Wandering Adventure Party

So I've been looking at this guy Sergio Gor, who's been described as one of the most powerful figures in the Trump administration: Director of the White House Office of Presidential Personnel.

Per The Times of Malta:

"While not the most glamourous sounding position, Gor’s role will see him wield considerable influence in the Trump government, responsible for vetting the appointment of thousands of employees.

Meet Sergio Gor: The Maltese man at the heart of Trump’s administration

Originally from Cospicua, 38-year-old is ‘fun, incredibly agreeable and ruthlessly efficient’

Times of Malta (timesofmalta.com)

Meanwhile, The New York Post wrote on June 17 that Gor still hasn't been vetted himself:

"...three administration insiders told The Post that the vetter-in-chief has not turned in his Standard Form 86, or SF-86 — a more than 100-page set of questions required for officials who need security clearances."

"Among the questions applicants must answer under threat of criminal penalties is where they were born and whether they have any foreign connections."

"Gor claims to be from the island country of Malta, though an official there could not confirm his birthplace when provided his exact birthday, saying: “No acts are registered with the provided details.”

"Gor declined to divulge his birthplace to The Post, other than to say it was not Russia."

His Wikipedia page says he was born in 1986 in Malta, and later moved w/ family to Los Angeles. But there indications he was born in Russia in 1980.

Sergio Gor - Wikipedia

(en.m.wikipedia.org)

Sergio Gor is known to have worked on the campaign of the conservative former Rep. Steve King, and a search in Domaintools finds Sergio Gor registered Steveking.com way back when. Domaintools says Gor used the email address sergio.gor@gmail.com, which was also used to register the vanity domain sergiogor.com.

Constella Intelligence, a threat hunting platform that indexes breached data, finds this email address used the rather unique and long password: 961649507273. Constella further finds that this password is almost exclusively tied to a bunch of email accounts for the same name, including sgoryachev999@rambler.ru, goryachev-sergey@yandex.ru, sergio-gor@yandex.ru
sergio-gor@qip.ru, goryachev-sergey@ya.ru, goryachev-sergey@list.ru and goryachev-sergey@gmail.com.

Constella also says goryachev-sergey@yandex.ru has multiple entries in Russian government databases for a Sergey Anatolyevich Goryachev, DOB, Nov. 20, 1980, phone +79689210000. This person appears to have lived in Saratov, RU, has a tax ID number, etc.

Here's a mind map I put together on these findings. The password thing is very hard to get past.

The telemedicine/wellness part of Trump Wireless -- the newly announced Trump family grift -- is truly the most baffling and probably will be the biggest part the grift. Maybe not, though, considering how many people in or around this administration have ties to the "wellness" industry.

Getting your healthcare plan through your wireless provider might seem like innovation, but for the fact that you are then piling on one unaccountable, highly insecure provider on top of another. And good luck complaining about any of this to the FCC.

Bluesky

Bluesky Social (bsky.app)

Really enjoyed David Gerard's amusing take on how programming with AI becomes like a gambling addiction for many.

"Large language models work the same way as a carnival psychic. Chatbots look smart by the Barnum Effect — which is where you read what’s actually a generic statement about people and you take it as being personally about you. The only intelligence there is yours."

"With ChatGPT, Sam Altman hit upon a way to use the Hook Model with a text generator. The unreliability and hallucinations themselves are the hook — the intermittent reward, to keep the user running prompts and hoping they’ll get a win this time."

"This is why you see previously normal techies start evangelising AI coding on LinkedIn or Hacker News like they saw a glimpse of God and they’ll keep paying for the chatbot tokens until they can just see a glimpse of Him again. And you have to as well. This is why they act like they joined a cult. Send ’em a copy of this post."

Generative AI runs on gambling addiction — just one more prompt, bro!

You’ll have noticed how previously normal people start acting like addicts to their favourite generative AI and shout at you like you’re trying to take their cocaine away. Matthias Döpm…

Pivot to AI (pivot-to-ai.com)

@stux @crichardson I'm talking about people meaning to call a certain company by calling the first number that shows up in Google search results.

@stux @crichardson True. Not unless you initiate the call, and you happen to be calling the actual number that you wanted.

@crichardson @stux You are 100% correct. Having listened to hours of phonecalls made by these scammers against many victims, they are extremely smooth, calm, confident and convincing.

@stux It's so true. Half the victims I've interviewed over the last year who've lost >$1M said they had advanced degrees, some were even IT people.

On May 15, the DOJ indicted a dozen people in a racketeering (RICO) investigation into a cybercrime conspiracy that used social engineering to steal more than $263 million from victims.

Additional 12 Defendants Charged in RICO Conspiracy for over $263 Million Cryptocurrency Thefts, Money Laundering, Home Break-Ins

A four-count superseding indictment, unsealed today in U.S. District Court, charges 12 additional people – Americans and foreign nationals – for allegedly participating in a cyber-enabled racketeering conspiracy throughout the United States and abroad that netted them more than $263 million. Several were arrested this week in California, while two remain abroad and are believed

(www.justice.gov)

Today, I confirmed that "Victim #2" in the govt's case is "Tony," a victim I wrote about in January who was scammed out of nearly $5 million. Tony was scammed after being targeted in a social engineering attack over the phone that spoofed Google by calling him from the default number for Google Assistant and sending account security warnings via a Google.com email address.

A Day in the Life of a Prolific Voice Phishing Crew – Krebs on Security

(krebsonsecurity.com)

I'm super psyched because this time last year Tony was seriously contemplating suicide after being robbed of his life's savings and his kids' college money. Now, it seems likely he might see some of those funds remunerated thanks to the government's seizure of crypto assets controlled by the defendants.

As for the defendants, I wrote about several of them last year in a scoop about how a $230M cyberheist prompted a botched kidnapping and carjacking of the accused thief's parents, who were out house-hunting in their brand new Lamborghini.

Lamborghini Carjackers Lured by $243M Cyberheist – Krebs on Security

(krebsonsecurity.com)

In case you needed a playbook for responding to would-be dictators. From the NYT:

"The funny thing is that there’s a playbook for overturning autocrats. It was written here in America, by a rumpled political scientist I knew named Gene Sharp. While little known in the United States before his death in 2018, he was celebrated abroad, and his tool kit was used by activists in Eastern Europe, in the Middle East and across Asia. His books, emphasizing nonviolent protests that become contagious, have been translated into at least 34 languages."

“I would rather have this book than the nuclear bomb,” a former Lithuanian defense minister once said of Sharp’s writing."

"A soft-spoken scholar working from his Boston apartment, Sharp recommended 198 actions that were often performative, ranging from hunger strikes to sex boycotts to mock funerals."

“Dictators are never as strong as they tell you they are,” he once said, “and people are never as weak as they think they are.”

"The Democrats’ message last year revolved in part around earnest appeals to democratic values, but one of the lessons from anti-authoritarian movements around the world is that such abstract arguments aren’t terribly effective. Rather, three other approaches, drawing on Sharp’s work, seem to work better."

"The first is mockery and humor — preferably salacious."

"Wang Dan, a leader of China’s 1989 Tiananmen Square democracy demonstrations, told me that in China, puns often “resonate more than solemn political slogans.”

"The Chinese internet for a time delighted in grass-mud horses — which may puzzle future zoologists exploring Chinese archives, for there is no such animal. It’s all a bawdy joke: In Chinese, “grass-mud horse” sounds very much like a curse, one so vulgar it would make your screen blush. But on its face it is an innocent homonym about an animal and thus is used to mock China’s censors."

"Shops in China peddled dolls of grass-mud horses (resembling alpacas), and a faux nature documentary described their habits. One Chinese song recounted the epic conflict between grass-mud horses and river crabs — because “river crab” is a play on the Chinese term for censorship. It optimistically declared the horses triumphant."

http://nytimes.com/2025/05/21/opinion/authoritarianism-democracy-protest.html

I feel like we haven't really processed or even talked much about the extent to which US federal agencies have transitioned to communicating press releases and important information on X. Want to interact with your government? Sure, just do it through X. If you let that really sink in, it's a fairly profound and terrifying shift, IMHO.