Proprietary Disasters and Security Leftovers

posted by Roy Schestowitz on Jan 17, 2023,
updated Jan 17, 2023

• Ransomware attack exposes California transit giant’s sensitive data [iophk: Windows TCO]

• Ransomware attack exposes California transit giant’s sensitive data [iophk: Windows TCO]

  The data, much of which appears to be related to the transit agency’s police department, was posted to a leak site controlled by Vice Society.

• Police Complaint Removes Pirate Bay Proxy Portal from GitHub [Ed: Microsoft censorship is in full swing and we're meant to think this is "normal" now, even when Free software is being censored and plagiarised (Microsoft is selling the plagiarism as a service or subscription)]

  GitHub has taken down a popular Pirate Bay proxy information portal from Github.io. The developer platform took action in response to a takedown request sent by City of London Police's Intellectual Property Crime Unit. The takedown notice concludes that the site, which did not link to any infringing content directly, is illegal.

• [Cracked] evidence and stolen data swamp English courts

  Many of the [cracks] appear to relate to UK court cases. Information stolen by Jain’s gang was used as evidence in the London courts and the targets have included several British lawyers. Some of the [cracker’s] private investigator clients have been contracted by major law firms with bases in the City.

  A striking feature of the English legal system is that a judge will accept [cracked] emails as evidence in court in the interests of justice unless persuaded to exclude it. Peter Ashford, a London solicitor and expert in the admissibility of evidence, claims the English system is “the most liberal”. He added: “Even if you’ve done the hacking, you’ve still got a pretty good chance of getting it in [to the court].”

• State of the industry: MSI offered a chance to win the ability to buy a GPU

  The GPU industry is so broken right now and to make things worse, MSI thought it would be a good idea to do a lottery for a chance to win the ability to buy a GPU. I had to do a triple-take to make sure I was reading it right.

• Risky Biz News: Secure Boot not working on recent MSI motherboards

• MSI accidentally breaks Secure Boot for hundreds of motherboards [Ed: Your personal security is at risk when your own machine refuses to boot because of some remote company]

• Tech’s over-reliance on the internet is a easily preventable security issue

  What would happen if the internet suffered a prolonged and serious outage, reason irrelevant (cyberattack, zero days, P = NP with a simple and fast algorithm, solar superstorms, major vendor compromise, AWS KMS shredded from attack or mistake, total BGP meltdown, take your pick), but we still had electricity, gas, mail, mostly functioning government, and basically everything we used to have in the ~80s, in most areas?

  Well, besides the obvious awful consequences on basically everything in every industry, I can sure think of some extremely low-cost, easily preventable technical consequences which would make rebuilding unnecessarily difficult: [...]

• 'It had just vanished' - the shock when tech fails

  Her site had been in the hands of cloud hosting provider Gridhost, which shut down in November. Mrs Brown never received notifications about the switch-off because her blog had been set up by a third-party business, which had stopped trading.

  And she had no access to the backup for her blog either, since it had also been hosted in the cloud by Gridhost. Days of stress ensued. Many tears flowed.

• Twitter reportedly cuts off API access to third-party apps in intentional move

  Neither Twitter nor Chief Executive Officer Elon Musk has publicly commented on the API going down, but The Information reported Saturday that internal Slack messages show that Twitter intentionally suspended the API and hence access to services such as Twitterbot. The report also said staff were discussing internally when Twitter will announce the decision.

• Twitter API appears to be down, breaking Tweetbot and third-party clients

  It does stand to reason, though, that it is possible Twitter may be killing off third-party clients. These clients generally do not bring any ad revenue for the platform, something that Musk has made clear is a priority in his tenure so far. Just this week a report from The Information revealed desperate measures to keep ad buyers on board, and many Twitter users have noted major increases in the number of ads and frequency of ads seen on the platform. Twitter also recently forced users on iOS to view the “For You” tab by default rather than the “Following” tab that actually shows what accounts they are following.