#AxisOfEasy 161: Blame Canada: CenturyLink Outage Cascades Across Major Internet Providers

Weekly Axis Of Easy #161

Last Week’s Quote was   “When the search for truth is confused with political advocacy, the pursuit of knowledge is reduced to the quest for power.”  Was by Alston Chase, I don’t think anybody got it.

This Week’s Quote:  Too many political “solutions” are solutions to problems created by previous political “solutions” — and will be followed by new problems created by their current “solutions.”  by ….???

THE RULES: No searching up the answer, must be posted to the blog.  The place to post the answer is at the bottom of the post, in the comments section.

The Prize:  First person to post the correct answer gets their next domain or hosting renewal on us.

We have launched AxisOfEasy.com!  Please help us get the word out and tell your friends and colleagues to check out the new website portal and subscribe to our various tendrils there.

In this issue:  
  • Sendgrid account hack leads to spike in spam levels
  • Police increasingly want access to smart speaker recordings
  • Blame Canada: Centurylink outage cascades across major internet providers
  • More on China hack that contributed to Nortel’s demise
  • Surveillance firm Palantir unveils details IPO 
  • Company nobody has ever heard of to pile into cloud computing IPOs
  • FritzFrog P2P botnet targets vulnerable servers
  • Epic Games ignites developer rebellion in Apple and Google app stores
  • Minds.com CEO & The Knotted Web of Big Tech Hypocrisy 

Sendgrid account hack leads to spike in spam levels

For a few weeks now I’ve been noticing increased levels of phishing emails into my personal account from Sendgrid mailers.  Sendgrid is a large, legitimate transactional emailer so at first I chalked this up to a rogue account that would soon be terminated and an isolated incident. They kept coming, however, and I began to wonder.  It’s not like an ISP can block Sendgrid, the collateral damage would be extensive. 

Then I saw a thread on the mailop mailing list about it and finally,  the news via Krebs on Security that Sendgrid is dealing with a significant number of hacked customer accounts which are being used to send spam.  The cracked account credentials are being sold on the dark web, and Sendgrid is looking at forcing multi-factor authentication across all accounts to get in front of the situation.  How the accounts were breached in the first place is not yet known. 

Police increasingly want access to smart speaker recordings

This wired article described quite vividly how police work and evidence gathering has come to include securing data from smarthome devices like speakers, Amazon Echo, smart TVs, etc.

In this particular case, sound recordings of an argument inside a home that ended in a fatality was used by the legal defence team to exonerate their client of a second-degree murder charge (somehow, the victim was impaled by a 12” blade at the end of a bedpost and recordings obtained from a pair of Amazon Echo speakers explained how and cleared the defendant), but more often this data is used to nullify alibis or collect evidence to be used against the accused:

‘Douglas Orr, head of the criminal justice department at the University of North Georgia, says police now look for smart home data as routinely as data from smartphones.  Data on a smartphone often points officers towards other devices, which they then probe as the investigation continues.

By amending a search warrant, police can “keep going to keep collecting data,” Orr says. “That usually leads to an Echo or at least some other device.”’

The article describes how the likes of Amazon, Google and other smarthome device manufacturers now routinely receive requests from Department of Homeland Security, various police forces, and even for civil legal proceedings like divorce cases.  Also how police forces are creating templates for making these data requests and then sharing those templates across other police forces.

Blame Canada: Centurylink outage cascades across major internet providers

Sunday morning I started hearing rumblings of another Cloudflare outage, but that wasn’t accurate.  What actually happened was a US service provider called CenturyLink went down, taking out services from Amazon, Twitter, Microsoft, Namecheap, Discord, and large chunks of Cloudflare. 

While CenturyLink is a US outfit, the outage was attributed to a misconfigured FlowSpec rule in a router in, … wait for it… Mississauga, Canada.  Or as ZD Net put it “the issue originated from CenturyLink’s data center in Mississauga, a city near Ontario, Canada.”  Lol.  Techs were promptly dispatched via dogsled to fix the issue.

The flub resulted in some manner of bad BGP announcement which blew up everything. We’ve written about the scary state of BGP routing tables before and will repeat it here: underneath the veneer of a lean mean algorithmic machine, at the bottom couple layers of the OSI stack that powers the internet, it’s all held together with spit and twist-ties.

More on China hack that contributed to Nortel’s demise

We’ve written about China’s role in the fall of Nortel before. I will reiterate that most, if not all corporate implosions are self-inflicted, but in this case part of that self-infliction may be how Nortel was warned by CSIS that they had been penetrated by Chinese operatives at least two years before things got really out of hand, and the company seems to have ignored it.

Now Global News details the investigation undertaken by Brian Shields, a security advisor to Nortel.

“Shields found that a computer in Shanghai had hacked into the email account of an Ottawa-based Nortel executive. Using passwords stolen from the executive the intruder downloaded more than 450 documents from “Live Link” — a Nortel server used to warehouse sensitive intellectual property”

The further he examined, the worse it got:  this account wasn’t the only one compromised, Shields found at least 7 others.  This wasn’t just some random hackers, it was organized, and the indications were that it was state sponsored actors, originating in China. 

Huawei was said to be a later beneficiary of stolen Nortel IP.

Surveillance firm Palantir unveils details IPO (snowFlake S1)

News emerged last week that the shadowy surveillance firm Palantir’s S1 had been leaked and screen shots of it had been posted to the Internet.  Their S1 has since been duly filed with the SEC

It looks like the company posted at $580 million loss on $742 million in revenue – apparently a disappointment, as Palantir was rumoured to be pushing $1 billion in revenues (the disappointment was about the top-line revenue number, not the loss.  In Silicon Valley, all companies are supposed to lose money.  That’s the way the game is played there). 

Most of Palantir’s clients are government agencies, despite trying to move more into the commercial realm.  As per coverage in Zerohedge “Palantir’s client list includes the CIA, the FBI, the NSA, the CDC, the Marine Corps, the Air Force, Special Operations Command, West Point and the IRS”, and from their S-1:  or, in Palantir’s words (from the S-1):

“We build software platforms for large institutions whose work is essential to our way of life. Those institutions must be able to function in times of stability as well as crisis and uncertainty.”

The S-1 here: https://www.sec.gov/Archives/edgar/data/1321655/000119312520230013/0001193125-20-230013-index.htm


Company nobody has ever heard of to pile into cloud computing IPOs

On the topic of forthcoming IPOs, I also came across the S-1 for some cloud computing company called Snowflake, which has filed to go public.  Personally I’ve never heard of them, but apparently they are one of 2020’s “most anticipated IPOs”.  I noticed their losses exceeded their total revenues in their last two years of operations, losing $178 million on $96M revenues in 2019, and for YE 2020 they lost $348M on $264M. 

They already raised $479 million on a $12.4B valuation less than six months ago which looks to have been their series D or E.

The S-1 states they have no specific uses planned for the funds raised via the IPO other than general corporate use, including possibly acquiring some other company (hopefully one that actually makes money).  It further states that they will never pay a dividend, and has an accumulated shareholder’s deficit close to $1 billion dollars and has no clear path to profitability.  The IPO will float Class A shares that carry one vote per share, while early stage founders carry Class B shares that hold 10 votes per share.  The S-1 also cautions investors that they cannot operate at their current burn rate without raising additional funds in the future which may require additional share issues and further dilution. 

As I read  through it I had to keep reminding myself that I was reading the S-1 for a hot-to-trot IPO, because it kept sounding like a “going concern” statement that auditors will attach to an MD&A for a firm they think isn’t gonna make it.

But their Facebook likes and LinkedIn headcount is off the charts, as the article I read details:

Read: https://media.thinknum.com/articles/snowflake-IPO-S1-filing-startups-software-2020/ 

In case I’m appearing too harsh, here is a contra argument on why this puppy should be a good investment:

Read: https://seekingalpha.com/article/4371635-snowflake-ipo-opportunity-risk-and-big-unknown

I know I already linked to this in the previous piece, but this really is a textbook case of Unicorn Bingo that is only made possible in a world where central banks are printing trillions of dollars across all currencies and stock market declines have been ruled unconstitutional. 

Read: https://outofthecave.io/articles/unicorn-winter/

FritzFrog P2P botnet targets vulnerable servers

Security researchers have uncovered a new P2P botnet that is targeting government and enterprise SSH servers worldwide.  SSH servers are secure shells, places where you can get a unix command line shell and from there do whatever one needs to do in order to join the host to the botnet, install additional malware and then use it as a foothold within the host’s network.

Written in Golang, FritzFrog was discovered by a security researcher Ophir Harpaz while working on a project called The Botnet Encyclopedia.

Once FritzFrog brute forces itself into a new node, sets up shop, it gets to work doing what seems to be its primary function:  mining crypto-currency.  It installs XMRig, a Monero miner and starts plugging away, courtesy of the infected host CPU and power.

Jesse Hirsh also covered FritzFrog in an issue of Metaviews last week.

Read: https://axisofeasy.com/metaviews/fritzfrog-and-the-evolution-of-botnets/

Epic Games ignites developer rebellion in Apple and Google app stores

Fortnite creator Epic Games is in a battle with Apple and Google over in-app purchases and whether the video game firm will have access to the respective app stores.  It started when Epic created an alternative method within its app to purchase additional upgrades for Fortnite.  Apple objected, and kicked them out of the App Store.  Epic is holding their ground, calling Apple’s 30% slice of all app-store purchases a type of monopoly and an abuse of their market position.

Epic is now suing Apple in a Northern California court. 

With a new version of Fortnite due out any moment (it may already be out, I don’t follow it closely), the gamers seem to be caught in the crossfire, and a vibrant aftermarket of old iPhones  that still have Fortnite installed sprang up on eBay.

Matt Stoller, author of Goliath: The 100-Year War Between Monopoly Power and Democracy (which I have) described it as Epic Games having kicked off a civil war within American Business.

Read: https://mattstoller.substack.com/p/epic-games-kicks-off-the-civil-war

Minds.com CEO & The Knotted Web of Big Tech Hypocrisy 

This week I had to record the AoE Salon a day early on account of my daughter’s Grade 8 grad, so Charles and Jesse couldn’t make it.  I had the honour and the pleasure to host Minds.com CEO Bill Ottman to talk about Big Tech market dominance, how service providers can properly act as intermediaries for user content and competing with the likes of Facebook.

I found myself re-connecting with my Minds account once again (I set one up when I was researching Unassailable). 

I’m @markjr on Minds and we’ve created an AxisOfEasy account too, if you’re there, and maybe you will be: 

If you use this link to create your own Minds account, easyDNS will stake you with 10 off-chain Minds tokens you can use to boost your content or reward other content creators.  The more I’m back on Minds (especially in light of this horrific Facebook UX change recently), the more I want to make the switch.  If enough of my homies from the  EasyVerse are there, the more compelling that will be.

Go there now.

Watch the interview here: https://axisofeasy.com/podcast/salon-19-minds-com-ceo-bill-ottman-and-the-knotted-web-of-big-tech-hypocrisy/



6 thoughts on “#AxisOfEasy 161: Blame Canada: CenturyLink Outage Cascades Across Major Internet Providers

    1. It’s true everyone can see it, but if you’re first, you win. If you don’t want your name visible just put your initials or something, but use your email address (which won’t be displayed) so we can connect with you for your free renewal. So far nobody has won it this week (Sorry Doug), so if you know the answer, go for it….

Leave a Reply

Your email address will not be published. Required fields are marked *