Why this blog?
Until this moment I have been forced to listen while media and politicians alike have told me "what Canadians think". In all that time they never once asked.
This is just the voice of an ordinary Canadian yelling back at the radio -
"You don't speak for me."
email Kate
Goes to a private
mailserver in Europe.
I can't answer or use every tip, but all are appreciated!
Katewerk Art
Support SDA
Paypal:
Etransfers:
katewerk(at)sasktel.net
Not a registered charity.
I cannot issue tax receipts
Favourites/Resources
Instapundit
The Federalist
Powerline Blog
Babylon Bee
American Thinker
Legal Insurrection
Mark Steyn
American Greatness
Google Newspaper Archive
Pipeline Online
David Thompson
Podcasts
Steve Bannon's War Room
Scott Adams
Dark Horse
Michael Malice
Timcast
@Social
@Andy Ngo
@Cernovich
@Jack Posobeic
@IanMilesCheong
@AlinaChan
@YuriDeigin
@GlenGreenwald
@MattTaibbi
Support Our Advertisers
Sweetwater
Polar Bear Evolution
Email the Author
Wind Rain Temp
Seismic Map
What They Say About SDA
"Smalldeadanimals doesn't speak for the people of Saskatchewan" - Former Sask Premier Lorne Calvert
"I got so much traffic after your post my web host asked me to buy a larger traffic allowance." - Dr.Ross McKitrick
Holy hell, woman. When you send someone traffic, you send someone TRAFFIC.My hosting provider thought I was being DDoSed. - Sean McCormick
"The New York Times link to me yesterday [...] generated one-fifth of the traffic I normally get from a link from Small Dead Animals." - Kathy Shaidle
"You may be a nasty right winger, but you're not nasty all the time!" - Warren Kinsella
"Go back to collecting your welfare livelihood. - "Michael E. Zilkowsky
That’s an extremely sophisticated attack. There’s really not much you can do if a malicious actor gets hold of your upstream vendor’s code-singing cert, but then most places I’ve worked for/with have absolutely atrocious internal security, including ones that held HIPAA/PIPEDA protected customer data.
The “low and slow” nature of the operation smells of a state actor. Criminal organizations don’t care what they break in the process of stealing your money, and lone hackers want you to know you’ve been hacked.
I agree it has just about got to be a state actor. Unless the Bond movies have it right about there being an organization like SPECTRE. But it seems like they are going after stuff Red China is lusting over.
We will know for certain if TimG comes on here and says it’s a stupid story about nothing.
But didn`t I read somewhere that a Cyber Security guy named Esper who supposedly was the head of Cyber Security for the entire USA, state unequivocally and with out any doubt the systems were safe and not hacked. Who are we to doubt his expertise. Nothing to see here, move along folks. When do the arrests begin.
I have no idea what that complex article was all about.
Bad Hackers …. Po’ corporations. That my level of understanding on this.
Thanks for posting it … it is a peek into the new forms of really cool piracy.
I guess.
More like warfare. Think of the Goths looting Rome.
I agree with the headline. It’s probably nothing. With a whopping 300,000 customers it is time to take serious world wide action, or not.
Kind of depends on who they are, doesn’t it?
I don’t really care. They can all freeze in the dark and count on their fingers.
Did you see THIS!? Look at the bottom of the Dominion log on page
https://twitter.com/WrkClsHero/status/1338493733470412803?s=20
Missing from the partial customer list …
https://newsla.localad.com/2020/12/14/huge-update-dominion-voting-systems-uses-solarwinds-same-company-just-shut-down-by-cisa-after-govt-found-it-was-breached/
Interesting …
Client page is now gone.
I read the article. I have been a computer professional for 45 years, but my specialty is not security related issues. This is a sophisticated breach.
I have been involved with SolarWinds in the last 4 companies at which I worked, covering the last 20 of the years I was employed. I always thought they were amateurs and I was never impressed with the quality of their offerings. If offered a vote when evaluating their products, I voted no based on my analysis and experience. If the update server’s password was really SolarWinds123, I would not be surprised. It would be typical of the rest of the stuff they vend. However, this is my opinion only and was not necessarily shared by the executive types that made the real decisions (and are easily fooled by marketing hype).
The gullibility of inadequately skilled IT management cannot be overstated. Contrary to protestations, speaking truth to power is seldom appreciated if the truth differs from their, usually, poorly informed understanding of reality,
Been there, done that. And it’s not just limited to IT management.