continued]
submitted by XMG_gg to XMG_gg [link] [comments]

Vault 7 - CIA Hacking Tools Revealed

Vault 7 - CIA Hacking Tools Revealed
March 07, 2017
from Wikileaks Website


https://preview.redd.it/9ufj63xnfdb41.jpg?width=500&format=pjpg&auto=webp&s=46bbc937f4f060bad1eaac3e0dce732e3d8346ee

Press Release
Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency.
Code-named "Vault 7" by WikiLeaks, it is the largest ever publication of confidential documents on the agency.
The first full part of the series, "Year Zero", comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence (below image) in Langley, Virgina.
It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election.
Recently, the CIA lost control of the majority of its hacking arsenal including,
  1. malware
  2. viruses
  3. trojans
  4. weaponized "zero day" exploits
  5. malware remote control systems

...and associated documentation.
This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA.
The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive.
"Year Zero" introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of "zero day" weaponized exploits against a wide range of U.S. and European company products, include,

  1. Apple's iPhone
  2. Google's Android
  3. Microsoft's Windows
  4. Samsung TVs,

...which are turned into covert microphones.
Since 2001 the CIA has gained political and budgetary preeminence over the U.S. National Security Agency (NSA).
The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force - its own substantial fleet of hackers.
The agency's hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA's hacking capacities.
By the end of 2016, the CIA's hacking division, which formally falls under the agency's Center for Cyber Intelligence (CCI - below image), had over 5000 registered users and had produced more than a thousand,
hacking systems trojans viruses,
...and other "weaponized" malware.


https://preview.redd.it/3jsojkqxfdb41.jpg?width=366&format=pjpg&auto=webp&s=e92eafbb113ab3e972045cc242dde0f0dd511e96

Such is the scale of the CIA's undertaking that by 2016, its hackers had utilized more codes than those used to run Facebook.
The CIA had created, in effect, its "own NSA" with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified.
In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA's hacking capabilities exceed its mandated powers and the problem of public oversight of the agency.
The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons.
Once a single cyber 'weapon' is 'loose' it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike.

Julian Assange, WikiLeaks editor stated that,
"There is an extreme proliferation risk in the development of cyber 'weapons'.
Comparisons can be drawn between the uncontrolled proliferation of such 'weapons', which results from the inability to contain them combined with their high market value, and the global arms trade.
But the significance of 'Year Zero' goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective."

Wikileaks has carefully reviewed the "Year Zero" disclosure and published substantive CIA documentation while avoiding the distribution of 'armed' cyberweapons until a consensus emerges on the technical and political nature of the CIA's program and how such 'weapons' should analyzed, disarmed and published.

Wikileaks has also decided to Redact (see far below) and Anonymize some identifying information in "Year Zero" for in depth analysis. These redactions include ten of thousands of CIA targets and attack machines throughout,
Latin America Europe the United States

While we are aware of the imperfect results of any approach chosen, we remain committed to our publishing model and note that the quantity of published pages in "Vault 7" part one ("Year Zero") already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks.

Analysis

CIA malware targets iPhone, Android, smart TVs
CIA malware and hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA's DDI (Directorate for Digital Innovation).
The DDI is one of the five major directorates of the CIA (see above image of the CIA for more details).
The EDG is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations world-wide.
The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell's 1984, but "Weeping Angel", developed by the CIA's Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization.
The attack against Samsung smart TVs was developed in cooperation with the United Kingdom's MI5/BTSS.
After infestation, Weeping Angel places the target TV in a 'Fake-Off' mode, so that the owner falsely believes the TV is off when it is on. In 'Fake-Off' mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server.
As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.
The CIA's Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user's geolocation, audio and text communications as well as covertly activate the phone's camera and microphone.
Despite iPhone's minority share (14.5%) of the global smart phone market in 2016, a specialized unit in the CIA's Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads.
CIA's arsenal includes numerous local and remote "zero days" developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop.
The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites.
A similar unit targets Google's Android which is used to run the majority of the world's smart phones (~85%) including Samsung, HTC and Sony. 1.15 billion Android powered phones were sold last year.
"Year Zero" shows that as of 2016 the CIA had 24 "weaponized" Android "zero days" which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors.
These techniques permit the CIA to bypass the encryption of, WhatsApp
  1. Signal
  2. Telegram
  3. Wiebo
  4. Confide
  5. Cloackman
...by hacking the "smart" phones that they run on and collecting audio and message traffic before encryption is applied.
CIA malware targets Windows, OSx, Linux, routers
The CIA also runs a very substantial effort to infect and control Microsoft Windows users with its malware.
This includes multiple local and remote weaponized "zero days", air gap jumping viruses such as "Hammer Drill" which infects software distributed on CD/DVDs, infectors for removable media such as USBs, systems to hide data in images or in covert disk areas ("Brutal Kangaroo") and to keep its malware infestations going.
Many of these infection efforts are pulled together by the CIA's Automated Implant Branch (AIB), which has developed several attack systems for automated infestation and control of CIA malware, such as "Assassin" and "Medusa".
Attacks against Internet infrastructure and webservers are developed by the CIA's Network Devices Branch (NDB).
The CIA has developed automated multi-platform malware attack and control systems covering Windows, Mac OS X, Solaris, Linux and more, such as EDB's "HIVE" and the related "Cutthroat" and "Swindle" tools, which are described in the examples section far below.
CIA 'hoarded' vulnerabilities ("zero days")
In the wake of Edward Snowden's leaks about the NSA, the U.S. technology industry secured a commitment from the Obama administration that the executive would disclose on an ongoing basis - rather than hoard - serious vulnerabilities, exploits, bugs or "zero days" to Apple, Google, Microsoft, and other US-based manufacturers.
Serious vulnerabilities not disclosed to the manufacturers places huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability.
If the CIA can discover such vulnerabilities so can others.
The U.S. government's commitment to the Vulnerabilities Equities Process came after significant lobbying by US technology companies, who risk losing their share of the global market over real and perceived hidden vulnerabilities.
The government stated that it would disclose all pervasive vulnerabilities discovered after 2010 on an ongoing basis.
"Year Zero" documents show that the CIA breached the Obama administration's commitments. Many of the vulnerabilities used in the CIA's cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals.
As an example, specific CIA malware revealed in "Year Zero" is able to penetrate, infest and control both the Android phone and iPhone software that runs or has run presidential Twitter accounts.
The CIA attacks this software by using undisclosed security vulnerabilities ("zero days") possessed by the CIA but if the CIA can hack these phones then so can everyone else who has obtained or discovered the vulnerability.
As long as the CIA keeps these vulnerabilities concealed from Apple and Google (who make the phones) they will not be fixed, and the phones will remain hackable.
The same vulnerabilities exist for the population at large, including the U.S. Cabinet, Congress, top CEOs, system administrators, security officers and engineers.
By hiding these security flaws from manufacturers like Apple and Google the CIA ensures that it can hack everyone at the expense of leaving everyone hackable.
'Cyberwar' programs are a serious proliferation risk
Cyber 'weapons' are not possible to keep under effective control.
While nuclear proliferation has been restrained by the enormous costs and visible infrastructure involved in assembling enough fissile material to produce a critical nuclear mass, cyber 'weapons', once developed, are very hard to retain.
Cyber 'weapons' are in fact just computer programs which can be pirated like any other. Since they are entirely comprised of information they can be copied quickly with no marginal cost.
Securing such 'weapons' is particularly difficult since the same people who develop and use them have the skills to exfiltrate copies without leaving traces - sometimes by using the very same 'weapons' against the organizations that contain them.
There are substantial price incentives for government hackers and consultants to obtain copies since there is a global "vulnerability market" that will pay hundreds of thousands to millions of dollars for copies of such 'weapons'.
Similarly, contractors and companies who obtain such 'weapons' sometimes use them for their own purposes, obtaining advantage over their competitors in selling 'hacking' services.
Over the last three years the United States intelligence sector, which consists of government agencies such as the CIA and NSA and their contractors, such as Booz Allan Hamilton, has been subject to unprecedented series of data exfiltrations by its own workers.
A number of intelligence community members not yet publicly named have been arrested or subject to federal criminal investigations in separate incidents.
Most visibly, on February 8, 2017 a U.S. federal grand jury indicted Harold T. Martin III with 20 counts of mishandling classified information.
The Department of Justice alleged that it seized some 50,000 gigabytes of information from Harold T. Martin III that he had obtained from classified programs at NSA and CIA, including the source code for numerous hacking tools.
Once a single cyber 'weapon' is 'loose' it can spread around the world in seconds, to be used by peer states, cyber mafia and teenage hackers alike.
U.S. Consulate in Frankfurt is a covert CIA hacker base
In addition to its operations in Langley, Virginia the CIA also uses the U.S. consulate in Frankfurt as a covert base for its hackers covering Europe, the Middle East and Africa.
CIA hackers operating out of the Frankfurt consulate ("Center for Cyber Intelligence Europe" or CCIE) are given diplomatic ("black") passports and State Department cover.
The instructions for incoming CIA hackers make Germany's counter-intelligence efforts appear inconsequential: "Breeze through German Customs because you have your cover-for-action story down pat, and all they did was stamp your passport" Your Cover Story (for this trip) Q: Why are you here? A: Supporting technical consultations at the Consulate. Two earlier WikiLeaks publications give further detail on CIA approaches to customs and secondary screening procedures.
Once in Frankfurt CIA hackers can travel without further border checks to the 25 European countries that are part of the Shengen open border area - including France, Italy and Switzerland.
A number of the CIA's electronic attack methods are designed for physical proximity.
These attack methods are able to penetrate high security networks that are disconnected from the internet, such as police record database. In these cases, a CIA officer, agent or allied intelligence officer acting under instructions, physically infiltrates the targeted workplace.
The attacker is provided with a USB containing malware developed for the CIA for this purpose, which is inserted into the targeted computer. The attacker then infects and exfiltrates data to removable media.
For example, the CIA attack system Fine Dining, provides 24 decoy applications for CIA spies to use.
To witnesses, the spy appears to be running a program showing videos (e.g VLC), presenting slides (Prezi), playing a computer game (Breakout2, 2048) or even running a fake virus scanner (Kaspersky, McAfee, Sophos).
But while the decoy application is on the screen, the underlying system is automatically infected and ransacked.
How the CIA dramatically increased proliferation risks
In what is surely one of the most astounding intelligence own goals in living memory, the CIA structured its classification regime such that for the most market valuable part of "Vault 7", the CIA's, weaponized malware (implants + zero days) Listening Posts (LP) Command and Control (C2) systems, ...the agency has little legal recourse.
The CIA made these systems unclassified.
Why the CIA chose to make its cyber-arsenal unclassified reveals how concepts developed for military use do not easily crossover to the 'battlefield' of cyber 'war'.
To attack its targets, the CIA usually requires that its implants communicate with their control programs over the internet.
If CIA implants, Command & Control and Listening Post software were classified, then CIA officers could be prosecuted or dismissed for violating rules that prohibit placing classified information onto the Internet.
Consequently the CIA has secretly made most of its cyber spying/war code unclassified. The U.S. government is not able to assert copyright either, due to restrictions in the U.S. Constitution.
This means that cyber 'arms' manufactures and computer hackers can freely "pirate" these 'weapons' if they are obtained. The CIA has primarily had to rely on obfuscation to protect its malware secrets.
Conventional weapons such as missiles may be fired at the enemy (i.e. into an unsecured area). Proximity to or impact with the target detonates the ordnance including its classified parts. Hence military personnel do not violate classification rules by firing ordnance with classified parts.
Ordnance will likely explode. If it does not, that is not the operator's intent.
Over the last decade U.S. hacking operations have been increasingly dressed up in military jargon to tap into Department of Defense funding streams.
For instance, attempted "malware injections" (commercial jargon) or "implant drops" (NSA jargon) are being called "fires" as if a weapon was being fired.
However the analogy is questionable.
Unlike bullets, bombs or missiles, most CIA malware is designed to live for days or even years after it has reached its 'target'. CIA malware does not "explode on impact" but rather permanently infests its target. In order to infect target's device, copies of the malware must be placed on the target's devices, giving physical possession of the malware to the target.
To exfiltrate data back to the CIA or to await further instructions the malware must communicate with CIA Command & Control (C2) systems placed on internet connected servers.
But such servers are typically not approved to hold classified information, so CIA command and control systems are also made unclassified.
A successful 'attack' on a target's computer system is more like a series of complex stock maneuvers in a hostile take-over bid or the careful planting of rumors in order to gain control over an organization's leadership rather than the firing of a weapons system.
If there is a military analogy to be made, the infestation of a target is perhaps akin to the execution of a whole series of military maneuvers against the target's territory including observation, infiltration, occupation and exploitation.
Evading forensics and anti-virus
A series of standards lay out CIA malware infestation patterns which are likely to assist forensic crime scene investigators as well as, Apple
  1. Microsoft
  2. Google
  3. Samsung
  4. Nokia
  5. Blackberry
  6. Siemens
  7. anti-virus companies,
...attribute and defend against attacks.
"Tradecraft DO's and DON'Ts" contains CIA rules on how its malware should be written to avoid fingerprints implicating the "CIA, US government, or its witting partner companies" in "forensic review".
Similar secret standards cover the, use of encryption to hide CIA hacker and malware communication (pdf) describing targets & exfiltrated data (pdf) executing payloads (pdf) persisting (pdf), ...in the target's machines over time.
CIA hackers developed successful attacks against most well known anti-virus programs.
These are documented in, AV defeats Personal Security Products Detecting and defeating PSPs PSP/DebuggeRE Avoidance For example, Comodo was defeated by CIA malware placing itself in the Window's "Recycle Bin". While Comodo 6.x has a "Gaping Hole of DOOM".
CIA hackers discussed what the NSA's "Equation Group" hackers did wrong and how the CIA's malware makers could avoid similar exposure.

Examples

The CIA's Engineering Development Group (EDG) management system contains around 500 different projects (only some of which are documented by "Year Zero") each with their own sub-projects, malware and hacker tools.
The majority of these projects relate to tools that are used for,
penetration infestation ("implanting") control exfiltration
Another branch of development focuses on the development and operation of Listening Posts (LP) and Command and Control (C2) systems used to communicate with and control CIA implants.
Special projects are used to target specific hardware from routers to smart TVs.
Some example projects are described below, but see the table of contents for the full list of projects described by WikiLeaks' "Year Zero".
UMBRAGE
The CIA's hand crafted hacking techniques pose a problem for the agency.
Each technique it has created forms a "fingerprint" that can be used by forensic investigators to attribute multiple different attacks to the same entity.
This is analogous to finding the same distinctive knife wound on multiple separate murder victims. The unique wounding style creates suspicion that a single murderer is responsible.
As soon one murder in the set is solved then the other murders also find likely attribution.
The CIA's Remote Devices Branch's UMBRAGE group collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation.
With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the "fingerprints" of the groups that the attack techniques were stolen from.
UMBRAGE components cover,
keyloggers
  1. password collection
  2. webcam capture
  3. data destruction
  4. persistence
  5. privilege escalation
  6. stealth
  7. anti-virus (PSP) avoidance
  8. survey techniques

Fine Dining
Fine Dining comes with a standardized questionnaire i.e menu that CIA case officers fill out.
The questionnaire is used by the agency's OSB (Operational Support Branch) to transform the requests of case officers into technical requirements for hacking attacks (typically "exfiltrating" information from computer systems) for specific operations.
The questionnaire allows the OSB to identify how to adapt existing tools for the operation, and communicate this to CIA malware configuration staff.
The OSB functions as the interface between CIA operational staff and the relevant technical support staff.
Among the list of possible targets of the collection are,
  • 'Asset'
  • 'Liason Asset'
  • 'System Administrator'
  • 'Foreign Information Operations'
  • 'Foreign Intelligence Agencies'
  • 'Foreign Government Entities'
Notably absent is any reference to extremists or transnational criminals. The 'Case Officer' is also asked to specify the environment of the target like the type of computer, operating system used, Internet connectivity and installed anti-virus utilities (PSPs) as well as a list of file types to be exfiltrated like Office documents, audio, video, images or custom file types.
The 'menu' also asks for information if recurring access to the target is possible and how long unobserved access to the computer can be maintained.
This information is used by the CIA's 'JQJIMPROVISE' software (see below) to configure a set of CIA malware suited to the specific needs of an operation.
Improvise (JQJIMPROVISE)
  1. 'Improvise' is a toolset for configuration, post-processing, payload setup and execution vector
  2. selection for survey/exfiltration tools supporting all major operating systems like,
  3. Windows (Bartender)
  4. MacOS (JukeBox)
  5. Linux (DanceFloor)
  6. Its configuration utilities like Margarita allows the NOC (Network Operation Center) to customize tools
based on requirements from 'Fine Dining' questionnaires.
HIVE
HIVE is a multi-platform CIA malware suite and its associated control software.
The project provides customizable implants for Windows, Solaris, MikroTik (used in internet routers) and Linux platforms and a Listening Post (LP)/Command and Control (C2) infrastructure to communicate with these implants.
The implants are configured to communicate via HTTPS with the webserver of a cover domain; each operation utilizing these implants has a separate cover domain and the infrastructure can handle any number of cover domains.
Each cover domain resolves to an IP address that is located at a commercial VPS (Virtual Private Server) provider.
The public-facing server forwards all incoming traffic via a VPN to a 'Blot' server that handles actual connection requests from clients.
It is setup for optional SSL client authentication: if a client sends a valid client certificate (only implants can do that), the connection is forwarded to the 'Honeycomb' toolserver that communicates with the implant.
If a valid certificate is missing (which is the case if someone tries to open the cover domain website by accident), the traffic is forwarded to a cover server that delivers an unsuspicious looking website.
The Honeycomb toolserver receives exfiltrated information from the implant; an operator can also task the implant to execute jobs on the target computer, so the toolserver acts as a C2 (command and control) server for the implant.
Similar functionality (though limited to Windows) is provided by the RickBobby project.
See the classified user and developer guides for HIVE.

Frequently Asked Questions

Why now?
WikiLeaks published as soon as its verification and analysis were ready. In February the Trump administration has issued an Executive Order calling for a "Cyberwar" review to be prepared within 30 days.
While the review increases the timeliness and relevance of the publication it did not play a role in setting the publication date.
Redactions
Names, email addresses and external IP addresses have been redacted in the released pages (70,875 redactions in total) until further analysis is complete. Over-redaction: Some items may have been redacted that are not employees, contractors, targets or otherwise related to the agency, but are, for example, authors of documentation for otherwise public projects that are used by the agency.
Identity vs. person: the redacted names are replaced by user IDs (numbers) to allow readers to assign multiple pages to a single author. Given the redaction process used a single person may be represented by more than one assigned identifier but no identifier refers to more than one real person.
Archive attachments (zip, tar.gz, ...), are replaced with a PDF listing all the file names in the archive. As the archive content is assessed it may be made available; until then the archive is redacted.
Attachments with other binary content, are replaced by a hex dump of the content to prevent accidental invocation of binaries that may have been infected with weaponized CIA malware. As the content is assessed it may be made available; until then the content is redacted.
Tens of thousands of routable IP addresses references, (including more than 22 thousand within the United States) that correspond to possible targets, CIA covert listening post servers, intermediary and test systems, are redacted for further exclusive investigation.
Binary files of non-public origin, are only available as dumps to prevent accidental invocation of CIA malware infected binaries.
Organizational Chart
The organizational chart (far above image) corresponds to the material published by WikiLeaks so far.
Since the organizational structure of the CIA below the level of Directorates is not public, the placement of the EDG and its branches within the org chart of the agency is reconstructed from information contained in the documents released so far.
It is intended to be used as a rough outline of the internal organization; please be aware that the reconstructed org chart is incomplete and that internal reorganizations occur frequently.
Wiki pages
"Year Zero" contains 7818 web pages with 943 attachments from the internal development groupware. The software used for this purpose is called Confluence, a proprietary software from Atlassian.
Webpages in this system (like in Wikipedia) have a version history that can provide interesting insights on how a document evolved over time; the 7818 documents include these page histories for 1136 latest versions.
The order of named pages within each level is determined by date (oldest first). Page content is not present if it was originally dynamically created by the Confluence software (as indicated on the re-constructed page).
What time period is covered?
The years 2013 to 2016. The sort order of the pages within each level is determined by date (oldest first).
WikiLeaks has obtained the CIA's creation/last modification date for each page but these do not yet appear for technical reasons. Usually the date can be discerned or approximated from the content and the page order.
If it is critical to know the exact time/date contact WikiLeaks.
What is "Vault 7"
"Vault 7" is a substantial collection of material about CIA activities obtained by WikiLeaks.
When was each part of "Vault 7" obtained?
Part one was obtained recently and covers through 2016. Details on the other parts will be available at the time of publication.
Is each part of "Vault 7" from a different source?
Details on the other parts will be available at the time of publication.
What is the total size of "Vault 7"?
The series is the largest intelligence publication in history.
How did WikiLeaks obtain each part of "Vault 7"?
Sources trust WikiLeaks to not reveal information that might help identify them.
Isn't WikiLeaks worried that the CIA will act against its staff to stop the series?
No. That would be certainly counter-productive.
Has WikiLeaks already 'mined' all the best stories?
No. WikiLeaks has intentionally not written up hundreds of impactful stories to encourage others to find them and so create expertise in the area for subsequent parts in the series. They're there.
Look. Those who demonstrate journalistic excellence may be considered for early access to future parts.
Won't other journalists find all the best stories before me?
Unlikely. There are very considerably more stories than there are journalists or academics who are in a position to write them.
submitted by CuteBananaMuffin to conspiracy [link] [comments]

Making Trading Beneficial Every Time With LIve Binary Signals

Making good money through trading is a dream of every individual who is investing money in forex and other modes of trading. For them, live binary signals are important that will result in good profits and a way of becoming successful in trading. To gain benefits and profits, what all you have to do is simply create an account or sign up to at least one of the trusted signal provider and you will save a huge amount of time from researching and analyzing market data. You can focus on making a profit.

Know About Binary Options Signals
As far as Binary options signals are concerned, they are provided to traders to notify them when a profitable trade is available. These signals are easy to follow and only require the trader to check a few points like an asset, execution time, direction and expiry time. Some experts who are spending time in research and development for something to make forex and trading easy and successful, have come up with a unique and complex system that will alert traders – when a profitable trading opportunity is available. They have innovated new ways that will be helpful in removing complicated chart reading, training, news requirements and strategies to help you execute the profit from binary options trading.

Talking about these signals, they are delivered through an easy to read table system in the members’ area that is similar to the homepage version, but without the awesome filter features and of course the live signals.

Some Important Points to Note before Getting Binary Options Signals
For those who are trading, it is important to note that binary options trading carries a high level of risk; while it can also result in loss of all your investment. It is vital for you to be aware of the risks and have will power to accept them to invest in the stock binary options or futures markets. It is important to consult with experts, learn from them, share their reviews and go through their experiences that they share through blogs, news, articles and various other modes.

Find the Right Company to Get Binary Options Signals
It is one of the important points to note to fulfil your requirement for best binary signals. For this, going online is one of the convenient and time-saving options that will help you in making good profits and to earn more than you have expected. There are numerous added benefits of getting the best services and benefits. So what you are waiting for, feel free to contact via any convenient mode of communication to the right company for such signals.
submitted by wiserock07 to u/wiserock07 [link] [comments]

Vault 7 release info from actual files

sorry for the mess. copy paste....
Press Release Today, Tuesday 7 March 2017, WikiLeaks begins its new series of leaks on the U.S. Central Intelligence Agency. Code-named "Vault 7" by WikiLeaks, it is the largest ever publication of confidential documents on the agency. The first full part of the series, "Year Zero", comprises 8,761 documents and files from an isolated, high-security network situated inside the CIA's Center for Cyber Intelligence in Langley, Virgina. It follows an introductory disclosure last month of CIA targeting French political parties and candidates in the lead up to the 2012 presidential election. Recently, the CIA lost control of the majority of its hacking arsenal including malware, viruses, trojans, weaponized "zero day" exploits, malware remote control systems and associated documentation. This extraordinary collection, which amounts to more than several hundred million lines of code, gives its possessor the entire hacking capacity of the CIA. The archive appears to have been circulated among former U.S. government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive. "Year Zero" introduces the scope and direction of the CIA's global covert hacking program, its malware arsenal and dozens of "zero day" weaponized exploits against a wide range of U.S. and European company products, include Apple's iPhone, Google's Android and Microsoft's Windows and even Samsung TVs, which are turned into covert microphones. Since 2001 the CIA has gained political and budgetary preeminence over the U.S. National Security Agency (NSA). The CIA found itself building not just its now infamous drone fleet, but a very different type of covert, globe-spanning force — its own substantial fleet of hackers. The agency's hacking division freed it from having to disclose its often controversial operations to the NSA (its primary bureaucratic rival) in order to draw on the NSA's hacking capacities. By the end of 2016, the CIA's hacking division, which formally falls under the agency's Center for Cyber Intelligence (CCI), had over 5000 registered users and had produced more than a thousand hacking systems, trojans, viruses, and other "weaponized" malware. Such is the scale of the CIA's undertaking that by 2016, its hackers had utilized more code than that used to run Facebook. The CIA had created, in effect, its "own NSA" with even less accountability and without publicly answering the question as to whether such a massive budgetary spend on duplicating the capacities of a rival agency could be justified. In a statement to WikiLeaks the source details policy questions that they say urgently need to be debated in public, including whether the CIA's hacking capabilities exceed its mandated powers and the problem of public oversight of the agency. The source wishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyberweapons. Once a single cyber 'weapon' is 'loose' it can spread around the world in seconds, to be used by rival states, cyber mafia and teenage hackers alike. Julian Assange, WikiLeaks editor stated that "There is an extreme proliferation risk in the development of cyber 'weapons'. Comparisons can be drawn between the uncontrolled proliferation of such 'weapons', which results from the inability to contain them combined with their high market value, and the global arms trade. But the significance of "Year Zero" goes well beyond the choice between cyberwar and cyberpeace. The disclosure is also exceptional from a political, legal and forensic perspective." Wikileaks has carefully reviewed the "Year Zero" disclosure and published substantive CIA documentation while avoiding the distribution of 'armed' cyberweapons until a consensus emerges on the technical and political nature of the CIA's program and how such 'weapons' should analyzed, disarmed and published. Wikileaks has also decided to redact and anonymise some identifying information in "Year Zero" for in depth analysis. These redactions include ten of thousands of CIA targets and attack machines throughout Latin America, Europe and the United States. While we are aware of the imperfect results of any approach chosen, we remain committed to our publishing model and note that the quantity of published pages in "Vault 7" part one (“Year Zero”) already eclipses the total number of pages published over the first three years of the Edward Snowden NSA leaks. Analysis CIA malware targets iPhone, Android, smart TVs CIA malware and hacking tools are built by EDG (Engineering Development Group), a software development group within CCI (Center for Cyber Intelligence), a department belonging to the CIA's DDI (Directorate for Digital Innovation). The DDI is one of the five major directorates of the CIA (see this organizational chart of the CIA for more details). The EDG is responsible for the development, testing and operational support of all backdoors, exploits, malicious payloads, trojans, viruses and any other kind of malware used by the CIA in its covert operations world-wide. The increasing sophistication of surveillance techniques has drawn comparisons with George Orwell's 1984, but "Weeping Angel", developed by the CIA's Embedded Devices Branch (EDB), which infests smart TVs, transforming them into covert microphones, is surely its most emblematic realization. The attack against Samsung smart TVs was developed in cooperation with the United Kingdom's MI5/BTSS. After infestation, Weeping Angel places the target TV in a 'Fake-Off' mode, so that the owner falsely believes the TV is off when it is on. In 'Fake-Off' mode the TV operates as a bug, recording conversations in the room and sending them over the Internet to a covert CIA server. As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations. The CIA's Mobile Devices Branch (MDB) developed numerous attacks to remotely hack and control popular smart phones. Infected phones can be instructed to send the CIA the user's geolocation, audio and text communications as well as covertly activate the phone's camera and microphone. Despite iPhone's minority share (14.5%) of the global smart phone market in 2016, a specialized unit in the CIA's Mobile Development Branch produces malware to infest, control and exfiltrate data from iPhones and other Apple products running iOS, such as iPads. CIA's arsenal includes numerous local and remote "zero days" developed by CIA or obtained from GCHQ, NSA, FBI or purchased from cyber arms contractors such as Baitshop. The disproportionate focus on iOS may be explained by the popularity of the iPhone among social, political, diplomatic and business elites. A similar unit targets Google's Android which is used to run the majority of the world's smart phones (~85%) including Samsung, HTC and Sony. 1.15 billion Android powered phones were sold last year. "Year Zero" shows that as of 2016 the CIA had 24 "weaponized" Android "zero days" which it has developed itself and obtained from GCHQ, NSA and cyber arms contractors. These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the "smart" phones that they run on and collecting audio and message traffic before encryption is applied. CIA malware targets Windows, OSx, Linux, routers The CIA also runs a very substantial effort to infect and control Microsoft Windows users with its malware. This includes multiple local and remote weaponized "zero days", air gap jumping viruses such as "Hammer Drill" which infects software distributed on CD/DVDs, infectors for removable media such as USBs, systems to hide data in images or in covert disk areas ( "Brutal Kangaroo") and to keep its malware infestations going. Many of these infection efforts are pulled together by the CIA's Automated Implant Branch (AIB), which has developed several attack systems for automated infestation and control of CIA malware, such as "Assassin" and "Medusa". Attacks against Internet infrastructure and webservers are developed by the CIA's Network Devices Branch (NDB). The CIA has developed automated multi-platform malware attack and control systems covering Windows, Mac OS X, Solaris, Linux and more, such as EDB's "HIVE" and the related "Cutthroat" and "Swindle" tools, which are described in the examples section below. CIA 'hoarded' vulnerabilities ("zero days") In the wake of Edward Snowden's leaks about the NSA, the U.S. technology industry secured a commitment from the Obama administration that the executive would disclose on an ongoing basis — rather than hoard — serious vulnerabilities, exploits, bugs or "zero days" to Apple, Google, Microsoft, and other US-based manufacturers. Serious vulnerabilities not disclosed to the manufacturers places huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who independently discover or hear rumors of the vulnerability. If the CIA can discover such vulnerabilities so can others. The U.S. government's commitment to the Vulnerabilities Equities Process came after significant lobbying by US technology companies, who risk losing their share of the global market over real and perceived hidden vulnerabilities. The government stated that it would disclose all pervasive vulnerabilities discovered after 2010 on an ongoing basis. "Year Zero" documents show that the CIA breached the Obama administration's commitments. Many of the vulnerabilities used in the CIA's cyber arsenal are pervasive and some may already have been found by rival intelligence agencies or cyber criminals. As an example, specific CIA malware revealed in "Year Zero" is able to penetrate, infest and control both the Android phone and iPhone software that runs or has run presidential Twitter accounts. The CIA attacks this software by using undisclosed security vulnerabilities ("zero days") possessed by the CIA but if the CIA can hack these phones then so can everyone else who has obtained or discovered the vulnerability. As long as the CIA keeps these vulnerabilities concealed from Apple and Google (who make the phones) they will not be fixed, and the phones will remain hackable. The same vulnerabilities exist for the population at large, including the U.S. Cabinet, Congress, top CEOs, system administrators, security officers and engineers. By hiding these security flaws from manufacturers like Apple and Google the CIA ensures that it can hack everyone &mdsh; at the expense of leaving everyone hackable. 'Cyberwar' programs are a serious proliferation risk Cyber 'weapons' are not possible to keep under effective control. While nuclear proliferation has been restrained by the enormous costs and visible infrastructure involved in assembling enough fissile material to produce a critical nuclear mass, cyber 'weapons', once developed, are very hard to retain. Cyber 'weapons' are in fact just computer programs which can be pirated like any other. Since they are entirely comprised of information they can be copied quickly with no marginal cost. Securing such 'weapons' is particularly difficult since the same people who develop and use them have the skills to exfiltrate copies without leaving traces — sometimes by using the very same 'weapons' against the organizations that contain them. There are substantial price incentives for government hackers and consultants to obtain copies since there is a global "vulnerability market" that will pay hundreds of thousands to millions of dollars for copies of such 'weapons'. Similarly, contractors and companies who obtain such 'weapons' sometimes use them for their own purposes, obtaining advantage over their competitors in selling 'hacking' services. Over the last three years the United States intelligence sector, which consists of government agencies such as the CIA and NSA and their contractors, such as Booze Allan Hamilton, has been subject to unprecedented series of data exfiltrations by its own workers. A number of intelligence community members not yet publicly named have been arrested or subject to federal criminal investigations in separate incidents. Most visibly, on February 8, 2017 a U.S. federal grand jury indicted Harold T. Martin III with 20 counts of mishandling classified information. The Department of Justice alleged that it seized some 50,000 gigabytes of information from Harold T. Martin III that he had obtained from classified programs at NSA and CIA, including the source code for numerous hacking tools. Once a single cyber 'weapon' is 'loose' it can spread around the world in seconds, to be used by peer states, cyber mafia and teenage hackers alike. U.S. Consulate in Frankfurt is a covert CIA hacker base In addition to its operations in Langley, Virginia the CIA also uses the U.S. consulate in Frankfurt as a covert base for its hackers covering Europe, the Middle East and Africa. CIA hackers operating out of the Frankfurt consulate ( "Center for Cyber Intelligence Europe" or CCIE) are given diplomatic ("black") passports and State Department cover. The instructions for incoming CIA hackers make Germany's counter-intelligence efforts appear inconsequential: "Breeze through German Customs because you have your cover-for-action story down pat, and all they did was stamp your passport"
Your Cover Story (for this trip) Q: Why are you here? A: Supporting technical consultations at the Consulate. Two earlier WikiLeaks publications give further detail on CIA approaches to customs and secondary screening procedures. Once in Frankfurt CIA hackers can travel without further border checks to the 25 European countries that are part of the Shengen open border area — including France, Italy and Switzerland. A number of the CIA's electronic attack methods are designed for physical proximity. These attack methods are able to penetrate high security networks that are disconnected from the internet, such as police record database. In these cases, a CIA officer, agent or allied intelligence officer acting under instructions, physically infiltrates the targeted workplace. The attacker is provided with a USB containing malware developed for the CIA for this purpose, which is inserted into the targeted computer. The attacker then infects and exfiltrates data to removable media. For example, the CIA attack system Fine Dining, provides 24 decoy applications for CIA spies to use. To witnesses, the spy appears to be running a program showing videos (e.g VLC), presenting slides (Prezi), playing a computer game (Breakout2, 2048) or even running a fake virus scanner (Kaspersky, McAfee, Sophos). But while the decoy application is on the screen, the underlaying system is automatically infected and ransacked. How the CIA dramatically increased proliferation risks In what is surely one of the most astounding intelligence own goals in living memory, the CIA structured its classification regime such that for the most market valuable part of "Vault 7" — the CIA's weaponized malware (implants + zero days), Listening Posts (LP), and Command and Control (C2) systems — the agency has little legal recourse. The CIA made these systems unclassified. Why the CIA chose to make its cyberarsenal unclassified reveals how concepts developed for military use do not easily crossover to the 'battlefield' of cyber 'war'. To attack its targets, the CIA usually requires that its implants communicate with their control programs over the internet. If CIA implants, Command & Control and Listening Post software were classified, then CIA officers could be prosecuted or dismissed for violating rules that prohibit placing classified information onto the Internet. Consequently the CIA has secretly made most of its cyber spying/war code unclassified. The U.S. government is not able to assert copyright either, due to restrictions in the U.S. Constitution. This means that cyber 'arms' manufactures and computer hackers can freely "pirate" these 'weapons' if they are obtained. The CIA has primarily had to rely on obfuscation to protect its malware secrets. Conventional weapons such as missiles may be fired at the enemy (i.e into an unsecured area). Proximity to or impact with the target detonates the ordnance including its classified parts. Hence military personnel do not violate classification rules by firing ordnance with classified parts. Ordnance will likely explode. If it does not, that is not the operator's intent. Over the last decade U.S. hacking operations have been increasingly dressed up in military jargon to tap into Department of Defense funding streams. For instance, attempted "malware injections" (commercial jargon) or "implant drops" (NSA jargon) are being called "fires" as if a weapon was being fired. However the analogy is questionable. Unlike bullets, bombs or missiles, most CIA malware is designed to live for days or even years after it has reached its 'target'. CIA malware does not "explode on impact" but rather permanently infests its target. In order to infect target's device, copies of the malware must be placed on the target's devices, giving physical possession of the malware to the target. To exfiltrate data back to the CIA or to await further instructions the malware must communicate with CIA Command & Control (C2) systems placed on internet connected servers. But such servers are typically not approved to hold classified information, so CIA command and control systems are also made unclassified. A successful 'attack' on a target's computer system is more like a series of complex stock maneuvers in a hostile take-over bid or the careful planting of rumors in order to gain control over an organization's leadership rather than the firing of a weapons system. If there is a military analogy to be made, the infestation of a target is perhaps akin to the execution of a whole series of military maneuvers against the target's territory including observation, infiltration, occupation and exploitation. Evading forensics and anti-virus A series of standards lay out CIA malware infestation patterns which are likely to assist forensic crime scene investigators as well as Apple, Microsoft, Google, Samsung, Nokia, Blackberry, Siemens and anti-virus companies attribute and defend against attacks. "Tradecraft DO's and DON'Ts" contains CIA rules on how its malware should be written to avoid fingerprints implicating the "CIA, US government, or its witting partner companies" in "forensic review". Similar secret standards cover the use of encryption to hide CIA hacker and malware communication (pdf), describing targets & exfiltrated data (pdf) as well as executing payloads (pdf) and persisting (pdf) in the target's machines over time.
CIA hackers developed successful attacks against most well known anti-virus programs. These are documented in AV defeats, Personal Security Products, Detecting and defeating PSPs and PSP/DebuggeRE Avoidance. For example, Comodo was defeated by CIA malware placing itself in the Window's "Recycle Bin". While Comodo 6.x has a "Gaping Hole of DOOM". CIA hackers discussed what the NSA's "Equation Group" hackers did wrong and how the CIA's malware makers could avoid similar exposure. Examples The CIA's Engineering Development Group (EDG) management system contains around 500 different projects (only some of which are documented by "Year Zero") each with their own sub-projects, malware and hacker tools. The majority of these projects relate to tools that are used for penetration, infestation ("implanting"), control, and exfiltration. Another branch of development focuses on the development and operation of Listening Posts (LP) and Command and Control (C2) systems used to communicate with and control CIA implants; special projects are used to target specific hardware from routers to smart TVs. Some example projects are described below, but see the table of contents for the full list of projects described by WikiLeaks' "Year Zero". UMBRAGE The CIA's hand crafted hacking techniques pose a problem for the agency. Each technique it has created forms a "fingerprint" that can be used by forensic investigators to attribute multiple different attacks to the same entity. This is analogous to finding the same distinctive knife wound on multiple separate murder victims. The unique wounding style creates suspicion that a single murderer is responsible. As soon one murder in the set is solved then the other murders also find likely attribution. The CIA's Remote Devices Branch's UMBRAGE group collects and maintains a substantial library of attack techniques 'stolen' from malware produced in other states including the Russian Federation. With UMBRAGE and related projects the CIA cannot only increase its total number of attack types but also misdirect attribution by leaving behind the "fingerprints" of the groups that the attack techniques were stolen from. UMBRAGE components cover keyloggers, password collection, webcam capture, data destruction, persistence, privilege escalation, stealth, anti-virus (PSP) avoidance and survey techniques. Fine Dining Fine Dining comes with a standardized questionnaire i.e menu that CIA case officers fill out. The questionnaire is used by the agency's OSB (Operational Support Branch) to transform the requests of case officers into technical requirements for hacking attacks (typically "exfiltrating" information from computer systems) for specific operations. The questionnaire allows the OSB to identify how to adapt existing tools for the operation, and communicate this to CIA malware configuration staff. The OSB functions as the interface between CIA operational staff and the relevant technical support staff. Among the list of possible targets of the collection are 'Asset', 'Liason Asset', 'System Administrator', 'Foreign Information Operations', 'Foreign Intelligence Agencies' and 'Foreign Government Entities'. Notably absent is any reference to extremists or transnational criminals. The 'Case Officer' is also asked to specify the environment of the target like the type of computer, operating system used, Internet connectivity and installed anti-virus utilities (PSPs) as well as a list of file types to be exfiltrated like Office documents, audio, video, images or custom file types. The 'menu' also asks for information if recurring access to the target is possible and how long unobserved access to the computer can be maintained. This information is used by the CIA's 'JQJIMPROVISE' software (see below) to configure a set of CIA malware suited to the specific needs of an operation. Improvise (JQJIMPROVISE) 'Improvise' is a toolset for configuration, post-processing, payload setup and execution vector selection for survey/exfiltration tools supporting all major operating systems like Windows (Bartender), MacOS (JukeBox) and Linux (DanceFloor). Its configuration utilities like Margarita allows the NOC (Network Operation Center) to customize tools based on requirements from 'Fine Dining' questionairies. HIVE HIVE is a multi-platform CIA malware suite and its associated control software. The project provides customizable implants for Windows, Solaris, MikroTik (used in internet routers) and Linux platforms and a Listening Post (LP)/Command and Control (C2) infrastructure to communicate with these implants. The implants are configured to communicate via HTTPS with the webserver of a cover domain; each operation utilizing these implants has a separate cover domain and the infrastructure can handle any number of cover domains. Each cover domain resolves to an IP address that is located at a commercial VPS (Virtual Private Server) provider. The public-facing server forwards all incoming traffic via a VPN to a 'Blot' server that handles actual connection requests from clients. It is setup for optional SSL client authentication: if a client sends a valid client certificate (only implants can do that), the connection is forwarded to the 'Honeycomb' toolserver that communicates with the implant; if a valid certificate is missing (which is the case if someone tries to open the cover domain website by accident), the traffic is forwarded to a cover server that delivers an unsuspicious looking website. The Honeycomb toolserver receives exfiltrated information from the implant; an operator can also task the implant to execute jobs on the target computer, so the toolserver acts as a C2 (command and control) server for the implant. Similar functionality (though limited to Windows) is provided by the RickBobby project. See the classified user and developer guides for HIVE.
Frequently Asked Questions Why now? WikiLeaks published as soon as its verification and analysis were ready. In Febuary the Trump administration has issued an Executive Order calling for a "Cyberwar" review to be prepared within 30 days. While the review increases the timeliness and relevance of the publication it did not play a role in setting the publication date. Redactions Names, email addresses and external IP addresses have been redacted in the released pages (70,875 redactions in total) until further analysis is complete. Over-redaction: Some items may have been redacted that are not employees, contractors, targets or otherwise related to the agency, but are, for example, authors of documentation for otherwise public projects that are used by the agency. Identity vs. person: the redacted names are replaced by user IDs (numbers) to allow readers to assign multiple pages to a single author. Given the redaction process used a single person may be represented by more than one assigned identifier but no identifier refers to more than one real person. Archive attachments (zip, tar.gz, ...) are replaced with a PDF listing all the file names in the archive. As the archive content is assessed it may be made available; until then the archive is redacted. Attachments with other binary content are replaced by a hex dump of the content to prevent accidental invocation of binaries that may have been infected with weaponized CIA malware. As the content is assessed it may be made available; until then the content is redacted. The tens of thousands of routable IP addresses references (including more than 22 thousand within the United States) that correspond to possible targets, CIA covert listening post servers, intermediary and test systems, are redacted for further exclusive investigation. Binary files of non-public origin are only available as dumps to prevent accidental invocation of CIA malware infected binaries. Organizational Chart The organizational chart corresponds to the material published by WikiLeaks so far. Since the organizational structure of the CIA below the level of Directorates is not public, the placement of the EDG and its branches within the org chart of the agency is reconstructed from information contained in the documents released so far. It is intended to be used as a rough outline of the internal organization; please be aware that the reconstructed org chart is incomplete and that internal reorganizations occur frequently. Wiki pages "Year Zero" contains 7818 web pages with 943 attachments from the internal development groupware. The software used for this purpose is called Confluence, a proprietary software from Atlassian. Webpages in this system (like in Wikipedia) have a version history that can provide interesting insights on how a document evolved over time; the 7818 documents include these page histories for 1136 latest versions. The order of named pages within each level is determined by date (oldest first). Page content is not present if it was originally dynamically created by the Confluence software (as indicated on the re-constructed page). What time period is covered? The years 2013 to 2016. The sort order of the pages within each level is determined by date (oldest first). WikiLeaks has obtained the CIA's creation/last modification date for each page but these do not yet appear for technical reasons. Usually the date can be discerned or approximated from the content and the page order. If it is critical to know the exact time/date contact WikiLeaks. What is "Vault 7" "Vault 7" is a substantial collection of material about CIA activities obtained by WikiLeaks. When was each part of "Vault 7" obtained? Part one was obtained recently and covers through 2016. Details on the other parts will be available at the time of publication. Is each part of "Vault 7" from a different source? Details on the other parts will be available at the time of publication. What is the total size of "Vault 7"? The series is the largest intelligence publication in history. How did WikiLeaks obtain each part of "Vault 7"? Sources trust WikiLeaks to not reveal information that might help identify them. Isn't WikiLeaks worried that the CIA will act against its staff to stop the series? No. That would be certainly counter-productive. Has WikiLeaks already 'mined' all the best stories? No. WikiLeaks has intentionally not written up hundreds of impactful stories to encourage others to find them and so create expertise in the area for subsequent parts in the series. They're there. Look. Those who demonstrate journalistic excellence may be considered for early access to future parts. Won't other journalists find all the best stories before me? Unlikely. There are very considerably more stories than there are journalists or academics who are in a position to write them.
submitted by JonBendini to conspiracy [link] [comments]

Signals 365 Binary Options Signals Review Best Binary Options Signal Provider - YouTube THE TRUTH ABOUT BINARY OPTIONS - YouTube The Best Binary Options Signal Providers for 2020 Pocket Option Binary Signals Review Binary Options Software Review - YouTube Best Binary Options Signals -How to make $100-$4,000 Per Day! Binary Options Trading Signals Review And Working Strategy Franco and Andy Lank System Binary Options Trading Signals Reviews - Learn the Best ...

Binary Options Stock Signals (Review) Oct 28, 2011 ~ Leave a Comment ~ Written by Benjamin October 28th, 2011 3:50 pm Benjamin. Welcome here at my Binary Options Stock Signals Review! Ensure to read the entire review to get all the details you need to nkow about this Binary Options Stock Signal Provider! Or Click Here To Check Out The Official B.O.S.S. Website! Binary Options Stock Signals ... We’re not talking here about a trading tool: with Binary Options Trading Signals, you will be connected live and working with a professional binary options trader. Once you connect to the live trading room, you will see Franco’s screen, with real binary options for trade under the form of arrows. The arrow pointing up means “Call” (buy) and the arrow pointing down means “put” (sell ... For all those people who are looking for a Binary Options Pro Signals review that may tell them that this is one of the best services as far as binary options signals are concerned, then he or she is in the correct review. Many Binary Options Pro Signals reviews are going to say that this system does not work, but those are only lies from teams of other products that are sold in the market. Binary options trading signals that are communicated to you via email with the aim of increasing your ability to profit from trades. These types refer to specific trades and will advise the user whether to "put" or "call" and can often be forwarded by text if required. Signals in this format are less complex than alternatives and can yield impressive profits. Binary Today is a cutting edge binary options review site with the main goal of providing helpful tools and information on brokers, signals, strategies and more. We hope to develop a large community of successful traders and condemn the vendors that aren't responsible for their actions or respectful to their customers. A Review of Binary Options Stock Signals (BOSS) Binary Options Stock Signals (BOSS) is a new signal service that provides trade signals to its subscribers to enable them profit from trading stock binary options. Stocks constitute one of the asset derivatives traded in the binary options market. Stocks are only traded when the respective exchanges on which they are listed are open for business ... Binary Options Pro Signals delivers binary option trading signals by email or SMS. It offers signals during either the New York or European trading session for 14 highly-liquid and tradable assets ...

[index] [14723] [8137] [11587] [18660] [22224] [7027] [19904] [18022] [1526] [19195]

Signals 365 Binary Options Signals Review

Are binary options a good idea? If you're thinking about trading binary options, watch this video first. Check out our FREE training for traders https://bi... You may also learn how to get a free month of our signals via our site. This was a short review showing how fast StockPair handles their withdrawals, it was a small amount yes, in future I will do ... The Best Binary Options Signal Providers is Auto Binary Signals 2020, get it now: http://bit.ly/1U3XkPq Popular Binary Options Brokers for 2020 To start with... Binary Options Software generates trading signals and automatically executes the trades direct to your linked broker account. robot binary option binary opti... In this video I will review the Pocket Option built-in signals, and tell you what works for me. Watch this video till the end. I will give you tips that will shortcut your experimentation and help ... Do you want to make good money with the best binary options signal Then you are going to want to message me so I can put you in touch with the best binary day trader I have ever met in my life ... http://vortexzbinaryoptions.com I worked with a lot of binary options signal providers but so far vortexz is the best. Give them a try and start make profit ... Binary Options Trading Signals Reviews - Learn the Best Strategies to Trade Forex Several things need to be put into consideration if you are interested in t... Binary Matrix Pro Review -Binary Options Trading Live Signals 2014 BinaryMatrixpro Software Reviewed Binaryoptions.net.au Pro Signals - Binary Options Trading Signals Service Review binary options ... Trading signals services use andy lank cash account currency trading Review The fastest growing live what binary options trading strategy Binary options ig index binary options trading strategies ...

http://binaryoptiontrade.suidinghilthape.tk