Weekly Axis Of Easy #165
- US Federal Agency hacked by malicious actors
- Hackers are actively exploiting Windows Zerologon flaw
- This hot new gig economy platform is for evicting people
- Facebook worried that EU ruling may force it out of Eurozone
- LAPD denies using facial recognition but has used it 30K times since 2009
- Tesla network systems crash globally
- Twitter suspends Chinese doctor who also says COVID-19 came out of Wuhan lab
- AxisOfEasy Salon #23: Lords of the Algos
US Federal Agency hacked by malicious actors
Last week the US Cybersecurity Infrastructure Security Agency (CISA) released a bulletin outlining the successful attack, penetration and exfiltration of data from an unnamed federal agency. While not disclosing which agency it was, it is described as a civilian one, not military.
The report provides a deep dive into the exact mechanics of the attack, from how they used compromised access credentials to gain initial access to the agency’s Microsoft O365 accounts and then leveraged that into a comprehensive penetration into the network’s file systems and the installation of a reverse shell.
Also described are the various hacker tools and malware employed, including the IP addresses of the C&C nodes and concludes with an overview of defensive measures to be considered against attacks of this nature.
All told quite interesting.
Hackers are actively exploiting Windows Zerologon flaw
Another US government agency, this time the Department of Homeland Security (DHS), sent out an alert about the recently discovered Windows 10 “Zerologon” bug. The flaw has been known for a couple of weeks and a reader forwarded me a couple items about it (you know who you are). I meant to write it up before now but it slipped through, sorry about that.
The CISA agency mentioned above also issued an alert requiring all federal departments and agencies to immediately patch all vulnerable versions of Windows. The Zerologon flaw has been assigned CVE-2020-1472 and is a privilege escalation attack exploiting a flaw in the Microsoft NetLogon protocol that enables attackers to hijack domain controllers. It has been assigned the maximum level of “OMFG”-ness.
This hot new gig economy platform is for evicting people
Vice’s Motherboard broke the story last week about a company billing itself as “The Fastest Money Making Gig Due to COVID-19” (and the spam filters went wild). I imagine the pitch-deck to VC’s had a slide that went something like this: “It’s like Uber, BUT FOR EVICTING PEOPLE!”. High-5’s around the boardroom.
The company is called Civvl, and it’s a gig economy platform that recruits people to act as process servers and eviction crews. When I went to look at Civvl’s website, I kept getting redirected to a moving company’s site called Moveqwik, whose IP address reverses out to gov.illuminatilist.com, which is all just kind of weird.
But the company’s ads which were posted to Craigslist, are still viewable as I write this (although I’m linking to a web archive of it):
“Eviction junk haulers / Foreclosure Movers / Process Servers Needed. Earn up to $125/hour. Sign up here and start working in less than a week”.
Not sure how that squares with a US Federal moratorium on residential evictions that is in force until at least Dec 31, 2020, but here we are.
It all kind of reminds me of a movie I once saw called “99 Homes” (trailer here) about an unemployed single-father who goes to work repossessing homes in the aftermath of the Global Financial Crisis. Didn’t end well.
Facebook worried that EU ruling may force it out of Eurozone
Here’s another salvo in the tension we have been noticing between Big Tech platforms and nation states: Facebook is worried that they may have to stop operating in Europe over a preliminary ruling that moving EU citizen data to the US based data-centres violates EU data privacy laws. The ruling earlier in the summer found that there were inadequate protections in place for European citizen data from US intelligence agency snoopping.
Facebook is saying it may have to pull out of Europe if they stick to their guns on this, reminding me of the hissy fit Uber and Lyft threw when a California judge ruled the tech unicorns shouldn’t be externalizing their labour costs. In this case, the US stance on ubiquitous surveillance on everybody is coming back to bite Facebook.
While I acknowledge experiencing cognitive dissonance over government rulings that aren’t completely ass-backwards, my heart is not bleeding for the Big Tech players who are crying foul over it.
Also see Jesse’s Metaviews piece on Facebook’s Big Stick Diplomacy
LAPD denies using facial recognition but has used it 30K times since 2009
The assistant chief of police of the Los Angeles Police Dept. has walked back earlier denials that the agency did not use facial recognition software in the pursuit of leads or suspects. It turns out they’ve turned to a database owned by the Los Angeles County Regional Identification System, which has a database of approximately 9 million mugshots, about 30,000 times since 2009.
The database itself was built by a company called DataWorks Plus, which Jesse Hirsh cited in an earlier Metaviews piece on the use of facial recognition technology.
Facial recognition use is controversial because it has a nasty tendency to be imperfect and wrong, which when used by law enforcement agencies can lead to wrongful arrests.
Tesla network systems crash globally
This is a joke yours truly invented about the Internet of Things, before it was called “The Internet of Things”:
Dad: Son, eat your vegetables.
Dad: Why not?
Kid: My fork won’t boot.
And while a recent global outage across Tesla’s entire computer network didn’t render their cars undrivable, company employees were unable to process orders or tickets while customers could not connect to their vehicles via their apps. The Tesla website was also reportedly down.
The outage was not confined to Tesla cars, the same thing was happening to its solar and power wall systems with owners unable to connect and monitor their installations.
While this outage didn’t grind everything to a complete halt, it’s a good harbinger of where all this is going once we decide to load everything we possibly can onto somebody else’s computer, a.k.a “the cloud”.
Twitter suspends Chinese doctor who also says COVID-19 came out of Wuhan lab
A couple weeks ago Dr. Li-meng Yang, a Chinese virologist turned whistleblower set up a Twitter account and went public with allegations that her work made her aware of human-to-human COVID-19 in late December 2019 and tried to communicate what she knew to officials in January. She also alleges that the virus was manufactured or modified in the same WuHan lab that Zerohedge pointed to in February which got them suspended (ZH’s Twitter was reinstated months later).
Dr. Yang quickly amassed a following of 60,000+ in a matter of days… she had only posted four tweets, one of which linked to a paper she co-authored about anomalies in the virus before Twitter suspended her account.
None of this is to say she’s right and Twitter is suppressing the truth. What this is to say, is that I am vindicated yet again in what I said of Chapter 4 of my book. Does deplatforming work? No, it doesn’t:
If the ostensible objective is to dampen the spread of so-called “conspiracy theories” then the way Twitter handled this was the exact opposite way to not spread it. Had they done nothing, I for one would have never heard of this person, and then neither would you have.
By contrast, the Li-Meng Yang Wikipedia entry is good example of where all of the perspectives are coming out in the wash (although, as we’ve discussed here before, Wikipedia has lost grip on the Neutral Point of View mandate in a lot of instances).
As far as this particular “conspiracy theory” goes, it is worth noting (and largely unreported in the West) is that Dr. Luc Montagnier, who was awarded the 2008 Nobel Prize in Medicine for his discovery of the HIV virus has also stated and doubled-down on that statement, that COVID-19 has been modified by humans.
To be fair, here is an article that debunks Montagnier’s claim, accusing those who entertain his claim of succumbing to the “appeal to authority” logical fallacy. While the article cites multiple sources and papers, I note bemusedly that it also succumbs to the “poisoning the well” logical fallacy in the debunking. Coronovirus is a contentious issue, made more so when Big Tech picks and chooses who gets to have their say and who doesn’t.
AxisOfEasy Salon #23: Lords of the Algos
This week on the AxisOfEasy Salon, Jesse Charles and I discussed the need for “algorithmic advocates”, our own personal algos or agents whose sole job it is to protect our interests from everybody else’s algos and surveillance.
Also Jesse took a deep look at the collective vs individual aspects of data privacy while Charles Hugh Smith observes that “Whatever Can’t be Politicized, Ceases to Exist”
Watch Salon #23 Lords of the Algos here: