The Daily Parker

Politics, Weather, Photography, and the Dog

View From Your Window contest

Welp, I was about 99% correct, but this week they had over 100 correct answers, so no prize:

It’s the John A. Blatnik Bridge connecting Duluth and Superior. It was finished in 1961, when I was about 10, and I remember my first drive over the bridge on the day it officially opened — five kids, mom and dad in the Plymouth, topping out 120 fucking feet(!) above the harbor surface. At that time, it was the highest distance above earth I had ever been. The Blatnik Bridge had replaced a swinging bridge that carried trains as well as cars across the harbor.

As for the exact location and window? 212 Piedmont Avenue [in Duluth, Minn.]

I got right block, but the wrong house. My guess:

I was so sure it was an East Coast bridge that I spent half an hour ranging up and down from Virginia to PEI looking for east-west rivers that a bridge that size could cross. Then I started searching for bridge types, and found https://bridgehunter.com/. Eventually I looked up the Bayonne Bridge to figure out what type it was (steel through arch), and just started looking at all of them, comparing the photos with the VFYW. I’d find one that looked promising, then examine Google Maps to find other features I’d noticed: industry on both sides of the river, the bridge coming to a T intersection on the near side with another highway, a rail yard between the photographer and the bridge, and a Y intersection close aboard to the photo at just the right angle to the bridge.

Once I found the John A. Blatnik Bridge in Duluth, things came together quickly. Here’s the map I drew in my head with my guess about where the photographer must have been (first photo). Then I zoomed in north of the rail yard and started looking for the weird Y intersection that ended in “W **** St” (second photo).

Ah, well. This week's contest looks very French, but I'll find out with everyone else next Friday.

It's over (mostly)

After 448 days, the State of Illinois and the City of Chicago have lifted all capacity limits and most other intrusive Covid-19 mitigation factors. We haven't gone completely back to normal, but it feels a lot more so than it did even a month ago.

The Tribune has a round-up of what rules remain in place and what has lifted. Mainly we still need masks on public transit and in places where owners or managers require them, and some "Covid theater" will continue where people demand it. But restaurants, movie theaters, and grocery stores can now go back to business as usual.

Even before today, some businesses had changed their signs to require masks only for unvaccinated customers. I will continue to mask up in those places, as well as in confined areas where I can't predict whether the people around me have gotten their jabs. If I'm in an airplane or a hospital, I'll even use a KN-95 instead of a decorative cloth mask.

Still, it's really (mostly) over. And we're all incredibly relieved.

Wednesday afternoon

I spent the morning unsuccessfully trying to get a .NET 5 Blazor WebAssembly app to behave with an Azure App Registration, and part of the afternoon doing a friend's taxes. Yes, I preferred doing the taxes, because I got my friend a pile of good news without having to read sixty contradictory pages of documentation.

I also became aware of the following:

Tomorrow morning, I promise to make my WebAssembly app talk to our Azure Active Directory. Right now, I think someone needs a walk.

The world still spins

As much fun as Cassie and I have had over the last few days, the news around the world didn't stop:

Finally, journalist Jack Lieb filmed D-Day using a 16mm home movie camera, which you can see on the National Archives blog. It's really cool.

Yet more Cassie beach photos

Just look at this beauty:

This dog had way too much fun on Sunday. Towards the end of her time at the beach, she chased this dude all over:

I have almost as much fun as she does, watching her open up to full speed. Wow, she is fast.

More beach photos

I didn't have as much time to edit photos yesterday as I expected, so I only have two more for today:

And I want to give a big shout out to this little guy, named Bear, who forded the 5-meter-wide tidal pool all by himself:

The Republican Civil War moves to Oregon

The Multnomah County, Ore., Republican Party has suffered what one might call a psychotic episode:

The story in Multnomah County, which is home to both Democrat-dominated Portland and a strong contingent of right-wing militia types, started with anger and frustration over [ousted GOP county chair Stephen] Lloyd’s effort to make the party “open to everyone,” including with more public-facing meetings. 

To some, that was simply too much. In early May, a faction of the party scheduled a recall vote.

The petition cited the supposed danger posed by local anti-fascist activists, asserting, “We dare not announce where and when we are meeting in the city of the original Antifa group, Rose City Antifa, which continues to actively hurt people and damage property nightly in Portland!”

But the May 6 recall vote was unusual. 

For one thing, its location, a Portland church, was not publicized ahead of time, WW reported. More suspicious still, an associate of the Proud Boys, Daniel Tooze Sr., provided volunteer security at the door as his associates roamed around the neighborhood. 

Ball told TPM the meeting included an unfamiliar crowd that he eventually heard were Proud Boys.

If this sort of thing sounds familiar, it should: it looks a lot like the rise of private militias in other democracies that have ultimately failed, going all the way back to Rome. You know how we sometimes say "people who don't study history are doomed to repeat it?" These tremors in the Republican Party are coming from people who have studied history and want to repeat it. The Right's leaders know what they're doing, even if the Herrenvolk do not.

In related news, Facebook has suspended the XPOTUS for two years.

Third day of summer

The deployment I concluded yesterday that involved recreating production assets in an entirely new Azure subscription turned out much more boring (read: successful) than anticipated. That still didn't stop me from working until 6pm, but by that point everything except some older demo data worked just fine.

That left a bit of a backup of stuff to read, which I may try to get through at lunch today:

Finally, summer apparently arrives in full force tomorrow. We're looking forward to temperatures 5-10°C above normal through mid-June, which will continue northern Illinois' drought for at least a few more weeks.

Ransomware in the news

I've just received my third nearly-identical fake DMCA takedown notice, which I may decide to turn over to the FBI if I can muster the shits to give. I find it funny how each one of them has a few differences that make them look like something other than lazy script-kiddie stuff. This one again misstated the statutory damage limits for willful copyright infringement, and the randomly-generated name of the "claimant" was no less bizarre than the other two. And yet I wonder why they bothered altering the bits they altered. Maybe there are multiple entities involved, with each email coming from a different person or group? Maybe they have some low-paid flunky typing in the note each time, so I'm watching its slow drift from a semi-competent DMCA notice into the digital equivalent of "hodor?"

This one bounced through an IP address in New York State, which means my previous guess that this was a domestic script-kiddie operation might be wrong. For one thing, the threatening language has a few tells that its author doesn't speak English natively. I had originally thought the author merely wanted to sound more convincing by using stock phrases and "magic" legal words, but now that I've seen three examples of the same basic text, it looks more like Russian-inflected English. In any event, I wave my private parts at their aunties.

Both the New Yorker and New York Times published reports over the weekend about crap like this. In the first, Rachel Monroe talked with ransomware negotiator Kurt Minder about negotiating with criminals:

For the past year, Minder, who is forty-four years old, has been managing the fraught discussions between companies and hackers as a ransomware negotiator, a role that didn’t exist only a few years ago. The half-dozen ransomware-negotiation specialists, and the insurance companies they regularly partner with, help people navigate the world of cyber extortion. But they’ve also been accused of abetting crime by facilitating payments to hackers. Still, with ransomware on the rise, they have no lack of clients. Minder, who is mild and unpretentious, and whose conversation is punctuated by self-deprecating laughter, has become an accidental expert.

Hackers use various techniques to gain access to a company’s computers, from embedding malware in an e-mail attachment to using stolen passwords to log in to the remote desktops that workers use to connect to company networks. Many of the syndicates are based in Russia or former Soviet republics; sometimes their malware includes code that stops an attack on a computer if its language is set to Russian, Belarusian, or Ukrainian.

When Minder founded GroupSense, in Arlington, Virginia, in 2014, the cybersecurity threat on everyone’s mind was data breaches—the theft of consumer data, like bank-account information or Social Security numbers. Minder hired analysts who spoke Russian and Ukrainian and Urdu. Posing as cybercriminals, they lurked on dark-Web marketplaces, seeing who was selling information stolen from corporate networks. But, as upgrades to security systems made data breaches more challenging, cybercriminals increasingly turned to ransomware.

Early last year, GroupSense found evidence that a hacker had broken into a large company. Minder reached out to warn it, but a server had already been compromised. The hacker sent a ransom note to the company, threatening to release its files. The company asked Minder if he would handle the ransom negotiations. Initially, he demurred—“It never occurred to me as a skill set I had,” he said—but eventually he was persuaded.

The profile on Minder dovetailed with the Times' collaboration with a criminal named Woris who gave the paper access to the tools gangs use to launch ransomware attacks:

The Times gained access to the internal “dashboard” that DarkSide customers used to organize and carry out ransom attacks. The login information was provided to The Times by a cybercriminal through an intermediary. The Times is withholding the name of the company involved in the attack to avoid additional reprisals from the hackers.

Access to the DarkSide dashboard offered an extraordinary glimpse into the internal workings of a Russian-speaking gang that has become the face of global cybercrime. Cast in stark black and white, the dashboard gave users access to DarkSide’s list of targets as well as a running ticker of profits and a connection to the group’s customer support staff, with whom affiliates could craft strategies for squeezing their victims.

In the chat log viewed by The Times, a DarkSide customer support employee boasted to Woris that he had been involved in more than 300 ransom attacks and tried to put him at ease.

“We’re just as interested in the proceeds as you are,” the employee said.

Together, they hatched the plan to put the squeeze on the publishing company, a nearly century-old, family-owned business with only a few hundred employees.

In addition to shutting down the company’s computer systems and issuing the pedophile threat, Woris and DarkSide’s technical support drafted a blackmail letter to be sent to school officials and parents who were the company’s clients.

The Russian government allows this to happen because (a) Russian President Vladimir Putin loves annoying the West, and (b) it seems obvious after two seconds of thought that Russian government officials are probably on the take.

All of this gets so exhausting, doesn't it? Simple economics demonstrates the inevitability of theft. It imposes a tax on everyone else, both financially (it costs money to set up good security) and mentally (I will never get back the hour I spent investigating the bogus DMCA notices). At some point, though, it just becomes easier to tolerate a certain level of theft than to build a squirrel-proof bird feeder.