看到「South Korea fines Facebook $369K for slowing user internet connections」這則新聞，裡面提到 Facebook 的 reroute 行為：
The Korea Communications Commission (KCC) began investigating Facebook last May and found that the company had illegally limited user access, as reported by ABC News. Local South Korean laws prohibit internet services from rerouting users’ connections to networks in Hong Kong and US instead of local ISPs without notifying those users. In a few cases, such rerouting slowed down users’ connections by as much as 4.5 times.
沒有告知使用者就導去香港或是美國的伺服器，聽起來像是 GeoDNS 的架構，以及 Facebook 的 CDN 架構幹的事情？不過在原報導裡面，另外一個指控是：
The KCC probed claims that Facebook intentionally slowed access while it negotiated network usage fees with internet service providers.
在「Italian Anti-Corruption Authority (ANAC) Adopts Onion Services」這邊看到，義大利政府因為法令要求必須保護告密者，而不只是在需要提供身份的階段才保護：
Many national laws (such as Italian Dlgs. 231/2001) require companies to adopt corporate governance structures and risk prevention systems, which can include allowing whistleblowing submissions. However, most whistleblowing laws only protect whistleblowers when their identity is disclosed, which can put the person reporting corruption at risk.
In 2016, the International Standards Organization (ISO) released a new model for organizations setting up and operating anti-bribery management systems, ISO 37001:2016. To meet ISO standards, organizations or companies implementing anti-corruption procedures must allow anonymous reporting, as explicitly indicated in point 8.9 of section C of ISO 37001:2016.
Furthermore, national laws (such as recent Italian 179/2017) require the adoption of IT systems for whistleblowing, leading to the practical integration and use of Tor for its technological anonymity features.
而義大利政府的系統選擇用 Tor 的 Onion (Hidden Service) 提供服務接受檢舉：
To comply with these standards, the Italian Anti-Corruption Authority (ANAC), an administrative watchdog, just launched their national online whistleblowing platform using onion services, giving whistleblowers who come forward a secure way to report illegal activity while protecting their identities.
這使用了 hidden service 的特性，讓伺服器端完全無法得知 client 的位置，對於使用有足夠保護的 browser 來說 (像是 Tor Browser)，這可以完全讓 server 端無法得知身份，即使政府的伺服器都入侵也沒辦法知道告密者是誰。
看到「因應美稅改 賴揆：加速洽簽台美租稅協定」這則消息，如果沒記錯的話，有不少服務都是美國公司出帳... (像是 AWS、Slack、GitHub 這類在公司裡很常用的服務)
參考「我國股利、利息及權利金扣繳率(%)一覽表」這邊的資料，應該有機會從 20% 降到 10%？也就是說實付 100 萬的金額本來要多繳 25 萬 (帳要做成 100 萬 / (1 - 0.2) = 125 萬，其中的 20% 是 25 萬萬稅，100 萬實際支付)，現在只要繳 11.1 萬 (100 萬 / (1 - 0.1) = 111.1 萬)？
不過有些特殊情況本來就有更優惠的稅務方式 (像是使用國外平台提供服務 (e.g. AWS)，而服務的對象也是境外使用者的情況)，這些組合可以研究看看要怎麼搞...
ExpressVPN 在土耳其的 VPN server 被抄，為了調查大使的刺殺案件：「VPN Server Seized to Investigate Russian Ambassador’s Assassination」。
A VPN server operated by ExpressVPN was seized by Turkish authorities to investigate the assassination of Andrei Karlov, the Russian Ambassador to Turkey. Authorities hoped to find more information on people who removed digital traces of the assassin, but the server in question held no logs.
ExpressVPN 官方的回覆在「ExpressVPN statement on Andrey Karlov investigation」，主要的部份是：
As we stated to Turkish authorities in January 2017, ExpressVPN does not and has never possessed any customer connection logs that would enable us to know which customer was using the specific IPs cited by the investigators. Furthermore, we were unable to see which customers accessed Gmail or Facebook during the time in question, as we do not keep activity logs. We believe that the investigators’ seizure and inspection of the VPN server in question confirmed these points.
前幾天 (12 號) BGPmon 發現有很多知名的網段被導去俄羅斯：「Popular Destinations rerouted to Russia」。
Early this morning (UTC) our systems detected a suspicious event where many prefixes for high profile destinations were being announced by an unused Russian Autonomous System.
Starting at 04:43 (UTC) 80 prefixes normally announced by organizations such Google, Apple, Facebook, Microsoft, Twitch, NTT Communications and Riot Games were now detected in the global BGP routing tables with an Origin AS of 39523 (DV-LINK-AS), out of Russia.
從圖中也可以看出來 AS39523 透過 AS31133 發出這些 routing，然後主要是透過 AS6939 (Hurricane Electric) 擴散：
TechCrunch 上看到的，俄羅斯政府不只在美國選舉時這樣做，同時也在英國脫歐公投的議題上進行操作：「Twitter says Russians spent ~$1k on six Brexit-related ads」。
In response to the Commission’s request for information concerning Russian-funded campaign activity conducted during the regulated period for the June 2016 EU Referendum (15 April to 23 June 2016), Twitter reviewed referendum-related advertising on our platform during the relevant time period.
Among the accounts that we have previously identified as likely funded from Russian sources, we have thus far identified one account—@RT_com— which promoted referendum-related content during the regulated period. $1,031.99 was spent on six referendum-related ads during the regulated period.
With regard to future activity by Russian-funded accounts, on 26 October 2017, Twitter announced that it would no longer accept advertisements from RT and Sputnik and will donate the $1.9 million that RT had spent globally on advertising on Twitter to academic research into elections and civil engagement. That decision was based on a retrospective review that we initiated in the aftermath of the 2016 U.S. Presidential Elections and following the U.S. intelligence community’s conclusion that both RT and Sputnik have attempted to interfere with the election on behalf of the Russian government. Accordingly, @RT_com will not be eligible to use Twitter’s promoted products in the future.
AWS 推出給情報單位用的 AWS Secret Region：「Announcing the New AWS Secret Region」。
與 AWS GovCloud (US) 類似的架構，這個雲的範圍再小一些，給情報單位以及有對應授權的單位用的：
The AWS Secret Region is readily available to the U.S. Intelligence Community (IC) through the IC’s Commercial Cloud Services (C2S) contract with AWS.
The AWS Secret Region also will be available to non-IC U.S. Government customers with appropriate Secret-level network access and their own contract vehicles for use of the AWS Secret Region.
從 JR 進入成田機場第二航廈，需要過兩個閘門的情況 (先過一次進到京成線，再過一次進到第二航廈)，一直是個讓人不太能理解的問題... 這個問題因為 2020 年的東京奧運而被拿出來討論，決定在 2019 年要改善：
本來進入第二航廈有檢查站，這是為了防止當地居民抗議而設置的 (參考日文版維基百科「成田国際空港」裡的「警備・検問・入場制限」這段說明)，而這項限制在 2015 年三月底取消後，本來 JR 會需要先進到京成線的設計就變得多餘了：
不過新聞雖然這樣講，其實我還是沒搞懂... 都先進到檢查站不就好了嗎，當初是有什麼因素造成先進到京成線這個 workaround 嗎 XDDD
TechCrunch 這篇「Trump and Clinton spent $81M on US election Facebook ads, Russian agency $46K」講到 Facebook 目前階段所判斷出來，能夠識別是俄羅斯政府投入的資金，只有 USD$46K，相較於美國兩黨投入了 USD$81M 差了 1760 倍：
While there might have been other Russian disinformation groups, the IRA spent $46,000 on pre-election day Facebook ads compared to $81 million spent by Clinton and Trump together, discluding political action committees who could have spent even more than that on the campaigns’ behalf.
而俄羅斯投入的廣告散佈率超過 1.26 億的 Facebook 使用者，以及 2000 萬 Instagram 的使用者：
Facebook today said that the Russians still reached 126 million Facebook users, as well as 20 million Instagram users.
俄羅斯這團隊的水準真不賴... 只可惜大概沒辦法寫在 resume 上。
這個好讚，在告知安全漏洞後還是不更新選舉用伺服器，於是就被告了，而在被告以後選舉單位就把證據給幹掉 XD：「Georgia election server wiped after lawsuit filed」。
The lawsuit, filed on July 3 by a diverse group of election reform advocates, aims to force Georgia to retire its antiquated and heavily criticized election technology. The server in question, which served as a statewide staging location for key election-related data, made national headlines in June after a security expert disclosed a gaping security hole that wasn’t fixed six months after he reported it to election authorities.
It’s not clear who ordered the server’s data irretrievably erased.