Once again, cloud services very predictably show why they can be less secure than running your own.
We’ve warned for many years of cloud insider abuse like this, using examples from Uber, Google and Facebook.
In many of these cases it’s male engineers in American technology companies using their power and privilege to stalk and abuse women.
The US Department of Justice has posted details of a 34 year old man who is said to have worked at Yahoo.
In pleading guilty, Ruiz, a former Yahoo software engineer, admitted to using his access through his work at the company to hack into about 6,000 Yahoo accounts. Ruiz cracked user passwords, and accessed internal Yahoo systems to compromise the Yahoo accounts. Ruiz admitted to targeting accounts belonging to younger women, including his personal friends and work colleagues. He made copies of images and videos that he found in the personal accounts without permission, and stored the data at his home. Once he had access to the Yahoo accounts, Ruiz admitted to compromising the iCloud, Facebook, Gmail, DropBox, and other online accounts of the Yahoo users in search of more private images and videos. After his employer observed the suspicious account activity, Ruiz admitted to destroying the computer and hard drive on which he stored the images.
That last sentence is concerning for anyone who has done digital forensics. How was Ruiz tipped off that he was being observed by an internal investigations team?
LinkedIn profile of Reyes Ruiz, identity thief hired as SRE by Okta
That career path reveals a far worse story than what is being reported right now.
A SRE is a person with deep access inside the cloud provider. They are trusted with the most sensitive data because, in theory, without giving them access a system could become unreliable or go offline.
For example, here’s a single line command in virtual (VMware) environments that exports a copy of an entire server. In a disaster (planning) scenario it could be essential to keeping services running:
Imagine instead, as you can see from the destination path name at the end of that line, any evil SRE just wants to steal ALL the data. SRE staff literally have keys to any kingdom trusting their employer. Even if the data was stored encrypted, using this command it’s decrypted by design.
I’ve repeatedly designed systems to protect against exactly this kind of insider threat and customers need to explicitly ask for proof that one exists. This is a disaster for both Okta and Yahoo if they cannot account for SRE access on their systems, particularly during the hours Ruiz was working.
His eight months at Okta, a widely used identity management company, could be an even bigger problem than Yahoo. Although to be fair the timing is interesting for both cases. Yahoo in 2007 when he joined was the biggest identity provider in the world. In 2018 Okta was claiming to be the leader in this space.
It looks like Okta apparently fired him as soon as the indictments were unsealed that detailed his long-term abuse of being a privileged SRE to game identity management. What Okta hasn’t said is whether they’ve concluded an internal investigation of all his access to identity as an SRE.
This is huge. I can’t overstate enough that an identity management cloud provider, holding the secrets of millions of people, hired an identity thief. It’s like saying a bank hired a bank robber to guard their safe.
Given inside knowledge and access at the service provider he allegedly cracked passwords of thousands of young women, including those he knew and worked with, in order to steal their images. Then he used their identity information to pivot through their cloud accounts that shared the same password to steal more images.
Two lessons here:
One. Okta is a core identity management company that hired a predator who clearly joined companies to commit crimes. Anyone using Okta or a similar service needs to be prepared for this level of insider threat being reported. Although we can pressure Okta on reasons screening didn’t block this hire, we can’t assume screens will be perfect and instead should demand they prove his actions were limited and detected.
Two. Re-use of passwords is what made one evil cloud staff member able to access so many other cloud accounts. Impersonation was possible by Ruiz because users didn’t setup different passwords on each cloud service. Password managers are free and a baseline requirement for users today. Also multi-factor authentication (MFA) would have made SRE theft of user secrets less effective and should be considered another baseline requirement (caveat: nothing is perfect. see new FBI warning on MFA bypass).
There’s a third point about avoiding tipping off suspects during investigations, and preserving evidence, but we don’t have enough details yet on why or how badly that security team at Yahoo was compromised.
Update March 2022: Drone wars in Ukraine is highlighting many of the same issues reported below.
Russian gas-engine model plane (Orlan-10 drone) downed in Syria with its big red parachute
The site “AINonline” offers us a count of drones in battles over Syria. Russia, for example, has recorded 23,000 flights of their own and claims 118 opposition drones shot-down with the vast majority this year.
The following section on “gaps in electronic warfare shield” was particularly interesting as it emphasizes Russia’s current dependence (pun not intended) on primitive jamming systems and kinetic counter-measures.
Russian official, deputy defense minister for military technical cooperation with foreign countries General Aleksandr Fomin, accused U.S. forces of assisting the Syrian rebels in carrying out drone attacks on the Khmeimeem airbase. Speaking at the Xiangshan security forum in Beijing last fall, he said that, “a group of 13 drones moved according to a common plan of combat deployment, under control of a single crew team. That time, a U.S. Navy P-8 Poseidon ASW aircraft was on an eight-hour patrol mission over the Mediterranean Sea. Upon reaching out our electronic warfare shield, the drones retreated somewhat to receive correcting instructions and began using satellite communications channels to receive outside assistance to find and explore gaps in that shield. Then the drones attempted to penetrate through, only to be destroyed.”
Apparently, Fomin was referring to January 6, when Russian forces shot down seven drones with anti-aircraft missiles and crash-landed seven by jamming the drones’ flight control systems.
Unclear why seven and seven was reported as a group total of 13 drones.
Under permissions for their calculator, we see this list:
view network connections
full network access
prevent device from sleeping
read Google service configuration
measure app storage space
Full network access? For a calculator?
Map of Google calculator network traffic flows
Unfortunately you can’t filter apps in the store by level of permission requested.
A simple filter could get rid of calculators that inexplicably demand full network access, let alone other strange levels (some require access to both local storage and removable storage).
Imagine setting a preference in your profile that allows the most private apps to be ranked highest…
Calculators without network privileges do exist, which begs the question why Google’s gigantic security team lacks the ability to remove network access from an app that quite obviously has no need for it.
Foreshadowing of WWI trench warfare. General Lee at Cold Harbor entrenched to massacre American soldiers, then denied the wounded care as an explicit terror tactic. Source: “This was not war” Welt.de
Yes. Yes he did.
And now for some American history to give much-needed perspective on the kind of information warfare tactics long used by white nationalists.
There have been many sad attempts over the last several decades to project the term “butcher”, notably deserved by the white supremacist and traitor General Lee, onto someone else instead. Who? His avowed enemy of course, U.S. General Grant.
Keep in mind that Grant was a vastly superior military tactician to Lee even by simple math. Commanding Union troops for 16 battles put Grant in the top ten list for Generals OF ALL TIME. Lee is so far down that list he wallows with a negative score!
The argument/propaganda against Grant’s brilliance and success in battle tends to go like this: while Grant decisively defeated pro-slavery forces, even capturing multiple armies and routing them entirely with reduced bloodshed, too many people died when Grant pressed forward on battlefields in his mission to end war quickly.
Somehow Grant should have had fewer casualties yet more expediently won a war that Lee intentionally had been making more brutal. This is a load of nonsense, as historians easily point out.
Given the scope of his achievements in three theaters, Grant’s overall casualty numbers are amazingly low. Given the finality of his defeat in his single theater, Lee’s casualty figures are surprisingly high, and they show how he drained the entire Confederacy of its limited manpower. If Grant had fought less aggressively, the Union would not have won. If Lee had fought less aggressively, the Confederacy’s prospects for success would have been enhanced.
First, over the duration of battles Grant’s per capita losses were less than Lee’s. It’s pretty simple to see that fact. If Grant had been anything close to using Lee’s tactics, far more Americans would have been killed.
Brands’ biography “The Man Who Saved the Union” gives data to make this clear. Grant’s autobiography also firmly established him as an early modern strategist (building upon his experience as quartermaster) who fully understood why professionals study logistics and how efficiencies pay off.
So the facts are in already and Lee clearly stands worse on casualty rates and brute force attempts.
Second, think about the irony of the propaganda against Grant, the false projection of Lee’s atrocities, meant to denigrate the actual brilliant leader and victor of the whole war.
The pro-slavery militant states seceded and declared war, then high casualty rates caused by their own leadership tactics (expressly ordering the butchering of U.S. soldiers) were attempted to be blamed on… their sworn target of attack, the United States.
It’s easy to see why pro-slavery historians have for so long tried to project this “butcher” label onto the wrong man and away from those who had started a war to expand slavery Westward. Grant clearly had more quickly and decisively defeated Lee compared to anyone before him. The “heritage” revisionists hate Grant for that simple fact alone.
Who was the real butcher?
Think about the fact that Grant not only was a brilliant war-time tactician, he was the father of the civil rights movement after he ended war. He literally both stopped the pro-slavery Generals butchering Americans and then pivoted and worked on a foundation of civil rights to protect against the tribal southern militias (e.g. KKK); after emancipation and from a political role he again stopped the butchering (e.g. KKK).
Let’s look now at Chernow’s seminal new work because it often gets cited as the most definitive study yet. He seems very decisively to neutralize a lot of anti-Grant propaganda with rich first-person source material. It establishes clearly how Grant thought deeply both strategically and tactically how to end the war quickly and minimize suffering:
Start with how Grant is described as reflecting upon battles solemnly, highly concerned with the rate of casualties after doing everything he could to be mindful and transparent of the costs.
“Grant” by Ron Chernow, p 406
Conversely then we see pro-slavery Confederate General Lee intentionally delaying aid to wounded soldiers who lay exposed and dying on a battlefield. The traitorous Lee maintained a butcher’s mentality through the war, using inhumane tactics against non-whites as well as dehumanization of those who fought to protect the U.S. from its enemies.
To be clear here, as anyone literate in history should be able to say, Lee hated black Americans:
White supremacy was one of Lee’s most fundamental convictions.
And Lee wasn’t just awful as a white supremacist, he was the most awful and led some of the worst atrocities in American history.
He had his armies invade and capture civilians in order to… enslave Americans and turn them into property of foreigners.
During his invasion of Pennsylvania, Lee’s Army of Northern Virginia enslaved… Americans and brought them back to the South as property. Pryor writes that “evidence links virtually every infantry and cavalry unit in Lee’s army” to the abduction of… Americans, “with the activity under the supervision of senior officers.” Soldiers under Lee’s command at the Battle of the Crater in 1864 massacred black Union soldiers who tried to surrender.
Think about that for a long minute. Anyone honoring Lee is celebrating Americans captured by foreign invasion and made into slaves. Who really wants a school or a street in America named for a man who invaded to enslave Americans?
Chernow tells us also how Lee thought bureaucratic delays to aid would help him maximize suffering of Americans, very overtly butchering them and leaving them to die in the worst conditions because he was “intent on teaching a lesson to Grant”.
“Grant” by Ron Chernow, p 406
I have yet to find regrets or similar thoughts in Lee’s writings that achieve the moral high ground of Grant. Instead I find repeated references to this “teaching a lesson” mantra, such that butchering Americans was a pro-slavery political terror tactic.
Lee’s leadership not only never managed to capture any forces (frequently murdering prisoners of war instead). His peers (i.e. General Nathan Bedford Forrest, Lee’s counterpart in the Western Theater) were infamous instead for cruelly deceptive and inhumane tactics during war and later starting the KKK to spread terror campaigns nationally after the end of official hostilities (i.e. to this day Forrest, Arkansas is named for the pro-slavery anti-American terrorist).
Let’s look next at General Forrest, known among pro-slavery groups as “The Wizard of the Saddle” (later named first “Grand Wizard” of the KKK). During war his reputation was built around things like escaping from battle by grabbing a “small” U.S. soldier as hostage and using him as a human shield.
His specialty was sabotaging U.S. supplies and communications, using deception tactics and deceit in what he described as “a heap of fun and to kill some Yankees”. Most infamously General Forrest drove over 2,000 pro-slavery forces towards U.S. soldiers in Fort Pillow on April 16, 1864, he twice waved a “flag of truce” at them.
Here two soldiers recall what they witnessed after Forrest stormed the fort and literally butchered hundreds of U.S. soldiers who were surrendering:
“Hymns of the Republic: The Story of the Final Year of the American Civil War” by S. C. Gwynne, p 19
General Chalmers (Mississippi cavalry who later became known for using violent voter suppression to win a seat in Federal government) reportedly bragged about this event in words similar to General Lee that a butchering at Fort Pillow was intentional and to teach “the mongrel garrison” a lesson.
Harper’s Weekly described the situation in their 1864 news report as murdering women, children and then mutilating the dead:
“Both white and black were bayoneted, shot, or sabred; even dead bodies were horribly mutilated, and children of seven and eight years, and several negro women killed in cold blood. Soldiers unable to speak from wounds were shot dead, and their bodies rolled down the banks into the river. The dead and wounded negroes were piled in heaps and burned, and several citizens, who had joined our forces for protection, were killed or wounded. Out of the garrison of six hundred only two hundred remained alive. Three hundred of those massacred were negroes; five were buried alive.”
General Forrest himself wrote, like Lee and Chalmers said above, that he was intent on being a butcher to send a specific message to the U.S. about white supremacy.
It is hoped that these facts will demonstrate to the Northern people that the Negro soldier cannot cope with Southerners
Fort Pillow Massacre, April 12, 1864 on the Mississippi River in Henning, Tennessee. Scenes of horror as pro-slavery militants butcher to death the U.S. soldiers who had surrendered.
In case it isn’t clear why we’ve slid into discussion of Generals of the pro-slavery rebellion beyond General Lee himself. The massacre at Fort Pillow was clearly widely reported and of much discussion in early 1864.
Widely reported. Clearly about being a butcher.
This run-up of events needs to be extremely clear because in July 1864 it was pro-slavery forces directly under General Lee who butchered Black U.S. soldiers trying to surrender and again afterwards as prisoners. Here are the recollections from the Battle of the Crater in Virginia:
“No Quarter: The Battle of the Crater, 1864” by Richard Slotkin, p 294
Who was the real butcher?
Those who ignore or revise history to denigrate Grant are actually hiding the pro-slavery mentality of excessive cruelty in battle and after. People have unfairly and intentionally attacked Grant’s reputation by projecting the crimes of Lee and his men for their own political gain.
Once people admit Grant is the one who stopped these butchers and their massacres and inherent inhumanity of pro-slavery forces, it could open the door to some other very relevant facts about white nationalists and why they continue to be threats to the U.S. even today.
Grant emancipated his slave before war, then rose through ranks to win the war, then started a civil rights movement and wrote a memoir that admitted faults and fears for a lasting peace to be achieved.
Lee threw away his citizenship so he could start a war to expand the enslavement of humans, repeatedly left thousands of American soldiers dying in great pain to politicize his unjust cause, and murdered his prisoners of war, leaving a legacy of white supremacists who to this day try to defame and denigrate real American heroes.
Who was the real butcher?
Greenwald provides further analysis of how Grant was brilliant and determined with his strategy, which meant he accepted criticism, while Lee romanticized blunders and infamously would shine his boots sooner than check the welfare of his troops.
Approximately a year earlier, in July 1863, Lee launched a massive assault against Union forces near a small hamlet in southeastern Pennsylvania. That assault, labeled “Pickett’s Charge,” cost Lee’s forces approximately 6,000 men. Yet, that charge has been romanticized and remembered more favorably, and is part of the lore of the fallen Confederacy. Meanwhile, Grant’s assault gave him the moniker “The Butcher.”
Delving even further, Grant had also launched a massive assault against a protruding salient at Spotsylvania Court House. That one broke the Confederate line, ushered in 18 hours of fierce hand-to-hand combat and almost resulted in breaking Lee’s army in half. Grant is not remembered as a butcher for that action.
A “butcher” does not have strategic vision and would continue to batter his head against an entrenched enemy, continue to throw men recklessly against his position. Grant, however, did have a vision: destroy Lee’s army. And if Cold Harbor did not offer that opportunity, then another place of his choosing would.
Grant was no butcher. Chernow closes the case on this, with Grant himself explaining why the title could never fit:
“Grant” by Ron Chernow, p 408
Now if we could just get journalists to stop repeating the “butcher” propaganda, and instead fairly depict Grant for the humanitarian leader and brilliant military mind he really was who earned global respect for his values and achievements.
This “On to Richmond” painting by Mort Kunstler was commissioned by the Army War College Class of 1991. It depicts Lt. General Ulysses S. Grant on the field during the Battle of the Wilderness, Virginia, May 5-7, 1864. Major General George Gordon Meade, commander of the Army of the Potomac, is to the right of Grant. Grant’s horse was named Cincinnati; Meade’s was Baldy (sometimes called Old Baldy). The red, swallow tailed flag is the Army of the Potomac Headquarters flag. Meade’s forces had crossed the Rappahannock River on May 4, but were forced to stop in the area known as the Wilderness to wait for the supply train to catch up. Confederate General Robert E. Lee resolved to attack the Federal forces while they were in the difficult Wilderness terrain. Fighting was so intense the trees and underbrush in many places caught fire, the glow of which can be seen in the background. (Photograph by: Megan Clugh, USAWC Photographer).
