The Daily Parker

Politics, Weather, Photography, and the Dog

Welcome to Summer 2021

The northern hemisphere started meteorological summer at midnight local time today. Chicago's weather today couldn't have turned out better. Unfortunately, I go into the office on the first and last days of each week, so I only know about this from reading weather reports.

At my real job, we have a release tomorrow onto a completely new Azure subscription, so for only the second time in 37 sprints (I hope) I don't expect a boring deployment. Which kind of fits with all the decidedly-not-boring news that cropped up today:

  • The XPOTUS and his wackier supporters have a new conspiracy theory about him retaking office in a coup d'état this August. No, really.
  • In what could only 100% certainly no doubt how could you even imagine a coincidence, former White House counsel Don McGahn will testify before the House Judiciary Committee tomorrow morning.
  • Also uncoincidentally, a group of 100 historians and political scientists who study this sort of thing have put out a statement warning of imminent democratic collapse in the US. “The playbook that the Republican Party is executing at the state and national levels is very much consistent with actions taken by illiberal, anti-democratic, anti-pluralist parties in other democracies that have slipped away from free and fair elections,” according to the Post.
  • Speaking of democratic backsliding, Josh Marshall takes the Israeli cognoscenti to task for still not getting how much the Israeli government aligning with an American political party has hurt them.
  • Here in Illinois, the state legislature adjourned after completing a number of tasks, including passing a $46 billion budget that no one got to read before they voted on it. (I'm doubly incensed about this because my own party did it. We really need to be better than the other guys. Seriously.)
  • For the first time since March 2020, Illinois has no states on its mandatory quarantine list. And we reported the fewest new Covid-19 cases (401) since we started reporting them.
  • The Northalsted Business Alliance wants to change the name of Chicago's Boystown neighborhood to...Northalsted. Residents across the LGBTQ spectrum say "just, no."

Finally, a Texas A&M business professor expects a "wave of resignations" as people go back to their offices.

Well-designed phishing attack

I had planned to note Bruce Schneier's latest essay, "The Misaligned Incentives for Cloud Security," along with a report that Microsoft has noticed an uptick in SolarWinds attacks against its own services. But twice in two weeks I've received bogus DMCA takedown notices that tried to trick me into downloading files from a Google site, and I'm impressed by the effort that went into these phishing attacks.

In both cases, the attacks came through the blog's Contact page, meaning someone had to copy and paste the text into the form. They both lay out most, but not all, of the elements of a DMCA takedown notice, with lots of threatening (but inaccurate) text about what could happen if I don't comply. But here's the kicker: instead of specifying which of the Daily Parker's nearly 8,000 posts contain infringing material, as required by the DMCA, they contain a link to a file on a Google site that I should download to see the material they claim to own.

It turns out, I know a thing or two about copyright law, and about computer security, so I didn't fall for the phish. I worry, though, that this attack could fool a lot of people. Reminder, folks: never download a file you didn't specifically ask for. (In my case, I did attempt to download one of the files, in a sandbox, with virus protection jacked all the way up. The virus protection took one look at the file and didn't even allow the download.)

Let me enumerate the really sophisticated features of this attack:

  • It contained mostly true information. People send out DMCA takedown notices all the time; experienced website administrators take them seriously when received. The author of this phish included the correct and relevant US Code sections, and a mostly-correct description of how the DMCA operates. They got the statutory damage amount totally wrong, but only because the number they used would scare people more.
  • It didn't contain any English language errors. Whoever wrote the copy for this attack speaks perfect English. This wasn't a laughable 409 scam.
  • It came through the Contact feature, not an email. The attacker took the time to go to the Daily Parker contact page, copy and paste the phishing text, and click "send." A human had to do that.
  • It stated a plausible claim. This is Daily Parker post #7,922 since the blog started on 13 May 1998. It is conceivable that at some point in the last 23 years I posted a photo for which I didn't obtain a proper license. This would be true of any large blog or website.
  • It used a real Google Sites link. The download link pointed to an asset actually stored on a google.com computer somewhere. That might convince someone of its legitimacy, unless you remember that anyone can put anything up on a Google Site or other cloud storage service. Again: never download a file you didn't specifically ask for.
  • It came from a network in the US. Reverse-IP lookups showed the origin IP addresses to be owned by a major ISP in Colorado, not a scary Eastern European location. Of course, it means that the attacker has access to a computer physically located in the US, which means I'll send my own legal notice to the ISP if I receive another one of these.

Now, here's where they missed the mark:

  • They asked me to download a file. No. No, no, no. GFY a thousand times with a chainsaw.
  • The phish did not contain all the required elements of a DMCA takedown notice. They didn't list specific assets, with URLs, that they allege infringed their copyrights; they didn't assert a claim of ownership in a legally-sufficient manner; they didn't provide full contact information; and they didn't sign it. But of course they didn't, because the closer they got to legal sufficiency, the more information I'd have that they have no real claim.
  • They sent two nearly-identical (but not identical enough) phishes 8 days apart. You think I didn't remember the first one? You think I didn't compare them? The second attempt simply confirmed that the first attempt wasn't merely an amateur-hour legal notice but, as I suspected, a phish.
  • One of the phishes came through a non-publicized FQDN. Because I host the Daily Parker on Microsoft Azure, it has an Azure-provided fully-qualified domain name (FQDN) in addition to www.thedailyparker.com. I have never publicized the Azure FQDN, and as far as I know the Azure FQDN has no inbound links. I suppose it could have gotten picked up by a search engine, but again, without inbound links, I can't see how. It's not secret; it's just really odd that someone would use it.
  • The claimant's names were...weird. I said earlier that the text of the phish used correct English throughout, but the names of the supposed claimants seem to have come from a name-generation tool. Seriously, the names were Ford Prefect-weird.
  • It turns out, I'm well-versed in both copyright law and cybersecurity. This type of mistake even has an entire TV Tropes entry. I guess a criminal wouldn't necessarily know that, however. They might find out, should they send a third phishing attempt my way. Will I haul them into Illinois court to answer a tortious trespassing case? Probably not. But I might tell their ISP. And the FBI. Because at some point, they will get someone to open whatever malicious file they linked to, which I expect will lead to actual crimes.

In recognition the effort that went into this phishing attack, I wanted to publicize it in case it happens to anyone else. If you get an alleged DMCA takedown notice, and it doesn't meet the legal requirements as outlined by the USPTO, ignore it. And once more, with feeling: never download a file you didn't specifically ask for.

And if you're the script kiddie who sent the phish, GFY with a tree. Sideways.

One year later

A year ago today, Minneapolis police officer Derek Chauvin murdered George Floyd under color of law:

The NAACP kicked off Tuesday by holding a moment of silence for Floyd at 9:29 a.m. on its Facebook page to mark the 9 minutes and 29 seconds Derek Chauvin knelt on Floyd's neck.

Shareeduh Tate, Floyd's cousin and president of the George Floyd Memorial Foundation, told CNN on Tuesday that the family feels uplifted by the racial reckoning, the conviction of Chauvin, and the federal indictment of the Chauvin and the other three officers involved in Floyd's death.

Tate said that while she had wanted to see the George Floyd Justice in Policing Act passed by today, the family would rather wait until Congress can pass a substantive bill that includes every provision.

It almost seems that not a lot has changed, though. I'm not convinced that policing is per se racist, though the data on police shootings show a pronounced bias against Native Americans and Black people. I also worry that in the current political climate, where an entire political party has abandoned reason and sees any criticism of police as unacceptable, we don't have the space needed to carry on a productive debate on policing.

But we've at least started the conversation. Who knows? In another 20 years we might have something approaching a more balanced view of force. Or we'll have Judge Dredd. Hard to say right now.

Wednesday evening roundup

Happy Wednesday! Here's what I'm reading before my 8pm meeting, now that my 6:30pm meeting just ended:

And finally, the New Yorker's Tom Papa introduces you to "asshole cat behaviors."

The walls close in a little

The New York Attorney General's office has tightened the screws on the Trump Organization:

"We have informed the Trump Organization that our investigation into the organization is no longer purely civil in nature. We are now actively investigating the Trump Organization in a criminal capacity, along with the Manhattan DA. We have no additional comment at this time," Fabien Levy, a spokesperson for the office, said in a statement.

James' years-long probe into Trump's charitable foundation led to its dissolution in 2018. More recently, her investigation into whether Trump's business had inflated the value of its assets for the purposes of tax breaks and loans came to a head in October when Eric Trump, the president's son and an executive at his business, sat for a pre-election deposition.

Aaron Blake speculates on what this could mean:

Perhaps the most significant consensus among former New York state prosecutors I reached out to is that it makes some kind of criminal charges appear more likely than previously known. That doesn’t mean those charges will definitely come or implicate the former president personally. But it’s the kind of statement that James’s office would have known full well would land with some force — and potentially create an expectation about where all this will lead.

Tax fraud would seem to potentially come into play here, given the extensive New York Times investigation into tax schemes Trump engaged in as far back as the 1990s — schemes the Times went as far as to say included “instances of outright fraud.” But the report also noted that much of what it described happened too long ago for criminal charges to be brought.

It’s also fair to ask why this statement was made public. Prosecutors generally don’t disclose such things and will wait for actual charges to be brought before publicly commenting. But in a high-profile case such as this, the former prosecutors say, it was potentially only a matter of time before such a phase of the investigation would be known publicly. The attorney general’s office notified the Trump Organization of the new phase last month, The Washington Post’s Shayna Jacobs and David A. Fahrenthold report.

I've consistently said I don't expect to see the XPOTUS behind bars, nor do I want that outcome. I think it sets a scary precedent for any democracy to jail a former head of government for anything short of violent crime. Don Junior, Jared, and Melania, however, should spend some time in Danbury. The New York AG and New York County DA may well send them to Queensboro instead.

Someone call "Lunch!"

We have gloomy, misty weather today, keeping us mostly inside. Cassie has let me know how bored she is, so in the next few minutes we'll brave the spitting fog and see if anyone else has made it to the dog park.

Meanwhile:

All right, off to the damp dog park.

Lunchtime reading before heading outside

Today is not only the 35th anniversary of the Chernobyl disaster, it's also the 84th anniversary of the Nazi bombing of Guernica. Happy days, happy days.

In today's news, however:

I will now get lunch. And since it's 17°C right now (as opposed to yesterday's 5°C), I may eat it outside.

Sure Happy It's Thursday! Earth Day edition

Happy 51st Earth Day! In honor of that, today's first story has nothing to do with Earth:

Finally, it looks like I'll have some really cool news to share about my own software in just a couple of weeks. Stay tuned!

Guilty

Former Minneapolis police officer Derek Chauvin is, officially, a felon and a murderer. The jury deliberated for longer than 9 minutes and 28 seconds, but not much longer.

Good luck in gen pop, you racist thug.

Some reactions:

  • Barack Obama: "[I]f we’re being honest with ourselves, we know that true justice is about much more than a single verdict in a single trial."
  • Jennifer Rubin: "Tuesday’s verdict, which is likely to be appealed, does not mean the overarching problem of racism in policing is resolved."
  • US Rep. Alexandria Ocasio-Cortez (D-NY): "That a family had to lose a son, brother and father; that a teenage girl had to film and post a murder, that millions across the country had to organize and march just for George Floyd to be seen and valued is not justice."
  • Senate Majority Leader Chuck Schumer (D-NY): "I'm thankful for George Floyd’s family that justice was served. America was forever changed by the video of Derek Chauvin killing George Floyd. However, a guilty verdict doesn’t mean the persistent problem of police misconduct is solved. We'll keep working for meaningful change"
  • Senate Minority Leader Mitch McConnell (R-KY): ""
  • Speaker of the House Nancy Pelosi (D-CA): "George Floyd should be alive today. His family’s calls for justice for his murder were heard around the world. He did not die in vain. We must make sure other families don't suffer the same racism, violence & pain, and we must enact the George Floyd #JusticeInPolicing Act."
  • House Minority Leader Kevin McCarthy (R-CA): ""
  • Andy Borowitz: "Chauvin’s Defense Team Blames Guilty Verdict on Jury’s Ability To See"
  • The Onion: "‘This Is Strike One, Mr. Chauvin,’ Says Judge Reading Guilty Verdict Before Handing Gun, Badge Back"

We have a long way to go. But maybe, just maybe, this is a start, and not an aberration.

The overlap between stupid and criminal

Boy, did we get a clown car full of them today. Let's start with Joel Greenberg, the dingus whose bad behavior got US Representative Matt Gaetz (R-FL) caught up in a sex-trafficking investigation:

Records and interviews detailed a litany of accusations: Mr. Greenberg strutted into work with a pistol on his hip in a state that does not allow guns to be openly carried. He spent hundreds of thousands of taxpayer dollars to create no-show jobs for a relative and some of his groomsmen. He tried to talk his way out of a traffic ticket, asking a police officer for “professional courtesy.” He played police officer himself, putting a flashing light on his car to pull over a woman and accuse her of speeding. He published an anti-Muslim Facebook post. He solicited help to hack critics on the county commission.

Stalking a rival candidate got him arrested. Federal agents looking into the matter found at least five fake IDs in his wallet and backpack, and kept digging.

Their inquiry culminated in 33 federal charges against Mr. Greenberg, 36, including sex trafficking of a minor, bribery, fraud and stalking — and led to a mushrooming political scandal that burst into national news in recent days and ensnared Mr. Gaetz, who is a close ally of President Donald J. Trump, and other influential Florida Republicans, with the investigation continuing.

I mean, of course they live in Florida.

Moving on, local restaurant Tank Noodle must pay back a $150,000 pandemic grant to the state because of previous bad behavior:

Tank Noodle will have to return the $150,000 business interruption grant it received from the state of Illinois last year. The popular Vietnamese restaurant at 4953 N. Broadway violated the terms of the state grant program by running afoul of federal labor laws, said Lauren Huffman, spokesperson for the Illinois Department of Commerce and Economic Opportunity (DCEO).

The mandate to return the grant money comes weeks after Tank Noodle also was forced to pay almost $700,000 in back wages to employees it didn’t adequately compensate, federal investigators found as part of a two-year investigation.

Tank Noodle withheld pay and used illegal employment practices for 60 of its employees, a labor department investigation concluded. In addition to making servers work for tips, a violation of federal work laws, the investigation also found Tank Noddle shorted servers when the business pooled tips and divided the money among all staff, including management.

The restaurant drew ire from customers after its owners attended a Jan. 6 rally in support of former President Donald Trump that ended in the storming of the U.S. Capitol.

Former customers, I should say. The stretch of Argyle Street they anchor has about 15 Vietnamese restaurants that not only serve better food than Tank Noodle, but also don't steal from their employees.

Finally, the Brennan Center has taken notice of 361 proposals in 47 states designed to limit voting participation:

These measures have begun to be enacted. Five restrictive bills have already been signed into law. In addition, at least 55 restrictive bills in 24 states are moving through legislatures: 29 have passed at least one chamber, while another 26 have had some sort of committee action (e.g., a hearing, an amendment, or a committee vote).

During the same timeframe, pro-voter legislators, often in the very same state houses, are pushing back, seeking to make permanent the changes that led to the biggest voter turnout in over a century. In a different set of 47 states, 843 bills with expansive provisions have been introduced in a different set of 47 states (up from 704 bills as of February 19, 2021). Of these, nine expansive bills have been signed into law. In addition, at least 112 bills with expansive provisions are moving in 31 states: 9 have passed both chambers and are awaiting signature (including a bill to restore voting rights in Washington), 41 have passed one chamber, and 62 have had some sort of committee action.

I'll comb through some of those later. Now, I have a meeting, following which Cassie has to go to the dog park. Really, she has to, or I'll lose my mind with her nudging me.