We live in wild times. Absolutely unbelievable, what’s happened in the span of one week. So much precedent being set, too.
I find the Parler takedown especially fascinating. Yes, there’s schadenfreude because many awful humans are using it to hurt people, but it is also a glimpse into all the logistical and technical elements that make a modern social site “go”, who can cut them off, and how fast.
We watch malware site and infrastructure takedowns all the time, but those are often LEO backed and not normally like, web presences with MFA and legitimate payment processing.
Web services are way more complex than a website in 2005. You don’t just need a registrar, ISP, and host. You have to consider DNS services, DDoS protection, scalable cloud services, support apps, auth providers.... and big sites often use an array of redundant providers.
It’s been really interesting to see how each one of those providers cutting off service to Parler has interfered with their ops and cybersecurity, and how fast they were visibly impacted. It will be even more interesting to see what is recoverable and what is not.
It’s a peek at web vulnerability and redundancy we only usually see in bits and pieces, like during cloudflare or AWS outages.
Anyway, that’s why I’ve been sharing so much about what I’ve been reading about it.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
I am so tired of conspiracy theories about 1) Nationwide blackouts 2) Nationwide internet takedowns
It's like suggesting somebody is going to simultaneously unscrew every screw of varying sizes and types in your home.
Neither of those things is happening in modern times without a nuke or an asteroid.
Also, the "national blackout" wet dream conspiracy theory is about the lamest one I can possibly think of - grow some post-apocalyptic creativity. Places all over the world do fine with unstable power. I think of 11 more interesting ways to destroy civilization by breakfast.
I would pay very serious and close attention to Mr. Nance. He is an eminently credible expert and I trust his judgement. Review your physical security plans at offices and data centers.
The safety and security of your people comes first. How are they protected, and how can they be rapidly evacuated or shelter safely in place? Have they recently drilled fire and active shooter scenarios? Is it essential they be on site?
After that, consider your disaster recovery, data security, and redundancy planning specific to physical attacks. What happens if there is major damage to a single data center or its links? Have these plans been reviewed and adjusted since the pandemic impacted operations?
Many many tweeters who think Parler is down because of App Store removal, and also that that somehow violates their 1st Amendment rights.
Clarification: both of those things are untrue.
Removing an app from the store simply makes it unavailable to download or update. The first amendment protects Americans from government suppression of free speech. Thank you for coming to my TED talk.
Twitter could change its TOS to ban all mention of pancakes, and promptly ban me for no other offense.
It's going to be really... interesting to research and report vulns to voting machine companies after one has been pushed into pursuing a *1.3 billion dollar* defamation case. Hopefully security researchers can maintain their good relationships with them.
Can imagine that figure scaring some folks off, especially inexperienced ones not backed by corporate lawyers. Particularly in cases where there's no or poor response to private disclosure.
(They are well within their rights to sue, of course - if I haven't made that abundantly clear)
It’s challenging to try to explain to liberal and libertarian, privileged baby boomers who are not already activists why gen x, millennials, gen z are arguing for what they perceive as very extreme political and social change. Healthcare, college debt relief, or social justice...
Until I started having conversations with otherwise sensible older people who are center-left and do support things like gay marriage, I didn’t realize how much of a disconnect and blind spot there is. A lot of my 20s-40s friends are in serious perpetual debt with no healthcare..
Economically, structurally, and socially people’s lives have changed a lot in the past fifty years...
Just a reminder that you can’t build a successful threat hunting program to detect the APT indicators everyone is posting unless you actually build the capacity to threat hunt - which had prerequisites, like understanding your environment and building collections of log sources.
Otherwise you’re just throwing pasta at the wall and hoping something will stick, and you don’t know if it means anything if it doesn’t.
Actual serious threat hunting: 1) Builds upon reasonably mature security monitoring capability 2) Requires actual well though out hypotheses about what an adversary might be doing in your environment based on architecture, Intel, Crown Jewels