#AxisOfEasy 202: Stop What You’re Doing: Unplug Your WD My Book Live Storage Device

 

 


Weekly Axis Of Easy #202


Last Week’s Quote was  “We don’t need no education. We don’t need no thought control. No dark sarcasm in the classroom. Teacher leave those kids alone.” … which was by Roger Waters / Pink Floyd. Everybody got it. But Leon C was first.

This Week’s Quote: “The problem with the world is that the intelligent people are full of doubts, while the stupid ones are full of confidence” … by???

THE RULES: No searching up the answer, must be posted to the blog – the place to post the answer is at the bottom of the post, in the comments section.

The Prize: First person to post the correct answer gets their next domain or hosting renewal is on us.

Buckle in, seems like a pretty unhinged week. First, before you do that see the story on the Western Digital MyBook drives and if you have one, disconnect it from the network right now.


In this issue:

  • Unplug your Western Digital MyBook Storage Drive Immediately
  • Sony wins injunction in Germany to force Quad9 from resolving domain names
  • MailChimp suspends Babylon Bee
  • Latest Gig Economy side hustle involves gathering foreign intelligence for spy agencies
  • Antivirus pioneer John McAfee found hanged in Spanish cell
  • FBI takes down 33 Iranian domains for “disinfo”
  • Microsoft admits signing rootkit used in gaming software
  • Hong Kong pro-democracy news outlet shuts down after funding choked off
  • WHO stealth edits recommendation to not vaccinate children
  • Mumford and Sons banjoist leaves band over tweet about a book he read
  • Facebook tries to invoke ISP safe harbour over human traffickers using platform
 
 
Unplug your Western Digital MyBook Storage Drive Immediately 

If you have a Western Digital MyBook storage drive in your environment, go disconnect it from the network right now. While you’re at it, you better check if your data is still there.

Reports began surfacing in the Western Digital support forums on June 23 that users were realizing that all of the data had been remotely wiped from their My Book devices. The directory structures were still there, but the files were gone.

Closer inspection revealed that the devices had been rebooted and then executed a factory reset. Somehow these actions have been triggered remotely, even on devices behind a firewall on a LAN.

Western Digital is aware of the problem but for now the only thing they’ve offered in terms of mitigation is advising all users to disconnect their devices from the network.

Update: as I was finishing up this edition it turns out that this issue is a result of CVE-2018-18472 which, seems to mean this was known as far back as 2018. It describes a Remote Command Execution bug via shell that can be executed by anybody who knows the remote IP of the device.

Read: https://arstechnica.com/gadgets/2021/06/mass-data-wipe-in-my-book-devices-prompts-warning-from-western-digital/

Support thread: https://community.wd.com/t/help-all-data-in-mybook-live-gone-and-owner-password-unknown/268111


Sony wins injunction in Germany to force Quad9 from resolving domain names

A lower court in Hamburg Germany has granted an injunction to Sony to compel the public DNS services firm Quad9 to cease resolving the DNS lookups of domain names alleged to be infringing on Sony copyright. Quad9 operates public DNS resolvers like OpenDNS or Google) at the address 9.9.9.9 and made clear: They have no relationship with any of the entities that Sony seeks to disable resolution for, nor are they domiciled in the jurisdiction where the injunction was enacted (they are based in Switzerland).

Quad9 is funded nearly exclusively via member and client donations and is a sister company to Packet Clearing House (PCH.net) who provides authoritative DNS for many country code TLDs.

CEO Bill Woodcock writes that they will be contesting the injunction in court.

Read: https://quad9.net/news/blog/quad9-and-sony-music-german-injunction-status/

As one notable tech luminary commented on it privately to me: “This is like telling the telephone company to stop switching a particular phone number. Has that ever happened anywhere?”

My response was:  “It happens in cancel-culture all the time.”


MailChimp suspends Babylon Bee

Commercial mailing list as a service provider, MailChimp, piled on a wider pattern of trying to make Babylon Bee stop telling jokes. They suspended the humour site’s account citing the reason as being “sending misinformation.”

The Conservative-minded satire outlet is on a trajectory to surpass The Onion in terms of engagement and audience size despite what appears to be a concerted effort from Big Tech and the mainstream media to stop them from being so satirically effective.

Snopes, the ostensibly neutral “debunker” website turned Facebook “fact checker” partner was forced to add a “parody” designation after repeatedly having to have jokes explained to them like a boomer at a gen-z party. For example, Snopes issued a “false” claim on Babylon Bee’s “Kavanaugh to submit to DNA test to prove he’s not literally Hitler,” and another one on “AOC repeatedly guesses ‘free’ for all items in Price is Right appearance.”

The New York Times has also been chafing at Babylon Bee’s success, recently writing a flat out hit piece that the site was only pretending to be satire and was really dealing in far-right misinformation. They were forced to issue a retraction when Babylon Bee threatened them with legal action.

MailChimp for their part, reinstated the account saying it was all a mistake. Babylon Bee for their part has said “no thanks” and will be moving on to another provider.

Read: https://www.nationalreview.com/2019/07/hands-off-the-babylon-bee/

We did something similar when competing service Klaviyo suspended AxisOfEasy because one of our mailings contained the word “Bitcoin.” They re-enabled us too, but we also left, opting for a self-hosted version of Mautic that puts us out of the reach from Karen-as-a-Service (KaaS) email providers.


Latest Gig Economy side hustle involves gathering foreign intelligence for the military

Premise is one of the myriad “Mechanical Turk” type mobile apps. You’re supposed to download it to your smartphone and then earn money for doing tasks: check on the price of groceries across a specific store, count the number of ATMs in a certain radius of a city.
 
It started out in 2013 as a type of crowd sourced competitive research tool: get a bunch of people to install the app, pay them to go out and check on rival stores, prices, etc. It languished under that model and in 2018 when a new CEO came in, he started expanding the mandate by starting to work with the military and foreign governments.

“The company says 90% of its work is gauging public sentiment and understanding human geography by paying users to fill out surveys, yielding data that it says has uses for commercial businesses, nonprofits and governments. A smaller number of projects, it says, involve asking users to go out into the world to complete tasks such as taking pictures or walking a predetermined route. Sometimes those tasks involve collecting data on nearby wireless signals or other cellphones,” …
“Data gained from our contributors helped inform government policy makers on how to best deal with vaccine hesitancy, susceptibility to foreign interference and misinformation in elections”


The outfit has secured $5,000,000 USD in contracts from the US Military since 2017. In a pitch to US defence agencies, Premise suggested use cases such as:

“Gauge the effectiveness of U.S. information operations; scout and map out key social structures such as mosques, banks and internet cafes; and covertly monitor cell-tower and Wi-Fi signals in a 100-square-kilometer area.”

…and doing so in a way designed to “safeguard the intent,” meaning, the individual data collators out in the field wouldn’t be aware that they were taking part in a government sponsored spy data gathering operation.

Read: https://www.wsj.com/articles/app-taps-unwitting-users-abroad-to-gather-open-source-intelligence-11624544026 (paywalled)

And: https://www.zerohedge.com/geopolitical/how-obscure-app-revolutionized-worlds-corporate-military-intelligence

Reminds me of a story that my dad, sort of told me (he really never talked much about his life, especially around the war). Anyway, he was born in Yugoslavia, but his family traveled a lot and he grew up in the UK from age 8. After the war, he planned to visit his homeland, and when his C.O found out about it, told him to take a unit motorcycle and a camera and to take various photos around a certain area there. The Slavs threw him in jail, accusing him of being a British spy. Which, whether he realized it or not, he more or less was. He never told me how long he was held for or how he got out. Just that he never went back to Yugoslavia again after that. Everybody gigging for Premise in some far off land is doing the same thing.



Antivirus pioneer John McAfee found hanged in Spanish cell

John McAfee, the infamous and controversial figure who created one of the first antivirus software suites was found dead in his jail cell in Spain last week, an apparent suicide after a Spanish court approved his extradition to the US on tax evasion charges.

McAfee sold his company that still bears his name in the late 90’s, after which he embarked on a mixed bag of ventures ranging from nootropics to crypto-currencies. He also ran for the Libertarian Party nomination in a couple presidential elections.

In keeping with is life, his death sparked controversy. He tweeted on at least two occasions that he was distinctly not suicidal and if he were to be “Epsteined” in his jail cell to know that he had been “Wackd.” That was also the name of an ERC-20 token he had created on Ethereum’s Robsten network (test chain).

Apparently moments after his death was announced, a “Q” was posted to his Instagram account, a possible nod to the conspiracy movement that sees the Deep State’s fingerprints on everything.

It gets weirder. Somebody found in the metadata of that Q image, encoded data that purportedly translates to an address of a smart contract on the Robsten network, which is now doing something since McAfee died.

McAfee said before his death that were he to be “Epsteined,” he would release terabytes of data he claims would expose official corruption on the part of the US in the Bahamas, Belize and elsewhere.

McAfee may have been very different things to different people, but nobody ever accused him of being boring.

Read: https://cryptobriefing.com/did-john-mcafee-put-a-dead-mans-switch-on-ethereum/


FBI takes down 33 Iranian domains for “disinfo”

Approximately 33 websites belonging to the state media arms of the Iranian government have been seized by the US FBI and all traffic redirected to a landing page advising the visitor of that fact.

The seizure includes the Iranian PressTV website on .com (presstv.com) (but not presstv.ir, which would be another matter entirely). All of the seized domains were under the .com, .net or .TV TLDs. .TV is actually a country code TLD belonging to Tuvalu, but it is administered by Versign.

Because Verisign is a US company, it is relatively easy for US agencies to have warrants and court orders to seize domains under .com, .net and any other TLD for which Verisign is the registry operator.

The sites “operat[e] under the guise of genuine news outlets, were waging a “global disinformation campaign” to influence U.S. policy and push Iranian propaganda around the world.”

The action also included the seizure of Palestine Today’s website, which is alleged to “reflect the viewpoints of Gaza-based Islamic militant groups Hamas and Islamic Jihad.”

Read: https://apnews.com/article/iran-middle-east-03e651ff86918c871d9e1baaa5e30e37

We’ve had one seized from our customers 
 in the past. It was under a sealed warrant so we don’t even know what the deal was.     


Microsoft admits signing rootkit used in gaming software

It looks like Microsoft signed an infected malware driver used in gaming applications that turns out to be sending telemetry back to a C&C node in China. The discovery by G-Data Systems last week shows that the Netfilter driver was submitted to Microsoft for signing via the normal application process and the company proceeded to sign it, they are now investigating their internal processes to figure out how that happened.

Without the drivers being signed, they can’t be installed into Microsoft kernels.

Read: https://www.bleepingcomputer.com/news/security/microsoft-admits-to-signing-rootkit-malware-in-supply-chain-fiasco/


Hong Kong pro-democracy news outlet shuts down after funding choked off

Over in Hong Kong one of the more popular pro-democracy news outlets, Apple Daily, will shut down as its funding has been cut off pursuant to the Chinese crackdown on civil rights in the city.

The paper’s majority owner and vocal CCP critic Jimmy Lai is in prison. The paper’s assets were frozen. The computers of many of its reporters have been seized and charges have been filed against two of the paper’s top execs.

Apple Daily had been a vocal critic of Beijing and outspoken pro-democracy voice after China enacted a new national security law in Hong Kong last year which ignited widespread unrest and demonstrations.

Read: https://www.wsj.com/articles/hong-kongs-apple-daily-will-close-after-government-choked-funds-11624437029        

And: https://www.reuters.com/world/asia-pacific/hong-kongs-apple-daily-board-may-stop-publication-this-week-memo-2021-06-21/      


WHO stealth edits recommendation to not vaccinate children

Last week many were surprised to see appear on the World Health Organization’s vaccine guidance page, a section on children that said, categorically “Do not vaccinate children,” noting that children and adolescents had negligible risk to contracting or transmitting COVID-19.

This did not go unnoticed and was picked up by many, including myself, who are perplexed at various government impetuses to vaccinate children. I thought this was all about Follow The Science(tm).

Given anecdotal accounts and actual data coming in on adverse affects in children (13 year old Jacob Clynick apparently died of heart inflammation three days after receiving his second dose of the Pfizer jab, closer to home, the 12 year-old niece of an easyDNS employee collapsed during a soccer game in Alberta and received CPR on the field. She is now wearing a heart monitor pending test results), this was welcome guidance coming from the hallowed WHO.

After a day, the web page was stealth edited and now reads completely differently.

The prior version of the page  is archived here  and reads:

Children should not be vaccinated for the moment.
         
There is not yet enough evidence on the use of vaccines against COVID-19 in children to make recommendations for children to be vaccinated against COVID-19. Children and adolescents tend to have milder disease compared to adults. However, children should continue to have the recommended childhood vaccines.
      
Now it reads more like the disclaimer in a Pfizer infomercial.

The change-up was noticed by Alex Berenson, who has been reporting on policy mismanagement and statistical mangling since the beginning of the crisis, and (as  we covered last year ) whose book on COVID lockdowns was removed by Amazon before being reinstated after a popular backlash. Our write up on it was also memory holed on Hackernews  after hitting the Top 10 on page 1)

Read: https://twitter.com/AlexBerenson/status/1407457752725823488          

And: https://www.zerohedge.com/covid-19/world-health-organization-says-do-not-give-children-experimental-coronavirus-vaccine-shots

I also cited the WHO article in a Facebook comment on a story that had been “fact checked” by Facebook, which was then removed by Facebook for violating community standards:

     
 
  Mumford and Sons banjoist leaves band over tweet about a book he read

Winston Marshall, a co-founder of the Grammy award winning Mumford and Sons has left the band as a result of the backlash that ensued over a congratulatory tweet he sent to Andy Ngo, the independent journalist who has been covering the activities of the far-left anarchist group Antifa.

In March Marshall tweeted:

“Unmasked. “Congratulations @MrAndyNgo. Finally had the time to read your important book. You’re a brave man.””

…and all hell broke loose. Ngo is possibly the most reviled man among Antifa, and they’ve done everything they can to shut him up, including physically attacking him (multiple times).

Unmasked is a New York Times bestseller. I have it but I haven’t read it yet, when I saw that Antifa has physically barricaded entry to Powell’s books demanding they stop selling the book I ordered a copy from Powells online just on principle.

The backlash against Marshall spread to his bandmates and friends as thousands of Antifa and far-left berserkers piled on. While the band was supportive of Marshall and didn’t kick him out, Marshall writes he decided step back, and then he got hit with another wave of mob fury because he apologized.

It got to a point where leaving the band seemed to be the only way to preserve his integrity:

“For me to speak about what I’ve learned is such a controversial issue will inevitably bring my bandmates more trouble. My love, loyalty and accountability to them cannot permit that. I could remain—and continue to self-censor. But it will erode my sense of integrity. Gnaw my conscience. I’ve already felt that beginning.

The only way forward for me is to leave the band. I hope in distancing myself from them I am able to speak my mind without them suffering the consequences. “


Over a tweet. And they say cancel culture is a hoax. It isn’t, it’s a cancer.

Read: https://www.newsweek.com/why-im-leaving-mumford-sons-opinion-1603978

Remember: NEVER APOLOGIZE if you haven’t done anything wrong. We had a guy send us a “Dear easyDNS, your home page is racist” missive a couple months back. By the time I was finished with him he was apologizing to us.



Facebook tries to invoke ISP safe harbour over human traffickers using platform

Last week we reported on the latest report from the Human Trafficking Institute who found that the majority of all recruitment of minors for sex trafficking rings occurred on Facebook.  

In Houston the tech giant is facing three separate lawsuits from teenagers who were recruited into sex trafficking rings by people they met via Facebook messaging. The suits allege that Facebook did not adequately protect them by keeping sex traffickers off of the system.

Facebook tried to use CDA Section 230 immunity. That’s the section of the US Communications Decency Act which grants safe harbour to ISPs against things like defamation and copyright infringement for content that traverses their network.

The Texas Supreme Court was having none of it and tossed the defence, finding that:

“Holding internet platforms accountable for the words or actions of their users is one thing, and the federal precedent uniformly dictates that section 230 does not allow it. Holding internet platforms accountable for their own misdeeds is quite another thing. This is particularly the case for human trafficking.”

 The ruling means that “Facebook can be held liable for sex traffickers that use its platform to recruit and prey on child victims.”

Read: https://www.businessinsider.com/facebook-texas-supreme-court-ruling-sex-traffickers-section-230-2021-6

9 thoughts on “#AxisOfEasy 202: Stop What You’re Doing: Unplug Your WD My Book Live Storage Device

  1. ‘The trouble with the world is that the stupid are cocksure and the intelligent are full of doubt.’ Bertrand Russell, 1872 – 1970.

  2. From my favorite poem, “The Second Coming” by W.B Yeats. Not even the best line IMHO:

    “The falcon cannot hear the falconer;
    Things fall apart; the center cannot hold;
    Mere anarchy I loosed upon the world…”

  3. Bertrand Russell

    though the way I have it is: The trouble with the world is that the stupid are cocksure, and the intelligent full of doubt”

  4. No surprise with mailchimp. What is a good 3rd party email sender to use along with Mautic? Are there any less likely to cancel you for not towing an ideological line?

    1. I’ve been using Aweber for Bombthrower and had no problems so far. They’re pretty cool to deal with.

  5. – Facebook tries to invoke ISP safe harbour over human traffickers using platform
    – The new face of right wing extremism: asking about Ivermectin
    – easyVPS is LIVE plus a maintenance window
    ==============================
    Hmm.. we appear to missing the Ivermectin info. Any reason why? Getting some heat from the Prude Boys? 😉

  6. OK, I thought it was Charles Bukowski who said something about intelligent people being full of doubt and stupid people being full of confidence. But maybe he was quoting Bertrand Russell.

Leave a Reply

Your email address will not be published. Required fields are marked *