Skip to main content

Posts

Microsoft EOL'd Windows 7 during a pandemic & its hurting medical practices

Microsoft fully ended support for their Windows 7 product in January of last year. The change is primarily administrative: Microsoft will no longer distribute security patches for free with Window 7 or guarantee its functionality. It is not a sudden move by Microsoft: the company has a well-documented support cycle for all versions of Windows, and Windows 7 customers were given plenty of notification, including from pop-ups from within Windows that users have to minimize to continue using the computers. This post is not meant to imply that Microsoft did not make a good faith effort to notify their users.   Also: Windows 7 is not a good product at this point. Windows 7 is fundamentally insecure and unstable with modern applications (and has been for years), regardless of what support cycle it is in. That said, there are many unique situations for which running an out-of-date version of Windows is the only practical option. I've found this to be particularly true in the med...

EU says Pee-Yoo to transatlantic data sharing

Over in Europe, Irish Data Protection Commissioner Helen Dixon has just succeeded in her push to prevent Facebook from transferring data on European users back to the United States . At issue is a series of data transfer agreements between the EU and the US; it is the (reasonable) contention of Commissioner Dixon that the United State's regime of warrantless spying makes Facebook unable to comply with the data sharing arrangement required by the EU. Ireland may not seem like a major global hub for Big Data and telecom firms, but it very much is. The Emerald Isle's famous "Celtic Tiger" economic push successfully attracted some of the largest technology firms in the world with low taxes and easy regulations. But the times, they are a-changin'. This is the latest wrinkle in an ongoing battle over privacy regulations responsible for protecting European user data that traverses the Atlantic, but not the first. In September of last year, Commissioner Dixon had released...

Web Cruisin'

  The internet was a lot more fun in the 90s.

What is SolarWinds Orion and why should I care that it was hacked?

Full disclosure: I've been employed by several companies that were customers and/or vendors of SolarWinds. However, I have never been employed by SolarWinds and I was not compensated for this post. On December 13th, digital security firm FireEye published a post to their blog with the comprehensive title " Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor ". The post identified a digitally-signed component of the Orion software, SolarWinds.Orion.Core.BusinessLayer.dll, that contained a backdoor. Multiple signed updates contained additional malware. Traffic from infected hosts was disguised using traffic resembling normal SolarWinds activity and avoided using IPs that were part of non-U.S. netblocks or assignments registered to "bullet proof" hosts that are frequented by criminals. Orion's compromised distribution platform was then leveraged to infect a wide variety of organizations. Accordi...

Google Workspace Outage

Yesterday, on December 14th, all services associated with Google Workspace (AKA GSuite - or for those who aren't familiar with it, what is essentially Google's paid "business" services) went offline for roughly an hour from 7AM to 8AM Eastern time. Users typically first encountered the error when attempting to send email or after receiving an error indicating that their account could "not be found" when attempting to login to Google services.  Other impacted services include Youtube and the Google Nest home security service.  Google's official statement to the press described the cause in extremely general terms: Services requiring users to log in experienced high error rates during this period,” a Google spokesperson said. “The authentication system issue was resolved at (7:32 a.m. EST). All services are now restored. We apologize to everyone affected, and we will conduct a thorough follow-up review to ensure this problem cannot recur in the future. ...

Botnet spamming The Pirate Bay with malware

Over the last few weeks, a botnet has been mass-uploading a specific package of what appears to be malware (I haven't had time to look at the payload itself yet). Cleverly, the person(s) behind this effort have appeared to scrape filenames from titles that have already been pirated by popular uploaders. Stupidly, each download uses an obviously fraudulent filesize of 8.04MB. Videogames have not been that small for decades. This mistake would have been less obvious if not for the fact that the same user account - halfax - has uploaded dozens and dozens of games with the exact same filesize. Adding to the obvious fraud behind this effort is the number of nodes sharing these bad files. A screenshot of the current front page of the Games listing for TPB shows the disparity in the number of Seeders and Leachers between files shared by actual pirates and those shared by "halfax": Notice how, although there is variation in the number of seeders and leechers, the varia...

A Shame With No End

Three years ago I wrote a blog post demonstrating how the International Business Times appeared to be associated with some extremely shady online advertising networks , resulting in International Business Times article links being advertised on places like malware-filled mirrors of The Pirate Bay. The presence of IB Times on a Pirate Bay clone site was particularly ironic as the online news outlet had recently published several articles detailing exactly how terrible the ads on Pirate Bay were. To be clear: I never found any indication of any malfeasance on IB Times' part. In fact, I think it is much more likely to be the fault of some affiliate marketing firm that did a poor job of tracking its purchases. As such, I contacted IB Times via Twitter to inform them of my findings. I was contacted by a representative of IBT Media, during which I offered (for free) to walk their marketing staff on how to identify the affiliate responsible for the ad placement. IBT declined - instead...