Flutterby™!: Topic : Weblogs

Next unread comment / Catchup all unread comments User Account Info | Logout | XML/Pilot/etc versions | Long version (with comments) | Weblog archives | Site Map | | Browse Topics

Due to excessive server load and DDOS attacks, this list may be truncated.

Entry: 2020-01-03 19:26:11.014342+00 Cougar Cub relationships by Dan Lyke comments 0

Psychology Today: Why Older Women (Cougars) Seek Sex With Younger Men (Cubs)

[ related topics: Erotic Sexual Culture Psychology, Psychiatry and Personality Weblogs ]

Entry: 2020-01-02 17:04:19.516508+00 Rust and low level timing specific code by Dan Lyke comments 0

All right, I've gotta learn Rust: Rewriting m4vgalib in Rust:

Now, given my feelings about C++, I want to see how far I can push Rust — specifically, safe Rust. See, despite having written C++ as my day job for many years, I'm aware that most of the common security/reliability bugs we see in software today are a result of flaws in the C and C++ languages. Rust fixes essentially all of these flaws. So I've been keeping an eye on it for a while. More reliable software with less work? Yes please.

[ related topics: Weblogs Bay Area Software Engineering Work, productivity and environment Heinlein ]

Entry: 2019-12-18 17:34:44.032359+00 On Meddling Mom by Dan Lyke comments 0

Not exactly news, but I know I'm gonna want to find this article again, and in light of the recent duping of the Hallmark Channel it's worth reiterating that the loud cranks are getting results: It’s Not ‘One Million’ — It’s One Meddling Mom

One Meddling Mom has issued so many calls and condemnations over the years, it's become easy to tune them out. As GLAAD has arduously detailed, OMM has gone after everything from recent blockbuster Toy Story 4 for including a seconds-long clip of a supposed lesbian couple that quite literally no one but them noticed, to Chips Ahoy for a Twitter ad featuring a Rupaul's Drag Race star. Basically if a company hires, recognizes, features, or in any way supports an LGBTQ person, One Meddling Mom will issue a petition, claim to have millions of supporters behind her, and then start cranking the AFA machine in hopes of getting some sort of press for her campaign-of-the-week. OMM even uses a conservative PR firm, Hamilton Strategies, to help spread this message to a wider public.

[ related topics: Pixar Interactive Drama Sexual Culture Weblogs Animation Space & Astronomy Current Events Aviation - Helicopters ]

Entry: 2019-12-12 17:09:27.154151+00 Internet of publicly accessible things by Dan Lyke comments 0

Just being neighborly, I'm on the email lists of a couple of local real estate agents. A few days ago one of 'em mailed around a Christmas giveaway email, offering a chance at a couple of different "smart home" packages. So let's talk about smart homes....

From exploiting Bluetooth or WiFi enabled locks to hacking your Ring cameras to holler insults in the middle of the night and watch your family for giggles...

Inside the Podcast that Hacks Ring Camera Owners Live on Air

In the NulledCast hackers livestream the harassment of Ring camera owners after accessing their devices. Hundreds of people can listen.

She installed a Ring camera in her children’s room for ‘peace of mind.’ A hacker accessed it and harassed her 8-year-old daughter.

Digital lockpicking - stealing keys to the kingdom

In the era of smart devices, it should come as no surprise that more and more appliances "turn" smart. The KeyWe Smart Lock is no exception. In order to make life more convenient, it is designed to have both the mechanical lock mechanism and additional functionalities on top of it. Those include, but are not limited to, generating one-time guest codes and unlocking the door based on proximity.

Convenience does, however, always come at the cost of security.

Maybe cloud-connecting everything isn't such a good idea.

[ related topics: Wireless Photography Weblogs Movies tolkien Theater & Plays Sociology Real Estate ]

Entry: 2019-12-02 19:05:11.835203+00 TrueDialog leak by Dan Lyke comments 0

Reminder: If it's not end-to-end encrypted, it's public: Report: Millions of Americans at Risk After Huge Data and SMS Leak:

The TrueDialog database is hosted by Microsoft Azure and runs on the Oracle Marketing Cloud in the USA. When we last looked at the database it included 604 GB of data. This included nearly 1 billion entries of highly sensitive data, which we’ll detail below.

Millions of SMS messages exposed in database security lapse.


[ related topics: Interactive Drama Humor Weblogs Microsoft moron Consumerism and advertising Marketing Cryptography Databases ]

Entry: 2019-10-12 21:47:47.556493+00 Cash/Consent by Dan Lyke comments 0

If you are at all interested in the intersection of consent and sex and work and all that stuff rolled into one, this is an amazing essay: N+1 Magazine: Lorelei Lee — Cash/Consent — The war on sex work

... I remember Hall testifying to the committee that he had written this bill because someone needed to be “a voice for the voiceless,” and that person would be him. I sat beside him at a podium microphone. My coworkers stood in a long line at a microphone behind him, waiting for him to stop so we could speak.

Via Eros Blog: Making Porn And Doing Sex Work: It’s Complicated

[ related topics: Interactive Drama Erotic Sexual Culture Weblogs History Writing Work, productivity and environment ]

Entry: 2019-10-03 22:51:59.434929+00 Page Weight Matters by Dan Lyke comments 0

Page Weight Matters. Dude working at YouTube works on project to trim page load from 1.2MB to a few hundred k and a tenth the request.

Page load times increased.

But.... they increased because a web site that was previously inaccessible to people on low-bandwidth connections now became accessible, so more people were using it.

Be careful of what you measure...

[ related topics: Weblogs broadband Work, productivity and environment ]

Entry: 2019-10-01 20:32:17.33547+00 Snowden revelations by Dan Lyke comments 0

Cryptography Engineering: Looking back at the Snowden revelations, a retrospective on how software and computing expectations changed after we discovered what the NSA was really up to.

[ related topics: Privacy Weblogs Software Engineering Cryptography ]

Entry: 2019-09-13 18:46:12.499764+00 Amazon's Choice by Dan Lyke comments 1

Review Meta: Amazon’s Choice badge given to product with 1000’s of Incentivized, Hijacked and Deleted reviews. Or why you really really really can no longer trust Amazon reviews.

[ related topics: Books Weblogs ]

Entry: 2019-08-27 20:41:16.576921+00 Pets, Cancer & Women by Dan Lyke comments 0

Psychology Today: The Strange Link Between Pet Ownership and Cancer In Women:

Why should owning cats and birds be linked to cancer in women but not in men?

[ related topics: Psychology, Psychiatry and Personality Weblogs Health Birds Model Building ]

Entry: 2019-08-20 16:38:03.284346+00 Disinfo of the Day by Dan Lyke comments 0

Twitter Safety: Information operations directed at Hong Kong:

This disclosure consists of 936 accounts originating from within the People’s Republic of China (PRC). Overall, these accounts were deliberately and specifically attempting to sow political discord in Hong Kong, including undermining the legitimacy and political positions of the protest movement on the ground. Based on our intensive investigations, we have reliable evidence to support that this is a coordinated state-backed operation. Specifically, we identified large clusters of accounts behaving in a coordinated manner to amplify messages related to the Hong Kong protests.

As Twitter is blocked in PRC, many of these accounts accessed Twitter using VPNs. However, some accounts accessed Twitter from specific unblocked IP addresses originating in mainland China. The accounts we are sharing today represent the most active portions of this campaign; a larger, spammy network of approximately 200,000 accounts — many created following our initial suspensions — were proactively suspended before they were substantially active on the service.

And on another side, Falun Gong, aliens from undiscovered dimensions, a commune in upstate new york with arranged relationships, often for immigration purposes: Trump, QAnon and an impending judgment day: Behind the Facebook-fueled rise of The Epoch Times

Started almost two decades ago with a stated mission to “provide information to Chinese communities to help immigrants assimilate into American society,” The Epoch Times now wields one of the biggest social media followings of any news outlet.

Via this Twitter thread. Bonus: White House reviews incident involving Epoch Times photographer handing a folder to Trump

[ related topics: Politics Weblogs broadband Invention and Design moron Current Events Journalism and Media Civil Liberties Community Hong Kong New York ]

Entry: 2019-07-22 15:59:49.451836+00 Slack security by Dan Lyke comments 0

Keybase CEO responds to the Slack security breach response

[ related topics: Weblogs ]

Entry: 2019-06-17 16:53:41.273604+00 Genius, Google, song lyrics and copyright by Dan Lyke comments 0

Lyrics Site Genius.com Accuses Google of Lifting Its Content. They used different quote marks to put steganography messages in Morse Code into their lyrics, found 'em on Google's music lyrics.

JWZ: The only good use for Smart Quotes, ever:

So that's clever and funny, and Google are anticompetitive dicks, but there are no winners here. Genius is straight up admitting that the thing that drives people to their site is just the lyrics, not the annotations that they provide. Google isn't cloning their annotations.

[ related topics: Quotes Music Weblogs Current Events Economics ]

Entry: 2019-04-24 22:18:48.367974+00 I want to do unpaid image classification by Dan Lyke comments 0

A browser plug-in to make reCaptcha's "I'm not a robot" accurate. It replaces the "I'm not a robot" to "I want to do unpaid image classification".

[ related topics: Weblogs Robotics ]

Entry: 2019-04-24 16:19:00.157177+00 V8 & Spectre by Dan Lyke comments 0

V8: A year with Spectre: a V8 perspective.

On January 3, 2018, Google Project Zero and others disclosed the first three of a new class of vulnerabilities that affect CPUs that perform speculative execution, dubbed Spectre and Meltdown. Using the speculative execution mechanisms of CPUs, an attacker could temporarily bypass both implicit and explicit safety checks in code that prevent programs from reading unauthorized data in memory. While processor speculation was designed to be a microarchitectural detail, invisible at the architectural level, carefully crafted programs could read unauthorized information in speculation and disclose it through side channels such as the execution time of a program fragment.

And, of course, JavaScript could be used to mount an attack, so the V8 team started looking at mitigation techniques.

[ related topics: Weblogs Invention and Design Software Engineering ]

Entry: 2019-03-28 16:43:50.730556+00 Office Depot malware scam by Dan Lyke comments 0

FTC: Office Depot computer scans gave fake results

... Many customers who took their computers in for a free “PC Health Check” at Office Depot or OfficeMax stores between 2009 and November 2016 were told their computers had malware symptoms or infections — but that wasn’t true. The FTC says Office Depot and OfficeMax ran PC Health Check, a diagnostic scan program created and licensed by Support.com, that tricked those consumers into thinking their computers had symptoms of malware or actual “infections,” even though the scan hadn’t found any such issues. Many consumers who got false scan results bought computer diagnostic and repair services from Office Depot and OfficeMax that cost up to $300. Support.com completed the services and got a cut of each purchase.

[ related topics: Weblogs Health Software Engineering Consumerism and advertising ]

Entry: 2019-03-23 18:55:49.202958+00 endless by Dan Lyke comments 1

Endless - an SSH tarpit

This program opens a socket and pretends to be an SSH server. However, it actually just ties up SSH clients with false promises indefinitely — or at least until the client eventually gives up. ...

[ related topics: Weblogs Software Engineering Cryptography ]

Entry: 2019-03-23 16:26:29.426611+00 Iron Age Death Cult by Dan Lyke comments 0

‘Toxic’ Ash Wednesday crosses burn 73 pupils

As JWZ put it: "Iron-age death cult's botched ritual burns its logo into 73 children's faces"



[ related topics: Religion Children and growing up Weblogs Current Events Monty Python Pyrotechnics ]

Entry: 2019-03-23 16:25:29.386391+00 Iron Age Death Cult by Dan Lyke comments 0

‘Toxic’ Ash Wednesday crosses burn 73 pupils

As JWZ put it: "Iron-age death cult's botched ritual burns its logo into 73 children's faces"

[ related topics: Children and growing up Weblogs Pyrotechnics ]

Entry: 2019-03-21 17:25:10.12105+00 Indoor Air Quality by Dan Lyke comments 0

Impaired Decision Making in Conference Rooms

However, the point of interest was something else entirely: three people quietly sitting in a mid-size conference room produced CO2 levels that within 60 minutes, reached concentrations high enough to impair their ability to make the right decisions. In a corporate world where Directors regularly pile into closed-door conference rooms for hours on end, making the most important planning decisions for their companies, this was a disturbing realization.

RT Sister Mary Clarence ‏ @emilyt804

Show us what 30 high school students in a classroom built for 20 does to the air.

Associations of Cognitive Function Scores with Carbon Dioxide, Ventilation,and Volatile Organic CompoundExposures in Office Workers: AControlled Exposure Study of Greenand Conventional Office Environments

Methods: Twenty-four participants spent 6 full work days (0900–1700 hours) in an environ-mentally controlled office space, blinded to test conditions. On different days, they were exposed toIEQ conditions representative of Conventional [high concentrations of volatile organic compounds (VOCs)] and Green (low concentrations of VOCs) office buildings in the United States. Additional conditions simulated a Green building with a high outdoor air ventilation rate (labeled Green+) and artificially elevated carbon dioxide (CO2) levels independent of ventilation.

Results: On average, cognitive scores were 61% higher on the Green building day and 101% higher on the two Green+ building days than on the Conventional building day (p<0.0001). VOCs and CO2 were independently associated with cognitive scores.

Full study cite is: Allen, Joseph G., Piers MacNaughton, Usha Satish, SureshSantanam, Jose Vallarino, and John D. Spengler. 2015. “Associationsof Cognitive Function Scores with Carbon Dioxide, Ventilation,and Volatile Organic Compound Exposures in Office Workers:A Controlled Exposure Study of Green and Conventional OfficeEnvironments.” Environmental Health Perspectives 124 (6): 805-812.doi:10.1289/ehp.1510037. http://dx.doi.org/10.1289/ehp.1510037

Bonus: Siloxanes Are the Most Abundant Volatile Organic Compound Emitted from Engineering Students in a Classroom. Or: yes, deodorants and body sprays and such are highly measurable in an indoor classroom environment.

[ related topics: Children and growing up Weblogs Health Nature and environment Bioinformatics Space & Astronomy Work, productivity and environment Mathematics Architecture Conferences Global Warming ]

Entry: 2019-03-18 14:47:58.198334+00 Comprehensive sex ed by Dan Lyke comments 0

How High School Sex Ed Can Help Prevent Rape In College<:

A team at Columbia University, lead by pediatrician and professor John Santelli, MD, reports that sexuality education in middle and high school may have protective effects that extend well past graduation. In the study, published in PLOS ONE, the researchers found that students who had comprehensive sexuality education classes, including specific refusal skills training (practice on “how to say no” to sex) before age 18, had a lower risk of experiencing sexual assault during college.

“We looked at factors before college that influence young people's risk of sexual assault—a lot of things were associated,” Santelli said. “One of the things that jumped out was that certain kinds of sex ed before age 18 had a protective effect. It looked like students who had education about refusing sex had a reduced risk of sexual assault. This difference was particularly true for young women—a reduction of about 50 percent.

(Emphasis mine)

[ related topics: Children and growing up Erotic Sexual Culture Weblogs History Education ]

Entry: 2019-02-25 21:43:32.886185+00 semiotics of the new fascism by Dan Lyke comments 0

Popula — About Face: Death and surrender to power in the clothing of men, a comic on men's clothing, aesthetics, personal differentiation, and the semiotics of the new fascism.


[ related topics: Weblogs Invention and Design Clothing ]

Entry: 2019-02-25 04:12:27.647959+00 Schools are not for learning by Dan Lyke comments 0

Peter Gray in Psychology Today: Schools Are Good for Showing Off, Not for Learning:

For example, in one research study, conducted many years ago, psychologists observed people playing friendly games of 8-ball at the university’s pool hall.[1] At first they watched from a distance, so the players wouldn’t know they were being observed, and then they moved in close and observed deliberately, making it obvious that they were evaluating performance. The result was that those who were already good, when not observed closely, performed even better when they knew they were being evaluated; but those who were just beginners, learning how to play, performed worse when evaluated. The same has been found for many kinds of tasks—intellectual as well as athletic or manual. Showing off is facilitated by evaluation and contests, but such pressures inhibit learning. And yet, in our constant attempt (supposedly) to increase learning at school, we keep raising the pressure, and then wonder why it doesn’t work.

And the ref is:

[1] Michaels, J. W., Blommel, J. M., Brocato, R. M., Linkous, R. A., & Rowe, J. S. (1982). Social facilitation and inhibition in a natural setting. Replications in Social Psychology, 2, 21–24.

[ related topics: Children and growing up Privacy Games Psychology, Psychiatry and Personality Weblogs Movies Theater & Plays Work, productivity and environment Civil Liberties Education Gambling Government ]

Entry: 2019-02-21 15:53:17.788209+00 Memory allocation & Go by Dan Lyke comments 1

I haven't done anything in Go yet, but this is an interesting read (and more cognitive load for programmers...): Allocation efficiency in high-performance Go services

[ related topics: Weblogs Theater & Plays ]

Entry: 2019-02-15 16:53:38.187281+00 Detained for speaking Spanish by Dan Lyke comments 1

In a just world, CPB Agent Paul O'Neal would be up on kidnapping charges: Two U.S. citizens claim in lawsuit that feds detained them for speaking Spanish:

“Ma’am, the reason I asked you for your ID is because I came in here, and I saw that you guys are speaking Spanish, which is very unheard of up here,” the agent says in the video, which the ACLU has released.

The women allege that the agent then detained them for 45 minutes instead of letting them go when they identified themselves as U.S. citizens. Cody Wofsy, a staff attorney with the ACLU’s Immigrants’ Rights Project, said the unlawful detention amounts to a violation of the Fourth Amendment’s bar on unreasonable searches and seizures.

Border Patrol Detained Me for Speaking Spanish in Montana. Then My Town Turned Against Me. By Ana Suda, Certified Nurse Assistant and ACLU plaintiff

[ related topics: Weblogs Law Civil Liberties Video Woodworking ]

Entry: 2019-02-14 18:15:36.189066+00 New York stands firm by Dan Lyke comments 3

Everyone's reporting on this Amazon thing as though it's some sort of big decision, and it is, but by New York to not subsidize Amazon. Here's the relevant bit: "There are currently over 5,000 Amazon employees in Brooklyn, Manhattan, and Staten Island, and we plan to continue growing these teams."

So, basically, this is all Amazon spinning "New York has decided to not shovel money at us, and we're gonna continue to do business there anyway". Kudos to NYC for standing tall and not falling for the extortion.

Amazon — Update on plans for New York City headquarters

[ related topics: Books Weblogs Invention and Design Current Events Work, productivity and environment Currency New York ]

Entry: 2019-02-06 17:00:05.676911+00 Huygens sympathy by Dan Lyke comments 2

Mind my Picasso… superyacht owners struggle to protect art, which I'm linking to only because of JWZ's observation:

Funny side note: due to Huygens sympathy, two guillotines on the deck of a superyacht will eventually synchronize!

[ related topics: Weblogs Current Events Art & Culture ]

Entry: 2019-01-24 20:44:48.93711+00 "if you wear a wire someone's going to kick your ass." by Dan Lyke comments 0

Chicago City Council members react with "snitches get stitches:, although not in so many words, to the news that one of their own was wearing a wire: Chicago Tribune: 'The council needs full reform': Aldermen react to report Ald. Daniel Solis wore an FBI wire in Ald. Edward Burke case.

Via Reason: Chicago Aldermen Dismayed Not by Corruption, but by One of Their Own Cooperating With the Feds.

[ related topics: Politics Weblogs Law Current Events Law Enforcement ]

Entry: 2019-01-20 21:55:07.543667+00 Hmmmm by Dan Lyke comments 13

Hmmmm. This reads like they're were no good sides in that Covington High School student showdown. I should probably watch the video. https://reason.com/blog/2019/0...n-catholic-nathan-phillips-video

[ related topics: Religion Children and growing up Weblogs Movies Video ]

Entry: 2019-01-02 18:45:48.108734+00 Great New Bar by Dan Lyke comments 0

Ouch. I'd like to report a murder, the victim is every every local newspaper's restaurant section, and every hipster mixologist venue: New Bar in [Town] ‐ There’s a great new bar in the neighborhood.


[ related topics: Weblogs Invention and Design Food Journalism and Media ]

Entry: 2018-12-30 18:53:34.864658+00 Violence and Morality by Dan Lyke comments 4

Psychology Today: The seeds of love contain the roots of hate:

... People are violent because of their morality, not in spite of it.

[ related topics: Psychology, Psychiatry and Personality Weblogs ]

Entry: 2018-12-14 18:04:08.635642+00 Can you trust Australians? by Dan Lyke comments 0

Does Australia's access and assistance law impact 1Password?

We do not, at this point, know whether it will be necessary or useful to place extra monitoring on people working for 1Password who may be subject to Australian laws. Our existing security and privacy design and internal controls may well be sufficient without adding additional controls on our people in Australia. Nor do we yet know to what extent we should consider Australian nationality in hiring decisions. It may be a long time before any such internal policies and practices go into place, if they ever do, but these are discussions we have been forced to have.

[ related topics: Interactive Drama Privacy Weblogs Work, productivity and environment Graphic Design Government ]

Entry: 2018-12-07 00:26:23.378341+00 Microsoft on facial recognition & law by Dan Lyke comments 0

Interesting: Microsoft On The Issues (The Official Microsoft Blog): Facial recognition: It’s time for action

In particular, we don’t believe that the world will be best served by a commercial race to the bottom, with tech companies forced to choose between social responsibility and market success. We believe that the only way to protect against this race to the bottom is to build a floor of responsibility that supports healthy market competition. And a solid floor requires that we ensure that this technology, and the organizations that develop and use it, are governed by the rule of law.

[ related topics: Humor Weblogs Microsoft Health moron Economics ]

Entry: 2018-12-06 20:53:18.31658+00 The rise of VS Code by Dan Lyke comments 1

The Rise of Microsoft Visual Studio Code.

Although, as Jeff Trull observes:

The buried lede here is that Emacs users, only 2.5% of the total, vastly outperformed in interviews.

[ related topics: Humor Weblogs Microsoft moron ]

Entry: 2018-11-05 18:07:17.839721+00 Cello & Julliard by Dan Lyke comments 0

Since I'm working on my voice, I thought this was interesting about music practice: What it's like to audition at juilliard when you'e 11. But I thought the successor article about being a young dedicated cello player was interesting when thinking about privilege and opportunity and support...

[ related topics: Music Weblogs Work, productivity and environment ]

Entry: 2018-10-31 20:55:08.060543+00 iPhones allergic to Helium by Dan Lyke comments 0

Fascinating: iPhones are Allergic to Helium. MEMS accelerometers are apparently susceptible to helium and hydrogen, but various Apple devices use MEMS timing oscillators from SiTime, and if you've got enough light gases in your environment, like from a helium leak in an MRI machine, your phone can stop functioning...

[ related topics: Apple Computer Interactive Drama Weblogs Nature and environment ]

Entry: 2018-10-28 20:05:39.673404+00 Hella Stoked by Dan Lyke comments 2

California Is Hella Stoked It’s Not Mississippi.

Ted Cruz threatens that if Beto O’Rourke wins their Senate race, Texas will turn into California. Politicians routinely pander to crowds of extras from Deliverance, disparaging the Golden State to garner raucous applause from people who’ve literally never left Mississippi. The President of All Fifty United States, Which Includes California At Last Check, tweets all the damn time about what a festering shithole it is.

While California provides a distant, easy-to-mock effigy to burn, the facts tell a hella different story. The United States would be light years ahead of where it is today if it could borrow a tenth of California’s ingenuity, spirit, forward-thinking, and good fortune. Of course, if you’re elbow deep in the shiny new nacho cheese fountain at the Golden Corral in Fucklesburg, West Virginia2, you probably (a) don’t read my blog, and (b) won’t believe anything that challenges John Denver’s ill-advised assertion that your state is “Almost Heaven.”

[ related topics: Interactive Drama Politics Weblogs Invention and Design Current Events California Culture ]

Entry: 2018-10-12 22:09:20.105591+00 Abstract Expressionism by Dan Lyke comments 0

The First Abstract Painter Was a Woman

Wassily Kandinsky has long been widely regarded as the forefather of abstraction, but as the shows of Af Klint’s work clearly establish, her abstract paintings predate his by several years. “As of 1906, that is, nearly six years before what is recognized as the inaugural date of abstract painting,” wrote Pascal Rousseau in the catalogue accompanying the Berlin show, “Hilma af Klint, who lives away from the axis of modernity (Paris/Munich/Milan), was painting abstract, sometimes monumental works.”

[ related topics: Weblogs Work, productivity and environment Television ]

Entry: 2018-10-08 18:35:20.452643+00 Both users were affected... by Dan Lyke comments 2

Google+ to shut down after coverup of data-exposing bug.

Google hid major Google+ security flaw that exposed users’ personal information.

Project Strobe: Protecting your data, improving our third-party APIs, and sunsetting consumer Google+

[ related topics: Privacy Weblogs Consumerism and advertising ]

Entry: 2018-10-04 18:16:45.177389+00 Bloomberg reported hack by Dan Lyke comments 4

I suspect that this is actually evidence of issues in quality of journalism than of an actual specific exploit, but because it's floating around today I'd like to keep a link to it: Bloomberg: The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies. The assertion is that there was a chip that looked like a signal conditioner on some lines of Supermicro motherboards that wasn't, and this was some kind of backdoor. The technical details on how that would have worked are sketch, obviously something on a bus line would need to then be a tool to trigger some sort of associated code in some higher level systems.

The whole story is kinda tough to accept as-is, we really need more technical details in order to evaluate it, but Amazon is pretty clear: AWS Security Blog: Setting the Record Straight on Bloomberg BusinessWeek’s Erroneous Article.

Apple strongly refutes report that it found Chinese ‘spy’ chips in iCloud servers.

CNBC: Chinese spy chips are found in hardware used by Apple, Amazon, Bloomberg says; Apple, AWS say no way:

Asked by CNBC for comment, Apple reiterated its strong denials of the report, stating: "We are deeply disappointed that in their dealings with us, Bloomberg's reporters have not been open to the possibility that they or their sources might be wrong or misinformed. Our best guess is that they are confusing their story with a previously reported 2016 incident in which we discovered an infected driver on a single Super Micro server in one of our labs. That one-time event was determined to be accidental and not a targeted attack against Apple."

Addendum: Lawfare: The China SuperMicro Hack: About That Bloomberg Report

[ related topics: Books Weblogs Current Events Journalism and Media Boats Public Transportation ]

Connectivity provided by highertech.net , awesome bandwidth, well away from fault lines and other potential for natural disasters, reliable, and run by cool people.

Questions, comments, flames: contact Dan Lyke

Flutterby™ is a trademark claimed by

Dan Lyke
for the web publications at www.flutterby.com and www.flutterby.net.