Skip to main content

Posts

An Anatidae Odyssey

During the pandemic I've been spending my time in a somewhat rural area. There's a lake. There's bugs.  There's lots of flora and fauna of all shapes and sizes. Every once in a while I spot something incredible. About a year ago I was enjoying my morning coffee when I happened upon this in my backyard: Just FYI - I'm not using some giant telephoto lens  and zooming in from a mile away in those photos . This gator was very close to my house and very comfortable there. Clearly, he lacks respect for private property. I'm pretty confident that despite an APB from Fish & Wildlife, this gator is still at large. So when a poor duck hobbled into my backyard with a horrific mangled leg last week, the gator was my main suspect. The injury was shocking to look at & made it very difficult for the duck to move around. Making matters even worse for my feathered friend, the injured duck is considered invasive to my area. The excellent staff at the wildlife rescue opera...

Winning web design, from Amazon

 Oooo boy, I can't wait to browse discounted "Dog Supplies" on Amazon. Wait. What?

Microsoft EOL'd Windows 7 during a pandemic & its hurting medical practices

Microsoft fully ended support for their Windows 7 product in January of last year. The change is primarily administrative: Microsoft will no longer distribute security patches for free with Window 7 or guarantee its functionality. It is not a sudden move by Microsoft: the company has a well-documented support cycle for all versions of Windows, and Windows 7 customers were given plenty of notification, including from pop-ups from within Windows that users have to minimize to continue using the computers. This post is not meant to imply that Microsoft did not make a good faith effort to notify their users.   Also: Windows 7 is not a good product at this point. Windows 7 is fundamentally insecure and unstable with modern applications (and has been for years), regardless of what support cycle it is in. That said, there are many unique situations for which running an out-of-date version of Windows is the only practical option. I've found this to be particularly true in the med...

EU says Pee-Yoo to transatlantic data sharing

Over in Europe, Irish Data Protection Commissioner Helen Dixon has just succeeded in her push to prevent Facebook from transferring data on European users back to the United States . At issue is a series of data transfer agreements between the EU and the US; it is the (reasonable) contention of Commissioner Dixon that the United State's regime of warrantless spying makes Facebook unable to comply with the data sharing arrangement required by the EU. Ireland may not seem like a major global hub for Big Data and telecom firms, but it very much is. The Emerald Isle's famous "Celtic Tiger" economic push successfully attracted some of the largest technology firms in the world with low taxes and easy regulations. But the times, they are a-changin'. This is the latest wrinkle in an ongoing battle over privacy regulations responsible for protecting European user data that traverses the Atlantic, but not the first. In September of last year, Commissioner Dixon had released...

Web Cruisin'

  The internet was a lot more fun in the 90s.

What is SolarWinds Orion and why should I care that it was hacked?

Full disclosure: I've been employed by several companies that were customers and/or vendors of SolarWinds. However, I have never been employed by SolarWinds and I was not compensated for this post. On December 13th, digital security firm FireEye published a post to their blog with the comprehensive title " Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor ". The post identified a digitally-signed component of the Orion software, SolarWinds.Orion.Core.BusinessLayer.dll, that contained a backdoor. Multiple signed updates contained additional malware. Traffic from infected hosts was disguised using traffic resembling normal SolarWinds activity and avoided using IPs that were part of non-U.S. netblocks or assignments registered to "bullet proof" hosts that are frequented by criminals. Orion's compromised distribution platform was then leveraged to infect a wide variety of organizations. Accordi...

Google Workspace Outage

Yesterday, on December 14th, all services associated with Google Workspace (AKA GSuite - or for those who aren't familiar with it, what is essentially Google's paid "business" services) went offline for roughly an hour from 7AM to 8AM Eastern time. Users typically first encountered the error when attempting to send email or after receiving an error indicating that their account could "not be found" when attempting to login to Google services.  Other impacted services include Youtube and the Google Nest home security service.  Google's official statement to the press described the cause in extremely general terms: Services requiring users to log in experienced high error rates during this period,” a Google spokesperson said. “The authentication system issue was resolved at (7:32 a.m. EST). All services are now restored. We apologize to everyone affected, and we will conduct a thorough follow-up review to ensure this problem cannot recur in the future. ...