Microsoft has been caught red-handed in an act proudly continuing an old tradition: introducing a trivially-exploitable privesc vulnerability into its Windows product line under the cover of a patch for the infamous Meltdown Intel misfeature.
On Monday, March 26, armed thugs representing themselves as "Spanish National Police, with the support of Europol, the US FBI, the Romanian, Belarussian and Taiwanese authorities and private cyber security companies" arrested a yet-unnamed "mastermind" — who stands accused of causing "cumulative losses of over EUR 1 billion for the financial industry". And apparently this is not difficult:
"In all these attacks, a similar modus operandi was used. The criminals would send out to bank employees spear phishing emails with a malicious attachment impersonating legitimate companies. Once downloaded, the malicious software allowed the criminals to remotely control the victims’ infected machines, giving them access to the internal banking network and infecting the servers controlling the ATMs. This provided them with the knowledge they needed to cash out the money."
I.e. chair warmers were asked politely to install "Back Orifice" — and they (whether out of stupidity, or in exchange for a cut of the take — we are not told) obliged. As for MS-Windows, installed on bank infrastructure and in ATM boxes all over Europe: it, in turn, worked precisely as it was designed to work.
As of the time of this writing, the number of "bank employees" arrested in connection with their indispensable work in making this heist possible — stands at: zero. Likewise, the number of Microsoft executives held to answer for the very existence of "infectious attachments" as a concept — stands also at zero.1
The "mastermind" and his merry men also stand accused of Bernankeization without a license:
"Databases with account information were modified so bank accounts balance would be inflated, with money mules then being used to collect the money."
Magicking money into existence from thin air is, we learn, A-OK when carried out from a well-pedigreed bag of lard parked in an Aeron in New York — but not so much when it is done by non-bluebloods and on the wrong side of the Atlantic.
The accused, presently nameless — and held incommunicado — also stand to be punished for the unforgivable USG.crime of having "laundered via cryptocurrencies".
On the other hand, the EU bureaucracy informs us that the "perpetrator" of this "crime" supposedly was "vacationing in Spain" — rather suspiciously similar to the previous three major USG.kidnapping-under-the-colour-of-law victims; evidently crafting a replacement cover story for USG thugs' free hand in lifting people straight from the streets of Bucharest & elsewhere, would overrun the budget? ↩
On Friday, March 23, USG once more indulged its recently-acquired taste for indicting in absentia loyal soldiers of a sovereign nation — this time, nine signals-intelligence professionals residing in, and lawful citizens of, Iran. For carrying out their duties in service to their sovereign, USG saw it fit to charge (archived OCR) them in USG kangaroo court with the USG.crime of "Conspiracy to Commit Computer Intrusions".
For the role of "victims" of this "crime", USG chief prosecutor Rosenstein cast:
"… 144 U.S. universities, 176 universities across 21 foreign countries, 47 domestic and foreign private sector companies, the U.S. Department of Labor, the Federal Energy Regulatory Commission, the State of Hawaii, the State of Indiana, the United Nations, and the United Nations Children’s Fund",
from whom the "criminals" have "stolen" "…more than 31 terabytes of academic data and intellectual property".
Interestingly, the most unforgivable USG.crime committed by the accused appears to have been a successful attempt to… re-create, in-house, "SciHub":
"The members of the conspiracy used stolen account credentials to obtain unauthorized access to victim professor accounts, which they used to steal research, and other academic data and documents, including, among other things, academic journals, theses, dissertations, and electronic books. The defendants targeted data across all fields of research and academic disciplines, including science and technology, engineering, social sciences, medical, and other professional fields. The defendants stole at least approximately 31.5 terabytes of academic data and intellectual property, which they exfiltrated to servers outside the United States that were under the control of members of the conspiracy… …Megapaper sold stolen academic resources to customers within Iran, including Iran-based public universities and institutions, and Gigapaper sold a service to customers within Iran whereby purchasing customers could use compromised university professor accounts to directly access the online library systems of particular U.S.-based and foreign universities."
I.e. roughly the same act of "terrorism" for which Aaron Swartz was hanged in New York in 2013.
It is worth noting that, while USG at one time, not so long ago, had "long hands" in Iran, these hands have recently acquired a tendency to get abruptly shortened — Iranian-style. Therefore it remains unclear how, if at all, USG intends to bring the nine "criminals" to "justice". And one may safely suppose that the only people likely to hang in connection to this "conspiracy"… are the remaining USG moles in Iran, who supplied Rosenstein and his assistant Freislers with their "evidence".
"31337 w4r3z" in our time.
The item exhibits the traditional smell of USG-authored shitware, e.g. validly-signed Windows drivers for the persistence layer. However the more interesting aspect is that it is spread via infected routers, of a type which, astonishingly even for consumer shitware, forces the execution of a x86 Windows binary for initial configuration.
An infected router dutifully augments this configurator with a rootkit installer; the rootkit, in turn, contains the typical keylogger and saved-password-collector, network topology probe, etc. components.
The more interesting and "unmentioned/unmentionable" aspect is however the identity of the router's manufacturer:
MikroTik. That very same Latvian USG shill company that's been deploying routers with nonfunctional RNGs and trivially-Phuctorable SSH keys for its entire existence. And dutifully spreads obfuscatory squid ink whenever the danger of public exposure seems acute.
The possibility of converting electrical current, wherever found, directly into coin appears to have added yet another fungible item to the list of socialist "people's properties" liable to get spontaneously "redistributed" by their "servant leader" caretakers — via the quite familiar, to inhabitants of the ex-soviet world, "complicated dance through which to steal the shebang while leaving behind the appearance, in the manner of termites".
Concretely: the European Union's "Continental European Power System", "a large synchronized area stretching from Spain to Turkey and from Poland to Netherlands; encompassing 25 countries", reported (archived) on March 6, 2018, a sudden energy deficit summing to 113 GWh (i.e. 3.6 terajoules):
The power deviations are originating from the control area called Serbia, Macedonia, Montenegro (SMM block) and specifically Kosovo and Serbia. The power deviations have led to a slight decrease in the electric frequency average. This average frequency deviation, that has never happened in any similar way in the CE Power system, must cease. The missing energy amounts currently to 113 GWh. The question of who will compensate for this loss has to be answered.
A March 7, 2018 report (archived) by the MtGox liquidator to the Tokyo District Court
indicated that 35,841.00701 BTC and 34,008.00701 BCC — corresponding to some portion of the coins looted from the MtGox userbase in 2014 — have in recent months lavishly fed the waterfall, i.e. sold for fiat (42,988,044,343 JPY, ~= 405.4M USD at today's rate.)
On February 12, 2018:
The United States warned the Democratic Republic of Congo on Monday against using an electronic voting system for a long-delayed presidential election in December this year because it has the potential to undermine the credibility of the poll. U.S. Ambassador to the United Nations Nikki Haley told an informal U.N. Security Council meeting on the Congolese electoral process that deploying "an unfamiliar technology for the first time during a crucial election is an enormous risk."
Two days later:
Congressional Democrats introduced legislation on Wednesday that would provide more than $1 billion to boost cyber security of U.S. voting systems, and Vice President Mike Pence defended the administration’s efforts to protect polls from hackers…. "We cannot let the Russians laugh about and take joy in the success they had in the last election," Nancy Pelosi, the Democratic leader in the House of Representatives, told a news conference. "Their goal is to undermine democracy."
The hidden gem, of course being:
The Democrats’ Election Security Act would allocate $1 billion in grants, overseen by the U.S. Election Commission, this year to help states buy voting machines that incorporate backup paper ballots, hire security staff and conduct risk assessments.
That is to say: a lightly-cloaked mandate for the installation of Diebold-style "user friendly" mechanisms for untraceable ballot-stuffing in place of the traditional paper-punch machines which were reintroduced in a number of U.S. states following the 2004
"hanging chads" e-voting election. And, naturally, a quite-undisguised mandate for the institution of a centralized bureaucracy which will centrally supply properly kosher voting machines, centrally networked, which are to produce properly kosher, per the DNC's lights, electoral outcomes.
It would seem that USG now pushes one voodoo in one of its Congoes, and a polar-opposite hoodoo in the other, without – unsurprisingly – much in the way of an explanation.
A severe shortage of commonly-used SMT resistors and capacitors, which began in late-2017 has begun to take on palpable proportions. (archived) Manufacturing-houses blame "the demand for hybrid/electric vehicles and mobile devices" and issue warnings of serious1 production delays.
As long as one year ↩
Trump's chief strategist Steve Bannon recently compared the ongoing controlled demolition of Europe by marauding orc hordes to a scenario portrayed in an obscure novel, The Camp of the Saints (1973) by Jean Raspail.
The response by Amazon, the world's foremost peddler of DRM-laden electronic chumpware "books" was swift, merciless, and mindblowingly "original" : let's ban some books! And so if you want to obtain a copy of The Camp of the Saints from Amazon, you will now have to settle for a $2,000 collectible edition, because the Kindle chumpware item has vanished, having been made "…unavailable because there are significant quality issues with the source file supplied by the publisher. The publisher has been notified and we will make the book available as soon as we receive a corrected file."
Similar "quality control" problems have immediately cropped up in another alleged Bannon favourite, Julias Evola's Revolt Against the Modern World. And it turns out that Hitler's mega-bestseller Mein Kampf has also sprouted some sudden bit rot.
A short "trip down memory lane" is in order. From 2006 to 2008, Debian shipped with a sabotaged SSH key generator — which was capable of producing strictly 32768 distinct private keys of any given length.
According to Official Truth, this particular story ended in 2008, when the Debian "bug" was fixed. But in reality, a carefully-engineered boobytrap is truly a gift that keeps on giving.
Phuctor has been digesting SSH keys obtained from a scan of the complete IPv4 space since June of 2016. These have yielded, and continue to yield, breakable RSA moduli.
On Wednesday, November the 16th, factors from 168923 trivially-breakable "Debianized" RSA keys1 were added to Phuctor's database. This resulted in a discovery of 1366 distinct hits, distributed across 689 newly-broken RSA moduli. The count of RSA SSH keys (each found at a particular scanned IP, and not necessarily unique) present in Phuctor's database at the time was 2941798. The 689 moduli represented a set of 1074 IP addresses where a machine had responded to an SSH query.2
This leads us to an interesting conclusion: roughly 1 in 2700 SSH-capable machines in the IPv4 space is actively making use of a "Debianized" SSH key, even today; its traffic is effortlessly transparent to enemy eyes.
Peace in our time, shitgnomes!
Many of these Linux boxes are likewise using a "Debianized" SSH key for remote login. And if you, the reader, can find and forensically-instrument such a machine, it may prove to be an excellent source of NSAware for the discerning entomologist. ↩
Plus one other very peculiar key, appearing to belong to a USG provocateur organization called "Mayfirst". It seems to have started life as an SSH key, and is clearly Debianized, but it is not part of the set we converted to RFC4880 format for digestion in Phuctor. Instead, it had been gathered from SKS as part of Phuctor's original working set! ↩