#AxisOfEasy 181: Stop What You’re Doing: Patch Sudo Now Edition

Weekly Axis Of Easy #181

Last Week’s Quote was   “Every great cause begins as a movement, becomes a business, and eventually degenerates into a racket” was Eric Hoffer, nobody got it.

This Week’s Quote: “There’s no fever like gold fever, except maybe silver fever”… by???

THE RULES: No searching up the answer, must be posted to the blog – the place to post the answer is at the bottom of the post, in the comments section.

The Prize: First person to post the correct answer gets their next domain or hosting renewal is on us.

In this issue:

  • Sudo’s Baron Samedit flaw allows local privilege escalation
  • Data breach impacts nearly entire population of Brazil
  • Netwalker  ransomware dark web seized, charges laid
  • Not the Onion: Twitter launches fact checking initiative
  • Perl programming language home domain hijacked
  • Doordash scam charging people who don’t use Doordash
  • Facebook oversight board seeking feedback on Trump deplatforming
  • The Coup We are Not Talking About
  • Area man swears off internet connected sex toys after ransomware hijinks
  • GameStop Rebellion morphs into #SilverSqueeze

Sudo’s Baron Samedit flaw allows local privilege escalation

If you’re a *nix sysadmin or some similar role and you haven’t yet heard or acted on CVE-2021-3156 a.k.a Baron Samedit, you should read this now and then get cracking upgrading your servers. Hopefully you’re using some sort of server automation tool and it won’t be a big deal.

What it means is if your box is vulnerable, then anybody with local access, including say, a vulnerable web app that can give up a shell as the server user, can run an exploit script and escalate their access level to root.

For a quick and dirty test to see if any given server is vulnerable, open a shell and do this:

‘To test if your system is vulnerable, you have to login as a non-root user and run the “sudoedit -s /” command. Vulnerable systems will throw an error starting with “sudoedit:” while patched ones will display an error starting with “usage:”‘

Read: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156

We push out items like this as we become aware of them – on our Facebook page,  and via the AxisOfEasy and easyDNS twitter accounts.

Data breach impacts nearly entire population of Brazil

It‘s not often you come across a data breach that is so large it potentially impacts every citizen of a rather large country. It looks like snippets of various Brazilian data breaches that have been investigated by security researchers and available over the Dark Web for a year may come from one huge breach.

Psafe, a cyber security agency has reported the findings affecting 104 million vehicles (name, make, address, plate numbers), 40 million companies and “Potentially vulnerable to 220 million people,” including their names, date of birth and CPF number (Brazilian equivalent of a SIN or SSN).

Read: https://www.somagnews.com/giant-leak-exposes-data-from-almost-all-brazilians/

Netwalker  ransomware dark web shutdown, charges laid

Finally some good news in the world of ransomware with a joint law enforcement operation between Bulgarian and US law enforcement resulting in the seizure and shutdown of a Dark Web site from which the Netwalker ransomware-as-a-service gang operated.

The outfit recruited “affiliates” to deploy ransomware for a cut of the lucre, and one of their most successful agents, a Canadian who allegedly made $27 million in proceeds from the racket. Sebastien Vachon-Desjardins has been charged in a Florida court, it’s unclear from my readings if he’s actually in custody.

Read: https://ottawa.ctvnews.ca/canadian-man-charged-in-u-s-with-netwalker-ransomware-attacks-1.5284913

Not the Onion: Twitter launches fact checking initiative

One of the most egregious poster-boys of Big Tech bias, lack of transparency and shamelessly putting their thumb on scales (usually the one on the left), has introduced “Birdwatch” – a new crowdsourced, Wikipedia-style fact checking system.

The program is currently in a pilot of about a thousand select users (read: über-woke bluechecks) but will eventually be open to “regular users.” It provides a mechanism to add notes to tweets that furnish additional context around the tweet content. Notes added will have built in scoring systems themselves in order to prevent gaming the system.

This looks to be the “community verification” system whose details leaked early last year and that we wrote up here.

Read: https://blog.twitter.com/en_us/topics/product/2021/introducing-birdwatch-a-community-based-approach-to-misinformation.html

Perl scripting language main domain hijacked

The main domain for the Perl Foundation, the entity behind the perl scripting language has been hijacked. The perl{.}com domain’s Network Solutions account looks to have been hacked, and the domain transferred to Key Systems registrar. It was updated to point at an IP address associated with malware, and also listed for sale on Afternic.

Afternic has since taken down the listing, while the perl team is working to unwind this unauthorized transfer.

(don’t go to perl{.}com at this time as it’s pointed to an IP address associated with malware)

Doordash scam charging people who don’t use Doordash

Check those bank statements.

Numerous Canadians across the country are reporting fraudulent charges to their debit card accounts for Doordash, even though they didn’t place an order or in many cases, even have a Doordash account. Frustrations are aggravated because of the long wait times to obtain reimbursements from their bank.

So far this problem seems to be confined to debit card accounts with TD bank. TD for their part says they have “resolved the issue” and Doordash, based in California says they are cooperating with TD’s investigation. According to the CBC report, TD experienced a similar problem with unauthorized charges from Spotify, who is based in Sweden in 2019.

Facebook oversight board seeking feedback on Trump deplatforming

The independent oversight board charged with reviewing Facebook’s moderation decisions is seeking public feedback around the deplatforming of Donald Trump. Facebook’s Oversight Board is now reviewing Facebook’s decision to permanently close the former US president’s account, a decision which reportedly hinged on two separate posts: a one minute video he posted to his account on Jan 6th, the date of the DC riots and the second was a written post wherein he disputed the results of the election.

Members of the public can comment on the incident until February 5th by following the procedure on this page.

As we were headed to press the news broke that the Facebook Oversight Board overturned an earlier decision that removed content of the French government’s COVID-19 response and advocated the use of 
hydroxychloroquine as medical misinformation. 

The Coup We are Not Talking About

In this New York Times opinion piece, Surveillance Capitalism author Shoshanna Zhuboff wrote about “the coup nobody is talking about,” the one where Big Tech is upstaging governments and the people, and interjecting their own models of monetizing surveillance on an unwitting populace and a complacent government.

She describes four distinct stages of the Big Tech coup

  1. The appropriation of epistemic rights.
  2. Sharp rise in epistemic inequality, defined as the difference between what I can know and what can be known about me.
  3. Introduces epistemic chaos caused by the profit-driven algorithmic amplification, dissemination and microtargeting of corrupt information (the phase we are in now. And while Zhuboff and I could possibly disagree on the nature of the corrupt information, she’s not wrong on the general observation).
  4. Epistemic dominance is institutionalized, overriding democratic governance with computational governance by private surveillance capital. (Rule by privately owned algos.)

Also, epistemic means “relating to knowledge or its degree of validation” (yes, I had to look that up). My understanding of all this is that she’s saying Big Tech robs us of our right to derive our own beliefs from a mostly unpolluted backdrop of background data (come to our own conclusions based on rational or objective inputs).

Because everything is skewed and manipulated by algos whose interests are those of the people paying for the algos to run, we can never be truly certain if anything we believe is because we considered the data and came to our own conclusion, or that somebody put the inputs in front of us and nudged us toward a preconceived conclusion.

Said differently, thanks to privately owned algos, there is no truth, just dopamine and clicks.

Area man swears off internet connected sex toys after ransomware hijinks

Sorry if this sounds crude, but you may thank me later: drop what you’re doing and take that internet connected sex toy off of your privates (If this doesn’t apply to you, feel free to skip over to the next item).

Earlier in January Vice’s Motherboard reported that hackers had managed to comprise the security of a penis chastity lock made in China. Apparently these things are internet connected, and so people would have these things on their, you know, and then get notified via the app that control over the device was now controlled by hackers who were demanding a Bitcoin ransom to unlock the device.

In a follow-up article Vice interviewed an actual victim of this who, after paying $1,000 USD in bitcoin to the attackers, faced a demand for even more money. He then ended up cutting the device off with bolt-cutters. Injuring his, you know, in the process.

I never thought I’d have to come out and say this, but “never stick your, you know, into an internet connected device” is probably a good rule to live by.

Read: https://www.vice.com/en/article/4ad5xp/we-spoke-to-a-guy-who-got-his-dick-locked-in-a-cage-by-a-hacker (language alert)

GameStop Rebellion morphs into #SilverSqueeze

This has been such a crazy story over the past week I barely know where to start, we touched on it briefly last week when we noted how short seller Andy Left of Citron Research was hounded off of social media by the /r/WallStreetBets subreddit crew who were initiating a short squeeze in Gamestop – a pretty marginal company that was probably headed to zero before all this started. Since then, what is being called “The GameStop Rebellion” has exploded into a veritable movement.

The reason why? Because there seemed to be the perception out of Wall St and the mainstream media that what was happening to these overlevered hedge funds who were manipulating stocks for profit was somehow wrong. When the hedgies were facing losses by a flood of retail investors taking the other side of the trade, Big Tech seemed to step into the situation and change the rules in favour of the hedgies:

Robinhood, where most of this originated imposed limits on share ownership for the targeted stocks and even ceased the ability to open new positions and in some reports, arbitrarily sold out some positions without account holder permissions. As I write this now on Sunday night, Robinhood is facing a liquidity crunch, is not allowing withdrawals and may be facing some kind of “Lehman moment” headed into Monday.

Facebook for their part, shut down a large RobinHood daytrading group. Reddit alternated in making the /r/WallSteetBets subreddit private and opening it back up again (I still predict it will be shut down). Discord shut down the WSB discord channel. Google arbitrarily removed thousands of negative reviews left by angered account holders who were locked out of their accounts or positions.

If that wasn’t enough, the WallStreetBets movement has pivoted toward silver, which they allege is one of the largest most manipulated markets in existence and are targeting silver shorts with a short squeeze – #silversqueeze has been trending on Twitter all weekend, physical outlets for silver like JM Bullion and Sprott Money have suspended sales indefinitely (because they’re sold out entirely) and as I write this Sunday night, silver futures opened up 8% in Asian trading, a pretty humungous move out of the gate (we’ll see where this lays on Tuesday when we transmit this).

I wrote two pieces on the Gamestop business over on my newly rebranded blog (don’t mind the name, remember, I came up in punk rock bands, it’s in my nature and I can’t help it).

WallStreetBets Proves the System is Rigged
Read: https://bombthrower.com/articles/wallstreetbets-proves-the-system-is-rigged/


Could WallStreetBets be the Early Innings of a Financial Arab Spring?

Charles Hugh Smith wrote up a couple pieces on the coming revolt of (what’s left of) the middle class:
Read: http://charleshughsmith.blogspot.com/2021/01/the-democratization-demonization-of.html
Read: http://charleshughsmith.blogspot.com/2021/01/the-coming-revolt-of-middle-class.html

And Jesse Hirsh wrote up his take on Gamestop here:
Read: https://axisofeasy.com/metaviews/gamestop-and-manic-capital-markets/

Then it all coalesced as Jesse, Charles and I devoted the entire AxisOFeasy Salon #36 discussing The Democratization of Stonk Market Manipulation

Watch/Listen: https://axisofeasy.com/podcast/salon-36-democratizing-stonk-market-manipulation/

4 thoughts on “#AxisOfEasy 181: Stop What You’re Doing: Patch Sudo Now Edition

  1. > their thumb on scales (usually the one on the left)


    it’s grating me enough that I thought I’d write here about it.

    Conflating the “left” with the media censorship agents and the woke folks and a bunch of other group-think groups is malarkey and a big disservice to a progressive conversation.

    The “left” isn’t the pawns of the military-industrial system who wear blue ties, nor some flavour of media barons, nor woke nazis on their latest search and destroy mission. The “left” are the poor and the unions and the socialists (gasp!) working toward an equitable world, pushing back, and critiquing Fascism. The short form for “the opposite of libertarian capitalists” isn’t “the left”. That’s using the wrong word and hitting the wrong target, creating confusion and forgetting history. Basically, that’s playing in the hand of the divide-and-conquer meanies.


  2. There’s no fever like gold fever, except maybe silver fever”… how about David Morgan of the Morgan Report

Leave a Reply

Your email address will not be published. Required fields are marked *