News

WWIII-level escalation could soon take place

Will NATO use a false flag attack against Sweden blamed on Russia to assert its dominance and expand the Ukraine-Russia war?

---

In these past few years, outright censorship in all its forms has increased. During the covid lunacy, government and industry partnered to create a censorship-industrial complex to more efficiently promote false narratives and suppress dissidents.

The European Commission is an EU legislative body with regulatory authority over digital technology. The EC’s eIDAS Article 45, a proposed regulation, would deliberately weaken areas of internet security that the industry has carefully evolved and hardened for over 25 years. The Article would effectively grant the 27 EU governments vastly expanded surveillance powers over internet use. 

The rule would require all internet browsers to trust an additional root certificate from an agency (or a regulated entity) from each of the national governments of each one of the EU member states. For the non-technical readers, I will explain what a root certificate is, how internet trust has evolved, and what Article 45 does to this. And then I will highlight some of the commentary from the tech community on this matter. 

The next section of this article will explain how the trust infrastructure of the internet works. This background is necessary in order to understand how radical the proposed Article is. The explanation is intended to be accessible to a non-technical reader.

The regulation in question addresses internet security. Here, “internet” means, largely, browsers visiting websites. Internet security consists of many distinct aspects. Article 45 intends to modify public key infrastructure (PKI), a part of internet security since the mid-90s. PKI has been at first adopted, and then improved over a 25-year period, to give users and publishers the following assurances: 

• Privacy of the conversation between the browser and the website: Browsers and websites converse over the internet, a network of networks operated by Internet Service Providers, and Tier 1 carriers; or cellular carriers if the device is mobile. The network itself is not inherently safe nor trustworthy. Your nosy home ISP, a traveler in the airport lounge where you are waiting for your flight, or a data vendor looking to sell leads to advertisers might want to spy on you. Without any protection, a bad actor could view confidential data such as a password, credit card balance, or health information. 
• Guarantee that you view the page exactly the way the website sent it to you: When you view a web page, could it have been tampered with between the publisher and your browser? A censor might want to remove content that they don’t want you to see. Content labeled as “misinformation” was widely suppressed during covid hysteria. A hacker who had stolen your credit card might want to remove evidence of their fraudulent charges. 
• Guarantee that the website you see is really the one in the browser’s location bar: When you connect to a bank how do you know that you are seeing the website of that bank, not a fake version that looks identical? You check the location bar in your browser. Could your browser be tricked into showing you a fake website that appears identical to the real one? How does your browser know – for sure – that it is connected to the correct site? 

In the early days of the internet, none of these assurances existed. In 2010, a browser plugin available in the add-on store enabled the user to participate in someone else’s Facebook group chat in a cafe hotspot. Now – thanks to PKI, you can be pretty sure of these things. 

These security features are protected with a system based on digital certificates. Digital certificates are a form of ID – the internet version of a drivers’ license. When a browser connects to a site, the site presents a certificate to the browser. The certificate contains a cryptographic key. The browser and the website work together with a series of cryptographic calculations to set up secure communication.

Together, the browser and the website provide the three security guarantees:

• privacy: by encrypting the conversation.
• cryptographic digital signatures: to ensure that the content is not modified in flight. 
• verification of the publisher: through the chain of trust provided by PKI, that I will explain in more detail below. 

A good identity should be difficult to counterfeit. In the ancient world, a wax casting of a seal served this purpose. Identities for humans have relied on biometrics. Your face is one of the oldest forms. In the non-digital world, when you need to access an age-restricted setting, such as ordering an alcoholic beverage, you will be asked for a photo ID.

Another biometric from before the digital era was to match your fresh pen-and-ink signature against your original signature on the back of your ID. As these older types of biometrics become easier to counterfeit, human identity verification has adapted. Now, it is common for a bank to send you a validation code on your mobile. The app requires you to pass a biometric identity check on your mobile phone to view the code such as face recognition or your fingerprint. 

In addition to a biometric, the second factor that makes an ID trustworthy is the issuer. IDs that are widely accepted depend on the ability of the issuer to verify that the person applying for an ID is who they say they are. Most of the more widely accepted forms of ID are issued by government agencies, such as the Department of Motor Vehicles. If the issuing agency has reliable means to track who and where its subjects are, such as tax payments, employment records, or the use of water utility services, then there is a good chance the agency can verify that the person named on the ID is that person.

In the online world, governments have, for the most part, not involved themselves in identity verification. Certificates are issued by private sector firms known as certificate authorities (CAs). While certificates used to be quite expensive, fees have come down considerably to the point where some are free. The best known CAs are Verisign, DigiCert and GoDaddy. Ryan Hurst shows the seven major CAs (ISRG, DigiCert, Sectigo, Google, GoDaddy, Microsoft, and IdenTrust) issue 99% of all certificates.

The browser will accept a certificate as proof of identity only if the name field on the certificate matches the domain name, which the browser shows in the location bar. Even if the names match, does that provide that a certificate saying “apple.com” belongs to the consumer electronics business known as Apple, Inc.? Identity systems are not bulletproof. Underage drinkers can get fake IDs. Like human IDs, digital certificates can also be fake, or invalid for other reasons. A software engineer using free open source tools can create a digital certificate named “apple.com” with a few Linux commands. 

The PKI system relies on CAs to issue any certificate only to the owner of the website. The workflow to acquire a certificate goes like this:

1. The publisher of a website applies to their preferred CA for a certificate, for a domain. 
2. The CA verifies that the certificate request comes from the actual owner of that site. How does the CA establish this? The CA demands that the entity making the request publish a specific piece of content on a specific URL. The ability to do this proves that the entity has control over the website.
3. Once the website has proven ownership of the domain, the CA appends a cryptographic digital signature to the certificate usings its own private cryptographic key. The signature identifies the CA as the issuer. 
4. The signed certificate is conveyed to the person or entity making the request. 
5. The publisher installs their certificate on their website, so it may be presented to browsers. 

Cryptographic digital signatures are “a mathematical scheme for verifying the authenticity of digital messages or documents.” They are not the same thing as the online document signing provided by DocuSign and similar vendors. If the signature could be forged, then the certificates would not be trustworthy. Over time the size of the cryptographic keys has increased with the aim of making forgery more difficult. Cryptography researchers believe that current signatures, in practical terms, are impossible to forge. Another vulnerability is when the CA has its secret keys stolen. The thief could then produce valid signatures of that CA. 

Once the certificate has been installed, then it is used during the setup of a web conversation. The Register explains how that goes:

If the certificate was issued by a known good CA, and all the details are correct, then the site is trusted, and the browser will try to establish a secure, encrypted connection with the website so that your activity with the site isn’t visible to an eavesdropper on the network. If the cert was issued by a non-trusted CA, or the certificate doesn’t match the website’s address, or some details are wrong, the browser will reject the website out of a concern that it’s not connecting to the actual website the user wants, and may be talking to an impersonator.

We can trust the browser because the browser trusts the website. The browser trusts the website because the certificate was issued by a “known good” CA. But what is a “known good CA?” Most browsers rely on the CAs provided by the operating system. The list of trustworthy CAs is decided by device and software vendors. The major computer and device vendors – Microsoft, Apple, Android phone manufacturers, and the open source Linux distributors – preload the operating system on their devices with a set of root certificates.

These certificates identify the CAs they have vetted and consider to be reliable. This collection of root certificates is called the “trust store.” To take an example close to me, the Windows PC that I am using to write this piece has 70 root certificates in its Trusted Root Certificate Store. Apple’s support site lists all of the roots trusted by the Sierra version of MacOS. 

How do the computer and phone vendors decide which CAs are trustworthy? They have audit and compliance programs to evaluate the quality of CAs. Only the ones that pass are included. See for example, the Chrome browser (which provides its own trust store rather than using the one on the device). The EFF (which describes itself as “the leading nonprofit organization defending civil liberties in the digital world”) explains:

Browsers operate “root programs” to monitor the security and trustworthiness of CAs they trust. Those root programs impose a number of requirements varying from “how must key material be secured” to “how must validation of domain name control be performed” to “what algorithms must be used for certificate signing.”

After a CA has been accepted by a vendor, the vendor continues to monitor it. Vendors will remove CAs from the trust store should the CA fail to uphold the necessary security standards. Certificate authorities can, and do, go rogue, or fail for other reasons. The Register reports:

Certificates and the CAs that issue them are not always trustworthy and browser makers over the years have removed CA root certificates from CAs based in Turkey, France, China, Kazakhstan, and elsewhere when the issuing entity or an associated party was found to be intercepting web traffic. 

In 2022, researcher Ian Carroll reported Security concerns with the e-Tugra certificate authority. Carroll “found a number of alarming issues that worry me as to the security practices inside their company,” such as weak credentials. Carroll’s reports were verified by the major software vendors. As a result, e-Tugra was removed from their trusted certificate stores. 

The Timeline of Certificate Authority Failures tells of other such incidents. 

There are still some known holes in PKI as it currently exists. Because one particular issue is important to an understanding of eIDAS Article 45, I will explain that next. A CA’s trust is not scoped to those websites that conduct their business with that CA. A browser will accept a certificate from any trusted CA for any website. There is nothing preventing the CA from issuing a website to a bad actor that was not requested by the owner of the site. Such a certificate would be fraudulent in the legal sense because of who it was issued to. But the contents of the certificate would be technically valid from the browser’s viewpoint. 

If there was a way to associate each website with its preferred CA, then any certificate for that site from any other CA would be immediately recognized as fraudulent. Certificate pinning is another standard that takes a step in this direction. But how would that association be published and how would that publisher be trusted? 

At each layer of this process, the technical solution relies on an external source of trust. But how is that trust established? By relying on an even more trusted source on the next higher plane? This question illustrates the “turtles, all the way down” nature of the problem. PKI does have a turtle at the bottom: the reputation, visibility, and transparency of the security industry and its customers. Trust is built at this level through constant monitoring, open standards, the software developers, and the CAs. 

Fraudulent certificates have been issued. In 2013, ArsTechnica reported French agency caught minting SSL certificates impersonating Google:

In 2011…security researchers spotted a bogus certificate for Google.com that gave attackers the ability to impersonate the website’s mail service and other offerings. The counterfeit certificate was minted after attackers pierced the security of Netherlands-based DigiNotar and gained control of its certificate-issuing systems.

The secure sockets layer (SSL) credentials were digitally signed by a valid certificate authority…In fact, the certificates were unauthorized duplicates that were issued in violation of rules established by browser manufacturers and certificate authority services.

Fraudulent certificate issuance can happen. A rogue CA can issue one, but they won’t get far. The bad certificate will be detected. The bad CA will fail compliance programs and be removed from trust stores. Without acceptance, the CA will go out of business. Certificate Transparency, a more recent standard, enables more rapid detection of fraudulent certificates. 

Why would a CA go rogue? What advantage can the bad guy gain from an unauthorized certificate? With the certificate alone, not much, even when signed by a trusted CA. But if the bad guy can team up with an ISP, or otherwise access the network that the browser uses, the certificate gives the bad actor the ability to break all of PKI’s security guarantees. 

The hacker could mount a man-in-the-middle attack (MITM) on the conversation. The attacker could insert himself in between the browser and the real website. In this scenario, the user would be talking directly to the attacker, and the attacker would relay the contents back and forth with the real website. The attacker would present the fraudulent certificate to the browser. Because it was signed by a trusted CA, the browser would accept it. The attacker could view and even modify what either party sent before the other side received it.

Now we come to the EU’s sinister eIDAS, Article 45. This proposed regulation requires all browsers to trust a basket of certificates from CAs designated by the EU. Twenty-seven to be exact: one for each member nation. These certificates are to be called Qualified Website Authentication Certificates. The acronym “QWAC” has an unfortunate homophone to quackery – or perhaps the EC is trolling us.

The QWACs would be issued either by either government agencies, or what Michael Rectenwald calls governmentalities: “corporations and companies and other adjuncts of the state who are otherwise called ‘private,’ but really are operating as state apparatuses, in that they’re enforcing state narratives and dictates.” 

This scheme would bring EU member governments one step closer to the point where they could man-in-the-middle attack against their own citizens. They would also need to access the networks. Governments are in a position to do that. If the ISP is run as a state-owned enterprise, then they would already have it. If ISPs are private firms, then local authorities could use police powers to gain access. 

One point which has not been emphasized in the public conversation is that a browser in any of the 27 EU member nations would be required to accept every single QWAC, one from each EU member. This means that a browser in, for example, Spain, would have to trust a QWAC from entities in Croatia, Finland, and Austria. The Spanish user visiting an Austrian website would have to transit over Austrian portions of the internet. The issues raised above would all apply across countries within the EU. 

The Register, in a piece titled Bad eIDAS: Europe ready to intercept, spy on your encrypted HTTPS connections explains one way this might work:

[T]hat government can ask its friendly CA for a copy of [the QWAC] certificate so that the government can impersonate the website – or ask for some other certificate browsers will trust and accept for the site. Thus, using a man-in-the-middle attack, that government can intercept and decrypt the encrypted HTTPS traffic between the website and its users, allowing the regime to monitor exactly what people are doing with that site at any time.

Having penetrated the shield of encryption, monitoring could include saving users’ passwords, and then using them at another time to access citizens’ email accounts. In addition to monitoring, governments could modify content inline. For example, they could remove the narratives they want to censor. They could attach annoying nanny state fact checks and content warnings to dissenting opinions.

As things currently stand, CAs must maintain the trust of the browser community. Browsers currently warn the user if a site presents an expired or otherwise untrusted certificate. Under Article 45, warnings or the ejection of trust abusers would be forbidden. Not only are browsers mandated to trust the QWACs, but Article 45 prohibits browsers from showing a warning that a certificate signed by a QWAC. 

Last Chance for eIDAS (a website displaying the Mozilla logo) advocates against Article 45: 

Any EU member state has the ability to designate cryptographic keys for distribution in web browsers and browsers are forbidden from revoking trust in these keys without government permission. 

…There is no independent check or balance on the decisions made by member states with respect to the keys they authorize and the use they put them to. This is particularly troubling given that adherence to the rule of law has not been uniform across all member states, with documented instances of coercion by secret police for political purposes.

In an open letter signed by several hundred security researchers and computer scientists:

Article 45 also bans security checks on EU web certificates unless expressly permitted by regulation when establishing encrypted web traffic connections. Instead of specifying a set of minimum security measures which must be enforced as a baseline, it effectively specifies an upper bound on the security measures which cannot be improved upon without the permission of ETSI. This runs counter to well established global norms where new cybersecurity technologies are developed and deployed in response to fast moving developments in technology. 

Most of us rely on our vendors to curate the list of trusted CAs. However, as a user, you may add or remove certificates as you please on your own devices. Microsoft Windows has a tool to do this. On Linux, the root certificates are files located in a single directory. A CA may be untrusted simply by deleting the file. Will this also be forbidden? Steve Gibson, noted security pundit, columnist, and host of the long-running Security Now podcast asks:

But the EU is stating that browsers will be required to honor these new, unproven and untested certificate authorities and thus any certificates they issue, without exception and without recourse. Does that mean that my instance of Firefox will be legally bound to refuse my attempt to remove those certificates?

Gibson notes that some corporations implement similar surveillance of their employees within their own private network. Whatever your opinion about those working conditions, some industries have legitimate audit and compliance reasons to track and record what their employees are doing with company resources. But, as Gibson continues,

The trouble is that the EU and its member nations are very different from the employees of a private organization. Any time an employee doesn’t want to be spied upon, they can use their own smartphone to circumvent their employer’s network. And of course an employer’s private network is just that, a private network. The EU wants to do this for the entire public Internet from which there would be no escape.

Now we have established the radical nature of this proposal. It is time to ask, what reasons does the EC offer to motivate this change? The EC says that identity verification under PKI is not adequate. And that these changes are needed to improve it. 

Is there any truth to the EC’s claims? Current PKI in most cases only requires the request to prove control of the website. While that is something, it does not guarantee, for example, that the web property “apple.com” is owned by the consumer electronics company known as Apple Inc, headquartered in Cupertino, California. A malicious user might obtain a valid certificate for a domain similar name to that of a well-known business. The valid certificate could be used in an attack that relied on some users not looking hard enough to notice that the name does not quite match. This happened to payment processor Stripe.

For publishers who would like to prove to the world that they are truly the same corporate entity, some CAs have offered Extended Validation (EV) Certificates. The “extended” part consists of additional validations against the business itself, such as the business address, a working phone number, a business license or incorporation, and other attributes typical of a going concern. EVs are listed at a higher price point because they require more work by the CA. 

Browsers used to show highlighted visual feedback for an EV, such as a different color or a more sturdy lock icon. In recent years, EVs have not been particularly popular in the marketplace. They have mostly died off. Many browsers no longer show the differential feedback. 

In spite of the weaknesses that still exist, PKI has improved markedly over time. As flaws have become understood, they have been addressed. Cryptographic algorithms have been strengthened, governance has improved, and vulnerabilities have been blocked. Governance by a consensus of industry players has worked quite well. The system will continue to evolve, both technologically and institutionally. Other than meddling by regulators, there is no reason to expect otherwise.

We have learned from the lackluster history of EVs that the marketplace does not care so much about corporate identity verification. However, if internet users did want that, it would not require breaking existing PKI to give it to them. Some small tweaks to existing workflows would suffice. Some commenters have proposed modifying the TLS handshake; the website would present one additional certificate. The primary certificate would work as it does now. The secondary certificate, signed by a QWAC, would implement the additional identity standards that the EC says it wants.

The EC’s purported reasons for eIDAS are simply not credible. Not only are the reasons given implausible, the EC does not even bother with the usual sanctimonious whining about how we must sacrifice important freedoms in the name of safety because we face the grave threat of [pick one] human trafficking, child safety, money laundering, tax evasion, or (my personal favorite) climate change. There is no denying that the EU is gaslighting us.

If the EC is not honest about their true motives, then what are they after? Gibson sees a nefarious intent:

And there’s only one possible reason for them wanting [to enforce browsers to trust QWACs], which is to allow for on-the-fly Internet web traffic interception, exactly as happens inside of corporations. And that’s acknowledged. 

(What Gibson means by “web traffic interception” is the MITM attack described above.)Other commentary has highlighted the sinister implications for free speech and political protest. Hurst in a long-form essay makes a slippery slope argument:

When a liberal democracy establishes this kind of control over technology on the web, despite its consequences, it lays the groundwork for more authoritarian governments to follow suit with impunity.

Mozilla quoted in techdirt (with no link to the original) says more or less the same:

[F]orcing browsers to automatically trust government-backed certificate authorities is a key tactic used by authoritarian regimes, and these actors would be emboldened by the legitimising effect of the EU’s actions…

Gibson makes a similar observation:

And then there’s the very real specter of what other doors this opens: If the EU shows the rest of the world that it can successfully dictate the terms of trust for the independent web browsers used by its citizens, what other countries will follow with similar laws? Now everyone gets to simply require that their own country’s certificates get added. This takes us in exactly the wrong direction.

This proposed Article 45 is an attack on user privacy in the EU nations. If adopted, it would be a massive setback not only in internet security, but in the evolved system of governance. I agree with Steve Gibson that:

What’s completely unclear, and what I haven’t encountered anywhere, is an explanation of the authority by which the EU imagines it’s able to dictate the design of other organization’s software. Because that’s what this comes down to.

Response to the proposed Article 45 has been massively negative. The EFF in Article 45 Will Roll Back Web Security by 12 Years writes, “This is a catastrophe for the privacy of everyone who uses the internet, but particularly for those who use the internet in the EU.” 

The eIDAS effort is a four-alarm fire for the security community. Mozilla – maker of the open source Firefox web browser – posted an Industry Joint Statement opposing it. The statement is signed by an all-star roster of internet infrastructure companies including Mozilla itself, Cloudflare, Fastly, and the Linux Foundation. 

From the the open letter mentioned above: 

After reading the near-final text, we are deeply concerned by the proposed text for Article 45. The current proposal radically expands the ability of governments to surveil both their own citizens and residents across the EU by providing them with the technical means to intercept encrypted web traffic, as well as undermining the existing oversight mechanisms relied on by European citizens. 

Where does this go? The regulation has been proposed for some time. A final decision was scheduled for November of 2023. Web searches show no new information on this topic since that time. 

In these past few years, outright censorship in all its forms has increased. During the covid lunacy, government and industry partnered to create a censorship-industrial complex to more efficiently promote false narratives and suppress dissidents. In these past few years, skeptics and independent voices have fought back, in courts, and by creating viewpoint-neutral platforms. 

While censorship of speech continues to be a great danger, the rights of writers and journalists are better protected than many other rights. In the US, the First Amendment has an explicit protection of speech and the freedom to criticize the government. Courts may be of the opinion that any rights or freedoms not protected by highly specific statutory language is fair game. This may be the reason that the resistance has had more success on speech than other efforts to stop other abuses of power such as quarantines and population lockdowns. 

Rather than a well-defended foe, governments are shifting their attacks to other layers of the internet infrastructure. These services, such as domain registration, DNS, certificates, payment processors, hosting, and app stores, consist largely of private marketplace transactions. These services are much less well protected than speech because there is, for the most part, no right for anyone to purchase a specific service from a particular business. And the more technical services such as DNS and PKI are less well understood by the public than web publishing.

The PKI system is particularly vulnerable to attack because it works by reputation and consensus. There is no single authority that rules the entire system. The players must earn a reputation through transparency, compliance, and honest reporting of failures. And that makes it vulnerable to this type of disruptive attack. If EU PKI falls to the regulators, I expect other countries to follow. Not only is PKI at risk. Once proven that other layers of the stack can be attacked by regulators, they will be targeted as well.

---

The NWO’s 2024 Black Swan Tell

---

So-called experts believe the government must increase the overall demand in the economy since stronger demand will permit idle resources to be employed again. Hence, many economists recommend that the central bank adopt an easy monetary stance to strengthen aggregate demand.

Whenever an economy falls into a recession, many economists point out that the economic slump means there will be idle capital and labor. Resources that could be employed are now unemployed because the economic slump has softened aggregate demand for goods and services.

So-called experts believe the government must increase the overall demand in the economy since stronger demand will permit idle resources to be employed again. Hence, many economists recommend that the central bank adopt an easy monetary stance to strengthen aggregate demand.

It appears to be quite simple: boost expenditure on goods and services and this, in turn, will strengthen the overall output in the economy by the multiple of the expenditure, thanks to the Keynesian multiplier. According to Ludwig von Mises,

Here, they say, are plants and farms whose capacity to produce is either not used at all or not to its full extent. Here are piles of unsalable commodities and hosts of unemployed workers. But here are also masses of people who would be lucky if they only could satisfy their wants more amply. All that is lacking is credit. Additional credit would enable the entrepreneurs to resume or to expand production. The unemployed would find jobs again and could buy the products. This reasoning seems plausible. Nonetheless it is utterly wrong.

Those who advocate monetary pumping to absorb idle resources have overlooked that these resources have become idle because of the previous boom created by the central bank’s prior easy monetary policy. Due to the easy monetary stance, nonproductive or “bubble” activities have emerged, resulting in the diversion of real savings from wealth generators toward these nonproductive activities.

A tighter stance from the central bank stops this diversion, thereby reducing the number of bubble activities and improving the process of wealth generation. Such a stance, however, cannot undo the various misallocations of resources that took place as a result of the previous easy monetary position as the previous damage cannot be undone in the short term.

Once, however, the process of wealth generation gains momentum, the expanding pool of real savings makes it possible to absorb various idle resources. According to Mises,

Out of the collapse of the boom there is only one way back to a state of affairs in which progressive accumulation of capital safeguards a steady improvement of material wellbeing: new saving must accumulate the capital goods needed for a harmonious equipment of all branches of production with the capital required. One must provide the capital goods lacking in those branches which were unduly neglected in the boom. Wage rates must drop; people must restrict their consumption temporarily until the capital wasted by malinvestment is restored. Those who dislike these hardships of the readjustment period must abstain in time from credit expansion.

Furthermore, he writes,

If commodities cannot be sold and workers cannot find jobs, the reason can only be that the prices and wages asked are too high. He who wants to sell his inventories or his capacity to work must reduce his demand until he finds a buyer. Such is the law of the market. Such is the device by means of which the market directs every individual’s activity into those lines in which they can best contribute to the satisfaction of the wants of the consumers.

Commentators are correct in identifying a lack of credit as preventing an increase in production and a greater use of idle resources. There is, however, the need to emphasize that the type of credit lacking is productive credit—one that is fully backed by real savings. This type of credit is scarce because of the previous episodes of central bank–driven expansionary monetary policies, which have resulted in diverting real savings from wealth producers to those who are not productive.

What most commentators advocate is the expansion of credit out of “thin air,” which the central bank is able to set in motion either by direct monetary injections or via intervention in the money markets to maintain a lower target interest rate. Such commentators advocate an expansion in credit that is not supported by real savings. The expansion in unbacked credit not only cannot revitalize the economy but, on the contrary, further weakens the process of wealth generation. Any attempt to “revive” economic activity by means of easy money will resume the diversion of real savings from wealth producers to nonwealth generators, thereby weakening the process of real wealth creation.

As long as the pool of real savings is growing, central bank policies appear to work. Once, however, the pool becomes stagnant or declining, the growth ends, and no amount of central bank liquidity injection will reverse things. On the contrary, the more the central bank tries to revive the economy, the worse things become.

One might argue that irrespective of the reason for idle resources, the authorities and the central bank should pursue policies that make it possible for these resources to have more use. But without increasing the pool of real savings, there will not be enough means to enable the employment of those resources. A loose monetary policy aimed at boosting demand will not succeed since an increase in demand cannot replace the real savings required to reemploy idle resources.

Some economists believe that loose monetary policies enable the economy to take off on its own, just as adding a little water to a pump, or priming the pump, enables water to be pumped out of a well. That metaphor is misleading since without the increase in real savings, no upsurge in economic activity can take place. Expanding credit unbacked by real savings cannot replace the nonexistent capital goods required to expand wealth that in turn absorbs the unemployed labor and capital.

Conclusion

Economists correctly note that a lack of credit prevents an increase in the production and reemployment of idle resources. There is, however, the need to emphasize that the type of credit lacking is productive credit, which is fully backed by real savings. Productive credit is scarce because of previous episodes of expansionary monetary policies by the central bank which diverted real savings from wealth producers to those who are unproductive.

---

The NWO’s 2024 Black Swan Tell

---

‘I had no wars,’ Trump told the crowd. ‘I’m the only president in 72 years, I didn’t have any wars.’

During Wednesday’s Fox News Iowa Town Hall event, presidential frontrunner Donald Trump displayed his feisty, quick-witted temperament that has gained the adoration of millions of Americans.

The televised discussion was scheduled at the same time as the GOP presidential debate between Nikki Haley and Ron DeSantis.

Speaking on a variety of issues, the leading GOP candidate railed against the U.S. establishment’s never-ending overseas wars, while noting he was the first president in decades to have peace throughout his presidency.

“I had no wars,” Trump told the crowd. “I’m the only president in 72 years, I didn’t have any wars.”

Later, Trump attacked Biden for being too “weak” and declared America will operate via peace through strength if he returns to office.

The 45th president also stated he’d roll out the largest deportation effort of all time and joked about Hunter Biden’s shady business deals.

At one point, Trump admitted COVID-19 “came out of” the Wuhan, China lab while stopping short of suggesting it was an intentional leak.

“It came out of Wuhan,” he said. “They were saying it came out of bat caves 2,000 miles away, it came out of Italy, it came out of France, no it came out of Wuhan, the labs. And, by the way, I don’t THINK it was done on purpose… I think it was done out of incompetence, that’s what I think. I think a scientist went out and said hello to his girlfriend and that was the end of that. She died and then people started dying all over the place, but who knows? I can tell you one thing, I got a long with President Xi.”

Posting additional highlights to his Truth Social account, Trump wrote, “DeSanctus wants to CUT Social Security and Medicare. Nikki Haley wants to CUT Social Security and Medicare…Nikki Haley wanted to raise the age from 65 to 74!”

When Trump was asked if he would be looking for retribution in his second term, he said he wouldn’t have time for that, adding, “Our ultimate retribution is success.”

The leading presidential prospect continues to poll leaps and bounds ahead of the contending GOP field of candidates, and he’s only getting stronger with solid performances like the Wednesday night town hall.

---

Right to express opinions being suppressed under the guise of ‘misinformation’

Alex Jones breaks down how the WEF’s list of potential risks in the coming year puts free speech directly in their crosshairs, calling it, “misinformation and disinformation.”

That means the tip of the spear in the information war – Infowars – is directly in the way of the eugenicist agenda being openly rolled out by the NWO.

---

Technocrats learned a lot from Covid. Under new proposals, the WHO will become the directing mind and will of global health. The WHO proposals are a shell game. The scheme will provide cover to domestic public health authorities. Power will be ubiquitous but no one will be accountable.

On Friday, Bret Weinstein warned of impending tyranny from the World Health Organization. “We are in the middle of a coup,” the evolutionary biologist and podcaster told Tucker Carlson on X. The WHO’s new pandemic management regime will eliminate sovereignty, Weinstein said, and allow it to override national constitutions.

He’s right about tyranny and coups. But not about sovereignty or constitutions. 

Technocrats learned a lot from Covid. Not how to avoid policy mistakes, but how to exercise control. Public authorities discovered that they could tell people what to do. They locked people down, closed their businesses, made them wear masks, and herded them to vaccination clinics. In some countries, people endured the most extreme restrictions on civil liberties in peacetime history. 

The WHO is now proposing a new international pandemic agreement and amendments to the International Health Regulations. These proposals will make next time worse. Not because they override sovereignty, but because they will protect domestic authorities from responsibility. States will still have their powers. The WHO plan will shield them from the scrutiny of their own people.

Related: Biologist Warns WHO Planning to Take Control Over Nations For Next Pandemic, Confirms COVID ‘Vaccines’ Killed 17 MILLION People

Under the proposals, the WHO will become the directing mind and will of global health. It will have authority to declare public health emergencies. National governments will promise to do as the WHO directs. Countries will “undertake to follow WHO’s recommendations.” WHO measures “shall be initiated and completed without delay by all State Parties…[who] shall also take measures to ensure Non-State Actors [private citizens and domestic businesses] operating in their respective territories comply with such measures.” Lockdowns, quarantine, vaccines, surveillance, travel restrictions, and more will be on the table. 

That sounds like a loss of sovereignty, but it is not. Sovereign states have exclusive jurisdiction in their own territory. WHO recommendations cannot be directly enforced in American courts. Sovereign nations can agree to follow the authority of international organizations. They can undertake to tie their own hands and to fashion their domestic laws accordingly. 

The WHO proposals are a shell game. The scheme will provide cover to domestic public health authorities. Power will be ubiquitous but no one will be accountable. Citizens will lack control over the governance of their countries, as they already do. The danger that confronts us is still our own sprawling discretionary administrative state, soon to be boosted and camouflaged by an unaccountable international bureaucracy.

When countries make treaties, they make promises to each other. International law may regard those promises as “binding.” But they are not binding in the same sense as a domestic contract. International law is a different animal from domestic law. In Anglo-American countries, the two legal systems are distinct.

International courts cannot enforce treaty promises against unwilling parties in the same way that a domestic court can enforce contractual promises. International law is formalized international politics. Countries make promises to each other when it is in their political interests to do so. They keep those promises on the same criteria. When they don’t, political consequences sometimes follow. Formal legal consequences rarely do.

Nevertheless, the idea is to persuade the public that their governments must obey the WHO. Binding recommendations legitimize the heavy hands of domestic governments. Local officials will be able to justify restrictions by citing global duties. They will say that WHO directives leave them no choice. “The WHO has called for lockdowns, so we must order you to stay in your home. Sorry, but it’s not our call.” 

During Covid, authorities tried to censor dissenting views. Despite their best efforts, skeptics managed to speak out. They offered alternative explanations in podcasts, videos, declarations, research papers, columns, and tweets. For many people, they were the source of sanity and truth. But next time things may be different. Under the new pandemic regime, countries will commit to censoring “false, misleading, misinformation or disinformation.”

As Weinstein put it, “Something is quietly moving just out of sight, in order that we will not have access to these tools the next time we face a serious emergency. … What [the WHO] wants are the measures that would have allowed them to silence the podcasters, to mandate various things internationally in a way that would prevent the emergence of a control group that would allow us to see harms clearly.”

The WHO documents will not override constitutions in Anglo-American countries. In the United States, the First Amendment will still apply. But the meaning of constitutions is not static. International norms can influence how courts read and apply constitutional provisions. Courts can take account of developing international standards and customary international law. The WHO proposals would not replace or define the meaning of constitutional rights. But they would not be irrelevant either. 

The WHO is not undermining democracy. Countries have done that over time by themselves. National governments must approve the new plan, and any can opt out as they wish. Without their agreement, the WHO has no power to impose its dictates. Not all countries may be keen on all the details. The WHO proposals call for massive financial and technical transfers to developing countries. But climate change pacts do too. In the end rich countries embraced them anyway. They were keen to virtue-signal and justify their own climate boondoggles. Most can be expected to sign on to the WHO gambit too.

Countries who do so retain the sovereignty to change their minds. But leaving international regimes can be hellishly difficult. When the UK belonged to the European Union, it agreed to be subject to EU rules on all manner of things. It remained a sovereign country and could decide to get out from under the EU’s thumb. But Brexit threatened to tear the country apart. Having the legal authority to withdraw does not mean that a country is politically able to do so. Or that its elites are willing, even if that’s what its people want. 

Numerous critics have made the same allegations as Weinstein, that the WHO’s regime will eliminate sovereignty and override constitutions. Brownstone writers have done so, for example, here and here. These allegations are easy to dismiss. Tedros Adhanom Ghebreyesus, the Director-General of the WHO, has repeatedly said that no country will cede sovereignty to the WHO. Reuters, the Associated Press, and other mainstream news outlets have done “fact checks” to debunk the claim. Saying that the WHO will steal sovereignty allows critics to be discredited as conspiracy theorists. It distracts from the game that is afoot.

The WHO proposals will protect power from accountability. National governments will be in on the plan. The people are the problem they seek to manage. The new regime will not override sovereignty but that is small comfort. Sovereignty provides no protection from your own authoritarian state.

---

BREAKING: UN Planning New Pandemic To Establish Planetary Dictatorship

---