I’m trying something new: sharing news stories I’m tracking.

Some truly massive espionage

The biggest news this week: people—probably China, and maybe others

It's hard to overstate the magnitude of this attack. Imagine collecting every email from every company, government, and state agency in the US—and having the AI capacity (think Baidu) to make sense of it all. CISA is posting about it,

We'll learn much more about the scope and impact of this compromise in the coming days and weeks. Until then, my two cents: the thing about self-hosted solutions (e.g., a company running its own Exchange Server) is that this compromise can happen in 300,000 places at once. When a vulnerability emerges, everyone needs to upgrade. In contrast, Gmail can pour all of its resources into protecting one thing. The downside is their monopoly power. If only Gmail had more government oversight—or were just owned by the government like a Canadian Crown corporation...

Some of the more modern blockchain networks (like Oasis) provide a compromise between centralization and monopoly: they distribute the physical infrastructure (helping to prevent monopolies) while “centralizing” the code into something auditable (helping to surface bugs and centralize patches). There are other problems with on-chain applications,

Utah demands phones block porn by default

A new law in Utah...

...requires a tablet or a smart phone (a device) sold in the state [...] to, when activated in the state, automatically enable a filter capable of blocking material that is harmful to minors (via utah.gov)

On the one hand, this law could be like California passing car tailpipe emissions laws in the 1970s—effectively forcing the world to follow suit. Like California setting the conversation for what counts as emissions, Utah is attempting to set the conversation about what counts as “material that is harmful to minors.” That would affect defaults worldwide.

On the other hand, this law could make certain content inaccessible (by default) in Utah or, perhaps, in the US—effectively causing more Internet fragmentation.

You might be thinking, “Come on, this is no big deal—people can just disable the filter.” But, to quote the ISchool Pledge, “beware the power of defaults.”

1

Katie Nickels @likethecoins

Reminder: Microsoft named HAFNIUM. They define what it is. Just because an adversary exploited one of the recent Exchange vulns doesn't mean it was HAFNIUM. To even hypothesize that activity may be HAFNIUM, as an analyst, I'd want multiple specific overlaps with the MS post.

12:17 AM ∙ Mar 6, 2021

---

195Likes33Retweets

3

https://cyber.dhs.gov/ed/21-02/

Jake Sullivan @JakeSullivan46

We are closely tracking Microsoft’s emergency patch for previously unknown vulnerabilities in Exchange Server software and reports of potential compromises of U.S. think tanks and defense industrial base entities. We encourage network owners to patch ASAP:

msrc-blog.microsoft.comMultiple Security Updates Released for Exchange Server – updated March 8, 2021 – Microsoft Security Response Center

2:17 AM ∙ Mar 5, 2021

---

3,319Likes1,507Retweets