Franklin Faraday Insights Roundup for March 6, 2021

Technology + Common Sense + Robots, Hacking, Nukes, and Explosions!

Mar 06, 2021

Welcome to our Weekly Roundup of Actionable and Interesting things!

In this issue:

— Did you see our deep fakes?

— Cold-hearted criminals

— More cyber, more China… and are people using your browser for nefarious activity? (Late breaking: new state-sponsored elements…)

— “In every other mission, teams would have an extraction plan. We didn't.”

— Code Academy’s rise, fall, and rise again

— The importance of first followers…

— Italian jobs!

— Google gets slapped in court

— Mars (of course!)

— SpaceX sticks the landing… for a couple of minutes…

— A wild sheep = lots of socks

Franklin Faraday Group @FranklinFaraday

Ben Franklin never said, “God made beer because he loves us and wants us to be happy.” Then again, he never saw a painting move. #Follow #FranklinFaraday

(If you subscribe, we’ll tell you how we did it. Here’s that button again…)

If you like our newsletter, forward it to your friends!

If you don’t like our newsletter, spam your enemies!

Share The Franklin Faraday Insights Newsletter

Crime

Since our cybersecurity section is already overflowing this week, we thought you might enjoy reading Flashpoint’s discussion of the “dry ice” scam. In this scenario, fraudsters order a product online, report a problem, obtain a refund, and ship back a box… with dry ice instead of the product. It turns out that dry ice is cheap and malleable, so fraudsters can create the right size and shape to bypass weight-based fraud checks.

Cybersecurity

1.) Microsoft announced that multiple zero-day exploits were being used to attack Microsoft Exchange servers, bluntly attributing this campaign with “high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics, and procedures.” Microsoft added that “HAFNIUM primarily targets entities in the United States across a number of industry sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs” and “operates primarily from leased Virtual Private Servers (VPS) in the United States.”

Microsoft Security Intelligence @MsftSecIntel

Microsoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM.

microsoft.comHAFNIUM targeting Exchange Servers with 0-day exploits - Microsoft SecurityMicrosoft has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. In the attacks observed, threat actors used this vulnerability to access on-premises Exchange servers, which enabled access to email accounts, and in…

Late breaking: On March 5th, Microsoft also revealed three more pieces of malware tied to the Solar winds attack and named the threat actors “Nobelium." While Microsoft stopped short of naming Russia, multiple press reports did. This continues Microsoft’s pattern of naming nation-state threat actors after elements. For those keeping count, in addition to Nobelium and Hafnium, we now have Holmium, Mercury, and Phosphorus (Iran); Barium, Gallium, Manganese, Nickel, and Zirconium (China); Thallium and Zinc (North Korea); Dubnium (South Korea); and Krypton, Strontium, and Yttrium (Russia.)

2.) According to a recent article in MIT Technology Review, Apple’s efforts to lock down iOS have solved many security problems, but these defenses actually serve to protect hackers when they DO get in. Essentially the argument is that Apple’s systems are so locked down that security researchers themselves can’t observe what is going on, so malware remains undetected. The article also references Apple’s M1 chip as a significant security improvement, but of course we reported last week that M1 malware had been found in the wild (Silver Sparrow.) As we said on Twitter, security is not about eliminating risks entirely, it’s about making trade offs and choosing what risks you want to take. You have to know your threat model and who and what you want to protect against. It’s naive to think iOS is secure against everyone, always.

MIT Technology Review @techreview

Something strange happens when the most advanced hackers succeed in breaking in to Apple’s famous walled garden: the iPhone’s extraordinary defenses end up protecting the attackers themselves.

bit.lyHow Apple’s locked down security gives extra protection to the best hackersThe iPhone’s locked-down approach to security is spreading, but advanced hackers have found that higher barriers are great for avoiding capture.

3.) The perl.com site was a victim of domain hijacking, and the after action discussion should be required reading for anyone in the security community as well as anyone preparing business leaders for handling cyber incidents.

4.) Yes, this week we couldn’t even cut down to three cyber articles, because we had to include this one. In yet another software supply chain mess—we are seeing one every week now—the outstanding Brian Krebs (@BrianKrebs) reported that a Russian company called Infatica was paying authors of browser extensions to include Infatica’s code. In other words, customers installed browser extensions for one purpose, and then after an upgrade ended up running completely unrelated software on their systems. Worse, Infatica sells a web proxy service, so with this type of arrangement, Infatica customers can bounce through systems of unwitting consumers. We aren’t saying all of Infatica’s customers are involved in illegal activity, but for people who are (and Krebs details some interesting connections on this point), Infatica would be a great service. This is yet another reason to avoid browser extensions entirely, and a third recent example where software was upgraded to include bad stuff. No one signed up to have their home IP used for illicit activity.

briankrebs @briankrebs

A company that rents out access to more than 10 million Web browsers so that clients can hide their true Internet addresses has built its network by paying browser extension makers to quietly include its code in their creations.

krebsonsecurity.comIs Your Browser Extension a Botnet Backdoor?A company that rents out access to more than 10 million Web browsers so that clients can hide their true Internet addresses has built its network by paying browser extension makers to quietly include its code in their creations. This story examines the lopsided economics of extension development, an…

Dangerous Machines

Adding to the list of jobs we don’t want, Business Insider reported that during the Cold War U.S. Army Special Forces were assigned to carry 60 pound “backpack nukes” and parachute into enemy territory.

From a retired Green Beret talking to Business Insider:

"During training, the instructors had told us we had about 30 minutes to clear the blast radius of the device. We never really believed that… In every other mission, teams would have an extraction plan. We didn't. It was all up to us to get the hell out of dodge. But that's not how the Army works. So that's why we never really believed that we could get out alive in case we had to use one of those things. It was a one-way mission.”

Entrepreneurship

1.) Zach Sims (@zsims) posted an excellent thread on the rise, fall, and rise again of Code Academy.

“On the way, we learned an important lesson: hype doesn’t pay the bills.”

zach sims @zsims

For @Codecademy's first 4yrs, we were in the 📰 every wk. Those weeks, we made $0. The past 4 years, we've been out of the headlines. Now, we've raised $40m, our first raise in ~4yrs. How'd we go from the center of the hype cycle to the brink of bankruptcy and back? Read on...

2.) David Perell (@david_perell) had an outstanding thread noting that, “The first follower is just as important as the leader.”

David Perell @david_perell

This video is a masterclass in psychology. The first person to do something always looks weird. People laugh. Then somebody else joins. Then the crowds come in and the person who started the whole thing goes from looking like a goon to looking like a genius.

#FAIL

User Lawyer: “Google is saying there’s basically very little you can do to prevent us from collecting your data, and that’s what you should assume we’re doing.”

Google Lawyer: The company’s privacy policy “expressly discloses” its practices. “The data collection at issue is disclosed.”

“Disturbed” Judge: “I want a declaration from Google on what information they’re collecting on users to the court’s website, and what that’s used for.” (Yes, the court’s website…)

Italian Jobs

Prosecutors in Milan last week ordered Spanish food delivery app Foodinho-Glovo and the Italian subsidiaries of Uber Eats, Just Eat, and Deliver to hire more than 60,000 workers and pay 733 million euros (that’s even more in dollars) in response to inadequate working conditions…

Mars

On March 5, Perseverance began moving on Mars… never have so many people been so happy to see tire tracks!

NASA's Perseverance Mars Rover @NASAPersevere

I’m on the move! Just took my first test drive on Mars, covering about 16 feet (5 meters). You’re looking at the very beginning of my wheel tracks. Many more to make.

The Mars Reconnaissance Orbiter also took a cool photo of Perseverance this week:

HiRISE: Beautiful Mars (NASA) @HiRISE

NASA Perseverance on the Ground in Color Perseverance can be seen in this enhanced HiRISE color image at its landing site, six days after touchdown, doing system checks. The site appears to be covered in loose dark material with brighter material underneath. NASA/JPL/UArizona

We found out that one of the people controlling the Perseverance Rover is… working from home in an apartment above a hair dresser in London. How is YOUR work from home going by comparison?

Daily Mail Online @MailOnline

How a NASA professor is controlling Mars rover Perseverance from a flat above a hairdresser's in a SOUTH LONDON high street

trib.alHow a NASA scientists is working from home in LEWISHAMProf Sanjeev Gupta is helping operate the Nasa Mars Perseverance rover above south London hair salon because he was unable to fly to Pasadena, California.

Finally, we are eagerly waiting the first test of Ingenuity, the first helicopter to fly on another planet, expected between April 19 and May 19, 2021. It will be awesome… and possibly very short.

Space (other than Mars)

Pilots are warned that their job is to “fly the airplane until the engine is stopped and it is safely parked in the hangar,” because things can still go very wrong after landing.

Apparently it’s true with rockets as well…

(The SpaceX commentators had just praised the success of the flight… the official video stops about two minute earlier… DOH!)

Random

A Merino sheep nicknamed “Baarack,” who had been living in the wild in Australia, was rescued and then sheared, producing wool weighing 35 kg, equivalent to 77 lbs or—in Australian terms—“half the weight of an adult kangaroo.” This amount of wool could produce more than 60 sweaters or 490 pairs of socks.

Such rescues of sheep from the wild are not uncommon in Australia, with sheep such as “Shrek,” “Shaun,” “Ewenice,” and “Chris” becoming local celebrities. Unlike wild sheep, Merino sheep were specially bred to produce soft, fine wool, which they do not shed. Therefore, farmers must shear them regularly as too much wool becomes life threatening for the animal, particularly when a sheep escapes for years or is abandoned.

From a guy named “Esquire” who got surprisingly upset when we asked if he was in training for the Renaissance Fair:

The Franklin Faraday Group is part of ye olde Digital Heavy Industries LLC. All linked content be the property of the respective author(s) and feudal lords. Commentary and non-linked content is Copyright © 2021 Digital Heavy Industries LLC. None shall pass.

Please subscribe below if you have not done so already, or share this newsletter with your friends.