Ace of Spades HQ

« Saturday Overnight Open Thread (3/30/24) | Main | EMT 24 Mar 31 »

March 31, 2024

Daily Tech News 31 March 2024

Top Story

A little more background on that security disaster that almost was. (Substack)

It looks like it started with "social engineering" - a confidence scam - two years ago, with one person attacking the maintainer of the xz utility and another one offering to help, and then actually helping. That warped over time into slipping more and more suspect code into the package, until they got caught.

It's a bit of an odd one because it took a lot of care and planning but was guaranteed to get caught and removed if it ever went mainstream. So it's not a targeted attack on particular groups, and not subtle enough to pass unnoticed long-term.

If you infect one server you're likely to get away with it, but if you infect every server in the world, there are literally hundreds of honeypot servers set up by security researchers specifically to detect weird stuff like this.

Purely speculation but I'm wondering if this was North Korea rather than China or Russia. It looks like the kind of miscalculation they would make.

Tech News

Software needs to be more expensive. (Glyph)

There's a well-known XKCD cartoon illustrating that the modern world is utterly dependent on some random bit of code maintained by one guy in Nebraska since 2003.

Not specifically true, but true in general; we nearly had a global disaster with a small but useful library called xz because the maintainer wasn't getting paid anything despite the code being used on hundreds of millions of computers. (If it's included in iOS or Android, which it probably is, billions.)

The solution proposed here is to make it easy to pay these people.
Meanwhile AT&T is resetting customer passcodes after millions of customers' account details were leaked... In 2019. (Tech Crunch)

Or possibly earlier. AT&T doesn't know or isn't saying. But yeah, the data has been out there for five years and they're responding now.
The world needs more gadgets like this (checks notes) overpriced underwhelming 27" 1080p monitor in a briefcase. (The Verge)

The world needs fewer websites like The Verge. If that leaves me with nobody to mock, so be it.
Banning TikTok could harm blah blah blah. (Tech Crunch)

Don't care, didn't ask.

Disclaimer: I think "Don't care, didn't ask" would make a great state motto.

posted by Pixy Misa at 04:00 AM

| Access Comments


Advertise Here! Intermarkets' Privacy Policy Support Donate to Ace of Spades HQ! Contact Ace: aceofspadeshq at gee mail.com Buck: buck.throckmorton at protonmail.com CBD: cbd at cutjibnewsletter.com joe mannix: mannix2024 at proton.me MisHum: petmorons at gee mail.com J.J. Sefton: sefton at cutjibnewsletter.com Recent Entries The Morning Rant: Measures...Counter-Measures...Counter-Counter-Measures... Mid-Morning Art Thread The Morning Report — 12/4/25 Daily Tech News 4 December 2025 Wednesday Overnight Open Thread - December 3, 2025 [Shopping Rex] Dog Luge Cafe Methodist Pastor Has Had Enough of Jesus-This and Jesus-That, So He Makes His Homily About the Only Thing That Really Matters, His Trans Identity Of Course: Biden Created a Special Exemption So That "Low-Level" Taliban Officials Could Migrate to the US A Man Brutalized a Woman and Put Her In the Hospital. In a Private Conversation, She Called Her Attacker a "Faggot." She Was Arrested. Trump's Ag Secretary: States Will Either Open Their Books So We Can Detect SNAP Fraud, Or We're Cutting Them Off Absent Friends Jay Guevara 2025 Jim Sunk New Dawn 2025 Jewells45 2025 Bandersnatch 2024 GnuBreed 2024 Captain Hate 2023 moon_over_vermont 2023 westminsterdogshow 2023 Ann Wilson(Empire1) 2022 Dave In Texas 2022 Jesse in D.C. 2022 OregonMuse 2022 redc1c4 2021 Tami 2021 Chavez the Hugo 2020 Ibguy 2020 Rickl 2019 Joffen 2014 AoSHQ Writers Group A site for members of the Horde to post their stories seeking beta readers, editing help, brainstorming, and story ideas. Also to share links to potential publishing outlets, writing help sites, and videos posting tips to get published. Contact OrangeEnt for info: maildrop62 at proton dot me Cutting The Cord And Email Security Cutting The Cord [Joe Mannix (not a cop)] Cutting The Cord: It's Easier Than You Think [Blaster] Private Email and Secure Signatures [Hogmartin] Moron Meet-Ups TBD	« Saturday Overnight Open Thread (3/30/24) \| Main \| EMT 24 Mar 31 » March 31, 2024 Daily Tech News 31 March 2024 Top Story A little more background on that security disaster that almost was. (Substack) It looks like it started with "social engineering" - a confidence scam - two years ago, with one person attacking the maintainer of the xz utility and another one offering to help, and then actually helping. That warped over time into slipping more and more suspect code into the package, until they got caught. It's a bit of an odd one because it took a lot of care and planning but was guaranteed to get caught and removed if it ever went mainstream. So it's not a targeted attack on particular groups, and not subtle enough to pass unnoticed long-term. If you infect one server you're likely to get away with it, but if you infect every server in the world, there are literally hundreds of honeypot servers set up by security researchers specifically to detect weird stuff like this. Purely speculation but I'm wondering if this was North Korea rather than China or Russia. It looks like the kind of miscalculation they would make. Tech News Software needs to be more expensive. (Glyph) There's a well-known XKCD cartoon illustrating that the modern world is utterly dependent on some random bit of code maintained by one guy in Nebraska since 2003. Not specifically true, but true in general; we nearly had a global disaster with a small but useful library called xz because the maintainer wasn't getting paid anything despite the code being used on hundreds of millions of computers. (If it's included in iOS or Android, which it probably is, billions.) The solution proposed here is to make it easy to pay these people. Meanwhile AT&T is resetting customer passcodes after millions of customers' account details were leaked... In 2019. (Tech Crunch) Or possibly earlier. AT&T doesn't know or isn't saying. But yeah, the data has been out there for five years and they're responding now. The world needs more gadgets like this (checks notes) overpriced underwhelming 27" 1080p monitor in a briefcase. (The Verge) The world needs fewer websites like The Verge. If that leaves me with nobody to mock, so be it. Banning TikTok could harm blah blah blah. (Tech Crunch) Don't care, didn't ask. Disclaimer: I think "Don't care, didn't ask" would make a great state motto. posted by Pixy Misa at 04:00 AM \| Access Comments <script language="javascript" src="http://adserver.adtechus.com/addyn/3.0/5235/1131537/0/170/ADTECH;loc=700;cookie=info;target=_blank;key=key1+key2+key3+key4;grp=[group]"></script><noscript><a href="http://adserver.adtechus.com/adlink/3.0/5235/1131537/0/170/ADTECH;loc=300;key=key1+key2+key3+key4;grp=[group]" target="_blank"><img src="http://adserver.adtechus.com/adserv/3.0/5235/1131537/0/170/ADTECH;loc=300;key=key1+key2+key3+key4;grp=[group]" border="0" width="300" height="250"></a></noscript>	Recent Comments Jordan61: "My daily is parked on the street. In winter it is ..." Its Go Time Donald : "Well- OK. Don’t pay the “ticket” ..." Crusader: "Posted by: CharlieBrown'sDildo at December 04, 202 ..." Bulg: "Dammit, Rick, you always beat me to it! ..." Formerly Virginian[/i] [/b]: "MONKEY! ..." Sponge - Fck Cancer: "[i] I don't have that, but mine beeps if I signal ..." Wolfus Aurelius, Dreaming of Elsewhere [/i] [/b] [/s]: "Noodus CBD ..." Bulg: "1st! ..." Wolfus Aurelius, Dreaming of Elsewhere [/i] [/b] [/s]: "[i]That device is what i meant, it's the kind of t ..." Nazdar: "Nood. ..." rickb223 [/s][/b][/i][/u]: "Punk monkey ip ..." davidt: "392 The Batteries Plus guy told me that a fob in c ..." Recent Entries The Morning Rant: Measures...Counter-Measures...Counter-Counter-Measures... Mid-Morning Art Thread The Morning Report — 12/4/25 Daily Tech News 4 December 2025 Wednesday Overnight Open Thread - December 3, 2025 [Shopping Rex] Dog Luge Cafe Methodist Pastor Has Had Enough of Jesus-This and Jesus-That, So He Makes His Homily About the Only Thing That Really Matters, His Trans Identity Of Course: Biden Created a Special Exemption So That "Low-Level" Taliban* Officials Could Migrate to the US A Man Brutalized a Woman and Put Her In the Hospital. In a Private Conversation, She Called Her Attacker a "Faggot." She Was Arrested. Trump's Ag Secretary: States Will Either Open Their Books So We Can Detect SNAP Fraud, Or We're Cutting Them Off Search Search this site: Polls! Polls! Polls! Frequently Asked Questions What is the Deal with the Cowbell? Why is the Ace of Spades called "the Death Card"? The (Almost) Complete Paul Anka Integrity Kick Primary Document: The Audio Paul Anka Haiku Contest Announcement Integrity SAT's: Entrance Exam for Paul Anka's Band AllahPundit's Paul Anka 45's Collection AnkaPundit: Paul Anka Takes Over the Site for a Weekend (Continues through to Monday's postings) George Bush Slices Don Rumsfeld Like an Fckin' Hammer Top Top Tens Democratic Forays into Erotica New Shows On Gore's DNC/MTV Network Nicknames for Potatoes, By People Who Really* Hate Potatoes Star Wars Euphemisms for Self-Abuse Signs You're at an Iraqi "Wedding Party" Signs Your Clown Has Gone Bad Signs That You, Geroge Michael, Should Probably Just Give It Up Signs of Hip-Hop Influence on John Kerry NYT Headlines Spinning Bush's Jobs Boom Things People Are More Likely to Say Than "Did You Hear What Al Franken Said Yesterday?" Signs that Paul Krugman Has Lost His Frickin' Mind All-Time Best NBA Players, According to Senator Robert Byrd Other Bad Things About the Jews, According to the Koran Signs That David Letterman Just Doesn't Care Anymore Examples of Bob Kerrey's Insufferable Racial Jackassery Signs Andy Rooney Is Going Senile Other Judgments Dick Clarke Made About Condi Rice Based on Her Appearance Collective Names for Groups of People John Kerry's Other Vietnam Super-Pets Cool Things About the XM8 Assault Rifle Media-Approved Facts About the Democrat Spy Changes to Make Christianity More "Inclusive" Secret John Kerry Senatorial Accomplishments John Edwards Campaign Excuses John Kerry Pick-Up Lines Changes Liberal Senator George Michell Will Make at Disney Torments in Dog-Hell Greatest Hitjobs The Ace of Spades HQ Sex-for-Money Skankathon A D&D Guide to the Democratic Candidates Margaret Cho: Just Not Funny More Margaret Cho Abuse Margaret Cho: Still Not Funny Iraqi Prisoner Claims He Was Raped... By Woman Wonkette Announces "Morning Zoo" Format John Kerry's "Plan" Causes Surrender of Moqtada al-Sadr's Militia World Muslim Leaders Apologize for Nick Berg's Beheading Michael Moore Goes on Lunchtime Manhattan Death-Spree Milestone: Oliver Willis Posts 400th "Fake News Article" Referencing Britney Spears Liberal Economists Rue a "New Decade of Greed" Artificial Insouciance: Maureen Dowd's Word Processor Revolts Against Her Numbing Imbecility Intelligence Officials Eye Blogs for Tips They Done Found Us Out, Cletus: Intrepid Internet Detective Figures Out Our Master Plan Shock: Josh Marshall Almost Mentions Sarin Discovery in Iraq Leather-Clad Biker Freaks Terrorize Australian Town When Clinton Was President, Torture Was Cool What Wonkette Means When She Explains What Tina Brown Means Wonkette's Stand-Up Act Wankette HQ Gay-Rumors Du Jour Here's What's Bugging Me: Goose and Slider My Own Micah Wright Style Confession of Dishonesty Outraged "Conservatives" React to the FMA An On-Line Impression of Dennis Miller Having Sex with a Kodiak Bear The Story the Rightwing Media Refuses to Report! Our Lunch with David "Glengarry Glen Ross" Mamet The House of Love: Paul Krugman A Michael Moore Mystery (TM) The Dowd-O-Matic! Liberal Consistency and Other Myths Kepler's Laws of Liberal Media Bias John Kerry-- The Splunge! Candidate "Divisive" Politics & "Attacks on Patriotism" (very long) The Donkey ("The Raven" parody) Syndicate this site (XML) Powered by Movable Type 2.64