Spy Stories

The Navalny story has gotten cringe-worthy, what with the underwear-borne novichok, ew. The tabloids have their readership, expanded immensely by cable television. Hearst was just the beginning.

The SolarWinds story is more interesting. I'm dubbing it Solaris (Солярис), since everyone has their clever "burst of sunlight" metaphor, and Solaris has the Russian angle, although the original author was Polish.

Will Self got me watching it again recently.

The story stays shallow around the most interesting part, which we can leave to "made for DVD" movies. That's where a basement test lab will imitate one of the Fortune 500. Call it Project 501. 

This is where an elite core of Russian hackers, working for the Russian government, set up SolarWinds Onion (a subtle clone, but with a lethal difference) on a supposedly secure platform.  Get ready to infiltrate.

But don't we have to exfiltrate first, to get the new Cozy Bear payload inside the DLL? Rolling a DLL requires source code tobacco.  Microsoft:  almost 4000 lines.

A dynamically linked library that still does its regular job, if triggered, or at least looks like it will.  

If it's seriously bloated with all these fancy new features, you won't need a SHA sig to see it's been tampered with.  Apparently the cybersecurity whiz team doesn't notice when a DLL suddenly bloats. Nothing goes blip on the radar. Makes sense: that's why the digitally signed certs.

I'm looking forward to some side by side comparisons, of:

SolarWinds.Orion.Core.businessLayer.dll

 as usual, next to the one with the payload. The museum of clever hacks is readying a display case even now I bet.  Actually, Microsoft is providing some of that.

Indeed, I'm "advising all my clients" to preserve their businesslayer.dll (just make a copy) if they find out they're using Onion (vs Orion), and many would likely be doing that, even if not my clients. 

The compromised configuration is valuable and any Fortune 500 company worth its salt is going to snag a working version of the hacked product for its people to train on, and for its lawyers to write suits about. Actually, without the source code, the raw binary ain't that useful.  Still... a souvenir. 

We're hoping SolarWinds coughs up the source soon (it has, we're seeing some of it), or is the story it was black bagged in a perfume bottle?

A Late Debate

John Bolton is disappointing. If he was my professor, I'd want my money back.

Penalty Box

I got slapped on the wrist for some unfortunate use of "cannibals" and "Tyson" (as in chicken) in the same comment. Some story about the spread of covid in some corporate setting: we get a lot of those stories in our news feeds these days. Our feed bags.

The last time I got a time out, or maybe it was just a deletion, is when I forwarded a political cartoon in which Mickey Mouse appeared in an unflattering light.  Again, covid related.

OK, that's fine. I'm treading on the edge, hitting up against the Facebook electric fences. I'm assuming this is AI all the way, given the blizzard of snowflakes (comments) assaulting the service very second. There's no time for a human censor.  Perhaps these come along after the fact and audit, en masse.... if government were transparent, we'd know more.

Thinking over the situation, I'm pretty content with the ammo anyone would have, thanks to me in particular, if wanting to pursue a positive futurism, probably the best we've got, since for the most part people don't consume themselves with "planning" as a pass time. I was born into a planning + activist family.  My education was appropriately big picture, as was my worldly upbringing.

Part of the promise of the Synergetics philosophy is inherent in its reliance on tension over compression. This isn't about pushing hard to make happen.  Lets see if humanity wants to pull itself together.  We know it could, has the option.  If it doesn't, that looks more like a choice than some tragic heroic failure.  The angels will chuckle.  Or call 'em demons, whatever.

My efforts and curriculum design have been enabled at every turn by the latest technology, so it always feels like my skills might be equal to the task.  To a point.  Then it's no longer about my skills in particular. I'm happy to kick back. Show me what you've got.

Journaling My Day

Today started with my job at Portland Energy Strategies, Patrick's think tank. We'd agreed on 10 AM for a VS Code workout, experiment with collaboration features, but I overslept.

The experiment for me included finding out if staying with OSX 10.10 is fatal, as far as Live Share is concerned.  It is.  Thanks to C6XTY, I had an alternative desktop available and from there forward, everything went swimmingly.

Next I was on the porch with a retired librarian, who lent me, or gifted me with, these novels about one Reverend Bebbe (Lion Country is what I'm reading). These are fictional characters, and I've done most of my life fairly cold turkey when it comes to fiction, with lots of caveats.  These days, I'm ready to feed again on fiction, if only to limber up the imagination, which can always use more libering.

For those mystified by the VS Code talk, that's a running program that many of today's coders are using to write stuff in the many computer languages.  The motif is rectangles within rectangles on a screen, with lots of typing, but also a shared whiteboard if you install the right extensions.  Both Patrick and I did.

Patrick, for those just joining us, designed a new kind of snake trap, with pythons especially in mind, because of the situation in the Florida Everglades.  Pythons have thrived there.  The trap doesn't keep the snake necessarily, but it does have that capability, as once you've gone to all the trouble to identify the species (AI goes here), you want to reserve that option in front of the patent office at least.

Anyway, after Patrick and Rosalie, I got to visit with Glenn, who is deeply immersed in Korzybski at the moment.  He has done some more homework and I can now see a path from my Youtube channel, through Korzybski, back to Alan Watts.  But an even more intriguing link suggested itself around "timelock".  Korzybski as a specific meaning for that work.  Of course I'm thinking of 4D Timelock by Bucky Fuller.

Now I'm back at the Oregon house, one of the campus dots on the world map.  Another dot would be some 47th floor in Singapore someplace.  We have our virtual nationhood, after all.  I've been discussing that on Facebook, in the sense of how curriculums overlap or are distinct.  The "concentric hierarchy" is my focus, and that implies "tetravolumes" without needing to say so.