Malware attack update | DLA Piper Global Law Firm

On 27 June, our advanced-warning system detected suspicious activity in our network, which, based on our investigation to date, appears to be related to a new variant of the "Petya" malware. Our IT team acted quickly to prevent the spread of the suspected malware by taking down our systems as a precautionary measure.

 

We immediately began our investigation and remediation efforts, working closely with leading forensic experts and relevant authorities, including the FBI and UK National Crime Agency.

Our experts are working to bring our systems back online as quickly and safely as possible and we are aiming for our email system to be up and running today, 29 June.

This is really bananas. A huge part of that firm has been without email for two days right before a holiday weekend. Hopefully they find some sympathetic ears when they have to ask for extensions for filing deadlines, although I'm not sure a small firm who's compromise might not be so public would receive the same. Best of luck to everyone working to respond to this incident.

Markdown Editing Revisited

Usually when I'm doing some writing, whether it be for formal publication or just reminders and notes to myself I'm writing in Markdown. It's easy to read, permanent, and can be turned into other useful formats like PDF or RTF. 

When I first got into Markdown, I was using the old reliable TextMate along with a number of scripts and triggers. TextMate has gotten some real competition in recent years and has really struggled to keep up with editors like Sublime Text or Atom. I've spent a fair amount of time working in both of those editors and they're really something to consider, especially if you're used to using older editors like UltraEdit or TextPad which still see pretty wide distribution in Businesstown. 

But even as I basked in the power provided by Sublime's column editing and the ease of use from Vintage Mode, Sublime lacked some of the Markdown editing chops that I really liked in Textmate like footnote support. Recently I've migrated from using Sublime as my primary editor to using Atom. The add-ons for Atom have matured quite nicely and with the right combination of tools and some configurations tweaks, Atom might be the best Markdown editor out there right now. 

The other fairly interesting editor that folks seem to like is Bear. I like bear. It's super friendly and it's a great spot to keep notes that you need on a regular basis. I do wish it would sync out to plain text files though. 

 

The Broader Implications of Heartbleed

Dan Kaminsky:

It always seems like a good idea in security to emphasize prudence over accuracy, possible risk over evidence of actual attack.  And frankly this policy has been run by the privacy community for some time now.  Is this a positive shift?  It certainly allows an answer to the question for your average consumer, “What am I supposed to do in response to this Internet ending bug?”  “Well, presume all your passwords leaked and change them!”

I worry, and not merely because “You can’t be too careful” has not at all been an entirely pleasant policy in the real world.  We have lots of bugs in software.  Shall we presume every browser flaw not only needs to be patched, but has already been exploited globally worldwide, and you should wipe your machine any time one is discovered?  This OpenSSL flaw is pernicious, sure.  We’ve had big flaws before, ones that didn’t just provide read access to remote memory either.  Why the freak out here?

Because we expected better, here, of all places.

I recall the days of hearing from people that open source software was dangerous because anyone could add any code. The usual counter was that because it was open, someone would see something that was inserted that was malicious. While it doesn't look like the Heartbleed bug was introduced purposefully, the problem code wasn't found soon enough. 

The Origami Workstation

Shawn Blanc covers the Origami Workstation on his site, The Sweet Setup:

...the iPad keyboard I prefer most is the Origami Workstation. There are a few reasons:

  • It’s separate from the iPad, thus not in the way when I’m not using the iPad with a keyboard (which is most of the time for me).
  • It holds the iPad similar to how a folio or keyboard case would.
  • It works with Apple’s own bluetooth keyboard, which is an excellent keyboard.

I always keep the Apple wireless keyboard in the Origami in my backpack since I got it a few years ago. It's great to be able to use the same keyboard at home, on my desk at the office or anywhere I travel. 

Making sure the keyboard stays powered off in my bag is harder than you'd think and the velcro is pretty worn out, but when it goes I'll replace it with another one just like it. 

Well I Stand Corrected - SCOTUS to Rule on WarDriving

So I can't be sure, but I'm sure that there is a video or audio recording of me giving a talk where I flippantly remark that there really would be little reason to believe that a security issue like the legality of wardriving would ever reach the Supreme Court. 

Well what do you know? 

The biggest U.S. internet wiretapping program outside the NSA may be headed to the Supreme Court.

Google is asking the high court to rule on the legality of the company’s past sniffing of unencrypted Wi-Fi traffic in neighborhoods around the country as part of its Street View program. An appeals court last September found that the sniffing may have violated the Wiretap Act.

In a world where one man's networking tool (nmap, Wireshark, Driftnet) is classified as a weapon in some countries, getting clarity on these issues through our common law system is a good thing.

See guys? I told you that if you were patient things would work out. Now we just have to see what those ever so savvy Supreme Court justices think of all this. 

(Coverage via Wired)