[FRIAM] 5 agencies compromised

Roger Critchlow rec at elf.org
Wed Dec 16 17:13:30 EST 2020 

pwntastic, even.

-- rec --


On Wed, Dec 16, 2020 at 11:07 AM Marcus Daniels <marcus at snoutfarm.com>
wrote:

> Yes, it sounds like they were methodical and patient.   Impressive work.
>
> -----Original Message-----
> From: Friam <friam-bounces at redfish.com> On Behalf Of u?l? ???
> Sent: Wednesday, December 16, 2020 7:06 AM
> To: FriAM <friam at redfish.com>
> Subject: Re: [FRIAM] 5 agencies compromised
>
> Well, it's one thing to simply screw up a dependency. Any programmer whose
> participated in a large project has done that at one point or another. But
> the interesting quote is this:
>
> "Multiple trojanzied updates were digitally signed from March - May 2020
> and posted to the SolarWinds updates website, ..."
>
> They were digitally signed. Either they were legitimately signed and the
> vector is the typical one (humans [ptouie]) or the bad actor (not
> necessarily human) harvested a secret key and illegitimately signed them.
> And that's just the signing part. They also had to *post* them, which may
> well be the easier part. But it still had to be done.
>
> How did they 1) sign the packages and 2) post the packages?
>
>
> On 12/15/20 12:23 PM, Prof David West wrote:
> > Web-based (most software) systems are a complicated Jenga tower of
> > dependencies, each one of which provides an access point for
> > introducing malware, trojans, viruses, etc. The story of Azer Koçulu
> > and how his removal of eight lines of code (left-pad) brought down
> > major Web actors and sites
> >
> >
> > https://qz.com/646467/how-one-programmer-broke-the-internet-by-deletin
> > g-a-tiny-piece-of-code/
>
>
> --
> ↙↙↙ uǝlƃ
>
> - .... . -..-. . -. -.. -..-. .. ... -..-. .... . .-. .
> FRIAM Applied Complexity Group listserv
> Zoom Fridays 9:30a-12p Mtn GMT-6  bit.ly/virtualfriam un/subscribe
> http://redfish.com/mailman/listinfo/friam_redfish.com
> archives: http://friam.471366.n2.nabble.com/
> FRIAM-COMIC http://friam-comic.blogspot.com/
> - .... . -..-. . -. -.. -..-. .. ... -..-. .... . .-. .
> FRIAM Applied Complexity Group listserv
> Zoom Fridays 9:30a-12p Mtn GMT-6  bit.ly/virtualfriam
> un/subscribe http://redfish.com/mailman/listinfo/friam_redfish.com
> archives: http://friam.471366.n2.nabble.com/
> FRIAM-COMIC <http://friam.471366.n2.nabble.com/FRIAM-COMIC>
> http://friam-comic.blogspot.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://redfish.com/pipermail/friam_redfish.com/attachments/20201216/a5900696/attachment.html>

More information about the Friam mailing list