2FA - Cross device Authentication Vulnerabilities

2FA (Two-Factor Authentication): Privacy Concerns and Unethical Practices

Two-factor authentication (2FA) has gained widespread recognition as a vital tool in enhancing online security. While its primary goal is to protect user accounts from unauthorized access, there exists a darker side to 2FA that raises privacy concerns and the potential for unethical practices by developers and companies. This essay delves into the myriad of nefarious scenarios and usage scenarios that can compromise the privacy of end-users.

A Solid Example of Suspicious Attempts to get You to Opt-in to 2 Factor Authentication and connect your phone with other devices;

Fortnite 2 Factor Authentication Opt In Scam

Fortnite 2 Factor Authentication Opt In Scam

Fortnite using the “Boogie Down” emote offer to encourage users to enable 2FA is in my opinion, a notable example of how companies leverage incentives to enhance security while also gathering valuable user data. By enticing users to enable 2FA through rewards such as in-game items, Fortnite claims it not only enhances account security but also gains insights into user behavior across multiple devices. This strategy is officially supposed to help the company better understand its player base and potentially improve the overall gaming experience. But it can also be used to manipulate the user by getting them addicted to DLCs, Avatars, Extras, and other merchandise, addons, and products which they know the user won’t be able to resist.

Here are ten possible scenarios where a worldwide AAA online Mass Multiplayer game company, like Fortnite, might use aggressive tactics to encourage users to opt-in to 2FA and then potentially abuse the data or manipulate consumers:

  1. Data Harvesting for Advertising: The company may collect data on user behavior across multiple devices, creating detailed profiles to serve highly targeted advertisements, thereby increasing advertising revenue.
  2. In-Game Purchase Manipulation: By tracking user interactions, the company could manipulate in-game offers and discounts to encourage additional in-game purchases, exploiting users’ preferences and spending habits.
  3. Content Addiction and Spending: The company might use behavioral insights to design content and events that exploit users’ tendencies, keeping them engaged and spending money on downloadable content (DLCs) and microtransactions.
  4. Influence on Game Balancing: Data gathered through 2FA could influence game balancing decisions, potentially favoring players who spend more or exhibit specific behaviors, leading to unfair gameplay experiences.
  5. Pushing Subscription Services: The company may use behavioral data to identify potential subscribers and relentlessly promote subscription services, driving users to sign up for ongoing payments.
  6. Social Engineering for User Engagement: Leveraging knowledge of players’ habits, the company could employ social engineering techniques to manipulate users into promoting the game to friends, potentially leading to more players and revenue.
  7. Tailored Product Launches: The company might strategically time and tailor product launches based on user behavior, encouraging purchases at specific intervals, even if users hadn’t planned to buy.
  8. Personalized Content Restrictions: Behavioral data could be used to selectively restrict content or features for users who don’t meet certain criteria, pushing them to spend more to unlock these features.
  9. Cross-Promotion and Monetization: The company could collaborate with other businesses to cross-promote products or services to users based on their tracked preferences, generating additional revenue streams.
  10. Reward Manipulation: The company may adjust the distribution of in-game rewards based on user behavior, encouraging users to spend more time and money on the platform to earn desired items.
Fortnite 2FA Emote Opt In Trick

Fortnite 2FA Emote Opt In Trick

These scenarios emphasize the potential for companies to use aggressive tactics and data collection through 2FA to maximize profits, often at the expense of user privacy and potentially manipulating consumer behavior for financial gain. It underscores the importance of user awareness and informed decision-making when it comes to opting in to 2FA and sharing personal data with online gaming platforms. However, it’s crucial for users to be aware of the data collection practices associated with such incentives and understand how their information may be used. Transparency and clear communication regarding data usage are essential to maintain trust between users and the platform. In this context, users should consider the trade-off between the benefits of enhanced security and potential data collection, making informed decisions about whether to enable 2FA based on their preferences and concerns regarding privacy and data usage.

1. Data Profiling and Surveillance

One of the most ominous aspects of 2FA implementation is the potential for data profiling and surveillance. Companies can leverage 2FA as a means to collect extensive user data, including device locations, usage patterns, and behavioral data. This information can be used for targeted advertising, behavioral analysis, and potentially even sold to third parties without user consent. To Illustrate, here are 10 possible nefarious scenarios where 2FA (Two-Factor Authentication) could be exploited for unethical purposes or invasion of privacy:

  1. Location Tracking: Companies could use 2FA to continuously track the location of users through their devices, building detailed profiles of their movements for intrusive marketing purposes.
  2. Behavioral Profiling: By analyzing the times and frequency of 2FA logins, companies could build extensive behavioral profiles of users, potentially predicting their actions and preferences.
  3. Data Correlation: Combining 2FA data with other user information, such as browsing habits and social media interactions, could enable companies to create comprehensive dossiers on individuals, which may be sold or used without consent.
  4. Phishing Attacks: Malicious actors might exploit 2FA to gain access to users’ personal information, tricking them into revealing their second authentication factor through fake login screens.
  5. Targeted Ads: Companies could leverage 2FA data to bombard users with highly targeted and invasive advertisements based on their recent activities and location history.
  6. Surveillance Capitalism: 2FA data could be used to monitor users’ offline activities, creating a complete picture of their lives for profit-driven surveillance capitalism.
  7. Third-Party Sales: Without proper safeguards, companies might sell 2FA data to third parties, potentially leading to further unauthorized use and misuse of personal information.
  8. Blackmail: Malicious entities could use 2FA information to threaten individuals with the exposure of sensitive data, extorting money or personal favors.
  9. Stalking: Stalkers and abusers could exploit 2FA to track and harass their victims, using location and behavioral data to maintain control.
  10. Government Surveillance: In some cases, governments may pressure or require companies to provide 2FA data, enabling mass surveillance and privacy violations on a massive scale.

These scenarios emphasize the importance of strong data protection laws, ethical use of personal data, and user consent when implementing 2FA systems to mitigate such risks.

2FA Security Risks

2. Government Demands for Access

In some cases, governments or malicious actors may exert pressure on companies to gain access to 2FA data for surveillance purposes. This can infringe upon individuals’ privacy rights and result in unauthorized surveillance on a massive scale. Once more to Illustrate, here are 10 possible nefarious scenarios where government demands for access to 2FA data could be exploited for unethical purposes or invasion of privacy:

  1. Political Targeting: Governments may use access to 2FA data to identify and target political dissidents, activists, or opposition members, leading to surveillance, harassment, or even imprisonment.
  2. Mass Surveillance: Governments could implement widespread 2FA data collection to surveil entire populations, creating a culture of constant monitoring and chilling freedom of expression.
  3. Suppression of Free Speech: The threat of government access to 2FA data could lead to self-censorship among citizens, inhibiting open discourse and free speech.
  4. Blackmail and Extortion: Corrupt officials might use 2FA data to gather compromising information on individuals and then use it for blackmail or extortion.
  5. Journalist and Source Exposure: Investigative journalists and their sources could be exposed, endangering press freedom and the ability to uncover corruption and misconduct.
  6. Discrimination and Profiling: Governments could use 2FA data to discriminate against certain groups based on their religious beliefs, ethnicity, or political affiliations.
  7. Political Leverage: Access to 2FA data could be used to gain leverage over individuals in positions of power, forcing them to comply with government demands or risk exposure.
  8. Invasive Border Control: Governments might use 2FA data to track individuals’ movements across borders, leading to unwarranted scrutiny and profiling at immigration checkpoints.
  9. Health and Personal Data Misuse: Government access to 2FA data could lead to unauthorized collection and misuse of individuals’ health and personal information, violating medical privacy.
  10. Illegal Detention: Misuse of 2FA data could result in wrongful arrests and detentions based on false or fabricated evidence, eroding the principles of justice and due process.

Government Access to Personal data Requests

Governments may make demands for access to various types of data and information for a variety of reasons, often within the framework of legal processes and national security concerns. Here’s an explanation of how and why governments may make demands for access:

  1. Legal Frameworks: Governments establish legal frameworks and regulations that grant them the authority to access certain types of data. These laws often pertain to national security, law enforcement, taxation, and other public interests. Examples include the USA PATRIOT Act in the United States and similar legislation in other countries.
  2. Law Enforcement Investigations: Government agencies, such as the police or federal law enforcement agencies, may request access to data as part of criminal investigations. This can include access to financial records, communication logs, or digital evidence related to a case.
  3. National Security Concerns: Governments have a responsibility to protect national security, and they may seek access to data to identify and mitigate potential threats from foreign or domestic sources. Access to communication and surveillance data is often critical for these purposes.
  4. Taxation and Financial Oversight: Government tax authorities may demand access to financial records, including bank account information and transaction history, to ensure compliance with tax laws and regulations.
  5. Public Safety and Emergency Response: In emergency situations, such as natural disasters or public health crises, governments may access data to coordinate response efforts, locate missing persons, or maintain public safety.
  6. Counterterrorism Efforts: Governments may seek access to data to prevent and investigate acts of terrorism. This includes monitoring communication channels and financial transactions associated with terrorist organizations.
  7. Regulatory Compliance: Certain industries, such as healthcare and finance, are heavily regulated. Governments may demand access to data to ensure compliance with industry-specific regulations, protect consumer rights, and prevent fraudulent activities.
  8. Protection of Intellectual Property: Governments may intervene in cases of intellectual property theft, counterfeiting, or copyright infringement, demanding access to data to support legal actions against violators.
  9. Surveillance Programs: Some governments conduct surveillance programs to monitor digital communications on a large scale for national security reasons. These programs often involve partnerships with technology companies or data service providers.
  10. Access to Social Media and Online Platforms: Governments may request data from social media platforms and online service providers for various purposes, including criminal investigations, monitoring extremist content, or preventing the spread of misinformation.

It’s important to note that the extent and nature of government demands for access to data vary from one country to another and are subject to local laws and regulations. Moreover, the balance between national security and individual privacy is a contentious issue, and debates often arise around the scope and limits of government access to personal data. Consequently, governments must strike a balance between legitimate security concerns and the protection of individual rights and privacy.

These scenarios highlight the critical need for strong legal protections, oversight mechanisms, and transparency regarding government access to sensitive data like 2FA information to safeguard individual rights and privacy.

3. Exploiting Data Breaches

Data breaches are an unfortunate reality in today’s digital age. Even with the best intentions, companies can experience breaches that expose user information, including 2FA data. Malicious individuals may exploit these breaches for identity theft, fraud, or other illegal activities. To make the risks understandable, here are 10 possible nefarious scenarios where data breaches, including the exposure of 2FA data, could be exploited for unethical purposes, criminal activities, or invasion of privacy:

  1. Identity Theft: Malicious actors could use stolen 2FA data to impersonate individuals, gain unauthorized access to their accounts, and commit identity theft for financial or personal gain.
  2. Financial Fraud: Access to 2FA data may allow criminals to initiate fraudulent financial transactions, such as draining bank accounts, applying for loans, or making unauthorized purchases.
  3. Account Takeover: Hackers could compromise various online accounts by bypassing 2FA, potentially gaining control over email, social media, or even cryptocurrency wallets.
  4. Extortion: Criminals might threaten to expose sensitive information obtained from data breaches unless victims pay a ransom, leading to extortion and emotional distress.
  5. Stalking and Harassment: Stolen 2FA data could be used to track and harass individuals, invading their personal lives and causing significant emotional harm.
  6. Illegal Brokerage of Data: Criminal networks could sell stolen 2FA data on the dark web, leading to further exploitation and unauthorized access to personal information.
  7. Healthcare Fraud: 2FA breaches in healthcare systems could result in fraudulent medical claims, endangering patient health and privacy.
  8. Corporate Espionage: Competing businesses or nation-states could exploit 2FA breaches to gain sensitive corporate information, such as trade secrets or research data.
  9. Social Engineering: Criminals might use stolen 2FA data to manipulate victims, convincing them to disclose additional sensitive information or perform actions against their will.
  10. Reputation Damage: The release of personal information from data breaches, including 2FA details, could tarnish an individual’s reputation and lead to long-lasting consequences in both personal and professional life.

These scenarios underscore the critical importance of robust cybersecurity measures, rapid breach detection and response, and user education on safe online practices to mitigate the risks associated with data breaches and protect individuals’ privacy and security.

4. Phishing Attacks

Cybercriminals can manipulate 2FA processes as part of phishing attacks. By posing as legitimate entities, attackers may request 2FA codes to gain unauthorized access to user accounts, exposing sensitive information to malicious intent. To demonstrate the possible ways this can be implemented, here are 10 possible nefarious scenarios where phishing attacks, including the manipulation of 2FA processes, could be implemented for various goals, gains, or purposes:

  1. Corporate Espionage: Phishers could target employees of a competitor, posing as colleagues or executives, to extract sensitive corporate information, trade secrets, or proprietary data.
  2. Identity Theft: Attackers might impersonate a user’s bank, government agency, or social media platform to steal personal information, such as Social Security numbers or login credentials, for identity theft.
  3. Financial Fraud: Phishers could send fake 2FA requests while posing as financial institutions, tricking victims into revealing their codes and gaining access to bank accounts or investment portfolios.
  4. Political Disinformation: In politically motivated phishing campaigns, attackers may pose as news organizations or government agencies to spread false information, manipulate public opinion, or influence elections.
  5. Ransomware Deployment: Phishers could deliver ransomware payloads after convincing victims to input their 2FA codes, locking them out of their systems and demanding payment for decryption.
  6. Data Breach Access: Malicious actors might use phishing to gain access to employees’ email accounts within an organization, which could lead to a data breach or the theft of sensitive company data.
  7. Fraudulent Transactions: Attackers posing as e-commerce websites or payment processors could trick users into approving unauthorized transactions using manipulated 2FA prompts.
  8. Credential Harvesting: Phishers could target university or corporate email accounts to harvest login credentials, gaining access to academic research, intellectual property, or confidential documents.
  9. Social Media Takeover: By sending fake 2FA requests from popular social media platforms, attackers could gain control of users’ accounts, spreading false information or conducting cyberbullying campaigns.
  10. Government Infiltration: Nation-state actors might use phishing attacks to compromise government employees’ accounts, potentially gaining access to classified information or influencing diplomatic relations.

These examples highlight the importance of user education, email filtering, and multi-layered security measures to detect and prevent phishing attacks that exploit 2FA processes for various malicious purposes.

Visual mind map of the architecture of data monetization

Visual mind map of the architecture of data monetization

5. Monetization of User Data

Some companies may prioritize data monetization over user privacy. By pushing for 2FA, these entities gather more valuable user information that can be monetized through various channels, without users fully understanding the extent of data collection. To help the reader understand this, I will give 10 examples of  possible nefarious scenarios that illustrate the extent and depth to which personal information can be brokered in the User-Data Brokerage Industry:

  1. Detailed Financial Profiles: Data brokers compile extensive financial profiles of individuals, including income, spending habits, investment preferences, and debt levels. This information can be sold to financial institutions for targeted marketing and credit assessments.
  2. Behavioral Predictions: By analyzing user behavior, data brokers create predictive models that forecast individuals’ future actions, such as purchasing decisions, travel plans, or lifestyle changes. This data is valuable for advertisers and marketers.
  3. Healthcare Histories: Data brokers may obtain and sell sensitive health information, including medical conditions, prescription histories, and insurance claims, potentially leading to discriminatory practices in insurance or employment.
  4. Legal Records: Personal legal records, such as criminal histories, lawsuits, and court judgments, can be collected and sold, affecting an individual’s reputation and opportunities.
  5. Political Affiliations: Data brokers gather data on users’ political beliefs, affiliations, and voting histories, which can be exploited for political campaigns or voter suppression efforts.
  6. Psychological Profiles: User data is used to create psychological profiles, revealing personality traits, emotional states, and vulnerabilities, which can be leveraged for targeted persuasion or manipulation.
  7. Relationship Status and History: Personal information about relationships, including marital status, dating history, and family dynamics, can be exploited for advertising, relationship counseling, or even blackmail.
  8. Job Performance: Data brokers collect employment records, performance evaluations, and work history, which can impact career opportunities and job offers.
  9. Travel and Location History: Brokers track users’ travel history, including destinations, frequency, and preferences, which can be used for targeted travel-related advertising or even surveillance.
  10. Education and Academic Records: Academic records, degrees earned, and educational achievements are collected and sold, potentially affecting job prospects and educational opportunities.

These scenarios underscore the ethical concerns surrounding the extensive data collection and monetization practices of data brokers and the need for robust data protection regulations and transparency to safeguard individual privacy and prevent abuse.

6. Intrusive Tracking and Profiling

2FA can enable companies to build detailed profiles of users, including their habits, preferences, and locations. This intrusive tracking and profiling can be used to manipulate user behavior and extract further data, all without transparent consent. So heads up, and educate yourselves! To assist you with this, here are ten examples of how companies, advertisers, governments, or independent parties with special interests might use or abuse intrusive tracking and profiling technologies to manipulate human behavior for specific desired results:

  1. Targeted Advertising: Companies can use detailed user profiles to deliver highly personalized advertisements that exploit individuals’ preferences, making them more likely to make impulse purchases.
  2. Political Manipulation: Governments or political campaigns may leverage profiling to identify and target voters with tailored messages, swaying public opinion or voter behavior.
  3. Behavioral Addiction: App and game developers might use user profiles to design addictive experiences that keep individuals engaged and coming back for more, generating ad revenue or in-app purchases.
  4. Surveillance and Social Control: Governments can employ profiling to monitor citizens’ activities, stifling dissent or controlling behavior through the fear of being watched.
  5. Credit Scoring and Discrimination: Financial institutions may use profiling to assess creditworthiness, potentially discriminating against individuals based on factors like shopping habits or online activities.
  6. Healthcare Manipulation: Health insurers could adjust premiums or deny coverage based on profiling data, discouraging individuals from seeking necessary medical care.
  7. Manipulative Content: Content providers may use profiles to serve content designed to provoke emotional responses, encouraging users to spend more time online or share content with others.
  8. Employment Discrimination: Employers might make hiring decisions or promotions based on profiling data, leading to unfair employment practices.
  9. Criminal Investigations: Law enforcement agencies can use profiling to target individuals for investigation, potentially leading to wrongful arrests or harassment of innocent people.
  10. Reputation and Social Standing: Profiling data can be used to tarnish an individual’s reputation, either through targeted character assassination or by uncovering potentially embarrassing personal information.

These examples highlight the ethical concerns associated with intrusive tracking and profiling technologies and the potential for manipulation and abuse by various entities. It underscores the importance of strong data protection laws, transparency, and user consent in mitigating such risks and protecting individual privacy and autonomy.

Confirm with OTP - Nahhh

7. Phone Number Compromise and Security Risks

When a network or service requires a phone number for two-factor authentication (2FA) and their database is compromised through a data breach, it can lead to the exposure of users’ phone numbers. This scenario opens users up to various security risks, including:

  1. Phishing Attacks: Hackers can use exposed phone numbers to craft convincing phishing messages, attempting to trick users into revealing sensitive information or login credentials.
  2. Unwanted Advertising: Once hackers have access to phone numbers, they may use them for spam messages and unwanted advertising, inundating users with unsolicited content.
  3. Scam Phone Calls: Phone numbers exposed through a data breach can be targeted for scam phone calls, where malicious actors attempt to deceive users into providing personal or financial information.
  4. SIM Swapping: Hackers can attempt to perform SIM swapping attacks, where they convince a mobile carrier to transfer the victim’s phone number to a new SIM card under their control. This allows them to intercept 2FA codes and gain unauthorized access to accounts.
  5. Identity Theft: Exposed phone numbers can be used as a starting point for identity theft, with attackers attempting to gather additional personal information about the user to commit fraud or apply for loans or credit cards in their name.
  6. Harassment and Stalking: Malicious individuals may use the exposed phone numbers for harassment, stalking, or other forms of digital abuse, potentially causing emotional distress and safety concerns for victims.
  7. Social Engineering: Attackers armed with users’ phone numbers can engage in social engineering attacks, convincing customer support representatives to grant access to accounts or change account details.
  8. Voice Phishing (Vishing): Exposed phone numbers can be used for voice phishing, where attackers impersonate legitimate organizations or authorities over phone calls, attempting to manipulate victims into revealing sensitive information.
  9. Credential Stuffing: Attackers may attempt to use the exposed phone numbers in combination with other stolen or leaked credentials to gain unauthorized access to various online accounts, exploiting reused passwords.
  10. Data Aggregation: Exposed phone numbers can be aggregated with other breached data, creating comprehensive profiles of individuals that can be used for further exploitation, fraud, or identity-related crimes.
How Credential Stuffing is Done

How Credential Stuffing is Done

These security risks highlight the importance of robust security practices, such as regularly updating passwords, monitoring accounts for suspicious activity, and being cautious of unsolicited messages and calls, to mitigate the potential consequences of phone number exposure in data breaches, and should be considered a possible security vulnerability. I believe this underscores the importance of securing both personal information and phone numbers, as the compromise of this data can have far-reaching consequences beyond the immediate breach. It also emphasizes the need for alternative methods of 2FA that don’t rely solely on phone numbers to enhance security while protecting user privacy.

Credential Stuffing Explained

In Summary;

While two-factor authentication is often portrayed as a security measure aimed at safeguarding user accounts, it is crucial to recognize the potential for misuse and unethical practices. The dark scenarios presented here underscore the need for users to be vigilant about their online privacy, understand the implications of enabling 2FA, and make informed decisions about how their data is used and protected in the digital realm. As technology continues to evolve, the battle between privacy and security remains a central concern, and it is essential for users to stay informed and proactive in safeguarding their personal information.

Maico Mega

The Ascent and Subsequent Fall from Grace of Maico:

Egotism, Greed, and the Most Iconic Motorcycle Brand.

Throughout Human History, the twin demons of egotism and greed have been constant companions, driving individuals and societies to the brink of conflict. These vices have fueled wars, toppled civilizations, torn families apart, and, in some instances, even halted the march of greatness. Such is the dark tale of Maico, a motorcycle brand that emerged from the ashes of post-war Germany only to be consumed by internal strife, engineering disasters, and the insatiable hunger for power and wealth.

The Birth of Maico

Maico’s story begins in 1946, in a war-ravaged Germany, where Otto and Wilhelm Mish, two German brothers, found themselves in a warehouse south of Stuttgart, contemplating their future. The country lay in ruins, its economy shattered, and millions were left homeless. It was a bleak landscape, but the Mish brothers knew they had to rebuild their lives.

Maico tank
Before the war, they had worked in their father Ulrich’s automobile business, known as Maishen Company. This company provided automobile services round the clock, along with selling bicycle and motorcycle parts. In 1935, the Mish brothers even built their first complete motorcycle, a humble machine with a small engine. After the war, as they assessed the dire transportation needs of their ravaged nation, they decided to refocus their efforts on developing and producing motorcycles.

The brothers shortened the company name to Maico and in 1949, they introduced the Maico M150, a durable and affordable motorcycle that met the needs of a country in recovery. As the 1950s rolled in, the European economy started to recover, and Maico thrived. They expanded their product line with the M175 and M250 motorcycles, introduced the Maico Mobile scooter, and even ventured into car production, using Heinkel engines that bore a striking resemblance to the Volkswagen Beetle.

However, their turning point came when they were commissioned to produce 10,000 dual-sport motorcycles for the German Army. This shift towards off-road and competition motorcycles would eventually define Maico’s legacy.

The Dark Shadows of Success

While Maico’s star was on the rise, dark clouds loomed behind the scenes. The exact origins of the internal conflict that would later cripple the company remain shrouded in mystery. Some speculate that political differences, with Wilhelm’s past involvement in the National Socialist Party, and Otto’s lack of affiliation, played a role. Otto’s majority ownership of 60% of Maico due to Wilhelm’s party involvement added to the tension.

Maico 490
The feud escalated in 1957 when Wilhelm was struck by a motorcycle and left paralyzed. After this accident, Wilhelm became a mere figurehead in the company, leaving Otto in control. Wilhelm attempted to involve his three sons, Hans, Peter, and Wilhelm Jr., in the business, not only to secure his family’s interests but also to act as his eyes and ears within the company. This move, while perhaps well-intentioned, only added to the complexity of the brewing family conflict.

Despite this internal strife, Maico managed to set aside their differences during the 1960s and continued to flourish. They found themselves at the forefront of off-road motorcycle technology, thanks to their mastery of chassis and geometry design. This expertise gave them a significant advantage over their competitors and contributed to their dominance in off-road racing.

The Culmination of Greatness: The 1981 Maico 490 Mega 2

In 1981, Maico achieved a pinnacle of greatness with the introduction of the 1981 Maico 490 Mega 2. This legendary dirt bike is often hailed as one of the greatest off-road motorcycles ever built. What set it apart was its exceptional power, handling, and engineering. Sporting a 490cc two-stroke engine that produced over 45 horsepower and weighing around 240 pounds, the bike was a beast by 1980 standards.

The power delivery was described as a “rush of acceleration,” and the handling was razor-sharp. Magazine testers marveled at its crisp and clean power, and they couldn’t find any faults in its design. In fact, Maico was so confident in the quality of their bikes that they allowed magazines to break them down to verify their stock components.

The Maico 490’s design and geometry would continue to influence dirt bike engineering for years to come. It became a benchmark for measuring other late-model dirt bikes, a testament to its enduring greatness.

The Rapid Decline and Sabotage

However, Maico’s meteoric rise would soon give way to a disastrous fall. In 1982, when the highly anticipated 1982 Maico 490 was released, it proved to be a shocking disappointment. Rear hub failures, gearbox explosions, and a sudden weight gain of over 20 pounds plagued the bike. The decision to use Corte and Koso shocks, unproven in the motorcycle industry, backfired due to improper lengths and alignment issues.

1982 Maico 490 alpha 01

1982 Maico 490 alpha 01

The 1983 model, expected to redeem the brand, suffered similar issues. Rear hub failures and gearbox problems persisted, leading to lawsuits and injuries. The term “Mako Braco” was coined to describe these troublesome motorcycles. David Dion Scott, an American racer, was paralyzed due to a rear hub failure, which resulted in a lawsuit that further tarnished Maico’s reputation.

The company’s reputation was in tatters, and their sales plummeted. Despite Otto’s efforts to borrow money and provide warranties for the damaged bikes, the banks were unwilling to support him. He poured his life savings into saving the company, but it was too late. Maico filed for bankruptcy in 1983, and the Mish family lost control of the business.

1983 Maico 490

1983 Maico 490


Legacy and Lessons Learned

Maico’s story is a cautionary tale of how success, when marred by internal strife, greed, and engineering blunders, can lead to a rapid downfall. Despite its unfortunate end, the brand’s legacy lives on in the hearts of motorcycle enthusiasts who fondly remember the Maico 490 Mega 2 as a true masterpiece of its time. The rise and fall of Maico serves as a reminder that even the most iconic brands can crumble when ego and greed take center stage. It also underscores the importance of ethical business practices, quality control, and innovation in maintaining success. Corporations may do best to take note of this fact, and have more ethics, than ego and greed.

1956 Maico brochure

1956 Maico brochure

Corrupt Singapore Justice persecutes John Tan and Daniel De Costa and Xu Yuanchen after the Yellow Ribbon Prison Run Singapore

The Singaporean Justice and Their Paid Cronies the Singapore Cybercrime Police Division, have Embarrassed the Country in the Eyes of the World Once Again! Poor old John Tan (SDP) and Daniel De Costa, (and Xu Yuan Chen in addition).  John Tan and Daniel both being Persecuted by the CORRUPT SINGAPORE JUDICIARY MAFIA. John is being Persecuted with threats of Contempt to DISQUALIFY him from contesting in the Upcoming Election (Powers that be shitting their pants he might get in), after running the Yellow Ribbon Prison Run with Daniel De Costa both wearing ANTI DEATH PENALTY T-Shirts). 

Corrupt Singapore Justice persecutes John Tan and Daniel De Costa and Xu Yuanchen after the Yellow Ribbon Prison Run Singapore

Corrupt Singapore Justice persecutes John Tan and Daniel De Costa and Xu Yuanchen after the Yellow Ribbon Prison Run Singapore

Daniel De Costa was charged with Criminal Defamation after writing an article for the online citizen on Thursday (Dec 13) for publishing an article that alleged corruption among the Singapore Government’s highest officers. Xu Yuanchen, better known as Terry Xu, was charged alongside the alleged author of the article, 35-year-old Daniel De Costa. De Costa received a second charge of unauthorised access to computer material. Xu Yuanchen, better known as Terry Xu, was charged alongside the alleged author of the article, 35-year-old Daniel De Costa.

36-year-old Mr Terry Xu Yuan Chen, TOC’s editor, has been facing investigations regarding an article that alleged “corruption within the Singapore Government”, as well as matters related to our Constitution.

Daniel De Costa received a second charge of unauthorised access to computer material in addition to the first charge. De Costa had allegedly logged into the email account of a “Willy Sum” and submitted the article to TOC. The article, titled “The Take Away from Seah Kian Ping’s Facebook Post” was published under Willy Sum’s name.

Willy Sum was really a person called Sim Wee Lee, also known as Willy. The article, published on Sep 4, alleged that “we have seen multiple policy and foreign screw-ups, TAMPERING OF THE CONSTITUTION, CORRUPTION AT THE HIGHEST ECHELONS, and apparent lack of respect from foreign powers ever since the demise of founding father Lee Kuan Yew”.

All For Having A Jog In A Legally Registered Jogging Activist Run, and wearing Anti Death Sentence T-Shirts.!!!!!

“Singapore’s ministers should not have the power to singlehandedly silence anybody it wants to, including foreigners and their websites, and freedom of expression.  Singapore’s government wants to be the arbiter of what anyone can say! This is True Human Rights Abuse in Singapore, and STATE COMMITTED at That!”


As far as Singapore’s Silencing People’s Freedom of Expression is Concerned, even Wikipedia is constantly being re-edited to Hide the Facts about Judicial Corruption in Singapore, removing the true statistics of corruption, and replacing the info with Fake News type Propaganda by agents of the Singapore  Government who constantly monitor any new edits on Wikipedia on the ‘Corruption in Singapore’ page entry.

Whereas according to Human Rights Watch, who Singapore have also attacked, and tried to force the removal of online facts, claiming it to be ‘Fake News’, the Truth sounds more like this; “Singapore’s political environment is stifling, and citizens continue to face severe restrictions on their basic rights to freedom of expression, association, and peaceful assembly. The government effectively controls print media, and online media outlets are forced to register with the government and post a significant bond. Bloggers and online media that comment on political issues are targeted for prosecution with vague and overly broad legal provisions on public order, morality, security, and racial and religious harmony.

Returning to the constant Vigil and Re-Editing of Wikipedia, one constantly removed and replaced phrase i have seen re-edited on a daily basis is the statement that ‘Corruption in Singapore is generally perceived as low. Cases are mostly handled by the Singapore Corrupt Practices Investigation Bureau (CPIB), a government agency in Singapore that investigates and prosecutes corruption in the public and private sectors’ The truth is that Corruption is percveived as High by most Citizens, as i myself have asked over 300 Citizens, ALL but 5 of whom agreed that the Justice System is Corrupt, and many Singaporean Citizens also expressed the Opinion that the Women’s Society of Singapore  who rule the Family Justice is also as Corrupt as a Colombian Army Officer. (and that’s saying something!)

In fact, the Singapore Government are not only posting Fake News on Wikipedia, but also on their own websites to bury the true facts posted on other sites, in the Google Search Engine.

Singaporean Government Fake News Propaganda

Government Manipulated Fake News Online to Bury Real Truth, and put it on Page 2 of Google


The CPIB are however also Cronies of the Government, and Hence, Part of the Corruption Ring, and will ALWAYS FIND CORRUPTION when investigating the Enemies of the State (Dissidents whose Freedom of Speech is Silenced), but will NEVER FIND CORRUPTION WITHIN ITS OWN ECHELONS.

Mr Xu Yuanchen stands accused by the State of publishing a defamatory article in Willy Sum’s name, without proper verification of the writer’s identity.

De Costa was arrested that same day at 2.50pm. Police also discovered he had plans to leave Singapore on a flight scheduled at 3.45pm. A search warrant allowed them to seize his electronic equipment as well.

Both parties will be charged with “criminal defamation” with possible jail terms of up to 2 years and a fine.

Hats of off to Xu Yuanchen for refusing to sign the below document!

Xu Yuanchen refuses to sign Charge Sheet

Editor Xu has “refused to sign” the charge sheet.

De Costa faces an additional charge for “unauthorised access to computer material” and utilising Mr Sum’s account without permission. He could face a $5,000 fine and/or a 2-year jail term.

I myself find this strange after reporting exactly such a Cybercrime to the Head of the Division itself Office Tan Yong Hua of the Singapore Police Cybercrime Division,

No prosecution was made for the two reported Cybercrimes, commited against me, to Illegally access my Apple Id and iMessages to steal Data and Manipulate it, and present the faked manipulated stolen Data as evidence against me in court, by the Abdutress of my Son, his Own Mother.

She stole the evidence, to evade having to return my Parentally Abducted son Angelo, who was abducted by the mother from Thailand to Singapore in 2014, and used Illegal Methods to Hoodwink the Singaporean Family Justice into not returning the child. Tan Yong Hua told me to fly to Singapore and make a police report, which i did, and after various emails, replied saying no action was going to be taken. Below is the initial email response from the Cybercrime Division.

Singapore Cybercrime Division's head Officer Tan Yong Hua's first response to my rep[ort of a cybercrime to Illegally Obtain Evidence to Dupe the Justice System. The Coirtys Accepted the Stolen Evidence Knowing it was illegally obtained, and ignored the allegations that the data had been manipulated to deceive.

Singapore Cybercrime Division’s head Officer Tan Yong Hua’s first response to my report of a cybercrime, committed by the Abducting Parent (Mother of my Abducted Son Angelo),  to Illegally Obtain Digital Evidence stolen from a private chat with my Brother, to Dupe the Justice System. – DISCLAIMER!!!!  I Ajarn Spencer Littlewood have never signed the Official Secrets Act. Adding such a warning as seen in the above screenshot of an email from the Singapore Police, is not legally Binding, and is in Fact an Intended deception. aimed at silencing or frightening those Citizens who do not know their international right to freedom of speech. It is intended to try to scare potential whistleblowers into revealing the contents of the emails. It is however not  legally acceptable, nor is it binding to put this kind of message in the footer of an email.

I, Ajarn Spencer Littlewood am not subject to, and have never signed the Official Secrets Act of Singapore, and as a British Citizen, am not subject to the laws of a country i neither live in nor visit, Nor do i recognise your self invented laws, so fuck yourselves!!!.

Here below in screenshot of my emails to Tan Yong Hua, is the story i told Tan Yong Hua, before flying to Singapore and fling an Official Police Report which was forwarded to him personally, as requested by him. I now realise that this was to keep the matter hidden, NOT to help me. Being sweet-talked by state officials in Singapore has happened to me on multiple occasions, and i am no longer so Naive to fall for it. I was however at the time, and believed he wished to help, which as it turns out, he didn’t.

Pre-Official Email Response to Singapore Cybercrime Division head Tan Yong Hua, before filing official Police Report for Investigation and Prosecution, which never happened.

Pre-Official Email Response to Singapore Cybercrime Division head Tan Yong Hua

I say to Tan Yong Hua; Why was my Singaporean Ex Wife’s act of “unauthorised access to computer material” not Prosecuted, but the allegations against Daniel Da Costa are????

In my case, the Cybercrime Division refused to Prosecute, and Courts Accepted the Stolen Evidence Knowing it was illegally obtained, and ignored the allegations that the data had been manipulated to deceive. (I shall reveal the Corrupt Judicial Misconducts against Myself and My Internationally Abducted Son Angelo in a separate Post).



The Singapore Justice IS UNDENIABLY CORRUPT, as are their Cronies in blue-black, the Police. I myself had a Singaporean log into my Apple ID and use stolen Data to harm me, and Tan Yong Hua head of Cybercrime Division took my complaint and DID NOTHING!  So Cyber-Crimes against Individual Citizens is Ignored by the Singapore Police. But…. when someone criticises the government, The Cybercrime Division Bends over and spreads their Buttocks!

You Failed To Silence Human Rights Watch, and You Singapore, will also Fail to Silence other Human Rights Warriors around the World. For We Are Anonymous, Legion, and We are Not Subject To Your Laws Outside Of Singapore, And You Will Fail To Silence Me, Because You, the Singaporean State, and its Corrupt Singaporean Judiciary, Assisted In The International Parental Child Abduction Of My Son In 2014, To Hide It From Your Compulsory Annual Report To The Un On The Civil Aspects Of International Parental Child Abduction And Article 10 Of The Rights Of The Child


Despotic Leader Singapore Lee Hsien

Despotic Leader Singapore Lee Hsien

faceless & nameless

We are En-Masse Virtually Anonymous – We Are Legion – But some of us are brave enough to Show Our Faces, like me, Ajarn Spencer Littlewood. After what you did to my son Singapore, who i shall probably never see again, YOU SHALL PAY WITH THE LOSS OF REPUTATION YOU DESERVE, AS WILL THE INDIVIDUALS WHO ASSISTED IN MY SON’S ABDUC TIOBN AND RETENTION, AND REMOVAL OF HIS RIGHT TO ARTICLE 10 OF THE WORLD CONVENTION ON THE RIGHTS OF THE CHILD!





United Nations Useless as the Court in Alice in Wonderland

When one becomes aware of what lies behind the United Nations Lack of Action, and their many alleged Money Skimming Scams, one has to ask when it will finally be dissolved, ridding this world of one of the most costly and inefficient organisations on the planet. The United Nations is a Hot Topic when it comes to the Discussion about whether they are efficient in their stated missions or not, and are being regarded as more International trade Orientated, than they are Interested in Helping the World Become a Better Place, Helping Children, and other Human Rights Related Issues. The one thing that has never come to the surface till now, which is becoming ever more talked about, and slowly going viral, is the money skimming scams committed by both Individuals within the UN, and the United Nations itself.

United Nations 10 Million Scandal

United Nations 10 Million Scandal

I Myself, have had two applications with the U.N. for Human Rights Issues, during the Process of which, i found out, that their supposed Human Rights Departments are Bogus Ghost Offices, especially the Hague Central Authorities of Each Nation, and that they are involved in a Money Skimming Scame in Cahoots with the Mediation Agency Mikk.ev.de – I Predict that the U.N. will be most probably dissolved within two decades or less, as the General Consensus is tending to view the U.N. as a Powerless Waste of Time and Money, designed more for Trade, than for Sanctioning Rogue Nations and Getting the Job Done.

There has arisen much dissidence as to the viability or usefulness of the existence of the UN over the last few years, and various attempts at clearing the air have been attempted by the UN to Justify their Existence and the Funding they receive from member Sovereign Nation States.

5 Assholes in the United Nations Security Council needed to get a 'Yes'

5 Assholes in the United Nations Security Council needed to get a ‘Yes’

Even students like Rwanda Paktar have made astute comments to the question “Is United Nations a useless organisation?” and cited events which show that the existence and cost of the United Nations is of no use to anybody whatsoever, and here i quote his comments from Quora

“The UN is totally a useless organization. It was formed in the aftermath of WW2 , in order to maintain peace within all the nations. However, it has today become a spineless organization, with no say whatsoever.

The UN has become one of the most inefficient organizations. Even after 73 years after its existence, the UN has failed to end the world’s gravest concerns. Let us look at some of the issues UN has overlooked.
Rwanda Genocide :
In 1994, the UN; and I quote “ just stood and watched” the slaughter of 800,000 ethnic Tutsis, caused by the Hutu government.
Iraq invasion:
Even though the UN declared it illegal , US simply attacked Iraq and remained there for seven long years , calling it as a war for democracy. What is the use of the UN when anyone can declare war on each other ?
Israel/Palestine issue:
In 1948,the UN pledged to split the land west of the dead sea into two states, namely Israel and Palestine. This is what they came up with.
The green areas would become Palestine, and the white ones Israel.
What a ridiculous plan ! Do you think such nations could coexist, when parts of them are split across hostile territory ?

Israel Palestine Scandal United nations Boobed Up

Israel Palestine Scandal United nations Boobed Up

Kashmir issue :
In 1947, India/Pakistan war took place over the princely state of Kashmir. The UN drew a Line of Control across the map. However, they did not complete the job. A small patch, also called as the Siachen Glacier, lies unclaimed up to this day.

Kashmir Incident United nations Lack of Action

Kashmir Incident United nations Lack of Action

The efficiency of the UN is worse then even the worst courts in the world. 73 years on, many issues are unresolved.

United Nations is more ridiculous than the courts, which are inthemselves, as Ridiculous as the Courtroom of the Queen of Hearts in Lewis Carrol's Alice in Wonderland and Through the Looking Glass

United Nations is more ridiculous than the courts, which is in itself, as Ridiculous as the Courtroom of the Queen of Hearts in Lewis Carrol’s Alice in Wonderland and Through the Looking Glass

Perhaps the main reason why the UN is so inefficient is because the way it works. For a decision to be passed in the Security Council, one needs the “Yes” of all five permanent members- United States, United Kingdom, Russia, China and France.

These 5 members have veto power, thus they can forbid any decision from being passed. A single amendment requires months, if not years to be passed, in order to appease all the five Veto Nations.

UNSC PG5 Nuclear Weapon Wielding Asshole Bullly Nations

UNSC PG5 Nuclear Weapon Wielding Asshole Bullly Nations

What’s worse, the five nations take diametrically opposite stances on such grave issues.
The UN also recommends countries to take a particular stance even though the countries don’t wish to. For example, the UNHCR (United Nations High Commissioner for Refugees) forces countries to accept refugees. It is very easy to give such advices, especially when you are not the one paying for it.

The permanent members of the United Nations Security Council (also known as the Permanent Five, Big Five, or P5) are the five states which the UN Charter of 1945 grants a permanent seat on the UN Security Council: China (formerly the Republic of China), France, Russia (formerly the Soviet Union), the United Kingdom, and the United States.

P5 United Nations Money Skimmer Donald Trump

P5 United Nations Money Skimmer Donald Trump

These countries were all allies in World War II, which turned out victorious. They are also all nuclear weapons states. A total of 15 UN member states serve on the UNSC, the remainder of which are elected. Any one of the five permanent members have the power of veto, which enables them to prevent the adoption of any “substantive” draft Council resolution, regardless of its level of international support

The UN at least claims to have had some efficiency until the 90’s. That was because both the superpowers, the US and the USSR , held a delicate balance in the General Assembly. After the fragmentation of the USSR, there is only one superpower, which has further reduced the UN efficiency. The UN is now heavily biased when it comes to countries having sour relations with the US.

United States Vs World UN General Assembly Monkeys

United States Vs World UN General Assembly Monkey Business.

So the UN is essentially useless. It is biased and inefficient. It doesn’t serve the very purpose it was meant for.

To quote foreign affairs website;

Any assessment of the United Nations’ performance must begin by acknowledging that it is not a monolithic institution but a composite of various parts, which are often conflated by its detractors. When critics invoke the United Nations, do they mean the United Nations Security Council (UNSC), dominated by the great powers and charged with enforcing global peace and security? “

“Are they referring to the UN General Assembly (UNGA), the world’s noisy but largely toothless town hall, or to other large-membership bodies such as the Human Rights Council? Do they mean the dozens of UN specialized agencies, programs, and funds, such as the International Atomic Energy Agency and the UN High Commission for Refugees? Or are they critiquing the UN Secretariat itself, within which Secretary-General Ban Ki-moon oversees myriad departments devoted to development, disarmament, peacekeeping, and the like? ”

Real News wish it was fake

Real News wish it was fake

The Truth is, in My Opinion, the UN is merely a Fake Money Skimming Operation for Corporate Businessmen who buy their way into Politics with Bribery, Bloodlines, Money and Philanthropy. in order to increase their own personal gains and interest, and have power over the world.

United Nations Money Skimming Scams

United Nations Money Skimming Scams