The complete lack of support for these chill dudes (gender neutral - not all are male, P.S. many are also queer) is not only unfair, it's a major security risk.

There's something called SSH - Secure Shell. A secure protocol for accessing and controlling network devices. It's an integral part of every major Linux-based server, which run the vast majority of internet and government IT infrastructure on the planet. It's also sometimes used on other operating systems like Microsoft Windows. There's another little bit of software on just about all Linux operating systems called XZ Utils. It's a set of data compressors.

XZ Utils was being maintained by one person, a dude named Lasse Collin. An integral item used by about countless operating systems and servers that run everything from military systems to literally almost every single web and content server on the planet. One guy. He was fucking tired.

So when someone named Jia Tan showed up and offered to ease some of that burden, Collin leapt at the chance. And for years, it went well. They worked together to maintain XZ Utils. Then other people began showing up telling Collin that it's fine to retire now, move on to other projects, Jia Tan can take care of it. Collin listened.

Within a year of Collin handing over the reins, Jia Tan had implanted code into XZ Utils that granted unauthorised access to any system using it via SSH. Which means it was a backdoor that granted direct unauthorised access to the majority of network device and computer systems on the planet, and indirect or potential unauthorised access to almost every other network device and computer system.

This kind of attack is called a "supply chain attack." Instead of trying to break in from the outside or directly attack a target from within, you compromise a step in the supply chain that eventually makes it's way to the target system. This happened a few years back with the SolarWinds attack, known to have been caused by the Russian government, after they compromised software updates for SolarWinds, VMware, and Microsoft products being used by the US Federal Government. (Side note: President Trump refused to comment on the attack for days, before finally declaring that despite the evidence China must be the perpetrator).

It has since been learned that Jia Tan's supportive voices were all sock puppet accounts. They and Tan appeared to always post from Cina, though sometimes seemed to be posting from the Middle East and Europe. They worked on just about every notable Chinese holiday. This seems to indicate Jia Tan was not only an alias, but a name chosen as false flag in the event the years-long deception was uncovered. Current suspicion is that this was another Russian cyberattack, but we may never know for certain.

And this attack was only noticed by one other dude, Andres Freund, who noticed his SSH connections were a little slower than normal and decided it would be fun to investigate. He was a Microsoft employee but that investigation wasn't his job. He just thought it was worth doing.

The vast majority of the world's network infrastructure, used by every government and every corporation, compromised because the entire planet was relying on one chill dude and he was fucking tired.

For those wondering - Amazing Spider-Man Vol 1 #338 (Hobgoblin sprays Spider-man with poison) and #339 (Doc Ock reveals the poison only becomes lethal when combined with cocaine).

(Original Tweet)

i've been rewatching ed edd n eddy and its got me thinking about what their unseen parents are like

unfortunately my dunmeshi welfare vision is an unusually catty kabru. practise safe binding my friends

(笨蛋 = dumbass, idiot, dimwit, etc.)

Beatrice from Over the Garden Wall 🕊️✨

One of the joys of working in technology are all the wonderful acronyms. I’m starting on a new technical project and hearing the term GNAS, so rather than asking somebody I decided to google it and found this page. I eventually found the correct acronym meaning but not here. I already know what a NAS is and discovered the G is Gateway.

What a relief! I really like my coworkers but not enough to do the last one on the list. 😜 😂

the happy dudes or something

ID: Destiel Confession breaking news meme. Castiel says, I love you. Dean Winchester replies, "Sarah McBride to become first openly transgender member in Congress. End ID.

compilation of dunmeshi images saved to my computer under variations of "FOUND FAMILY REAL":

source.

Arthouse Muppets

Art by Bruce McCorkindale