We had a relatively quiet day yesterday, but only in comparison to the day before:
Meanwhile, here in Chicago:
Finally, Bruce Schneier advises the incoming administration on how to deal with the SolarWinds intrusion.
See? Yesterday was quiet.
Where to begin.
Yesterday, and for the first time in the history of the country, an armed mob attacked the US Capitol building, disrupting the ceremonial counting of Electoral Votes and, oh by the way, threatening the safety of the first four people in the presidential line of succession.
I'm still thinking about all of this. Mainly I'm angry and disgusted. And I'm relieved things didn't wind up worse. But wow.
Here are just some of the reactions to yesterday's events:
- American late-night hosts Seth Myers, Jimmy Kimmel, Stephen Colbert, and Jimmy Fallon didn't hold back. Neither did usually-staid reporters like Times White House correspondent Peter Baker and columnist Gail Colins.
- Even Bill Barr—yes, that Bill Barr—came out with a strong statement condemning the president.
- Vice President Mike Pence may have given the order to activate the National Guard, which raises two questions, both troubling: what legal authority did he have to do so, and why did the Guard obey the order? A 1949 Executive Order vests the authority with the Defense Secretary, explaining later "clarifications" that suggested Pence "consulted" with acting Defense Secretary Chris Miller, who actually ordered the Guard into action.
- Maybe he should have the authority on application of the 25th Amendment, suggested incoming Senate Majority Leader Chuck Shumer (D-NY) and House Speaker Nancy Pelosi (D-CA) and much of the Democratic delegations to both houses. Republicans also joined the call, including Adam Kinzinger (R-IL) and former NRSC chair Jay Timmons. (Pundits like Greame Wood, Bret Stephens, Greg Sargent, and Frida Ghitis, were gimmes.)
- Some Cabinet members didn't wait. Among the resignations: Transportation Secretary (and wife of incoming Senate Minority Leader Mitch McConnell, R-KY) Elaine Chao; White House Council of Economic Advisers acting chair Tyler Goodspeed; deputy national security adviser Matt Pottinger; special envoy to Northern Ireland and former White House acting Chief of Staff Mick Mulvaney; the First Lady's Chief of Staff, Stephanie Grisham; Deputy White House press secretary Sarah Matthews; senior administration cybersecurity adviser John Costello; and even the White House Social Secretary, Rickie Niceta. ("Now they leave?" asks Jennifer Rubin, quite reasonably.)
- Where were the Capitol Police? Maybe not as invested in their jobs as one would hope. But the House sergeant-at-arms, Paul Irving, resigned, and Schumer has asked for Michael Stenger, the Senate sergeant-at-arms, also to resign.
- Twitter finally suspended the STBXPOTUS's account for 12 hours; Facebook suspended him until after the inauguration.
- The president of Chicago's Fraternal Order of Police (along with some of my right-wing acquaintances) equivocated to the point of appearing to support the events of the day.
- Anne Applebaum mourns the loss of our standing as the symbol of democracy in the world.
- Adam Davison is "furious" at his friends at major news organizations like NPR and the Times for "normalizing [the president] and his followers."
- John Scalzi finally comes around to the STBXPOTUS being our worst president ever, instead of just 43rd-worst ahead of James Buchanan. (NB that only 44 men have been President; Grover Cleveland served two nonconsecutive terms.)
Meanwhile, amid the violence and the insanity, the United States set a new record for Covid-19 deaths in one day.
Oh, and also, now that you mention it, both Democratic candidates for US Senate in Georgia won their races.
The mayor of Washington DC and the Speaker of the House have requested the National Guard clear "protestors" from the Capitol grounds as Congress has evacuated the House chamber:
The request was made through the Capitol Police Board, a body that includes the chief of the Capitol Police, the House and Senate sergeants of arms, and the Architect of the Capitol.
A D.C. government official who spoke on the condition of anonymity because they were not authorized to comment publicly said troops are being deployed to the Capitol.
This is terrorism, plain and simple. The STBXPOTUS has enflamed the passions of his more addle-minded followers because, like most authoritarians who lose, he can't accept that he lost.
These infants, attempting to disrupt their own Congress while shouting "USA! USA!", embarrass me. The Republican Party embarrasses me. The STBXPOTUS just makes me sad.
Three minutes ago, the Times' headline: "Police draw guns inside the Capitol." The party of Law and Order my ass.
The Times continues its coverage of the SolarWinds breach, and adds a detail that explains why the Russians continue to eat our lunch:
Employees say that under [SolarWinds CEO Kevin] Thompson, an accountant by training and a former chief financial officer, every part of the business was examined for cost savings and common security practices were eschewed because of their expense. His approach helped almost triple SolarWinds’ annual profit margins to more than $453 million in 2019 from $152 million in 2010.
But some of those measures may have put the company and its customers at greater risk for attack. SolarWinds moved much of its engineering to satellite offices in the Czech Republic, Poland and Belarus, where engineers had broad access to the Orion network management software that Russia’s agents compromised.
So many things went wrong in this case that singling out one CEO for taking profits over security may seem myopic. But the SVR must love the poetry of it: a greedy American CEO tries to increase his paycheck by hiring engineers easy for them to compromise, leading to the largest network intrusion in history.
I want to see Congress investigate this, and I want to see Thompson reduced to penury for his greed. Not that anything will change; until we have rational regulation of software security—hell, until we have any regulation of software security—criminals and our adversaries will keep exploiting companies like SolarWinds.
A couple of articles piqued my interest over the last day:
Finally, with only a few days left in December, we have now had 5 days this month with more Americans dead from Covid-19 than died on 9/11, and the STBXPOTUS won't sign even the miserly, half-assed recovery bill that Republicans in the Senate would agree to. January 20th can't come soon enough.
It's 11°C outside and I have a fuzzy houseguest for the day, so there will be walks! At least until the 20°C temperature drop starts around 6pm... So while I'm enjoying the last above-freezing day of the year with a very sweet and very strong office companion, I've got a few things to occupy my time.
At the top of my list today, we find that the STBXPOTUS has pardoned 15 truly awful murderers and grifters, including the four assholes who slaughtered unarmed Iraqi civilians in 2007. It's possible these are the worst pardons ever granted by a US president. (I wonder if Bill Moyers would agree.)
Next we have Bruce Schneier explaining just how bad the SolarWinds penetration really is.
And finally, US Surgeon General Dr Jerome Adams said Chicago's coronavirus vaccine rollout was the best in the nation. Go us!
I will now finish my lunch, guarded vigilantly by my neighbor's dog who hopes against all evidence that some of my ham sandwich will find its way to her snout.
FireEye, a cybersecurity firm, revealed last week that unknown parties had penetrated its network and that its clients, including the US Government, were at risk. Bruce Schneier has technical details about the attack. Former Homeland Security Adviser Thomas Bossert lays out the scope of it:
The attackers gained access to SolarWinds software before updates of that software were made available to its customers. Unsuspecting customers then downloaded a corrupted version of the software, which included a hidden back door that gave hackers access to the victim’s network.
This is what is called a supply-chain attack, meaning the pathway into the target networks relies on access to a supplier. Supply-chain attacks require significant resources and sometimes years to execute. They are almost always the product of a nation-state. Evidence in the SolarWinds attack points to the Russian intelligence agency known as the S.V.R., whose tradecraft is among the most advanced in the world.
According to SolarWinds S.E.C. filings, the malware was on the software from March to June. The number of organizations that downloaded the corrupted update could be as many as 18,000, which includes most federal government unclassified networks and more than 425 Fortune 500 companies.
The magnitude of this ongoing attack is hard to overstate.
The Russians have had access to a considerable number of important and sensitive networks for six to nine months. The Russian S.V.R. will surely have used its access to further exploit and gain administrative control over the networks it considered priority targets. For those targets, the hackers will have long ago moved past their entry point, covered their tracks and gained what experts call “persistent access,” meaning the ability to infiltrate and control networks in a way that is hard to detect or remove.
The logical conclusion is that we must act as if the Russian government has control of all the networks it has penetrated.
Now, if only we had an administration that believed its experts and a majority party in the Senate that would pass a Defense Reauthorization Bill...
The Electoral College has voted, and with no surprises, as of 16:37 Chicago time Joe Biden has received the requisite 270 votes to be elected President of the United States. And yet, we had a few surprises today:
Finally, John le Carré died at 89 yesterday. Time to revisit Josephine Livingstone's review of "the glorious return of George Smiley," le Carré's 2017 novel A Legacy of Spies.
Just reviewing what I actually got up to yesterday, I'm surprised that I didn't post anything. I'm not surprised, however, that all of these articles piled up for me to read today:
- Dunn County, Wis., Democratic Party chair Bill Hogseth, writing in Politico, explains "why Democrats keep losing rural counties" like his.
- Ross Douthat asks, "why do so many Americans think the election was stolen?"
- Author Ben Judah explains why The Crown's portrayal of Prince Charles is wrong.
- The STBX administration's salted-earth activities include making the US citizenship test more political.
- The Federal Court for the District of Hawaii sentenced the corrupt former Honolulu police chief and his equally-corrupt ex-wife to prison for conspiracy, bank fraud, and other charges.
- The National Academy of Sciences has determined that a directed-microwave weapon sickened US diplomats in Havana, Cuba, but did not examine who fired it.
- Covid-19 has given us a whole new dictionary of workplace slang, according to 1843.
- The New Yorker's Alex Ross finds the moral closure of the 2004 film Downfall a little too facile.
- Divers in the Baltic Sea have found an Enigma coding device from May 1945.
- Though difficult to see from Chicago, a conjunction between Jupiter and Saturn will cause a rare double-planet effect this month, peaking when the planets are 6 arc-minutes apart on December 21st.
While I'm reading all of that, I've got a stew going in my Instant Pot (on slow-cooker mode). Unfortunately, it seems I underestimated the bulkiness of stew ingredients. I think I'll have a lot of leftovers:
So many things to read at lunchtime today:
- Philip Bump calls a video the soon-to-be-ex-president posted yesterday "the most petulant 46 minutes in American history."
- But whatever, because as David Graham points out, the STBXPOTUS is becoming irrelevant.
- As for voter fraud, and for accusing opponents of what you're actually the one doing, Georgia authorities have begun an investigation of a (Republican) Florida attorney who recommended to people that they illegally register to vote in Georgia ahead of the US Senate runoffs on January 5th, and even provided instructions.
- And speaking of lying about your opponents for political gain, the BBC calls bullshit on UK government claims that the EU would not have allowed the UK to approve the Pfizer vaccine as quickly as it did.
- If you live near Chicago, check out the Tribune's interactive map showing how every precinct in the six counties voted for president, US Senate, and the Fair Tax Amendment. As one of my friends pointed out, the line demarcating the Fair Tax vote between Evanston and Wilmette and the absence of such a demarcation on the Biden vote suggests that rich liberals say they're for fair taxes but don't actually vote for fair taxes.
- The National Science Foundation has released video from the Aricebo Observatory control tower showing its final collapse yesterday.
- Speaking of collapses, when you really think about it, Mount Rainier is actually the most dangerous volcano in the US. (Think: billions of liters of water locked up in its glaciers.)
- A shop in Kyoto has been selling mochi (grilled rice flour cakes) for over 1,000 years. And it's not even the oldest business in Kyoto.
- Google has made it easier for anyone, anywhere, to contribute to their Street View feature.
Finally, a year ago today I made some predictions about what could happen in the 2020 election. Turns out, "Option C" is true, and we're still waiting to see on a few others.