Now we learn the OMFG part of the SolarWinds hack
Two days ago the WashPost gave us the Russiagate 2.0 headlines about the SolarWinds hack.
The Russian government hackers who breached a top cybersecurity firm are behind a global espionage campaign that also compromised the Treasury and Commerce departments and other government agencies, according to people familiar with the matter, who requested anonymity because of the sensitivity of the matter...
SolarWinds said Sunday in a statement that monitoring products it released in March and June of this year may have been surreptitiously weaponized in a “highly-sophisticated, targeted . . . attack by a nation state.”
Did you get that? It was HIGHLY-SOPHISTICATED, so it had to be a NATION STATE, like Russia.
Even if we wanted to explain it to you, it would be too complicated for you to understand.
Bullshit! Nothing about that WashPost article is true, except that SolarWinds was hacked.
No doubt the company claims to take security seriously. But while users are being subjected to password requirements that demand them to utilize most of the alphabet and multiple shift key presses, internal security isn't nearly as restrictive. Here's the "OMFG are you goddamn kidding me" news via Reuters, which first broke the news of the malicious hacking.Security researcher Vinoth Kumar told Reuters that, last year, he alerted the company that anyone could access SolarWinds’ update server by using the password “solarwinds123”.
All five branches of the military. The NSA. The IRS. The USPS. DHS. The Treasury Department. Nearly every Fortune 500 company. All ten of the top ten telcos. The list goes on and on. And with this access, attackers could move laterally, using compromised credentials to eavesdrop on mutuals of targeted entities. And all of this "secured" by a password so simple an idiot could have created it.
We're fucked.
LMFAO! I could come up with a better password than that half-asleep and with one temporal lobe tied behind my back.
This is what passes for our "experts".
But wait! We aren't finished with OMFG news yet. Although admittedly, this next one is a little less surprising.
In a new wrinkle in the still-unfolding SolarWinds saga, it seems that some of the company’s top investors sold off close to a collective $280 million dollars in stock just days before the news of its role in a far-reaching federal cyberattack became public.That’s according to a new Washington Post report that specifically calls out two investment firms—Silver Lake and Thoma Bravo—that together own a whopping 70% of all SolarWind’s stock and controlled six of the company’s board seats. The two firms sold off, respectively, $158 million dollars and $128 million dollars in shares on December 7—six days before SolarWinds disclosed that some of its monitoring products were subject to a “highly-sophisticated” attack at the hands of an unnamed nation state.
Interestingly enough, these sales also happened just days before the company’s longterm CEO, Kevin Thompson, announced his resignation after close to 10 years with the company.
Imagine for a moment that the same laws that apply to you, also applied to Wall Street and rich people. Boy, these people would be in deep trouble.
But we don't live in that fair world. We live in a world in which you are told that you must send your life-savings to a place where they suffer zero consequences for breaking the law and stealing from you.
Comments
HSB
Holly shit batman.
I wonder how many times the company's lastpass sytem told them the password was vulnerable?
But as is usual anymore, a missed bowel movement is now blamed on Russia.
And insider trading to boot? If it's connected to anything government, it's legal.
Thanks for the giggles and upset stomach gjohn.
Not to worry though. I have some 1980 elderberry wine that will sooth the latter and increase the first of the two.
Regardless of the path in life I chose, I realize it's always forward, never straight.
Not sure if this is related (but it probably is)
gmail went down yesterday
In a related note, Protonmail is currently down today.
Let's not forget just how EVIL Putin is.
Google has a ton of issues.
Avoid them if at all possible.
Some idiots using smart home systems realized they don't know how to turn on lights anymore if an app doesn't do it for them. No sympathy.
Please read the comments. They go good with a doobie or some wine.
https://www.rt.com/news/509623-smart-home-google-outage/
Regardless of the path in life I chose, I realize it's always forward, never straight.
Note that right wing twit automatically conflates
communism and USSR with Russia. Decades of propaganda and programming at work.
be well and have a good one
That, in its essence, is fascism--ownership of government by an individual, by a group, or by any other controlling private power. -- Franklin D. Roosevelt --
When you're living in a bubble and you haven't got a care....
In the Land of the Blind, the One-Eyed Man is declared mentally ill for describing colors.
Yes Virginia, there is a Global Banking Conspiracy!
Mistake. Sorry.
Edit
Wasn't it like 20 or so years
Wasn't it like 20 or so years back, that vast networks of US govt computers were hacked because the default password like "hello1234" was never reset?
The monolithic bureaucracy that pays people to not think...
Default crappy passwords
That lazy indifference to simple security goes way back. In the Manhattan Project, Feynman gained a reputation as a safecracker and even set off a security ding. He realized that most people in this hyperhidden supersecure atomicsecrets installation couldn't be bothered to reset the factory combinations on safes. The more things change...
Consolation prize: the US empire is fucked. Rotting rapidly.
Beyond
sell by date.
Soon to be tossed in the
dustbindumpster.Regardless of the path in life I chose, I realize it's always forward, never straight.
Hah! I remember him saying that in one of his books.
also when he was on the California school Book panel. Everyone voted a particular book as best. Feynman said, "My copy is defective, all the pages are blank." The others explained that the publisher didn't get the printing done in time but assured the committee of it's contents. Feynman said he couldn't approve a book without reading it and was never again invited to the panel.
My very favorite was back when New Math was hot. "Only the less than one percent that are going to be professional mathematicians need to know set theory. Everyone else just needs to know how to calculate the right answer." One day my elementary school grandson asked for help with his division homework. Now when I got my B.Sc. in Physics I was only four hours shot of a bachelor's in Mathematics. I couldn;t figure out what the H this grade school textbook was saying. crazy calculations and set talk. I told him,"here. Let me show you how I was taught and my father before me." And proceeded with the traditional method with carets and trial divisors. "Oh, that makes sense, Grandpa!" Teachers! Sorry, Lookout, but most of your colleagues should be fired for malpractice.
I've seen lots of changes. What doesn't change is people. Same old hairless apes.
My intermediate school in Honolulu called it “Illinois math”
because the materials involved came from UICSM, which stands for the University of Illinois Committee on School Mathematics (at least one source cites an alternate meaning of the University of Illinois Curriculum Study in Mathematics).
https://americanhistory.si.edu/collections/search/object/nmah_1302593
https://duckduckgo.com/?q=new+math+UICSM+textbooks&ia=web
I didn’t get to take it, being in one of the last cohorts to be taught “old math.” Our algebra teacher was a World War I veteran, a jolly, likeable man who walked with a limp, who referred to our textbook as “Hawkes, Luby, Touton” after the names of the authors.
https://duckduckgo.com/?q=hawkes+luby+touton&ia=web
The geometry teacher for my year also taught Illinois math to other classes, but it seems the UICSM materials for geometry were not yet ready, so we used a conventional geometry textbook. As a bonus assignment he invited certain pupils including me to read The Education of T.C. Mits (T.C. Mits = “The Celebrated Man in the Street”) by Lillian Lieber and the sequel, Mits, Wits, and Logic.
https://www.maa.org/press/maa-reviews/the-education-of-t-c-mits-what-mod...
I have a battered old High School geometry book
Three generations have learned geometry from that book, plus some of my friends' kids. It's clear and to the point. Textbook writers should realize that the book is for kids not academics. After all, if it was good enough for Euclid and Archimedes...
High school geometry was the only math class my daughter got an A in. She's rather innumerate like her mother. It's not a matter of being "smart". Math is in a whole different brain area from speech and reading. She found my High School Algebra book very useful too, and loved my High School Chemistry book. they wouldn't let her take chemistry. that was "advanced". BTW, my daughter now has a two year degree in Electrical and Electronic Technology. She would have had a straight A average except one course was a B. she said that prof was very misogynistic and was always saying things like "women shouldn't be in this class taking space from men who need to make a living". Yes, she complained but had no documentation.
She is a gifted Python programmer and has built all sort of devices using Raspberry Pi microcomputers.
She used a homebuilt Z80 handheld to cheat in Algebra. Her teacher told me he knew it but didn't call her on it because, "Well she had enough initiative and knowledge to program that computer to find quadratic roots, so I let it slide." I don't even want to know what she did to the phone system with that Commodore 64 and a modem.
Please excuse all typos here. My eyes are particularly bad this morning. Macular degeneration.
I've seen lots of changes. What doesn't change is people. Same old hairless apes.
Wow! How marvellous to have such a daughter! n/t
Feynman was an exceptional person with an exceptional
mind, but I think he was wrong on set theory, depending upon the level of detail. Sure, the outer reaches are quite abstruse, but an introduction to the basics, in addition to, as opposed to instead of regular traditional math instruction is very useful and helpful in a lot of ways. I was part of a group (late fifties) who were taught it in Junior High as part of algebra with some rudimentary math theory and all that and all of us got good mileage out of it all through High School, in multiple subjects, and those I stayed in touch with used it in college too. Strangely enough, I took a grad level poli sci seminar from Wolinsky once as an undegrad, and he used in describing and analyzing the structure of societies and polities. It can help clarify many things.
be well and have a good one
That, in its essence, is fascism--ownership of government by an individual, by a group, or by any other controlling private power. -- Franklin D. Roosevelt --
Republic of Tuva
Feynman was enamored of this country in the center of Asia. Per his sense of humor, he liked a country whose capital city was basically all buzzing consonants, and he loved Tuvan throat singing. He died just before receiving permission to travel there, as described in "Tuva Or Bust!". My copy is signed by Tuvan throat singers.
Check out alashensemble.com, and look for the movie "Genghis Blues".
https://en.wikipedia.org/wiki/Genghis_Blues
"Genghis Blues is a 1999 American documentary film directed by Roko Belic. It centers on the journey of blind American singer Paul Pena to the isolated Russian Republic of Tuva to pursue his interest in Tuvan throat singing. "
tutoring math
The main point I made was there's no magic, just follow the steps and you'll get there. Math anxiety is the enemy. Different brain areas are involved in geometry and algebra (to overgeneralize), some folks are better at one than the other, but if you're patient and don't panic you'll get there.
My dad taught me how to extract *square roots* by hand, using
a procedure that looks a lot like long division.
FYI for the Jimmy thread
"We just don’t have the votes."
"We still don’t have the votes."
People have fallen for this long enough and they’re seeing through it.
“When out of fear you twist the lesser evil into the lie that it is something good, you eventually rob people of the capacity to distinguish between good and evil.”
~ Hannah Arendt
But they have the votes for massive giveaways to Boeing!
I've seen lots of changes. What doesn't change is people. Same old hairless apes.
And for their friends in other industries
Plus they have been pumping money into the banks to affect the stock market and so they can pay bigger dividends. Really nice gig.
“When out of fear you twist the lesser evil into the lie that it is something good, you eventually rob people of the capacity to distinguish between good and evil.”
~ Hannah Arendt
Nope.
It's a big club and you aren't invited.
This one never dies.
[video:https://youtu.be/Nyvxt1svxso]
Regardless of the path in life I chose, I realize it's always forward, never straight.
What would Carlin have said about diversity…inclusion…idpol etc.
especially as a concerted campaign of corporate / Big Tech / Hollywood / academic / Dem party PR?
Would George Carlin have recognized and called out “woke-washing” as also being a big sham? What words would he have used, I wonder?
Thank you so Much for that Link!
Pure gold.
I've seen lots of changes. What doesn't change is people. Same old hairless apes.
If this has already been said....I looked up SolarWinds.
Welp, it seems they are an IT Security Software Company. Huh? This just gets worse and worse.
A society grows great when old men plant trees in whose shade they know they shall never sit. Allegedly Greek, but more possibly fairly modern quote.
Consider helping by donating using the button in the upper left hand corner. Thank you.
Voting-machine supplier Dominion reportedly had used SolarWinds,
referring to the firm on their website. After news of the hack broke, of course, any references to SolarWinds were removed.
https://duckduckgo.com/?q=Dominion+SolarWinds+voting+machines&ia=web
This is Dominion’s website, by the way:
https://www.dominionvoting.com/democracy-suite-ems/
Would you buy a used
carconstitutional democracy from these guys?This post was complied with real expertise.
The links gjohnsit included were very informative. False flag attacks like this are buried under layers of distractions, and even the most discerning readers give up on critical reasoning very early in the process. Thus they absorb the disinformation that is presented. That was the great national tragedy of •Russia Hoax 2016• which left so many Americans with brain lesions that have since been exploited again and again.
Here, we see a splendid example of this exploit being used, primarily, as a cover for insider trading.
Most readers will be caught in the sticky mucous where certain government agencies claim that their emails were spied on by Russians. A few readers will slide deeper into Solarwinds security software, which did not protect users and may have actually infected them. Fewer still will dig into Solarwinds' internal woes, where it is claimed that hackers weaponized their upgrades in ways too sophisticated to describe. Instead, Solarwinds point to the very same hackers that didn't hack the DNC. (This is where all curiosity ends for most readers, since they were not subsequently informed by the media that those so-called Russian hacks never actually took place.)
But gjohnsit manages to follow the story down into the exploits that did take place at Solarwinds. (I call them 'exploits' because they are too dumb to be considered hacks.) Here we learn that Solarwinds accidentally forgot to properly protect their own company software, so intruders could ride Solarwinds' automatic upgrading supply-chain into the control centers of all their customer's computers, where intruders could linger for a longer look. Solarwinds had a very elite group of customers. The Solarwinds exploiters were selling ride tickets to other exploiters.
But that's still not the reason that Russia was pulled into the crisis. That came about because certain Solarwinds board members and the Solarwinds CEO sold hundreds of millions of dollars worth of stock a few days before the public announcement of the hack was made. It was their insider trading cover-up that required a major distraction. So, Solarwinds pulled the infamous CrowdStrike Maneuver and claimed they were hacked by the Russian Government. That pump was already primed and would provide cover for everyone in the supply chain who needed it.
Back in March 2020, when Congress had an insider-trading free-for-all amounting to hundred of millions of dollars — just days before the pandemic was announced, they didn't need a cover-up. That's because Insider trading is legal in Congress. It's part of the American dream, and Congress is preserving it.
Thanks for documenting this so well.
Parts of my narrative may be off the mark, but I think it covers most of what happened.
Populations don’t like wars. They have to be lied into it.
That means we can be “truthed” into peace. — Julian Assange
"Security Experts"
more like The Three Stooges!
I've seen lots of changes. What doesn't change is people. Same old hairless apes.
Sounds about right.
Sorta funny Cozy Bear was blamed. Previously they were part of the Russian Army, but now seemed to be transferred to the Russian foreign spy agency. You know the super duper evil genius group of hackers who left Cyrillic files on the DNC serve. Russiagate is still a booming business segment and grift. Crowdstrike had an IPO last year and their stock price is about $170 now.
So mind boggling
I don' get it. Articles spreading the recent propaganda include the following words:
Alleged
Believe
Unnamed source
Not authorized to say anything
and yet people take the reports verbatim. Or on the Russian bounty story. There was never any evidence shown and the news sites verified other news sites reporting without asking, "Hey, where the hell is the evidence?" Just today there's a diary on what Putin said, but the diarist just interpreted his words to say something else and they everyone went with his opinion.
The words are in b&w and yet.....If Israel was substituted for Russia, Bibi for Putin this shit would have never been allowed to start. Brennan once said that Russians are basically predestined to start shit and be unreliable. On CNN. It was worse than that, but I can't remember the wording.
“When out of fear you twist the lesser evil into the lie that it is something good, you eventually rob people of the capacity to distinguish between good and evil.”
~ Hannah Arendt
MoA has a pretty good recap
They focus more on Fireeye, the complete lack of evidence from the Russia angle.
I've since done some deeper research
I am aware of the details that are flawed in my comment. I learned that Fireeye was one of Solarwinds 18,000 clients who received weaponized updates on their network management software. Fireeye is a systems security company and they have been chasing their own brand of phantom Russian hacker that they call "Sandworm." Like CrowdStrike, they see Russians lurking behind many cyberattacks. They recently caught on to some unexplained activity on their own servers, figured out they were infected by Solarwinds, and got in touch with Federal cybersecurity authorities.
I actually wrote about this the night the news broke. The story first appeared midday in the UK published in The Guardian. It was an exclusive leak. The Guardian appears to be a CIA asset, so it's the natural place to drop the preferred narrative about what's going on. Russia was not mentioned by The Guardian and was not part of the story. That wouldn't come for another 6 to 8 hours — after the US woke up and ran with their own versions.
.
I was surprised to see the US Treasury named as a target, but that would go nowhere. The Guardian didn't learn much from their initial informants. But in subsequent days we've learned there are other affected agencies, including the US Department of State, US NTIA, US NIH, DHS-CISA, and the US Department of Homeland Security.
Now, five days later, we find out that the networks of the National Nuclear Security Administration (NNSA) and the US Department of Energy (DOE) may have been under surveillance since March 2020. The NNSA is government agency responsible for maintaining and securing the US nuclear weapons stockpile. Other targets of espionage operations include the Federal Energy Regulatory Commission (FERC), the Office of Secure Transportation, the Richland Field Office of the DOE, and Sandia and Los Alamos national laboratories.
.
There are many different things all happening at the same time.
I wouldn't call this an attack.
I'd call it an occupation.
I see it as a real-time demonstration of US vulnerabilities at home, while the US is trying to terrorize the world into obedience to its Rule. It's a virtual standoff. What drives this point home is that even if you shut off Solarwinds' automatic updates, these occupiers are not ejected from the systems they occupy. They have built other hidden doorways in and out of these networks and can come or go as they please.
So, what other US invincibles are being occupied and spied on?
Well, here's what we do know: More than 425 of the US Fortune 500 companies are SolarWinds' customers. The top ten US telecom companies use Solarwinds Network Management software. Some of the most important Federal entities and agencies are Solarwinds clients, including the US Military, the Pentagon, the Department of Justice, the State Department, NASA, NSA, Postal Service, NOAA, and the Office of the President of the United States.
This incursion has been underway since March 2020, when the pandemic began in earnest. There appears to be little, if any, malicious activity. No leaks. No sabotage. No threats. No demands. There is simply a watchful "presence" in the machine. It cannot be eradicated without rebuilding the entire digital infrastructure.
At least, that what some people are saying.
Populations don’t like wars. They have to be lied into it.
That means we can be “truthed” into peace. — Julian Assange
Thanks, gj, caught that pw crap earlier.
"hack" by "state actor" already sounded like utter bullshit, then the pw stupidity, publicly exposed, made it look even worse. Now throw in the insider trading scam and ...
be well and have a good one
That, in its essence, is fascism--ownership of government by an individual, by a group, or by any other controlling private power. -- Franklin D. Roosevelt --
Trump LET Putin do all the hacking
Of Course.
This story has been swallowed hook line and sinker by the left. Not one iota of doubt to be seen. Disgustingly sad in my book. If there was an ounce of proof Trump would be out on his ear as would any person who allowed a foreign country to hack its systems. Also just plain disgusted that so many people would crawl into bed with the intelligence agencies whose soul purpose is to lie and deceive us.
“When out of fear you twist the lesser evil into the lie that it is something good, you eventually rob people of the capacity to distinguish between good and evil.”
~ Hannah Arendt