Category Archives: Media

Map of the day: Major Internet attack still underway

From Downdetector, areas experiencing major interruptions in major online services as of 10:20 Saturday:


The attack is exploiting employing all those much-hyped devices like thermostats, refrigerators, baby monitors, security cameras, and other appliances devices connected to the so-called ‘Internet of Things” [IoT].

From the Guardian:

Among the sites targeted on Friday were Twitter, Paypal and Spotify. All were customers of Dyn, an infrastructure company in New Hampshire in the US that acts as a switchboard for internet traffic.

Outages were intermittent and varied by geography, but reportedly began in the eastern US before spreading to other parts of the country and Europe.

Users complained they could not reach dozens of internet destinations, including Mashable, CNN, the New York Times, the Wall Street Journal, Yelp and some businesses hosted by Amazon.

Hackers used hundreds of thousands of internet-connected devices that had previously been infected with a malicious code – known as a “botnet” or, jokingly, a “zombie army” – to force an especially potent distributed denial of service (DDoS) attack.

More from BBC News:

Security firm Flashpoint said it had confirmed that the attack used “botnets” infected with the “Mirai” malware.

Many of the devices involved come from Chinese manufacturers, with easy-to-guess usernames and passwords that cannot be changed by the user – a vulnerability which the malware exploits.

“Mirai scours the Web for IoT (Internet of Things) devices protected by little more than factory-default usernames and passwords,” explained cybersecurity expert Brian Krebs, “and then enlists the devices in attacks that hurl junk traffic at an online target until it can no longer accommodate legitimate visitors or users.”

The owner of the device would generally have no way of knowing that it had been compromised to use in an attack, he wrote.

Defense against I0T attacks? Think again. . .

There are few avenues open for owners of I0T-connected devices to protect them from similar intrusions in the future, as Michael DeCesare reports for TechCrunch:

Early government and commercial efforts have focused on how manufacturers can build better security into devices. But this is problematic for a couple reasons, not the least of which is that IoT devices cannot run traditional

But this is problematic for a couple reasons, not the least of which is that IoT devices cannot run traditional cyber security software.

As a result, there are fewer “tools in the shed” to protect the IoT than there are for computers that run traditional operating systems. Some IoT devices can be patched, others can’t. For the device that can be patched, this is a very manual process and not something that is routinely done.

What’s the answer here?  As with everything with cybersecurity, there is no silver bullet. Even when it comes to IoT, we have to remember one of the fundamental tenets of this field: defense in depth. Moving beyond the acknowledged need to be better at patching devices, we must then ask if devices are protected by a robust perimeter security solution and are continuously monitored for suspicious behavior.

Welcome to the future, folks.

Marshall McLuhan: Still prescient, 49 years later

Back when esnl was a budding journalist, no name was better known in media theory than Marshall McLuhan of the University of Toronto School of Communication Theory.

McLuhan’s theories about the role of mass media in shaping the consciousness of the 20th Century sparked endless hours of coffee house conversation.

But McLuhan has largely dropped out of sight, enduring mainly on DVD’s of Annie Hall, in one of most memorable movie cameos ever:

But McLuhan’s theories prove remarkably resilient, most notably his prescient understanding of the computer-enabled panopticon and the power of television to shape and mobilize emotions on behalf of corporate agendas.

He also grasped that the dramatic first-person journalistic reports and prime network coverage by the free-roving reporters of the Vietnam War would lead to draconian restrictions liked the “embedded reporters” who covered the two Bush Wars in the Middle East and North Africa.

Indeed, he even foreshadowed the rise of the presidential candidacy of a creature such as Donald Trump.

And that brings us to today’s video, a remarkably documentary aired on NBC 19 March 1967:


And now for the video. . .

Aired 49 years ago, yet remarkably timely, it comes from from Marshall McLuhan Speaks:

This is Marshall McLuhan: The Medium is the Massage

Program note:

Featuring Marshall McLuhan, and narrated by Edward Binns.

Map of the day: The Internet under attack

Downdetector, a map of regions in the U.S. where major websites and services are currently offline:


The story, via the Los Angeles Times:

The Department of Homeland Security is investigating the cause of a massive cyberattack that barred users from visiting Twitter, Spotify, SoundCloud and other sites Friday by targeting a firm responsible for routing Web traffic their way.

Dyn, a New Hampshire Internet services company, reported around 4 a.m. Pacific time that a large-scale yet unsophisticated attack temporarily overwhelmed its servers. By 6:30 a.m., the company said service was back to normal, but around 9 a.m. Pacific time, Dyn again said it was experiencing such an attack. Around 11 a.m., Dyn said it was investigating and mitigating “several attacks.”

TechCrunch reported Friday morning that Airbnb, Reddit, Github and the websites of the Boston Globe and New York Times were also affected.

These types of attacks are known as distributed denial of service, or DDoS. And they’re on the rise, said Vince Berk, chief executive of FlowTraq, a network security company that specializes in detecting and defeating DDoS attacks.

Many cloud hosting services plagued by malware

This map shows locations where the impacts of bad repositories (Bars) occur. (Credit: Xiaojing Liao, Georgia Tech)

This map shows locations where the impacts of bad cloud hosting repositories [Bars] occur. [From Xiaojing Liao, Georgia Tech]

Cloud hosting services, those providers who host your data in third party data centers so you can save space on your hard rives, like to boast that they’re more secure that your own computer.

But that may not be the case, according to new research from researchers at three major U.S. universities.

Fortunately for U.S. users, American servers seem to have the fewest infections, but that’s not the case in many other countries.

From the Georgia Institute of Technology:

A study of 20 major cloud hosting services has found that as many as 10 percent of the repositories hosted by them had been compromised – with several hundred of the “buckets” actively providing malware. Such bad content could be challenging to find, however, because it can be rapidly assembled from stored components that individually may not appear to be malicious.

To identify the bad content, researchers created a scanning tool that looks for features unique to the bad repositories, known as “Bars.” The features included certain types of redirection schemes and “gatekeeper” elements designed to protect the malware from scanners. Researchers from the Georgia Institute of Technology, Indiana University Bloomington and the University of California Santa Barbara conducted the study.

Believed to be the first systematic study of cloud-based malicious activity, the research will be presented October 24 at the ACM Conference on Computer and Communications Security in Vienna, Austria. The work was supported in part by the National Science Foundation.

“Bad actors have migrated to the cloud along with everybody else,” said Raheem Beyah, a professor in Georgia Tech’s School of Electrical and Computer Engineering. “The bad guys are using the cloud to deliver malware and other nefarious things while remaining undetected. The resources they use are compromised in a variety of ways, from traditional exploits to simply taking advantage of poor configurations.”

Beyah and graduate student Xiaojing Liao found that the bad actors could hide their activities by keeping components of their malware in separate repositories that by themselves didn’t trigger traditional scanners. Only when they were needed to launch an attack were the different parts of this malware assembled.

“Some exploits appear to be benign until they are assembled in a certain way,” explained Beyah, who is the Motorola Foundation Professor and associate chair for strategic initiatives and innovation in the School of Electrical and Computer Engineering. “When you scan the components in a piecemeal kind of way, you only see part of the malware, and the part you see may not be malicious.”

In the cloud, malicious actors take advantage of how difficult it can be to scan so much storage. Operators of cloud hosting services may not have the resources to do the deep scans that may be necessary to find the Bars – and their monitoring of repositories may be limited by service-level agreements.

While splitting the malicious software up helped hide it, the strategy also created a technique for finding the “bad buckets” hosting it, Beyah said. Many of the bad actors had redundant repositories connected by specific kinds of redirection schemes that allowed attacks to continue if one bucket were lost. The bad buckets also usually had “gatekeepers” designed to keep scanners out of the repositories, and where webpages were served, they had simple structures that were easy to propagate.

Continue reading

CPJ chair: Trump threatens freedom of the press

The Committee to Protect Journalists, an international organization headquartered in New York is so alarmed at the implicit and sometimes explicit threats to journalism coming from the Republican president candidate that they have issued a formal alarm.

From the statement:

New York, October 13, 2016–In an unprecedented step, the Committee to Protect Journalists today released a statement recognizing that a Donald Trump presidency would represent a threat to press freedom. In response to Trump’s threats and vilification of the media during his campaign, the chairman of CPJ’s board, Sandra Mims Rowe, issued the following statement on behalf of the organization:

Guaranteeing the free flow of information to citizens through a robust, independent press is essential to American democracy. For more than 200 years this founding principle has protected journalists in the United States and inspired those around the world, including brave journalists facing violence, censorship, and government repression.

Donald Trump, through his words and actions as a candidate for president of the United States, has consistently betrayed First Amendment values. On October 6, CPJ’s board of directors passed a resolution declaring Trump an unprecedented threat to the rights of journalists and to CPJ’s ability to advocate for press freedom around the world.

Since the beginning of his candidacy, Trump has insulted and vilified the press and has made his opposition to the media a centerpiece of his campaign. Trump has routinely labeled the press as “dishonest” and “scum” and singled out individual news organizations and journalists.

He has mocked a disabled New York Times journalist and called an ABC News reporter a “sleaze” in a press conference. He expelled Univision anchor Jorge Ramos from a campaign press conference because he asked an “impertinent” question, and has publicly demeaned other journalists.

Trump has refused to condemn attacks on journalists by his supporters. His campaign has also systematically denied press credentials to outlets that have covered him critically, including The Washington Post, BuzzFeed, Politico, The Huffington Post, The Daily Beast, Univision, and The Des Moines Register.

Throughout his campaign, Trump has routinely made vague proposals to limit basic elements of press and internet freedom. At a rally in February, Trump declared that if elected president he would “open up our libel laws so when they write purposely negative and horrible and false articles, we can sue them and win lots of money.” In September, Trump tweeted, “My lawyers want to sue the failing @nytimes so badly for irresponsible intent. I said no (for now), but they are watching. Really disgusting.”

While some have suggested that these statements are rhetorical, we take Trump at his word. His intent and his disregard for the constitutional free press principle are clear.

A Trump presidency would represent a threat to press freedom in the United States, but the consequences for the rights of journalists around the world could be far more serious. Any failure of the United States to uphold its own standards emboldens dictators and despots to restrict the media in their own countries. This appears to be of no concern to Trump, who indicated that he has no inclination to challenge governments on press freedom and the treatment of journalists.

It’s a red letter day for American pop culture icons

Dy;lsn wins the Big One

Three stories from BBC News, starting with the big one:

US singer Bob Dylan has been awarded the 2016 Nobel Prize for Literature, becoming the first songwriter to win the prestigious award.

The 75-year-old rock legend received the prize “for having created new poetic expressions within the great American song tradition”.

The balladeer, artist and actor is the first American to win since novelist Toni Morrison in 1993.

His songs include Blowin’ in the Wind and The Times They are A-Changin’.

Sara Danius, permanent secretary of the Swedish Academy, said Dylan had been chosen because he was “a great poet in the English speaking tradition”.

And what’s a Dylan piece without a song?:

Bob Dylan The Times They Are A Changin’ 1964

Wonder Woman lassos a United Nations honor

Yep, this time the nod goes to a comic book character and comes with corporate sponsorship.

From BBC News:

The United Nations (UN) is to name comic book character Wonder Woman as its new Honorary Ambassador for the Empowerment of Woman and Girls.

The UN said the character will be formally sworn in at a ceremony on 21 October at its New York headquarters. DC Entertainment president Diane Nelson will accept the role for her company’s comic book, TV and film character.

The event will also launch the UN’s campaign for gender equality and women’s empowerment.

It is being sponsored by Warner Bros and DC Entertainment who are supporting the UN and Unicef’s year-long campaign.

The United nations honor comes just two weeks after the fictional character came out of her equally fictional closet.

From BBC News again:

DC Comic writer Greg Rucka says Wonder Woman “must be queer” and has had relationships with other women.

In an interview with Comicosity he defined queer as “involving, although not necessarily exclusively, romantic and/or sexual interest toward persons of the same gender”.

In the comic books, Wonder Woman is known as Diana, a warrior princess of the Amazons.

Trump’s brass revealed as the gold plate rubs off

In our previous post, a compilation of Trumpisms from the London Review of Books, The Donald explained himself precisely in a mere nine words, seven of them — of which two have two syllables, the rest have one:

‘The beauty of me is that I’m very rich.’

The beauty of Donald Trump is one of class, an arrogant classy sort of class, characterized by his Wharton sense of branding — one given a gold-plated veneer [toilets included] and burned into his properties like a Texas cowboy used to brand his steers.

Through a combination of a primate predispositions and relentless programing [in both senses of the term], our inner ape’s attentiveness to hierachy and sex has been captivated by Trump’s relentless multimedia self presentation.

Trump’s voters are male, while women dominate the now-solidly leading Hillary half of the polls. For them, Trump is an exciting guy because they’re secretly both jealous and aroused by the shit he gets away with. He is correct in asserting that his only real attraction is the wealthy persona he’s crafted. But more than that, it’s a secret admiration.

And sufficiently ample women are drawn in by that same allure, ny the repitlian gaze and the sheer, unapologetic hubris of it all. Hell, the guy is rich, and some of it’s gotta rub off, right?

[And that’s not to say that nature dominates nurture; we’ve all seen lots of folks less susceptible to a purely reactionary mode, nor that we’re doomed to endless manipulation. We can gain control of the

But that golden luster is suddenly looking bit tarnished, the brass underneath revealed as the thing layer of gold plate is rubbed away.

The latest tarnish is sexual

First, from the Guardian:

A wave of claims about Donald Trump’s alleged sexual transgressions and inappropriate behaviour – in one case with a 10-year-old girl – has emerged, threatening the Republican presidential nominee’s already fragile campaign less than a month before election day.

Ever since video of the real estate mogul surfaced on Friday showing him bragging about how he could grab women’s genitals with impunity, more and more women have come forward to claim they were demeaned and touched inappropriately.

By late Wednesday evening the list of new allegations against Trump included:

  • two Miss USA contestants who claimed Trump deliberately walked in on them when they were naked in a dressing room.
  • two women who allege Trump groped or kissed them without consent – one in the first-class seat of an aircraft.
  • a claim by a woman that she was groped at a Trump event at his Mar-A-Lago estate in Florida.
  • a People magazine reporter who says Trump forced himself on her shortly before she was due to interview him and his wife in 2005.
  • an incident in which Trump appears to sexualize a 10-year-old girl.

An allegation in detail

From CBS News Digital:

As Republican nominee Donald Trump’s campaign tries to move past a recently released 2005 tape of his lewd remarks about women, more video of similar comments made by Trump is surfacing.

In an “Entertainment Tonight” Christmas feature in 1992, Trump looked at a group of young girls and said he would be dating one of them in ten years. At the time, Trump would have been 46 years old.

The video, released Wednesday evening, was shot at Trump Tower.

In the clip, Trump asks one of the girls if she’s “going up the escalator.” When the girl replies, “yeah,” Trump turns to the camera and says: “I am going to be dating her in 10 years. Can you believe it?”

It is not the first time Trump has made reference to his interest in dating much younger women.

In 2006, he made a similar comment about his own daughter, Ivanka Trump: “I’ve said that if Ivanka weren’t my daughter, perhaps I’d be dating her,” Trump said.