The Daily Parker

Politics, Weather, Photography, and the Dog

Some random person in Nebraska

Network security company CrowdStrike pushed a minor update to its Falcon Sensor product around 11pm Chicago time yesterday that managed to take down almost every virtual machine in Microsoft's Azure cloud:

Cascading technology errors stranded airline passengers around the world, halted hospital surgeries and crippled office workers’ computers on Friday in one of the most disruptive computer outages in years, highlighting how much of the world relies on potentially error-prone software from a handful of companies.

Technology experts said the meltdowns appeared to stem mostly from an error in a software update from CrowdStrike, whose technology is commonly used by businesses to defend against cyberattacks.

That defect affected computers that use Microsoft’s Windows, which powers hundreds of millions of personal computers and many back-end systems for airlines, digital payment, emergency services call centers and much more.

[B]ecause CrowdStrike’s digital protections are considered essential, its technology is given priority access on many computer systems. If something goes wrong with CrowdStrike software, that privileged access can grind computers to a halt.

CrowdStrike admitted that their software caused the problem:

  • Symptoms include hosts experiencing a bugcheck\blue screen error related to the Falcon Sensor.
  • Windows hosts which have not been impacted do not require any action as the problematic channel file has been reverted.
  • Windows hosts which are brought online after 0527 UTC will also not be impacted
  • Hosts running Windows 7/2008 R2 are not impacted
  • This issue is not impacting Mac- or Linux-based hosts
  • Channel file "C-00000291*.sys" with timestamp of 0527 UTC or later is the reverted (good) version.
  • Channel file "C-00000291*.sys" with timestamp of 0409 UTC is the problematic version.

Don't worry, you probably don't have CrowdStrike software on your PC at home; but you probably do log into your Windows PC through Microsoft Active Directory, which runs on virtual machines in the Azure cloud that depend on Falcon Sensor.

This time, the random person in Nebraska turned out to be a multimillion-dollar corporation in Austin, Texas. Though, I suspect, several random people in Texas are now looking for new jobs.

A bit of perspective

Time for another reminder. If you see something on social media that:

  • seems to confirm something you already believed about the "other side,"
  • comes from someone claiming to have inside knowledge, and
  • makes you angry

...then it's almost certainly fake*.

The Economist prominently featured a story on the onslaught of conspiracy theories today, as did NPR. Will those stories help? Probably not. After all, "men willingly believe what they want," as Julius Caesar once (may have) said. But let's review anyway.

The FBI and the Pennsylvania State Police aren't going to leak information about Saturday's shooting on Facebook. They're going to make sure they have it right, then hold a press conference, where journalists from real news organizations will ask them questions and report what they said. I can't believe people have trouble understanding this. "Officer Krupke" was posting bullshit to TikTok from an industrial park outside Minsk on Sunday morning, not hearing the latest secrets about the investigation from his higher-ups at the incident response center outside Pittsburgh. And you almost certainly know that, but you reposted the meme anyway.

What we do know about Saturday makes the event no less horrible but a lot less surprising. All of the public evidence points to a pathetic post-teen white incel with too-easy access to near-military-grade weapons deciding to become famous in the worst possible way. It was similar to almost every other time someone has shot at a US president throughout history. This pathetic boy will be remembered in the long list of similar nutters that includes Hinckley, Fromme, Schrank, Oswald, Guiteau, Booth, Czolgosz, Zangara, and the dozens who never got the chance because the USSS or their local cops got to them in time.

The worst part about Saturday isn't its effect on the election or that the convicted-felon XPOTUS got nicked in the ear; it's that two people died, and absent the immediate actions of the best-equipped, best-trained armed guards in the history of the world, many more would have. Two more Americans are dead because a trade group has convinced a huge swath of the country—and an overwhelming percentage of those at Saturday's rally—that buying their member-organizations' products is a God-given right.

Because of those policies, promoted by the Republican Party and enshrined in Pennsylvania law, this postpubescent hobgoblin obtained a military-style rifle, loaded it, and got it to within 150 meters of the presumptive Republican nominee for president, all completely legally. Until he pointed the rifle at the XPOTUS, he hadn't committed a crime.

In fact, as Josh Marshall laments, this wasn't much different than a school shooting. He makes good points, including that it doesn't really matter what flavor of mass shooting it was. He also notices that Republicans office-holders were the first to politicize the event. Well, of course they were, because otherwise someone might connect their rhetoric and their policies with the increased frequency of shootings.

I don't think this event will move the needle on the election, not one little bit. We're too entrenched in our candidates. That said, I fully expect the next four days in Milwaukee to showcase exactly how deranged the rapist XPOTUS is—but no one will change his mind because of it. Tonight, in fact, we get to find out who he's picked to be his panegyrist running mate, and we can all feel a little sorry for that person when he or she gets kicked to the curb in a year or two. (Update: it's US Senator JD Vance (R-OH), one of the only people in US politics who is possibly less genuine than the XPOTUS.)

The next 113 days will suck. Probably the two months after that will suck, too. And there's a real possibility that the XPOTUS could win, making the next few years after suck as well, at least until 78 years of Big Macs and rapidly-advancing frontotemporal dementia catch up to him.

But enough with the misinformation. Seriously.

* Unless it's the New York Times telling you that a corrupt Federal judge dismissed a criminal case against an unrepentant felon on a theory so batshit crazy that not even Sam Alito signed on to it when he had the chance. That actually happened this morning.

Stormy weather

Three celebrities from my youth died yesterday, but for obvious reasons none was the top story on any news outlet this morning.

No one should politicize the attempt on the XPOTUS's life yesterday at a rally outside Pittsburgh. We have no idea why the assailant shot the XPOTUS and three other people; the FBI and the Pennsylvania State Police are investigating, and with the shooter killed by the Secret Service, we won't have to wait for a criminal trial for the full story. I trust both agencies to investigate thoroughly and report honestly on what they find.

We need to wait until those facts are in before drawing any conclusions. Predictably, some people have already said some horrible things and made ridiculous accusations, and equally predictably, others have reported on those horrible and ridiculous things. I'm not going to do either. And I'm going to examine my own dark thoughts to get a handle on why people are saying what they're saying.

Violence is reprehensible. Political violence doubly so. This is not how civilized societies function.

Finally, I want to acknowledge the passing of Shannen Doherty, Richard Simmons, and Dr Ruth Wesheimer. All three were at their peak celebrity in my teenage and young-adult years. All three dying on the same day is just...weird.

Tuesday afternoon links

It has started raining in downtown Chicago, so it looks like Cassie and I will get wet on the walk home, as I feared. I still have a few tasks before I leave. I just hope it stays a gentle sprinkle long enough for us to get home from doggy day care.

Just bookmarking these for later, while I'm drying out:

  • Researchers concluded that the problem with online misinformation and epistemic closure comes from people, not technology. Apparently we generally look for information that confirms our existing biases. Who knew.
  • Chicago has more lead pipes than any other North American city--and more regulation, labor issues, and general corruption, too. We might replace all the pipes by 2075; not so much the corruption.
  • Shocking absolutely no one, a study has found that drinking alcohol on an airplane is worse that doing it on the ground.

Finally, former US Senator Jim Inhofe (R-OK) died today, just as climate change once again contributed to a massive storm flooding neighboring Texas. I mention that because Inhofe, who served in the Senate until he was 88 years old, refused to believe that the planet had gotten warmer, and did his best to keep the US from entering the 21st Century by any reasonable measure. Oh, and he was also an asshole pilot who once nearly hit a bunch of construction workers because he wanted to land on a closed runway. He may be mourned somewhere, but the Daily Parker is glad to see him underground. So, presumably, is the FAA.

Gonna be a hot one

I've got a performance this evening that requires being on-site at the venue for most of the day. So in a few minutes I'll take two dogs to boarding (the houseguest is another performer's dog), get packed, an start heading to a hockey rink in another city. Fun! If I'm supremely lucky, I'll get back home before the storm.

Since I also have to travel to the venue, I'll have time to read a few of these:

Finally, the Post examined a Social Security Administration dataset yesterday that shows how baby names have converged on a few patterns in the last decade. If you think there are a lot of names ending in -son lately (Jason, Jackson, Mason, Grayson, Failson...), you're not wrong.

When the rain comes

I took Cassie out at 11am instead of her usual 12:30pm because of this:

The storm front passed quickly, but it hit right at 12:30 and continued for half an hour with some intensity. It'll keep raining on and off all day, too.

Other things rained down in the past day or so:

Finally, Super Size Me director Morgan Spurlock has died at age 53 of cancer. No word whether the production of the 2004 documentary contributed to his early demise.

Two houses, unalike in dignity...

I'll lead off today with real-estate notices about two houses just hitting the market. In Kenilworth, the house featured at the end of Planes, Trains, and Automobiles can be yours for about $2.6 million. If you'd prefer something with a bit more mystique, the Webster Ave. building where Henry Darger lived for 40 years, now a single-family house, will also soon hit the market for $2.6 million. (That house is less than 300 meters from where my chorus rehearses.)

In other news:

Finally, Industry Ales, the new brewery-taproom at 230 S. Wabash Ave., hopes it survives. So do I. But I'll make sure to get it on the Brews & Choos reviews list very soon.

When opponents become cartoon villains

If South Dakota governor and unapologetic puppy-killer Kristi Noem (R, obviously) becomes the XPOTUS's running mate this year, the GOP will have outdone its own Doctor Evil mindset. And yet, that is not the worst thing happening in the world today:

  • A California judge has ruled a recent state law requiring municipalities to undo discriminatory zoning laws unconstitutional, though it's not clear how long that ruling will stand.
  • Do you own a GM car made in this decade? It may be spying on you, and sharing your driving history with your insurance company without your consent.
  • After a non-profit group suggested merging the CTA, Metra, and Pace, the Illinois House has started the legislative process to do just that.
  • Ezra Klein takes us through the history of the infamous Noe Valley public toilet in San Francisco, which took years to get through the planning process, increasing its cost at every step.
  • Remember: public policy led to the proliferation of trucks masquerading as cars that endanger pedestrians, pollute neighborhoods, and generally look ugly.

Finally, Josh Marshall points out that while he (and I) support the basic aim of student protests against the Gaza war—Israel must stop killing people in Gaza—we do not support the groups organizing those protests at Columbia and other universities, almost all of which call for the destruction of the Jewish state. I'm also somewhat anxious about the normal propensity of young people to demand easy answers to complex questions becoming a democracy-ending problem later this year. I mean, if you think students are always on the right side of history, I need to direct your attention to China in 1966 and one or two other examples. Children don't do nuance.

Coding continues apace

I'm almost done with the new feature I mentioned yesterday (day job, unfortunately, so I can't describe it further), so while the build is running, I'm queuing these up:

All right! The build pipelines have completed successfully, so I will now log off my work laptop and order a pizza.

The Internet runs on Doug's code, and Doug just got pwned by the SVR

Remember this XKCD from 2020? With a little help from what researchers think may be the Russian government, that little brick wobbled a bit in the past few days:

The cybersecurity world got really lucky last week. An intentionally placed backdoor in xz Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have been incorporated into both Debian and Red Hat Linux.

It was an incredibly complex backdoor. Installing it was a multi-year process that seems to have involved social engineering the lone unpaid engineer in charge of the utility.

I simply don’t believe this was the only attempt to slip a backdoor into a critical piece of Internet software, either closed source or open source. Given how lucky we were to detect this one, I believe this kind of operation has been successful in the past. We simply have to stop building our critical national infrastructure on top of random software libraries managed by lone unpaid distracted—or worse—individuals.

The Economist has it in the King's English:

xz Utils is open-source software, which means that its code is public and can be inspected or modified by anyone. In 2022 Lasse Collin, the developer who maintained it, found that his “unpaid hobby project” was becoming more onerous amid long-term mental-health issues. A developer going by the name Jia Tan, who had created an account the previous year, offered to help. For more than two years they contributed helpful code on hundreds of occasions, building up trust. In February they smuggled in the malware.

Jia Tan’s patient approach, supported by several other accounts who urged Mr Collin to pass the baton, hints at a sophisticated human-intelligence operation by a state agency, suggests The Grugq.

Analysis by Rhea Karty and Simon Henniger suggests that the mysterious Jia Tan made an effort to falsify their time zone but that they were probably two to three hours ahead of Greenwich Mean Time—suggesting they may have been in eastern Europe or western Russia—and avoided working on eastern European holidays. For now, however, the evidence is too weak to nail down a culprit.

Sleep well...