Good morning guys and girls, I hope everyone has made it to Friday sane and a little richer than on Monday.

First, a quick matter of housekeeping. You may notice that a comments section has been enabled at the foot of this blog. Please chime in and let me know your takes on things!
The comments section of a given post should accept new comments for up to about a month after a post goes live. If you run into any issues with the comments section, please contact me through a different communication channel.

My security training trundles along this week with a focus on memorizing port numbers (some of the important ones, at least) and filling gaps in my knowledge. At this point I have a fairly good idea of what topics will be on the exam, and am methodically learning the ones that I can’t readily explain.

Practicing mastery of a topic by explaining it out loud is a process I’ve heard called the “Rubber Duck Method.” I endorse it fully—for me the most natural way to mentally manipulate a subject is to yap about it.

//

In the news.

A record setting UDP carpet bombing was mitigated by Cloudflare. The DDoS attack in question sent a whopping 11.5 Terabits per second (Tbps) for nearly a minute.

To put that in perspective, streaming an HD video from Netflix would take maybe as much as 7 Mbps. This attack was like 1.64 million devices trying to send video all at once to a single endpoint.

In international news, China is sanctioning U.S. companies that support Taiwan’s military capabilities. The companies affected include satellite communications companies and unmanned aquatic vehicle manufacturers.

As per the Guardian, Microsoft has terminated it’s contract with the Israeli military’s famous Unit 8200. Evidently Israeli forces were utilizing Microsoft’s Azure cloud service to store millions of Palestinian phone calls that were being made each day in Gaza.

“We do not provide technology to facilitate mass surveillance of civilians. We have applied this principle in every country around the world, and we have insisted on it repeatedly for more than two decades.”

—Brad Smith, Microsoft vice-chair and president

Finally today, we have a report that at least one unspecified U.S. government agency was breached by a threat actor with suspected ties to the Chinese state. The hackers have evidently been exploiting the flaws for months. Yikes.

49 days until I take my Sec+ exam, and another 4 after that until I ship to BCT. In the meanwhile, I spend my days balancing study (shout out to Professor Messer), a little freelance graphic design and editing, and a few days of substitute teaching here and there to fill in the gaps.

Life is good, as is this lungo. (Which refers to the coffee, and not the slow-witted minion of remarkable strength that I keep in my employ…)

Studying is all well and good, as the materials that CompTIA and Prof. Messer put out are fairly comprehensive. Still, many gaps remain in my knowledge, and I find my head swimming by the afternoon as I attempt to memorize port numbers (I’ll come up with mnemonics for this dross if it kills me), attack vectors, and the countless acronyms that seem to infect the world of cyber.

I find that I have a fairly good grasp of all the surface level concepts, but struggle with the specifics of many areas, especially those that are focused around corporate conventions. My great disadvantage in this field is my lack of professional experience, which is something that I hope to remedy with my service in the National Guard, and my own futile attempts on homelabbing (more on that some other day.)

In the meantime I finish my coffee, and turn a passing eye to the news…

Following up on the stories that I’ve been tracking this week, we see more news sources reporting on the NY SIM farm. As more opinions chime in, I hear few voices echoing Marcus Hutchens’ skepticism. I’ll keep an eye on this on for a little while longer, but I suspect we may not receive any new developments.

In a development for the EU airport ransomware story, an unnamed man was arrested and subsequently released on bail in the UK. It will be interesting to see what, if anything, he’s charged and tried for.

In the surveillance space, more light is being shed on the role of American companies in aiding and abetting Chinese surveillance. Bipartisan voices are giving lip service to an important issue thats closer to home than some of them realize. Here in America, companies like Flock and Palantir increasingly provide the government with dangerously powerful surveillance infrastructure to capture and interrogate the data of private citizens.

Consider the recent reports of ICE using Stingrays to locate immigrants. I discussed this invasion of privacy with a family member recently, and was surprised when they expressed unequivocal support for the effort. This is a mistake. Even if you agree with the goal of a given organization (like ICE) the methods are problematic. A government agency trawling our neighborhoods and intercepting all of our communications is hugely problematic.

Imagine if an ICE van followed your mail delivery fan, and searched your letters as they were delivered. Is it any less of a violation of the 4th amendment that they are doing that to your unencrypted phone traffic? I need more coffee…