Army Sinks Its Fleet!
What's Going on With Shipping?
May 8, 2024
In this episode, Sal Mercogliano - a maritime historian at Campbell University (@campbelledu) and former merchant mariner - discusses the US Army decision to offload and lay up its afloat prepositioning fleet.
#supplychain#USArmy#pacific#prepositioning#shipping
Military Afloat Prepositioning:Wartime Use and Issues for the Future
NSIAD-93-39Published: Nov 04, 1992. Publicly Released: Nov 09, 1992.
DOD has relied increasingly on prepositioned stocks of military equipment and supplies stored on ships and on land in various regions of the world to respond rapidly to developing conflicts. GAO has reported on a number of long-standing problems with prepositioned stocks programs, including unreliable requirements determinations, inadequate oversight efforts, and inefficient inventory management practices. GAO is currently reviewing this activity. Key questions: (1) What is the status of current inventory levels, maintenance conditions, and reconstitution of prepositioned stocks? (2) What are the contributing factors to long-standing problems with prepositioned stocks and how can they be...
In a lecture given by ADM Christopher vice chairman of the Joint Chiefs of Staff on 2 May 2024 at the Center for Strategic & International Studies, he raised very directly the question of the blow in the war being waged by the US Navy in the Red Sea against the Houthis.
At the DSA 2024 exhibition held in Malaysia from May 6-8, 2024, the Chinese consortium Poly Technology presented the 58M Patrol Vessel, a ship that underscores China's commitment to modernizing its naval fleet.
This manipulation of the data stream between two Android apps turns a
common OS-level function into a weaponized tool and can lead to
unauthorized code execution, data theft, or other malicious outcomes.
Microsoft warns of "Dirty Stream" attack impacting Android apps
Bill Toulas
3 - 4 minutes
Microsoft has highlighted a novel attack dubbed "Dirty Stream," which
could allow malicious Android apps to overwrite files in another
application's home directory, potentially leading to arbitrary code
execution and secrets theft.
The flaw arises from the improper use of Android's content provider
system, which manages access to structured data sets meant to be shared
between different applications.
This system incorporates data isolation, URI permissions, and path
validation security measures to prevent unauthorized access, data leaks,
and path traversal attacks.
When implemented incorrectly, custom intents, which are messaging
objects that facilitate communication between components across Android
apps, could bypass these security measures.
Examples of incorrect implementations include trusting unvalidated
filenames and paths in intents, misuse of the 'FileProvider' component,
and inadequate path validation.
Dirty Stream allows malicious apps to send a file with a manipulated
filename or path to another app using a custom intent. The target app is
misled into trusting the filename or path and executes or stores the
file in a critical directory.
Dirty Stream overview Source: Microsoft
This manipulation of the data stream between two Android apps turns a
common OS-level function into a weaponized tool and can lead to
unauthorized code execution, data theft, or other malicious outcomes.
Various attack scenarios employing Dirty Stream Source: Microsoft
Microsoft researcher Dimitrios Valsamaras noted that these incorrect
implementations are unfortunately abundant, impacting apps installed
over four billion times and offering a massive attack surface.
"We identified several vulnerable applications in the Google Play Store that represented over four billion installations," reads the report.
"We anticipate that the vulnerability pattern could be found in other
applications. We're sharing this research so developers and publishers
can check their apps for similar issues, fix as appropriate, and prevent
introducing such vulnerabilities into new apps or releases."
Two apps highlighted as vulnerable to Dirty Stream attacks in
Microsoft's report are Xiaomi's File Manager application, which has over a billion installations, and WPS Office, which counts around 500 million installs.
Both companies were responsive to the findings and collaborated with
Microsoft to deploy fixes to mitigate the risks posed by the
vulnerability.
Microsoft's findings were shared with the Android developer community through an article on the Android Developers website to prevent similar vulnerabilities in future builds.
Google also updated
its app security guidance to highlight common implementation errors in
the content provider system that allow security bypasses.
As for end users, there's not much they can do besides keeping the
apps they use up to date and avoiding downloading APKs from unofficial
third-party app stores and other poorly vetted sources.
Congress has less than a decade to fix Social Security before the popular program runs short of cash, threatening a sharp cut in benefits for nearly 60 million retirees and family members, according to a government report released Monday. The report from Social Security trustees predicts the retirement program's trust fund will be exhausted in November of 2033. At that point, benefits would automatically be cut by 21%, unless lawmakers adopt changes before then.
The clock is ticking to fix Social Security as retirees face automatic cut in 9 years Social Security's finances have improved slightly in the last year. But benefits are still facing an automatic cut in less than a decade unless Congress takes steps to prop up the program.
There's some good news in the new forecast. Thanks to higher-than-expected worker productivity and a decline in expected disabilities, Social Security isn't burning through cash as fast as trustees predicted a year ago. Still, the long-term demographic challenges haven't gone away. A growing number of baby boomers are collecting benefits, while there are fewer people in the workforce paying taxes for each retiree. Given today's low birthrates, that mismatch is not expected to change for decades, although a surge in immigration helps.
Proposed Fixes Congress could fix the problem by raising taxes that support Social Security, reducing retirement benefits, or some combination of the two. But a politically palatable solution has been elusive. "When you see the two major candidates running for president tripping over themselves to promise what they won't do to fix the problem, you have to worry because those kinds of reforms really start at the top,"says Maya Macguineas, president of the Committee for a Responsible Federal Budget.
The Biden administration has pledged not to touch Social Security benefits.
"Seniors spent a lifetime working to earn the benefits they receive,"Treasury Secretary Janet Yellen, who leads the trustees, said in a statement.
"We are committed to steps that would protect and strengthen these programs that Americans rely on for a secure retirement."
Congressional Democrats have proposed higher taxes on the wealthy to support Social Security. Congressional Republicans have balked at that, instead calling for reducing the benefit formula and raising the retirement age for younger workers.
"Those who want to cut Social Security couch it in affordability,"says Nancy Altman, who heads the advocacy group Social Security Works. "But of course, there's no question we can afford it. It's really a question of values. And as polarized as we are, we're not polarized over this."
Altman is confident that lawmakers will find a solution before automatic cuts take effect.
"If they didn't act, not only would they all be voted out of office," she says. "They couldn't even remain in Washington. They'd be chased down the street."
But the clock is ticking, and delay has already been costly. "Every year the trustees warn us we have to make changes and the sooner we make them, the better and easier it will be," says Macguineas."And every year we fail to make those changes."
Medicare and disability solvency While Social Security's retirement program is in danger of running short of cash, a separate program that supports disabled people appears to be solvent for the long term, trustees said. Medicare's finances have also improved somewhat in the last year, thanks to a strong economy and lower-than-expected spending.
Still, the program which provides health care for nearly 67 million people, is expected to face its own cash crunch in 2036.
The prospect of Social Security sailing over the fiscal cliff will be scary. . . . .
.png)
