SECRETARY OF DEFENSE
1000 DEFENSE PENTAGON
WASHINGTON , DC 20301 - 1000
JANUARY 2021
CLASSIFIED: TOP SECRET - NOT FOR PUBLIC RELEASE
SUBJECT: RUSSIAN HACKINGS OF FEDERAL GOVERNMENT ASSETS
Throughout 2020, the United States received intelligence that Russian hackers have
infiltrated secure government databases and servers, including those located in The Pentagon, the
Intelligence Community, the US Treasury, the Department of Homeland Security, the Commerce
Department, and Health and Human Services. Within the servers affected, 18,000 US
organizations had malicious code in their networks; 50 of them suffered major breaches. As of
the 13th of December, when this knowledge was made known to US officials, the Cybersecurity
and Infrastructure Security Agency (CISA) has been working tirelessly to secure networks and
alleviate any vulnerabilities in the systems that were affected. Russia has denied responsibility
for such hackings.
This hacking poses a major threat to US cybersecurity, as it is one of the most significant
hackings in modern history. The Department of Defense, Homeland Security, and CISA have
urged Congress to take action against this emerging threat. In response, Congress has introduced
the following piece of legislation, named after an essential cybersecurity tool: A Bill to
C.A.P.T.C.H.A. (Create a Procedure to Combat Hacker Attacks). It is your responsibility as
Congress to come to a decision on this legislation before more damage is done.
Sounds like BS to me. Anyone can host PDFs on AWS and spoof US government agencies, look up C.A.P.T.C.H.A. Congress. No hits for it. Did Russia hack into US government servers? Probably. Nonetheless, this reads like a scare piece and not a legitimate communication from the DoD.
It also names no names and gives no details, which is odd for something intended to be so internal. Even more damning, it’s addressed to congress, which famously leaks like a sieve.
It’s interesting scrolling through the search results. Seems like a lot of schools, municipalities, and the Philippines have a problem with distinguishing between confidential and public.
Let’s say it takes half a second to copy/paste and submit the message. That’s 50 seconds saved, round it to one minute. You’re only doing it once, so let’s cross over to yearly. According to the Munroe Automation Scale, you can spend up to 5 minutes on it.
I’d say that code took about 1 minute to write. Maybe 2.
Caveat: This is all written assuming the message is being written on a computer with a real keyboard. But if we’re assuming this is written on a phone, then my analysis doesn’t apply, but then again, writing a java program to execute in your messaging app is also a terrible idea. Which means we’re suspending disbelief, so I choose to believe that a computer keyboard and shortcuts are available.
Type the phrase once. Select all. copy, paste, paste (the first paste replaces what you already have highlighted, the second paste adds a second copy). Now you have 2. Control + A, Control + C, Control + V… Now you have 4.
It will take you only 7 cycles of this get 128*, you only need to copy/paste it one by one if you want to send each message separately. and even then, it’s would purely be copy the original, then paste, send, paste, send, paste send, paste, send.
Assuming you can hold down control and just hit ACVV 7 times, that’s 28 keystrokes. I’d bet I can get that done in 5 seconds or less (i tried it, it’s less than that), so now I only save 5 seconds. Which means I only get 25 seconds to write the script. Which he chose to write in java for some reason?
[print(“I’m sorry”) for x in range(0, 100)] is actually a script I could write in less than 25 seconds.
*And I disagree with the “reason 4” given. She didn’t say “exactly 100 times” she said “100 times before I forgive you” and to me, “before” implies >= and not ==. So if you drop it in 128 times, that exceeds the criteria. No one has ever rescinded forgiveness for receiving extra apologies.
Probably more importantly, it runs on the JVM and is designed to interoperate with existing Java code. (FWIW, I actually think they made a major mistake in how they handle null Java objects, and that Kotlin did better here; but Kotlin is much newer.)
Every time I go into the office we take like 5 coffee breaks throughout the day. Some coworkers have switched from pods to espresso machines to bring down the cost per cup.
Is it just my team? I feel like this is pretty common.
How long ago? ROOT (and other frameworks like GEANT) using C++ has been the standard for over 15 years, but probably longer. I think my advisor was of the last generation that had to write in Fortran.
I used to have a big list of gender ambiguous names I’d use for examples. So I’d use “Alex” and “Blake” or something like that. It also had some non-anglo names on it, just to spice things up.
In comp sci papers there’s a few other common example people. “I” for intruder or imposter (Irene, Isaac). “M” often for malicious or middle-person (Mal). There’s a few more im forgetting now.
programmer_humor
Top
This magazine is from a federated server and may be incomplete. Browse more on the original instance.