Year: 2017

The Internet of Things Strikes Again

No Comments

At an unnamed university, its network was taken down by its internet connected vending machines:

Today’s cautionary tale comes from Verizon’s sneak peek (pdf) of the 2017 Data Breach Digest scenario. It involves an unnamed university, seafood searches, and an IoT botnet; hackers used the university’s own vending machines and other IoT devices to attack the university’s network.

Since the university’s help desk had previously blown off student complaints about slow or inaccessible network connectivity, it was a mess by the time a senior member of the IT security team was notified. The incident is given from that team member’s perspective; he or she suspected something fishy after detecting a sudden big interest in seafood-related domains.

The “incident commander” noticed “the name servers, responsible for Domain Name Service (DNS) lookups, were producing high-volume alerts and showed an abnormal number of sub-domains related to seafood. As the servers struggled to keep up, legitimate lookups were being dropped—preventing access to the majority of the internet.” That explained the “slow network” issues, but not much else.

The university then contacted the Verizon RISK (Research, Investigations, Solutions and Knowledge) Team and handed over DNS and firewall logs. The RISK team discovered the university’s hijacked vending machines and 5,000 other IoT devices were making seafood-related DNS requests every 15 minutes.

Seafood, huh?

Needless to say, there is something fishy about the Internet of Things.*

It’s a toxic mixture of marketing types and brogrammers, and until there there are real statutory requirements for people trying to make a buck off of things like internet enabled refrigeratures, stay away from this.

Right now, these are trivial to hack into, and, at best, this makes them a listening device in your own home.

*Sorry for the pun.
Not really sorry. Not one bit.

The Term Here is Mensch

No Comments

Alexander Rapaport is an Orthodox Jew who runs a soup kitchens in and around Borough Park.

He expressed support for the plight of immigrants shut out by Trump’s now enjoined immigrant ban, and what followed was an exodus of donors who turned out to be bigots:

Alexander Rapaport, a Brooklyn Hasid, says his experience being the victim of anti-Semitism forces him to call out hatred against others. So Rapaport, who runs a network of kosher soup kitchens, helped organize a communal show of support last week for a local Yemeni-owned bodega in reaction to President Donald Trump’s executive order temporarily banning immigration from seven Muslim-majority countries.

Not everyone was happy about the gesture.

 “I received your solicitation letter in the mail along with this phone number,” read a text message he received Wednesday. “After seeing, though, that you protested President Trump’s executive order, and thus shamefully sided with those who are putting American lives in danger, I am no longer able to donate to your organization.”

 ………

 Rapaport, who lives in the strongly Hasidic Borough Park neighborhood, said that other donors approached him in the street to complain about his stance on immigration following his show of support for the shop. Last week, after Yemeni-American bodega owners organized a strike to protest the president’s temporary travel ban, Rapaport showed his support by going to a local store with other community members and pasting Post-it notes with “messages of love and solidarity” on its storefront.

 ………

 The 38-year-old father of seven has gotten complaints after he spoke up for immigrants previously and lost funders who were unhappy that the strictly kosher soup kitchen serves anyone who wants a meal, regardless of religious background.

 In December 2015, Rapaport attended a protest at New York City Hall following a call by Trump, then a presidential candidate, for “a total and complete shutdown of Muslims entering the United States.”

 While Rapaport has considered being less outspoken, he said hiding his views wouldn’t be honest.

 “I don’t want to take anyone’s money under false pretense. Yes, I am personally very pro-immigrant, and if that makes me unqualified for your donation, please don’t give it to me,” he told JTA.

Rapaport has received support from many parts of the Orthodox community, but I have a message for those parts of the community who seem determined to allow their personal bigotries rule their actions:

The stranger who sojourns with you shall be as a native from among you, and you shall love him as yourself; for you were strangers in the land of Egypt. I am the Lord, your God.

 :כְּאֶזְרָח מִכֶּם יִהְיֶה לָכֶם הַגֵּר | הַגָּר אִתְּכֶם וְאָהַבְתָּ לוֹ כָּמוֹךָ כִּי גֵרִים הֱיִיתֶם בְּאֶרֶץ מִצְרָיִם אֲנִי יְהוָֹה אֱלֹהֵיכֶם

Drops mic.

Newspaper Screw Up of the Day

No Comments

It’s not technically a typographical error, since it is the wrong picture, and not an error in typography, but it’s a real doozy:

A newspaper in the Dominican Republic printed a photo of Hollywood star Alec Baldwin playing President Donald Trump in a story about the real-life US president.

The snafu appeared in the Friday editions of El Nacional, The Daily Dot reported.

The photo showing Baldwin as Trump was captioned in Spanish: ‘Donald Trump, president of the United States’. 

El Nacional issued an apology on its website Saturday for the photo mistake.

It said in Spanish: ‘On Friday El Nacional published a photo of actor Alec Baldwin, who imitates the President of the United States on a television program.

‘The picture was sent that day by the Associated Press (AP) with the name of the actor and information about the program, but it was placed as if it were the one of Trump, a situation that went unnoticed for all those who reviewed page 19.

‘El Nacional apologizes to the readers and to all those who felt affected by the publication.

 They should have known.  The hands are WAY too big.

H/t AS the Stellar Parthenon BBS.

Eric Arthur Blair Rotational Momentum Exceeds Energy Released at Hiroshima

No Comments

The CIA has just awarded Saudi Prince Mohammed bin Nayef bin Abdulaziz al-Saud the George Tenet Medal for his efforts in fighting terrorism:

The Saudi Crown Prince Mohammed bin Nayef bin Abdulaziz al-Saud, Deputy Prime Minister and Minister of Interior, received a medal on Friday from the CIA for his distinct intelligence-related counter-terrorism work and his contributions to ensure international peace and security.

 The medal, named after George Tenet, was handed to him by CIA Director Micheal Pompeo after the Crown Prince received him in Riyadh on Friday in the presence of Deputy Crown Prince Mohammad bin Salman al-Saud, Deputy Prime Minister and Minister of Defense.

 The Crown Prince said in a press statement after receiving the medal that he appreciated the CIA honor, stressing that his efforts were guided by the leaders of Saudi Arabia headed by King Salman bin Abdulaziz al-Saud, as well as the efforts of the Kingdom’s security forces.

I guess that someone at the CIA is glad for the self licking terror ice-cream cone that is the House of Saud.

They created ISIS, they sponsored bin Laden, and now one of their over-privileged Princes gets an award named for George “Slam Dunk” Tenet, arguably the worst* DCIA ever.

*There is a case to be made that Allen Dulles was far worse, particularly he shaped the organization that has been f%$#ing up the world since its founding.

Just Call Me Nostra Dumbass

No Comments

In late 2003, I observed that the Mirriam Webster Dictionary was dropping the word “Snollygoster” from its dictionary, and that this must not stand: (PDF)

To Revive a Word

The word “snollygoster” has been dropped from the 11th edition of Merriam-Webster’s Collegiate Dictionary.

Harry Truman was among the last public figures to use this word in public, and I mean to use the word, meaning “a shrewd, unprincipled person, especially a politician”, as often as I can.

So, over the past few years, I have engaged in a lonely effort to revive the word on this blog, and now the Merriam Webster Dictionary has brought the word back:

………

And as recently as Tuesday morning, Merriam-Webster staff noted they had re-added the word “snollygoster” to the dictionary. It means “a shrewd and unprincipled person, especially an unprincipled politician.”

It even found use during the contentious Brexit campaign.

I won’t claim to be responsible for this, I think that the various machinations of Boris Johnson and Donald Trump have had more influence on this development, but I am feeling remarkably smug about this development.

Trump Gets a Bull Durham Lesson

No Comments

The lesson in the movie Bull Durham is Never Call the Umpire a C%$#sucker.

When Trump disparaged (I would argue threatened) Federal Judge James Robart after he issued an injunction against his attempted Muslim ban, it was clear that no one in the Judiciary would be happy with this.

The 9th Circuit of Appeals ruled against rescinding the injunction, and what is significant is that they did so in a per curiam opinion.  (Note that the crack reporters at the Times somehow missed this.)

A per curiam opinion is unanimous, but it is also unsigned, and except in extremely rare cases (Corrupt Supreme Court Justices covering their asses in Bush v. Gore), it means something very specific.

To quote Scotusblog, “Traditionally, the per curiam opinion was used to signal that a case was uncontroversial, obvious, and did not require a substantial opinion.

In other words, it’s a way to say, “Your Kung Fu is weak, and you are stinking up the place.”

I think that the appellate court would have ruled in much the same way, and probably unanimously, had Trump not called out Judge Robart, but I think that it did so as a per curiam ruling was a message to the Trump as to what constitutes appropriate behavior with regard to the judiciary.

The only question is whether Trump will learn from this.  (I’m guessing that he won’t)

The standard disclaimer applies here, I am an engineer, not a lawyer, dammit.*

*I love it when I get to go all Dr. McCoy!

People We Should Not Listen To

No Comments

He likes to claim that he was the genius behind the 2006 Democratic Party electoral success, but his record at the DCCC belies this:

Mayor Rahm Emanuel thinks he has some advice for the grassroots activists who are responding with such urgency to the rise of Donald Trump: “Take a chill pill.” They won’t listen to him, nor should they.

Emanuel may be uniquely unqualified to comprehend, much less comment on, the progressive upsurge seen in the huge Women’s March on Washington, airport blockades in response to Trump’s Muslim immigration ban, and crowds of hundreds corralling members of Congress across the country over the future of health care.

………

The truth of the 2006 election was that the top three recipients of DCCC cash – who together got nearly $10 million – all lost, and of 22 initial candidates backed by Emanuel’s committee, only nine won their elections. What swung the election to the Democrats was the deep unpopularity of President George W. Bush and the Iraq war, nourished by a new “netroots” insurgency within the Democratic Party. Emanuel’s pro-war candidates had trouble catching the wave – but now he claims the election victory as his own.

And his record as Mayor of Chicago sucks wet farts from dead pigeons as well.

Rahm, and Obama, did their level best over the past 8 years to diminish the perceived successes of the party base, as well as the efforts of Dean’s 50 state strategy, which took resources and power from the inbred, pampered, and overpaid nomenklatura of the party in DC and devolved it to the state parties.

I so hope that he ends up frog marched out of the Mayor’s mansion in handcuffs.

Tweet of the Day

No Comments

Hot on my slight revision to my profanity policy:

Hey @realDonaldTrump I oppose civil asset forfeiture too! Why don’t you try to destroy my career you fascist, loofa-faced, shit-gibbon!

— Daylin Leach (@daylinleach) February 7, 2017

It’s just too good not to post.

I am not completely in favor of this Tweet, I think that the use of “Weasel” is more effective, and more pleasing to the reader, than “Gibbon,” but I want this guy to run for US Congress.

A Clarification on My Posting Profanities to this Blog

2 Comments

As you are no doubt aware, there are certain profanities that I block out when I am posting to my blog, F%$#, Sh%$, C%$#, C%$#, C%$sucker, Motherf%$#er, etc.

I did use f%$# when quoting Joe Biden’s famous/infamous comment on the passage of the ACA, but generally, I will obscure obscenities in quotes.

However, I have come across the issue that when embedding tweets, I cannot obscure the profanities when preserving the tweet.

Therefore, I shall be embedding those unexpurgated.

That is all.

Sow the Wind, Reap the Whirlwind

No Comments

It appears that after decades of organizing disruption at Democratic Congressmen’s town halls, Republicans are worried that people are angry with them for attempting to destroy their health insurance:

House Republicans during a closed-door meeting Tuesday discussed how to protect themselves and their staffs from protesters storming town halls and offices in opposition to repealing Obamacare, sources in the room told Politico.

House GOP Conference Chairwoman Cathy McMorris Rodgers invited Rep. David Reichert, a former county sheriff, to present lawmakers with protective measures they should have in place. Among the suggestions: having a physical exit strategy at town halls, or a backdoor in congressional offices to slip out of, in case demonstrations turn violent; having local police monitor town halls; replacing any glass office-door entrances with heavy doors and deadbolts; and setting up intercoms to ensure those entering congressional offices are there for appointments, not to cause chaos.

“The message was: One, be careful for security purposes. Watch your back. And two, be receptive. Honor the First Amendment, engage, be friendly, be nice,” said Republican Study Committee Chairman Mark Walker (R-N.C.). “Because it is toxic out there right now. Even some of the guys who have been around here a lot longer than I have, have never seen it to this level.”

………

Democrats, meanwhile, dismissed Republicans’ security ramp-up as an attempt to shield themselves from criticism.

“I think what you’re seeing is Republicans trying to use security to try to hide themselves from their constituents because they have no plan for a replacement and very little support from Donald Trump,” said Rep. Ruben Gallego (D-Ariz.). “They’re going to use so-called security to keep people away.”

Bingo, Representative Gallego.

I love this quote, “Many of these lawmakers in safe districts have never dealt with such severe blowback.”

To quote Finley Peter Dunne, “Politics ain’t beanbag.”

Seriously, Robby Mook?

No Comments

I read the Guardian (Aka the Grauniad*) online, and I find it useful, though, as always with the British press, you need to understand that it comes with a very definite political position.  (Left of Tony Blair, but right of Jeremy Corbyn)

They also publish OP/EDs from any number of people, some of whom you would not expect to get space in the paper.

Today, they published someone who should NEVER have gotten space in the paper writing about the election, former Clinton campaign manager Robby Mook, who, in an orgy of self absolving twaddle,  Is given a platform to scream, “The Russians are Coming“.

I get that Mr. Mook had to deal with the fact that he had a sh%$ candidate, but he ran an amazingly sh%$ty campaign.

Dude, your next job should involve asking people if they want fries with that.

That won’t happen.  Failure is never punished in Washington, DC, regardless of party, but just admit that you screwed the pooch, and move on, preferably to a research outpost in Antarctica.

*According to the Wiki, The Guardian, formerly the Manchester Guardian in the UK. It’s nicknamed the Grauniad because of its penchant for typographical errors, “The nickname The Grauniad for the paper originated with the satirical magazine Private Eye. It came about because of its reputation for frequent and sometimes unintentionally amusing typographical errors, hence the popular myth that the paper once misspelled its own name on the page one masthead as The Gaurdian, though many recall the more inventive The Grauniad.”

Scary Tweet of the Day

No Comments
DJI did a firmware update on a drone… while mid-flight 😬 pic.twitter.com/YDexjEViFc

— Internet of 💩 (@internetofshit) February 8, 2017

Of course, who cares about a lightweight relatively cheap drone.

Then again, what if this was a self driving car, or even the car that you are driving now? While you are driving it?

Tesla has already done over the air (OTA) updates on their cars, and while you may trust them, (I don’t) would you trust the creators of the Chevy Vega?

H/t Naked Capitalism