[Rooters] The hacking group behind the SolarWinds compromise was able to break into Microsoft Corp and access some of its source code, Microsoft said on Thursday, something experts said sent a worrying signal about the spies' ambition. Hopefully they got Windows Vista
Source code - the underlying set of instructions that run a piece of software or operating system - is typically among a technology company's most closely guarded secrets and Microsoft has historically been particularly careful about protecting it.
It is not clear how much or what parts of Microsoft's source code repositories the hackers were able to access, but the disclosure suggests that the hackers who used software company SolarWinds as a springboard to break into sensitive U.S. government networks also had an interest in discovering the inner workings of Microsoft products as well.
Microsoft had already disclosed that like other firms it found malicious versions of SolarWinds' software inside its network, but the source code disclosure - made in a blog post - is new. After Reuters reported it was breached two weeks ago, Microsoft said it had not "found any evidence of access to production services."
Three people briefed on the matter said Microsoft had known for days that the source code had been accessed. A Microsoft spokesman said security employees had been working "around the clock" and that "when there is actionable information to share, they have published and shared it."
The SolarWinds hack is among the most ambitious cyber operations ever disclosed, compromising at least half-a-dozen federal agencies and potentially thousands of companies and other institutions. U.S. and private sector investigators have spent the holidays combing through logs to try to understand whether their data has been stolen or modified.
Modifying source code - which Microsoft said the hackers did not do - could have potentially disastrous consequences given the ubiquity of Microsoft products, which include the Office productivity suite and the Windows operating system. But experts said that even just being able to review the code could offer hackers insight that might help them subvert Microsoft products or services.
"The source code is the architectural blueprint of how the software is built," said Andrew Fife of Israel-based Cycode, a source code protection company.
"If you have the blueprint, it's far easier to engineer attacks
Posted by: Frank G ||
01/01/2021 00:00 ||
Comments ||
Link ||
[11128 views]
Top|| File under:
#1
"No access to production services" and "access to source code" are different things. The first means the systems running their data centers -- and the customer applications running in them -- don't show evidence of access. The second means someone -- God help them -- was able to read the source code to SOME MSFT software.
Access to source shouldn't matter in regard to security -- unless MSFT was depending on obscurity for some aspects of security. Linux source code has always been available, and its security issues are primarily with misconfigured software (default passwords; being behind on updates, etc.).
Posted by: Rob Crawford ||
01/01/2021 0:53 Comments ||
Top||
#5
SolarWinds hackers accessed Microsoft source code, the company says...
who then went on to write tighter more efficient code that could run on a 2001 era machine. Maawwahh. :)
#8
One potential source of problems is that all the extra cases to maintain "backward compatibility" can lead to unreadable (=unmaintainable) code and unforeseen corner cases. I got the impression (no doubt thanks to great PR) that MS was redoing their code base to get rid of a lot of cruft, but I don't know how extensive the project was.
Posted by: james ||
01/01/2021 12:47 Comments ||
Top||
#9
H1B1 Indian Visa Microsoft coder made a lot of money for that code back in India for sure.
[MAIL] A wild brawl broke out between Mississippi State and Tulsa players following the Armed Forces Bowl in Fort Worth, Texas on Thursday.
Tempers boiled over along the sideline after the Bulldogs' 28-26 win as seemingly every player jumped into the violent melee.
Video of the brawl show players from both sides throwing punches and even a few are seen delivering kicks. Coaching staffs of both teams were powerless to stop it and Fort Worth security and law enforcement personnel were on the field trying to calm the situation.
Tulsa safety Kendarin Ray was helped off the field after reportedly being hit in the head by a helmet. Golden Hurricane coach Philip Montgomery said Ray is being treated for a concussion.
[BoingBoing] Since we're still within the 12 days of Christmas, I feel safe sharing Hookers and Blow Save Christmas, a new-this-year holiday picture book for children.
Tom Transport is stuck in a snowdrift with all the presents for the town Christmas party! It's up to Hookers the tow truck and Blow the snowblower to make their way through the snow to save the day....and the party!
A heartwarming story of friendship and helping out that is perfectly safe for the kids, but with a few snickers that adults with a slightly bent sense of humour can enjoy while reading along.
[LI] Communist China is actively clamping down on the research into the Wuhan coronavirus’s origins, an investigative report released by the Associated Press on Wednesday shows.
The report based on leaked official documents and interviews with Chinese and other scientists reveals that Beijing is hiding and censoring findings related to the origin of the global pandemic that first surfaced in central China late last year and has killed close to two million people worldwide.
The cover-up is being coordinated by Chinese President Xi Jinping and the Communist Party top brass, the AP documentation suggests. The Chinese regime has forced "all coronavirus studies in China to be approved by high-level government officials" and thereby "paralyzed research efforts," the report said.
Beijing has repeatedly rejected the U.S. demands for an independent investigation into the outbreak.
Here are some excerpts from the AP report published on December 30:
[PostMillennial] As daily coronavirus cases plateau in the United States, it appears that the increase in number is being entirely driven by one state: California.
#8
If you email them to me, my dear, I’ll forward to one of the moderators who knows how to upload things — I haven’t got a clue. Meet me in the O Club for further instructions — the link is in the yellow block in the right margin, just above the Rantburg Store.
#10
This time I already posted. I did get there last time...eventually, for which I must apologize. Time is not one of my strengths — Mr. Wife says it’s because we Jews spent forty years wandering through the desert, and that impacted our time sense.
#11
New San Diego Mayor sending in police to close restaurants while state park restaurants remain open...we think we know what is coming next for us...
#14
California has the largest ILLEGAL population in the USA? Something like 1 in 5 of ALL illegals in the USA? PEW ILLEGAL POPULATION BY STATE
Studies show Illegals coming from South of the border tend to run a higher infection rate.
I say this based on a Harvard Researchers School of Public Health review of Covid-19 cases. Their study determined that the biggest predictor of Covid-19 infection was being a recent immigrant to the U.S., followed by living in a household with a large number of people and working in the food-service industry. But that was true only for Latinos, not Black people."
#16
San Diego ICU beds are at 18% capacity, but the State made "Southern California Region" all the way from the border to San Luis Obispo and Mono County in the sierras. The 0% ICU capacity the media loves to quote is mainly LA and San Joaquin Valley
Posted by: Frank G ||
01/01/2021 18:55 Comments ||
Top||
[PJMedia] The mayor of a small town in Oregon has had enough. Stan Pulliam, the Republican mayor of Sandy, Oregon, has heard from business owners. He’s heard from citizens. He’s even heard from the governor. He has asked the question, over and over, where’s the evidence that lockdowns and the related economic devastation has worked to slow the spread of the COVID-19 pandemic?
Pulliam has yet to get any answers. And he’s demanding action.
In an exclusive interview with PJ Media, Pulliam said he’s heard from countless business owners who tell him they can’t last another couple of weeks under Governor Kate Brown’s lockdown orders before closing for good. "The message I got from them," Pulliam said, "was that they’re between a rock and a hard place."
Continued on Page 49
#1
Will be interesting to see how much fascist the Govnah has if the town opens up (and they should). Will she try and arrest everybody, or just fine the hell out of everybody?
#2
I’m not seeing the evidence that that justifies such an action. I got to tell you, she acted excited. She said, I absolutely have the evidence."
"It made me nervous," Pulliam said with a laugh. "I thought oh, holy smokes, here it comes after months of waiting for it. She said, you know, I’ll have our health officials send you the evidence immediately after this."
That evidence never materialized
Posted by: Frank G ||
01/01/2021 8:58 Comments ||
Top||
#3
Good, but I hope they don't get any social cool points reduced. I would hate to see their credit card and bank accounts cancelled for not toeing the establishment line.
[AlAhram] Earlier this month, Khartoum accused Æthiopian "forces and militias" of ambushing Sudanese troops along the border, leaving some four dead and more than 20 maimed
Sudan's foreign minister said Thursday that the army has restored control over all lands along the border that had been taken over by Æthiopian farmers.
"The armed forces have now fully recovered all Sudanese territory," minister Omar Qamareddine told a Khartoum presser.
"The borders have already been demarcated, all that's remaining in our talks ... is increasing the border signs," Qamareddine said.
Tensions have flared between the two countries over the al-Fashqa region of the border
Some 50,000 Æthiopian refugees poured across the border to escape the fighting in Æthiopia's Tigray region.
Earlier this month, Khartoum accused Æthiopian "forces and militias" of ambushing Sudanese troops along the border, leaving some four dead and more than 20 maimed.
Addis Ababa downplayed the reported ambush, saying it did not threaten the relationship between the two countries.
Sudan has since deployed troops to the border region, and held demarcation talks with its eastern neighbour.
Æthiopia's foreign ministry spokesperson Dina Mufti blamed "outside forces" for the tensions with Sudan.
He said in a Wednesday briefing that these forces hold "no care for both Æthiopian and Sudanese people, but want the region to be in chaos and want to benefit from that chaos."
[AlAhram] Egypt and Iraq agreed on establishing an oil-for-reconstruction mechanism.
The Iraqi cabinet has approved the renewal of a contract to supply 12 million barrels of Basra light crude oil to the Egyptian General Petroleum Corporation (EGPC) in 2021, said the state-run Iraqi News Agency (INA) on Tuesday.
The terms of the contract will remain unchanged, provided that Egypt pays the value of oil shipments within the year, the cabinet reiterated.
During Egyptian Prime Minister Mostafa Madbouly's visit to Baghdad in late October, Egypt and Iraq agreed on establishing an oil-for-reconstruction mechanism, under which Egyptian companies would implement developmental ventures in Baghdad in return for providing Cairo with quantities of oil.
The Egyptian-Iraqi high committee convened in Baghdad to boost bilateral cooperation. The committee was established in 1988 with the aim of coordinating cooperation frameworks.
More returning to normalcy.
Posted by: trailing wife ||
01/01/2021 00:00 ||
Comments ||
Link ||
[11126 views]
Top|| File under: Govt of Iraq
[Last Refuge] Comrade rebels, a 46-year-old woman in the U.K. was arrested after she posted a video on-line, filmed at Gloucestershire Royal Hospital, showing empty hospital wards while officials in the U.K. state publicly the health system is overwhelmed. [STORY HERE]
[...] A statement from Gloucestershire Police said: "Following a number of reports in relation to a video filmed by a member of the public at Gloucestershire Royal Hospital and posted online, officers arrested a 46-year-old woman yesterday (Tuesday 29 December) on suspicion of a public order offence.
"The woman has been bailed to return to police on 21 January, with conditions that she cannot enter any NHS premises or the grounds of any such premises, unless in the case of an emergency or to attend a pre-arranged NHS appointment." (link)
The lady walks through the hospital for several minutes (video below) while explaining that people are waiting for treatment but the hospital itself is empty. The section of the hospital being reviewed is the outpatient clinic during daytime; and if -as the hospital claims- that all services are overwhelmed, it does appear there is a disconnect between the official NHS narrative and the reality on the ground.
[AnNahar] Brexit becomes a reality on Thursday as Britannia leaves Europe's customs union and single market, ending nearly half a century of often turbulent ties with its closest neighbours.
The UK's tortuous departure from the European Union ...the successor to the Holy Roman Empire, only without the Hapsburgs and the nifty uniforms and the dancing... takes full effect when Big Ben strikes 11:00 pm (2300 GMT) in central London, just as most of the European mainland ushers in 2021 at midnight.
Continued on Page 49
#1
It's because there's too few staff (there's not a shortage of employees just they're not at work because they're "vulnerable" or quarantined), nothing like Shop workers facing much greater risks.
Yet another flavour of anarcho-communist true believers willing to kill everyone else to achieve their version of utopia.
[ABCNews] The temperature in Aspen, Colorado, will fall to 2 degrees Tuesday night.
The FBI has joined a criminal investigation of what police said appears to be an "intentional attack" on gas service lines in Aspen, Colorado, that left thousands of residents and businesses without heat as temperatures in the skiing mecca plunged to near zero degrees.
Work crews are scrambling to restore gas service, and local authorities handed out electric space heaters to residents still without heat Tuesday, as a storm is forecast to bring up to 8 inches of snow in the Rocky Mountains region this week. Temperatures are forecast to fall to 2 degrees in Aspen on Tuesday night, according to the National Weather Service.
Aspen police said the apparently coordinated acts of vandalism occurred Saturday night at three separate Black Hills Energy gas line sites, one in Aspen and two elsewhere in Pitkin County.
At one of the targeted sites, police said they found the words "Earth first" scrawled, and Sherlocks were looking into whether the self-described "radical environmental group" Earth First! was involved.
Emails from ABC News to the group's website seeking comment were not returned.
Aspen Assistant Police Chief Bill Linn told news hounds that the saboteurs appeared to "have some familiarity" with the natural gas system.
"They tampered with flow lines. They turned off gas lines," Linn said.
Linn said physical evidence recovered at the scenes of the vandalism included footprints left in the snow. He said there were no security cameras at the three locations that were hit.
The FBI, which has a critical infrastructure protection unit, is helping in the investigation, Linn said.
Black Hills Energy officials said about 3,500 customers were affected by the gas outage, and crews had to go to each natural gas meter to manually turn them off and relight the pilot lights. Officials said the work was continuing Tuesday, but it was unclear how long it would take before gas service is restored to everyone.
He added that numerous businesses, including restaurants and hotels, had to shut down due to the loss of gas.
#1
Last time we had a wave of domestic terror incidents was 1971: Weather Underground, Black Liberation Army, Black Panthers, SDS et al etc set off about 1,500 bombs.
Coordinated, planned, targeted against military recruiting, ROTC, federal govt offices, research labs, judges, etc.
Looks like 2021 could be another year of coordinated attacks -- this time against the network and the grid?
#6
If the DOJ wasn't asleep at the wheel....Crossing a state border to commit acts of terrorism is a Federal crime , no parole , and the death sentence is now on the table.
#7
#6 If the DOJ wasn't asleep at the wheel....Crossing a state border to commit acts of terrorism is a Federal crime , no parole , and the death sentence is now on the table.
Posted by Phinetch Wherese4624
The DOJ/FBI offices are closed for covid...they are remote working from home during this time of crisis so please don't bother them. But when bothered, their response to BLM related crimes...is that this is a local police matter and freedom of speech issue that they can't the vaunted FBI can't be bothered with. And that is when they aren't finding reasons to ignore reports of folks building bombs in RVs since "no crimes were actually alleged" whatever that means.
#8
Last time we had a wave of domestic terror incidents was 1971: Weather Underground, Black Liberation Army, Black Panthers, SDS et al etc set off about 1,500 bombs.
Antifa / BLM actions last year don't count? They didn't have to use bombs because they had local political approval.
“We’re from the government, and we need your help. Oh yes — and your money.”
[Reason] Distilleries just learned that to cap off a brutal year, the FDA is charging them a fee normally reserved for drug manufacturing facilities.
For many American craft distillers, 2020 was already one of their worst years ever. The COVID-19-related closure of tasting rooms and cocktail bars, loss of tourism, and inability to offer in-store sampling slashed their sales revenue and cut them off from their customers. Then this week, just as it seemed they'd made it through the worst of a terrible year, the Food and Drug Administration (FDA) had one more surprise in store: The agency delivered notice to distilleries that had produced hand sanitizer in the early days of the pandemic that they now owe an unexpected fee to the government of more than $14,000.
"I was in literal disbelief when I read it yesterday," says Aaron Bergh, president and distiller at Calwise Spirits in Paso Robles, California. "I had to confirm with my attorney this morning that it's true." The surprise fee caught distillers completely off guard, throwing the already suffering industry into confusion.
Continued on Page 49
#5
With Hand Sanitizer retailing for around $1.02 per OZ or $131 a gallon. An the cost of 190 Proof EVERCLEAR GRAIN (drinking) ALCOHOL at about $120 or near the same price. Why is any one buying hand sanitizer?
If I may offer a 1776-78 type suggestion.
The US Congress may discuss, debate and vote to levee NEW fees, and/or a taxes, only during the 9 month window period prior to an upcoming National Election date.
All taxes and fees must be individually re-approved by the US Congress every 4 years.
#6
^-- The way I understand it the Alcohol from Everclear would evaporate before it could do any good. Alcohol needs to be 'cut' with something which allows it to 'stick around' long enough to do it's job. Not to mention prevent the user from drinking it. :)
(I believe I learned that right here at Rantburg U.)
Posted by: Frank G ||
01/01/2021 8:52 Comments ||
Top||
#8
Government insanity at its finest. Thankfully the fees were waived, but that someone at the FDA pursued this in the first place is just sick, much like the state of New York taxing out-of-state volunteers to fight COVID-19.
#10
Frank G’s site appears to be overwhelmed. Here is the announcement:
“I’m pleased to announce we have directed FDA to cease enforcement of these arbitrary, surprise user fees. Happy New Year, distilleries, and cheers to you for helping keep us safe!” (2/2)
[Deseret] Actor Vince Vaughn was the first person to be "canceled" in 2020. "The Mandalorian" star Gina Carano is among the last.
But in between Vaughan’s friendly chat with President Donald Trump ...the Nailer of NAFTA... and Carano’s election-fraud tweets were dozens of other people who became the faces of cancel culture this year. They include famous people, like actor Chris Pratt and "Harry Potter" creator J.K. Rowling, and ordinary Americans, such as Tori Perrotti, a Target employee who turned a social-media shaming into an opportunity to do good.
Along the way, "cancel culture" became ensconced in the American lexicon, with even Trump referencing it in his July 3 speech at Mount Rushmore. He called cancel culture a political weapon of the left, "driving people from their jobs, shaming dissenters and demanding total submission from anyone who disagrees."
Trump himself has been accused of "canceling" people — and TV networks — with whom he disagrees. But the highest profile cases of 2020 involved outrage over conservative views and attempts to scuttle the careers or reputations of the people who expressed them.
Writing for RealClearPolitics, Charles Lipson, professor emeritus of political science at the University of reliably Democrat Chicago, aka The Windy City or Mobtown ...home of Al Capone, the Chicago Black Sox, a succession of Daleys, Barak Obama, and Rahm Emmanuel... , said that departure from popular, socially approved views "is not just considered an error, much less an innocent one."
"It is considered immoral, illegitimate and unworthy of a public hearing. Although both left and right have moved steadily toward this abyss, the worst excesses today come from the left, just as they came from the right in the 1950s," Lipson wrote.
And although people on both the left and right decry cancel culture, it continued full-throated throughout the year. Here’s a look at a few of the faces of cancel culture in 2020, and how they’re doing now.
In addition to those mentioned above are Guardians of the Galaxy actor Chris Pratt and Star Wars: The Mandalorian actress Gina Carano.
A multi-volume chronology and reference guide set detailing three years of the Mexican Drug War between 2010 and 2012.
Rantburg.com and borderlandbeat.com correspondent and author Chris Covert presents his first non-fiction work detailing
the drug and gang related violence in Mexico.
Chris gives us Mexican press dispatches of drug and gang war violence
over three years, presented in a multi volume set intended to chronicle the death, violence and mayhem which has
dominated Mexico for six years.
Rantburg was assembled from recycled algorithms in the United States of America. No
trees were destroyed in the production of this weblog. We did hurt some, though. Sorry.
[BoingBoing] Since we're still within the 12 days of Christmas, I feel safe sharing Hookers and Blow Save Christmas, a new-this-year holiday picture book for children.
[LI] Communist China is actively clamping down on the research into the Wuhan coronavirus’s origins, an investigative report released by the Associated Press on Wednesday shows.
[PJMedia] The mayor of a small town in Oregon has had enough. Stan Pulliam, the Republican mayor of Sandy, Oregon, has heard from business owners. He’s heard from citizens. He’s even heard from the governor. He has asked the question, over and over, where’s the evidence that lockdowns and the related economic devastation has worked to slow the spread of the COVID-19 pandemic?
[Last Refuge] Comrade rebels, a 46-year-old woman in the U.K. was arrested after she posted a video on-line, filmed at Gloucestershire Royal Hospital, showing empty hospital wards while officials in the U.K. state publicly the health system is overwhelmed. [STORY HERE]
[AnNahar] Brexit becomes a reality on Thursday as 
...the Nailer of NAFTA...
