The Daily Parker

Politics, Weather, Photography, and the Dog

Ransomware in the news

I've just received my third nearly-identical fake DMCA takedown notice, which I may decide to turn over to the FBI if I can muster the shits to give. I find it funny how each one of them has a few differences that make them look like something other than lazy script-kiddie stuff. This one again misstated the statutory damage limits for willful copyright infringement, and the randomly-generated name of the "claimant" was no less bizarre than the other two. And yet I wonder why they bothered altering the bits they altered. Maybe there are multiple entities involved, with each email coming from a different person or group? Maybe they have some low-paid flunky typing in the note each time, so I'm watching its slow drift from a semi-competent DMCA notice into the digital equivalent of "hodor?"

This one bounced through an IP address in New York State, which means my previous guess that this was a domestic script-kiddie operation might be wrong. For one thing, the threatening language has a few tells that its author doesn't speak English natively. I had originally thought the author merely wanted to sound more convincing by using stock phrases and "magic" legal words, but now that I've seen three examples of the same basic text, it looks more like Russian-inflected English. In any event, I wave my private parts at their aunties.

Both the New Yorker and New York Times published reports over the weekend about crap like this. In the first, Rachel Monroe talked with ransomware negotiator Kurt Minder about negotiating with criminals:

For the past year, Minder, who is forty-four years old, has been managing the fraught discussions between companies and hackers as a ransomware negotiator, a role that didn’t exist only a few years ago. The half-dozen ransomware-negotiation specialists, and the insurance companies they regularly partner with, help people navigate the world of cyber extortion. But they’ve also been accused of abetting crime by facilitating payments to hackers. Still, with ransomware on the rise, they have no lack of clients. Minder, who is mild and unpretentious, and whose conversation is punctuated by self-deprecating laughter, has become an accidental expert.

Hackers use various techniques to gain access to a company’s computers, from embedding malware in an e-mail attachment to using stolen passwords to log in to the remote desktops that workers use to connect to company networks. Many of the syndicates are based in Russia or former Soviet republics; sometimes their malware includes code that stops an attack on a computer if its language is set to Russian, Belarusian, or Ukrainian.

When Minder founded GroupSense, in Arlington, Virginia, in 2014, the cybersecurity threat on everyone’s mind was data breaches—the theft of consumer data, like bank-account information or Social Security numbers. Minder hired analysts who spoke Russian and Ukrainian and Urdu. Posing as cybercriminals, they lurked on dark-Web marketplaces, seeing who was selling information stolen from corporate networks. But, as upgrades to security systems made data breaches more challenging, cybercriminals increasingly turned to ransomware.

Early last year, GroupSense found evidence that a hacker had broken into a large company. Minder reached out to warn it, but a server had already been compromised. The hacker sent a ransom note to the company, threatening to release its files. The company asked Minder if he would handle the ransom negotiations. Initially, he demurred—“It never occurred to me as a skill set I had,” he said—but eventually he was persuaded.

The profile on Minder dovetailed with the Times' collaboration with a criminal named Woris who gave the paper access to the tools gangs use to launch ransomware attacks:

The Times gained access to the internal “dashboard” that DarkSide customers used to organize and carry out ransom attacks. The login information was provided to The Times by a cybercriminal through an intermediary. The Times is withholding the name of the company involved in the attack to avoid additional reprisals from the hackers.

Access to the DarkSide dashboard offered an extraordinary glimpse into the internal workings of a Russian-speaking gang that has become the face of global cybercrime. Cast in stark black and white, the dashboard gave users access to DarkSide’s list of targets as well as a running ticker of profits and a connection to the group’s customer support staff, with whom affiliates could craft strategies for squeezing their victims.

In the chat log viewed by The Times, a DarkSide customer support employee boasted to Woris that he had been involved in more than 300 ransom attacks and tried to put him at ease.

“We’re just as interested in the proceeds as you are,” the employee said.

Together, they hatched the plan to put the squeeze on the publishing company, a nearly century-old, family-owned business with only a few hundred employees.

In addition to shutting down the company’s computer systems and issuing the pedophile threat, Woris and DarkSide’s technical support drafted a blackmail letter to be sent to school officials and parents who were the company’s clients.

The Russian government allows this to happen because (a) Russian President Vladimir Putin loves annoying the West, and (b) it seems obvious after two seconds of thought that Russian government officials are probably on the take.

All of this gets so exhausting, doesn't it? Simple economics demonstrates the inevitability of theft. It imposes a tax on everyone else, both financially (it costs money to set up good security) and mentally (I will never get back the hour I spent investigating the bogus DMCA notices). At some point, though, it just becomes easier to tolerate a certain level of theft than to build a squirrel-proof bird feeder.

Welcome to Summer 2021

The northern hemisphere started meteorological summer at midnight local time today. Chicago's weather today couldn't have turned out better. Unfortunately, I go into the office on the first and last days of each week, so I only know about this from reading weather reports.

At my real job, we have a release tomorrow onto a completely new Azure subscription, so for only the second time in 37 sprints (I hope) I don't expect a boring deployment. Which kind of fits with all the decidedly-not-boring news that cropped up today:

  • The XPOTUS and his wackier supporters have a new conspiracy theory about him retaking office in a coup d'état this August. No, really.
  • In what could only 100% certainly no doubt how could you even imagine a coincidence, former White House counsel Don McGahn will testify before the House Judiciary Committee tomorrow morning.
  • Also uncoincidentally, a group of 100 historians and political scientists who study this sort of thing have put out a statement warning of imminent democratic collapse in the US. “The playbook that the Republican Party is executing at the state and national levels is very much consistent with actions taken by illiberal, anti-democratic, anti-pluralist parties in other democracies that have slipped away from free and fair elections,” according to the Post.
  • Speaking of democratic backsliding, Josh Marshall takes the Israeli cognoscenti to task for still not getting how much the Israeli government aligning with an American political party has hurt them.
  • Here in Illinois, the state legislature adjourned after completing a number of tasks, including passing a $46 billion budget that no one got to read before they voted on it. (I'm doubly incensed about this because my own party did it. We really need to be better than the other guys. Seriously.)
  • For the first time since March 2020, Illinois has no states on its mandatory quarantine list. And we reported the fewest new Covid-19 cases (401) since we started reporting them.
  • The Northalsted Business Alliance wants to change the name of Chicago's Boystown neighborhood to...Northalsted. Residents across the LGBTQ spectrum say "just, no."

Finally, a Texas A&M business professor expects a "wave of resignations" as people go back to their offices.

How long until the end of the Republic?

Via James Fallows, Eric Scnurer worries that we've gone from the Gracci to Sulla to Cataline—a span of 57 years of Roman history—in only two years of ours:

Despite...Catiline’s intent to murder Cicero and various other members of the Senate, to stop the vote count and overturn the foregone election results, and unlawfully to seize the levers of government through violence is well known to all of them, a good number of these very same legislators and leaders shrug the whole thing off. Some sympathized with his political program; others were implicated in the plot; still others were basically in the same boat as Catiline, having committed similar crimes and sexual debaucheries that limited their political futures; and still others were perfectly fine with ending the trappings of republicanism if it meant they retained their power and Senate seats. And some simply couldn’t be roused to care.

The conspiracy ultimately collapsed and was defeated, but not without further militant uprisings aided by Rome’s enemies abroad. Catiline, a demagogue but in the end not the best of politicians or insurrectionists, was killed. Democracy, and the old order of things, seemed to have survived, and matters returned to a more-or-less normal state under Cicero’s stable hand.

But it turned out to be a brief reprieve. The rot had already set in. What mattered most in the long-term was not the immediate threat of the insurrectionists, but rather the complacency, if not sympathy, of the other ostensibly-republican leaders. It revealed the hollowness of not just their own souls but also the nation’s.

Another 10 months in America, another 15 years forward on the Roman sundial. At this rate, we’re about a year before midnight.

History doesn't actually repeat itself. But it does rhyme...

Removing highways

About two weeks ago I told a relative newcomer to San Francisco about the Embarcadero Freeway, which used to cover the Embarcadero from Fisherman's Wharf down to the Bay Bridge. From its construction in 1959 to its destruction (with the help of the Loma Prieta earthquake) in 1991, it stood, without question, as the biggest urban planning mistake west of the Rockies. Looking at it photos today makes me angry.

Removing I-480 showed other cities how their lives might improve if they also removed or buried freeways. Boston's Big Dig reconnected the North End with the Common; removing the eastern section of Rochester's Inner Loop has made that city more livable.

The New York Times reports on the other cities that have followed:

As midcentury highways reach the end of their life spans, cities across the country are having to choose whether to rebuild or reconsider them. And a growing number, like Rochester, are choosing to take them down.

In order to accommodate cars and commuters, many cities “basically destroyed themselves,” said Norman Garrick, a professor at the University of Connecticut who studies how transportation projects have reshaped American cities.

“Rochester has shown what can be done in terms of reconnecting the city and restoring a sense of place,” he said. “That’s really the underlying goal of highway removal.”

In recent years, more cities have started to seriously rethink some of their highways. The Congress for the New Urbanism, a group that tracks highway removals, counted 33 proposed projects in 28 American cities. And the idea is being discussed in many others.

Among the proposed removal plans: getting rid of the BQE in New York, the Buffalo Skyway, and New Orleans' Claiborne Expressway—all of them ugly roads that destroyed neighborhoods and made lives demonstrably worse. (See, for example, the Eisenhower Expressway in Chicago.)

Not under consideration? Burying I-90/94 in downtown Chicago. Maybe someday.

Chicago's LSD

We have an odd debate in Chicago about the name of our most iconic road. A group of aldermen want to change the name of Lake Shore Drive to Jean Baptiste Point du Sable Drive, in honor of the first non-native permanent settler, who was also Black. The (Black) mayor and a contingent of other aldermen of varying races disagree:

The proposal’s sponsors faced opposition from some colleagues and the mayor’s office over fears that renaming the iconic road would lead to a nightmare at the post office and for residents with thousands of address changes.

Ald. David Moore, 17th Ward, attempted to quell some of those concerns at a contentious committee meeting in late April, saying his proposal would only change the outer drive — not the inner, residential portion of the road. That meeting saw a shouting match between aldermen when the Chicago Department of Transportation tried to substitute Moore’s ordinance for one they said served the same purpose but cleared up confusing language.

Chicago Mayor Lori Lightfoot defended the move to delay the vote Wednesday, saying she has concerns over changing the name of Chicago’s most well-known roadway.

“It’s one of the most iconic assets the city has. When you say Lake Shore Drive, people know you’re talking about Chicago. And I think that that’s very important,” Lightfoot said.

The effort to get DuSable recognized on a grand scale in Chicago is not new. In the 1990s, then-Ald. Toni Preckwinkle introduced her own ordinance to rename Lake Shore to DuSable Drive, the Chicago Tribune reported.

His name is already affixed to several existing institutions, including the DuSable Museum of African American History, a high school and a monument on Michigan Avenue. But proponents have argued the man deemed the city’s “founding father” deserves more.

I find the whole thing odd. I have no idea which side to support, if either. We should have a DuSable drive. But we should also have Lake Shore Drive.

The decision won't come around again until late June. I'll keep my eyes peeled for follow-up stories on the subject.

One year later

A year ago today, Minneapolis police officer Derek Chauvin murdered George Floyd under color of law:

The NAACP kicked off Tuesday by holding a moment of silence for Floyd at 9:29 a.m. on its Facebook page to mark the 9 minutes and 29 seconds Derek Chauvin knelt on Floyd's neck.

Shareeduh Tate, Floyd's cousin and president of the George Floyd Memorial Foundation, told CNN on Tuesday that the family feels uplifted by the racial reckoning, the conviction of Chauvin, and the federal indictment of the Chauvin and the other three officers involved in Floyd's death.

Tate said that while she had wanted to see the George Floyd Justice in Policing Act passed by today, the family would rather wait until Congress can pass a substantive bill that includes every provision.

It almost seems that not a lot has changed, though. I'm not convinced that policing is per se racist, though the data on police shootings show a pronounced bias against Native Americans and Black people. I also worry that in the current political climate, where an entire political party has abandoned reason and sees any criticism of police as unacceptable, we don't have the space needed to carry on a productive debate on policing.

But we've at least started the conversation. Who knows? In another 20 years we might have something approaching a more balanced view of force. Or we'll have Judge Dredd. Hard to say right now.

How to talk to the vaccination-wary

I confess to some difficulty talking to people who exhibit willful irrationality. If you don't want to wear a mask or get a vaccine because you somehow equate that with a political party, I don't know what to tell you. But for the people who may just have some irrational fear without making a political statement about it, the New York Times has a helpful interactive training article for you.

In other news, an iceberg slightly larger than Long Island broke away from Antarctica this week. So that's fun.

Wednesday evening roundup

Happy Wednesday! Here's what I'm reading before my 8pm meeting, now that my 6:30pm meeting just ended:

And finally, the New Yorker's Tom Papa introduces you to "asshole cat behaviors."

The walls close in a little

The New York Attorney General's office has tightened the screws on the Trump Organization:

"We have informed the Trump Organization that our investigation into the organization is no longer purely civil in nature. We are now actively investigating the Trump Organization in a criminal capacity, along with the Manhattan DA. We have no additional comment at this time," Fabien Levy, a spokesperson for the office, said in a statement.

James' years-long probe into Trump's charitable foundation led to its dissolution in 2018. More recently, her investigation into whether Trump's business had inflated the value of its assets for the purposes of tax breaks and loans came to a head in October when Eric Trump, the president's son and an executive at his business, sat for a pre-election deposition.

Aaron Blake speculates on what this could mean:

Perhaps the most significant consensus among former New York state prosecutors I reached out to is that it makes some kind of criminal charges appear more likely than previously known. That doesn’t mean those charges will definitely come or implicate the former president personally. But it’s the kind of statement that James’s office would have known full well would land with some force — and potentially create an expectation about where all this will lead.

Tax fraud would seem to potentially come into play here, given the extensive New York Times investigation into tax schemes Trump engaged in as far back as the 1990s — schemes the Times went as far as to say included “instances of outright fraud.” But the report also noted that much of what it described happened too long ago for criminal charges to be brought.

It’s also fair to ask why this statement was made public. Prosecutors generally don’t disclose such things and will wait for actual charges to be brought before publicly commenting. But in a high-profile case such as this, the former prosecutors say, it was potentially only a matter of time before such a phase of the investigation would be known publicly. The attorney general’s office notified the Trump Organization of the new phase last month, The Washington Post’s Shayna Jacobs and David A. Fahrenthold report.

I've consistently said I don't expect to see the XPOTUS behind bars, nor do I want that outcome. I think it sets a scary precedent for any democracy to jail a former head of government for anything short of violent crime. Don Junior, Jared, and Melania, however, should spend some time in Danbury. The New York AG and New York County DA may well send them to Queensboro instead.

Why do we go through this every year?

Washington Post columnist Helaine Olin argues for a simplified tax filing procedure in the US:

Filing taxes is a time-consuming, bureaucratic chore that the Internal Revenue Service estimates will take the typical American 11 hours. Nationwide, that works out to some 6 billion lost hours a year, according to T.R. Reid, author of the 2017 book “A Fine Mess: A Global Quest for a Simpler, Fairer, and More Efficient Tax System.”

The thing is, filing taxes just doesn’t have to be this hard. In 36 countries, the nation’s tax agency sends eligible residents a pre-filled return, and asks them to sign if they agree with the amount that’s indicated is owed or should be credited to them. Japan does this. So do Sweden, the Netherlands, Spain and others. A 2018 German study found that the pre-filled forms raise tax compliance.

So why not us, you ask?

The short answer: the United States took the British penchant for time-wasting activities and dialed it to 11. The longer answer might have something to do with Intuit's $5.7 million lobbying effort over the past two years.