Notices by Adrian Sanabria (sawaba@infosec.exchange)

The enshittification of computer repair is happening.

AI has amazingly managed to make repairable computers practically worthless.

The increase in memory and storage pricing is destroying the second-hand market for computing hardware and this makes me sad. I watched a video from someone that runs a repair shop, and this is what's happening:

The memory/storage alone is worth more than the rest of the computer, so people are stripping them out to sell separately.

The second hand market is now flooded with computers that have no memory or storage. Buying new memory or storage to put in these used computers is now more expensive than buying a new computer.

So we now suddenly have a giant e-waste problem PLUS a giant problem for repair shops that want to stay in business.

In the video, he was basically saying that they have to pivot to the only computers that folks aren't stripping RAM and storage out of - computers that have those things soldered on. The irony here is that repair shops now have to ignore the most repairable computers and focus on the least repairable computers instead.

https://www.youtube.com/watch?v=T6eiFyJMWgM

cc @pluralistic @iFixit

@GossiTheDog @todb It reads like, “hey, there was some detail missing from the first CVE, so here’s a new CVE with extra details”

@sambowne @fuzzyfuzzyfungus @GossiTheDog This would kill entire market segments if true. Bitsight, Security Scorecard, Upguard, Censys, and a few dozen other security vendors would have to cease operations immediately

@GossiTheDog I still maintain they'll end up giving it away for free. No one wants to pay for it, the value just isn't there.

@GossiTheDog went through the thread here, but didn't find a clear answer - do we know how attackers got their initial foothold into JLR?

Sounds like, if no, the obvious guess would be the same way M&S and Co-Op got hit since they were also using TCS?

This Korean data center fire keeps getting more and more tragic. Here’s what I know, to catch you up.

1. Back in 2017, S.Korea built “G Drive” for government officials to store all their files (no relation to Google drive, the ‘G’ stands for Government)
2. They were told to store all their stuff in G Drive, not on their local systems.
3. They were concerned about battery backups causing a fire, so decided to move half the li-ion batteries to the basement.
4. One of the li-ion batteries exploded as it was being unplugged, setting the building on fire. Several floors of datacenter were affected.
5. They’ve recovered roughly a third of the data.
6. none of it was backed up, because 1 petabyte was “too large to back up”
7. In 2017, one AWS Snowmobile 18-wheeler held 100 petabytes, so “too big to back up” doesn’t make a lot of sense
8. 125,000 government employees lost all their data

This is WILD. Go to any failing mall in America and choose a retailer at random. Spencer’s Gifts? They probably do backups. Jamba Juice? Backups. The CBD vape store? Okay, maybe they don’t do backups, but everybody else does.

One of the most technologically advanced 1st world nations in the world DOESN’T BACK UP government data? I’m still floored by this.

@GossiTheDog is this a new attack vector? Typically, I've seen attackers use the NPM install scripts to put malware on systems, and they typically leave the package code itself alone, right?

Every cybersecurity firm pitching vendor press releases to me: "Attackers are getting more advanced and sophisticated"

The news:

@GossiTheDog overdependence on search engines has similar results for the same reasons

@GossiTheDog it looks like she is saying that it only posts things publicly if you ask it to

so more of a situation where people don’t understand what the share button does

@GossiTheDog to be fair, IIRC, Coop Sweden went down because their payment provider used Kaseya.

So, it was ransomware on a fourth party, nothing Coop Sweden had any direct control over

@GossiTheDog if you’re on a box, can’t you just do the equivalent of Recall with malware? It definitely makes the job of an attacker easier and more streamlined, but not sure it adds up to a massive increase in risk.

Also, anyone that figures out how to eliminate that one hour every day the planet spends trying to find stuff on their computer could maybe add 10% to global GDP. How much risk is that worth?

(not that Recall is that solution, but it could be, right?)

@GossiTheDog people already screenshot stuff constantly, Recall is just drawing extra attention to an existing issue

@GossiTheDog please don’t tell me they were converting cash into crypto to pay a ransom

That’s like, incident turducken

@GossiTheDog tl;dr - not a threat, you’ll update it anyway, probably don’t need special tools since we’ve been updating crypto forever

@GossiTheDog doing a webinar in a few weeks, working on the slides

@patrickcmiller infiltrated?

@dalias @hal_pomeranz came here to say this. I remember coming in to work one day at a large payment processor (where I got my start in cybersecurity), and suddenly realizing that most of the people that worked there could just stop coming to the office and there would be zero impact.

Every department had one or two highly competent people that ended up doing 80-100% of the work that had value. It was literally a mirror of doing group projects in HS/Uni

@GossiTheDog LOL, I just downloaded that. Haven't dug in yet though, because deliverables

@patrickcmiller This is fine.