Last Week’s Quote was: “We do not see people as they are, but as they appear to us. And these appearances are usually misleading,”  was by Robert Greene.  Joe got it right.  Congrats. 

This Week’s Quote:  “I do not believe in a fate that will fall on us no matter what we do. I do believe in a fate that will fall on us if we do nothing.”  By ???

THE RULES:  No searching up the answer, must be posted at the bottom of the blog post, in the comments section.

The Prize:  First person to post the correct answer gets their next domain or hosting renewal on us.

Texas bill could jail people for sharing political memes without disclaimers.

Texas House Bill 366, authored by former Speaker Dade Phelan, would criminalize distributing altered political media—including memes—without a government-approved disclaimer, with penalties of up to one year in jail. The bill targets political advertising that uses an “image, audio recording, or video recording” of a candidate’s or officeholder’s “appearance, speech, or conduct that did not occur in reality,” encompassing generative AI content. The Texas Ethics Commission would dictate the disclaimer’s format, font, size, and color. The legislation will receive its first hearing of the session in the State Affairs Committee, which Phelan previously led.

Critics say the bill raises serious First Amendment concerns. Fort Worth attorney Tony McDonald, a specialist in First Amendment litigation, called the measure “obviously unconstitutional” and warned it would criminalize protected speech based on content. Courts have routinely struck down similar laws regulating political discourse. One example likely to be impacted is Michael Berry’s “Drunk Dade” parody call-ins, which involve altered audio portraying an officeholder in unreal scenarios—an apparent violation under the bill’s language.

The proposal also raises enforcement and selective prosecution issues. By criminalizing broad categories of altered media, the bill threatens satire, parody, and grassroots digital speech, potentially setting a precedent for policing political expression in Texas.

Read: https://texasscorecard.com/state/dade-phelans-bill-would-criminalize-political-memes/

Apple Warns Targets of Global Spyware Campaign Including Journalists and Activists

This week, Apple alerted individuals in 100 countries of targeted attacks using “mercenary” spyware—surveillance tools sold to governments by private firms—via email and SMS. Among confirmed recipients are Ciro Pellegrino, a journalist at Italian outlet Fanpage, and Eva Vlaardingerbroek, a Dutch right-wing activist. Pellegrino published that Apple warned he was not the only target. Vlaardingerbroek shared a video on X showing Apple’s message, stating she was likely targeted “because of who you are or what you do” and labeled it an intimidation attempt. Apple claims high confidence in the detection but concedes uncertainty is inherent.

Read: https://techcrunch.com/2025/04/30/apple-notifies-new-victims-of-spyware-attacks-across-the-world/

Elections Canada Website Crashes on Election Night

The drama of Canada’s 45th general federal election was heightened on the night of the event when the Elections Canada reportedly crashed.

While the website itself seemed reachable, the pages were rendering in a garbled fashion and ongoing results were unavailable.

Among the errors reported by DNS analyzer tools:

“Failed DNSSEC implementation – Despite apparent attempts to configure it, all critical DNSSEC records (DS, DNSKEY, CDS, CDNSKEY) are missing.”

Remember our pinned tweet, folks:

More: https://www.ctvnews.ca/federal-election-2025/article/elections-canada-confirms-website-down-for-some-voters/

TLS Certificates Are Getting Shorter: Automation Moves From Option to Assumption

The CA/Browser Forum has voted to dramatically shorten TLS certificate lifespans and the reuse period for CA-validated data, launching a phased schedule with the first impacts landing on March 15, 2026. Certificate validity drops from 398 days to 200 in 2026, 100 in 2027, and 47 by 2029. Domain and IP validation reuse follows suit, ending in just 10 days. Subject Identity Information (SII)—the organizational details in OV and EV certificates—will see its reuse window cut from 825 to 398 days in 2026. DV certificates, which include no SII, are unaffected.

The proposal, introduced by Apple and swiftly backed by Google despite its earlier 90-day position, argues that frequent revalidation is critical as certificate data ages poorly and revocation mechanisms like CRLs and OCSP are largely ignored. The move builds on the Forum’s 2023 approval of 7-day certificates that bypass revocation entirely.

Manual renewal will remain technically possible, but the cadence becomes unforgiving. By 2029, the certificate lifecycle will have compressed past the limits of traditional workflows. The infrastructure isn’t merely evolving—it’s being redesigned to assume automation at its core.

Read: https://www.digicert.com/blog/tls-certificate-lifetimes-will-officially-reduce-to-47-days

Cisco Pulls OpenDNS from Belgium Amid Piracy Crackdown on DNS Resolvers

Cisco suspended OpenDNS in Belgium on April 11, 2025, mirroring its quiet exit from France. This follows court orders compelling DNS providers—Cisco, Google, and Cloudflare—to block over 100 domains linked to pirate IPTV and sports streaming. The Belgian order, obtained by DAZN and involving the 12th Player, includes a €100,000-per-day non-compliance penalty and a dynamic blocking clause allowing ongoing additions to the list. These measures aim to curb unauthorized streaming, likely of Belgium’s Pro League football matches.

A similar DAZN-initiated order in France compelled the same providers to prevent DNS resolution of dozens of piracy sites. Google and Cloudflare reportedly complied, but Cisco chose total withdrawal. Though OpenDNS, a resolver service—the opposite end of the DNS algorithm from what we at easyDNS do (authoritative DNS)—is technically capable of domain filtering, one forum user noted it’s “core to the service.” Yet the risk of escalating liability appears decisive. Critics argue that exit over compliance makes the internet less secure for ordinary users.

Historically seen as neutral infrastructure, DNS providers are now drafted into copyright enforcement. The precedent follows Sony’s lawsuit against Quad9 and Canal+’s 2023 use of French law to target DNS services. Google was also ordered to deindex 130+ domains. Belgian ISPs, notably, were not fined.

Read: https://torrentfreak.com/opendns-quits-belgium-under-threat-of-piracy-blocks-or-fines-of-e100k-per-day-250416/

Google Trust Exploited in Sophisticated DKIM Replay Phishing Attack Using Google Sites

On April 11, 2025, Gerasim Hovhannisyan, CEO & Co-Founder of EasyDMARC, received a call from a shaken friend who had just been targeted by a phishing email masquerading as a legal subpoena from Google. The email, appearing to come from no-reply@accounts.google.com, passed SPF, DKIM, and DMARC checks and lacked telltale signs like typos or suspicious links. It directed recipients to a Google Sites page—hosted on a legitimate google.com subdomain—crafted to resemble a Google support case, exploiting user trust and brand familiarity.

The email was part of a DKIM Replay Attack. The attacker had intercepted a genuine DKIM-signed Google email, preserved its signed headers and body, and resent it using Outlook (x186997@outlook.com) via Microsoft’s LO3P265CU004.outbound.protection.outlook.com. From there, it was relayed through Jellyfish SMTP (asp-relay-pe.jellyfish.systems), then passed through Namecheap’s PrivateEmail infrastructure (mta-02.privateemail.com, DIR-08, fwd-04.fwd.privateemail.com), and finally delivered to Gmail by fwd-04-1.fwd.privateemail.com. Authentication checks still passed because the original Google DKIM signature remained intact and aligned.

Read: https://easydmarc.com/blog/google-spoofed-via-dkim-replay-attack-a-technical-breakdown/

Elsewhere online: