e dot dot dot
a mostly about the Internet blog by

January 2021
Sun Mon Tue Wed Thu Fri Sat
         
           


Small Idaho ISP 'Punishes' Twitter And Facebook's 'Censorship'...By Blocking Access To Them Entirely

Furnished content.


A small Idaho ISP by the name of Your T1 WIFI has decided to punish Twitter and Facebook for perceived "censorship"...by censoring them. In an email to subscribers posted to Twitter, the company claims it will be blocking customer access to both websites by default moving forward. To access the websites, users apparently will need to contact the company to be added to a whitelist:

While the company doesn't specify what "censorship" its customers are complaining about, the complaints were likely driven by Twitter's decision to ban Trump after he violated the company's terms of services by inciting a fatal insurrection. Or perhaps they're complaining about the steady purging of QAnon conspiracy theorists for espousing bogus claims of election fraud. Either way, the ISP claims to ingeniously be combating what they claim is censorship...by embracing the exact same thing:
"Our company does not believe a website or social networking site has the authority to censor what you see and post and hide information from you, stop you from seeing what your friends and family are posting," the email states. "This is why with the amount of concerns, we have made this decision to block these two websites from being accessed from our network."
There are ample problems here. The first being that "Conservative censorship" isn't actually a thing. What hyperventilating partisans deem as "censorship" in our broken modern discourse is usually just Facebook and Twitter belatedly enforcing their own terms of service (which is different than censorship). While the platforms certainly do sometimes boot people for stupid reasons, more often than not such bans are simply the natural consequence of behaving like an asshole on the internet. Don't want to be blocked, banned or limited? Don't be an asshole on the internet.The other problem, of course, is that there's an endless parade of research showing that internet filters are stupidly expensive and don't work. They're usually easily bypassed with only a modicum of technical knowledge, and they pretty routinely result in collateral damage (aka the accidental blocking of legal, legit websites). In this case, blocking access to Facebook by proxy blocks access to all the systems Facebook ties into, including automated login systems. The end result is likely to be more of an avoidable headache than a real solution to a real problem.I reached out to contact Your T1 WIFI, but their 1-888 number resolved to a woman's voicemail box that didn't even mention the name of the company. However, company owner Brett Fink spoke to a local CBS affiliate and contradicted his own company's email by claiming they weren't blocking anybody:
"In a phone call with KREM, the owner of the company, Brett Fink, again said the websites would only be blocked for customers who asked."We've had customers asked to be blocked by it. That is what the email was about, so no we are not blocking anybody, only the ones that have asked for it," Fink said."
Again, that's not what the company's own email to its subscribers states:
"Please let us know and we can add you to the allowed list to be able to not be blocked from going to these sites and the ones that do want to be blocked will have to do nothing they (Twitter and Facebook) will just not show up."
So that certainly sounds like a DNS-level IP blacklist, which users have to call in to be whitelisted from.Of course in the wake of the Trump net neutrality repeal this doesn't run afoul of federal rules...because there are no federal rules. But it's still a problematic, dumb idea and a slippery slope for an ISP to inject itself into the information stream in such a hamfisted fashion. With industry BFF Ajit Pai on the way out, and the Biden administration purportedly keen to restore net neutrality, it's extremely unlikely any major ISPs would follow down this particular rabbit hole and draw regulatory scrutiny. Still, it should add some interesting...flavor to the debate when it inevitably heats up later this year.Either way, engaging in blocking to protest "censorship" that isn't actually happening isn't a great look.

Read more here

posted at: 12:00am on 12-Jan-2021
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



DOJ, US Court System Latest To Announce They're Victims Of The Massive Solarwinds Hack

Furnished content.


The hits just keep on coming for US federal agencies affected by the massive Solarwinds hack. State-sponsored hackers -- presumably Russian -- leveraged Solarwinds' massive customer base and compromised update server to infect systems around the world. Here in the United States, a possible 18,000 Solarwinds customers are affected… as are their users and customers, which brings the possible number of infected back up into the millions.The DHS's cyber wing, CISA, issued a warning about the hack, noting that the only solution was to air gap affected systems and delete the compromised Orion software. Hours later, the entity warning other federal agencies about the hack announced it too had been hacked, making the whole thing a bit Monty Python-esque.The list of federal agencies affected by this advanced persistent threat continues to grow. The Department of Commerce was one of the first to discover a breach. This was followed by announcements of suspected breaches at the US Postal Service and the Department of Agriculture. The Defense Department has also noted it's affected, although it has yet to deliver any specifics about the multitude of agencies it oversees.The DHS, Department of Energy, and the National Nuclear Security Administration have also been breached. The latest news adds a couple more federal agencies/operations to the list.The DOJ says it's been breached, but appears to believe the damage is minimal. That doesn't seem to jibe with the details of the statement, which says an email system used by damn near everyone was the target.

On Dec. 24, 2020, the Department of Justice’s Office of the Chief Information Officer (OCIO) learned of previously unknown malicious activity linked to the global SolarWinds incident that has affected multiple federal agencies and technology contractors, among others. This activity involved access to the Department’s Microsoft O365 email environment.After learning of the malicious activity, the OCIO eliminated the identified method by which the actor was accessing the O365 email environment. At this point, the number of potentially accessed O365 mailboxes appears limited to around 3-percent and we have no indication that any classified systems were impacted.
There's a lot of sensitive information floating around the DOJ, given the large number of federal investigations and prosecutions it oversees. The breach could be even more severe than this indicates, given this breach announcement, which affects an adjacent branch of the government.
The AO [Administrative Office of the US Courts] is working with the Department of Homeland Security on a security audit relating to vulnerabilities in the Judiciary’s Case Management/Electronic Case Files system (CM/ECF) that greatly risk compromising highly sensitive non-public documents stored on CM/ECF, particularly sealed filings. An apparent compromise of the confidentiality of the CM/ECF system due to these discovered vulnerabilities currently is under investigation. Due to the nature of the attacks, the review of this matter and its impact is ongoing.
Hackers may have obtained access to sealed dockets and documents, including warrants, affidavits, and other investigative/prosecutorial filings that haven't been made public. Not only would this include investigative techniques, information on informants, and other sensitive information tied to ongoing investigations and prosecutions, it also affects a multitude of private individuals and companies who have been allowed to litigate under seal to protect personal/confidential info that could cause serious damage to litigants if made public.Sure, there's a presumption of openness in the court system, but there's still a lot of stuff filed under seal, at least temporarily. Publication of sealed documents could conceivably cause damage to people, places, and things… even if the government tends to overstate the damage when asking judges for secrecy.For the time being, the US Courts system will require all sensitive filings to be done in paper form or via "secure electronic devices." These will be stored in a standalone system that's completely walled off from the CM/ECF system that's accessible via PACER. This new process won't affect every sealed document, though -- just the ones the courts consider to be "highly-sensitive."
[M]ost documents similar to and including presentence reports, pretrial release reports, pleadings related to cooperation in most criminal cases, Social Security records, administrative immigration records, and sealed filings in many civil cases likely would not be sufficiently sensitive to require HSD [highly sensitive court documents] treatment and could continue to be sealed in CM/ECF as necessary.
Given the interconnectedness of the internet of government things, a breach in one location can easily result in cross-pollination. Just because an agency hasn't discovered a breach yet doesn't mean a malicious hacker hasn't established a foothold in the system. The end of this long international nightmare is still well over the horizon. The popularity of Solarwinds' products made it too tempting of a target to pass up.

Read more here

posted at: 12:00am on 12-Jan-2021
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



January 2021
Sun Mon Tue Wed Thu Fri Sat
         
           







RSS (site)  RSS (path)

ATOM (site)  ATOM (path)

Categories
 - blog home

 - Announcements  (1)
 - Annoyances  (0)
 - Career_Advice  (0)
 - Domains  (0)
 - Downloads  (3)
 - Ecommerce  (0)
 - Fitness  (0)
 - Home_and_Garden  (0)
     - Cooking  (0)
     - Tools  (0)
 - Humor  (0)
 - Notices  (0)
 - Observations  (1)
 - Oddities  (2)
 - Online_Marketing  (146)
     - Affiliates  (1)
     - Merchants  (1)
 - Policy  (2300)
 - Programming  (0)
     - Browsers  (1)
     - DHTML  (0)
     - Javascript  (5)
     - PHP  (0)
     - PayPal  (0)
     - Perl  (37)
          - blosxom  (0)
     - Unidata_Universe  (22)
 - Random_Advice  (1)
 - Reading  (0)
     - Books  (0)
     - Ebooks  (1)
     - Magazines  (0)
     - Online_Articles  (4)
 - Resume_or_CV  (1)
 - Reviews  (1)
 - Rhode_Island_USA  (0)
     - Providence  (1)
 - Shop  (0)
 - Sports  (0)
     - Football  (0)
          - Cowboys  (0)
          - Patriots  (0)
     - Futbol  (0)
          - The_Rest  (0)
          - USA  (0)
 - Windows  (1)
 - Woodworking  (0)


Archives
 -2021  March  (6)
 -2021  February  (42)
 -2021  January  (46)
 -2020  December  (47)
 -2020  November  (46)
 -2020  October  (48)
 -2020  September  (49)
 -2020  August  (47)
 -2020  July  (46)
 -2020  June  (46)
 -2020  May  (49)
 -2020  April  (48)


My Sites

 - Millennium3Publishing.com

 - SponsorWorks.net

 - ListBug.com

 - TextEx.net

 - FindAdsHere.com

 - VisitLater.com