Since the 1990s I have been very involved with fighting the military "don't ask don't tell" policy for gays in the military, and with First Amendment issues. Best contact is 571-334-6107 (legitimate calls; messages can be left; if not picked up retry; I don't answer when driving) Three other url's: doaskdotell.com, billboushka.com johnwboushka.com Links to my URLs are provided for legitimate content and user navigation purposes only.
My legal name is "John William Boushka" or "John W. Boushka"; my parents gave me the nickname of "Bill" based on my middle name, and this is how I am generally greeted. This is also the name for my book authorship. On the Web, you can find me as both "Bill Boushka" and "John W. Boushka"; this has been the case since the late 1990s. Sometimes I can be located as "John Boushka" without the "W." That's the identity my parents dealt me in 1943!
The massive hack of many US federal agencies and some
contractors is now said officially to have been a Russian operation, NBC News reports
Microsoft is admitting it was hacked, and that some of
its proprietary source code has been viewed.
The risk is largely to government agencies and some
companies rather than individuals.Yet it
would be very disturbing if Microsoft’s monthly security updates (due probably
a week from today) were breached.
In February of 2020, there were two updates that had
to be rolled back because they caused blue screens for some users.
3Blue1Brown has a computational video on how effective
“2^256” bit security would be.This video is more of a brainteaser than one about a
specific threat.
It turns out to require many multiples of the age of
the universe to try all the combinations. How many tunes does the coronavirus get to reproduce in all of time?
The video makes an interesting comparison to bitcoin
mining and the use of dedicate integrated circuits.
Danny Palmer of ZDnet writes that ransomware attacks
have become even more dangerous than ever, at least to organizations, in a new
article.And the only motive seems to be financial,
as the world gets even more unglued by the persistent coronavirus disruptions.
This outbreak also seems to pose a danger to cloud
backups.
That’s one reason I like to have my own usb drive
backups.
Back in early 1997 when working on my first book, I
did have a habit of making floppies of my work every day that I worked.It was a good thing I did.One night, the Word document for Chapter 3
went to garbage in the middle (on an Erols Windows 95 computer at the
time).Fortunately the backup was OK and
I never had the problem again.Except
one time at Kinkos when I was printing out a master copy, I had a problem on
their system, which did not recur at home.I had taken three vacation days from work for finish the final draft (pun)
of the work before printing.
Early Saturday, Ford Fischer, owner of News2Share,
offered a Twitter thread identifying a few unusual YouTube accounts with names
having the letter S, Mc, and G, and very low volume, connected to a showing of
a video of the Nashville explosion early Christmas morning.
He also found an unusual new Twitter account with only
one post, with a picture.
Later he was contacted by the poster, removed it and
issued a new tweet.
The point here is that very low volume accounts (and
possibly low visitor count) on social media can sometimes be a warning of
connection to suspicious activity. This could come to be viewed in the future
as a steganographic threat issue. This
could further cause platforms to want to eliminate low volume accounts if
Section 230 is eliminated or severely cut back.
Late news is that a person of interest, who may have died in the blast, has been identified. This is a rapidly changing story
NBC News has a summary of the major hack on several US
government agencies (Treasury, Commerce), mostly through a product called “SolarWinds”. The hack went on for months. Apparently the company hired contractors that it did not know were spies.
The cybersecurity company FireEye was also targeted.
I presume people who work from home for the government
use issued laptops, not their own.
US CERT (Pittsburgh, Carnegie) has a detailed fact sheet on the malware.
Sitelock offers five tips on Wordpress security, if
your website is indeed powered by Wordpress.
Most of these are easy to avoid if you don’t overdo things
with fancy themes.
One oddity occurs with Patchman scans which Sitelock
runs as part of its services, which may be purchased through webhosts or as supplements
by site owners. If you have a multiple site account, and then if subsequently
your host (like Bluehost) ever restores the tables after a crash (from a
nightly backup) to one of the subordinate accounts, and “old” copy of the site
is stored under the name of the top domain (which normally simply refers to how
DNS navigation works, a pretty complicated mesh of A records) in the Wordpress
files, although they will never be accessible normally. That will report a “severe” CMS error in a Smart/Patch scan.Sitelock says old images of sites should be
removed.