Non-paywall link https://archive.ph/ySJDe
Potato Achieved!
I did a quick search and they don't make it easy. Peter Lowe's ad and tracking server blocklist is the only one I found. EasyList doesn't seem to have a donation link, nor Dan Pollock at someonewhocares.org. Also worth noting that UBO doesn't take donations. You could always subscribe to AdGuard, but that's mixed.
The DDOS attack or the lawsuits?
If this request worked, it meant that I could use an “encryptedValue” parameter in the API that didn’t have to have a matching account ID.
I sent the request and saw the exact same HTTP response as above! This confirmed that we didn’t need any extra parameters, we could just query any hardware device arbitrarily by just knowing the MAC address (something that we could retrieve by querying a customer by name, fetching their account UUID, then fetching all of their connected devices via their UUID). We now had essentially a full kill chain.
I formed the following HTTP request to update my own device MAC addresses SSID as a proof of concept to update my own hardware:
...
Did it work? It had only given me a blank 200 OK response. I tried re-sending the HTTP request, but the request timed out. My network was offline. The update request must've reset my device.
About 5 minutes later, my network rebooted. The SSID name had been updated to “Curry”. I could write and read from anyone's device using this exploit.
This demonstrated that the API calls to update the device configuration worked. This meant that an attacker could've accessed this API to overwrite configuration settings, access the router, and execute commands on the device. At this point, we had a similar set of permissions as the ISP tech support and could've used this access to exploit any of the millions of Cox devices that were accessible through these APIs.
Blows me a away that an unauthenticated API with sensitive controls and data was publicly facing. Corporations these days want all your data but wonder why some customers are worry about how it is protected, it let alone if it's being sold. Why should I allow you to control my hardware when you can't protect yourself.
For those who are to lazy to check the link, it's an Electronic Support Measures (ESM) mast and station. Essentially a highly specialized series of antennas, receivers, and processors designed to listen for Radio Frequency transmission on the battle field. Generally used in multiples to triangulate and track.
The end is the most enlighting vs the legal losses:
With most jurisdictions dodging the questions at the heart of the case, it can create a misleading impression that things have gone well for the former president.
“The cases have gone poorly for Trump,” Derek Muller, a Notre Dame law professor who has followed the cases closely, wrote Friday in a blog post. “He lost on the merits in the only two jurisdictions that got to the merits, Colorado and Maine.”
In a different part of the thread.
The answer is essential greed, aka corporate fiduciary responsibly to increase shareholder profit.
Gomes reportedly sparred with Google over its decision to set its metrics on the total number of user queries. The former head of search reportedly balked at this metric because an improved search functionality should ideally prioritize answering users’ questions with as few clicks as possible. Google, the DOJ argued, benefits from users taking longer to search because the company can run ads against each of those queries. Around 80% of Google revenues reportedly come from advertising. If a user needs to refine their search a few times to get what they’re looking for, or if they have to scroll deeper through the results, more ads can be served to them.
Innovation can be driven by capitalism and seeking a more efficient product, but here we see where capitalism can stifle it as well. Lack of competition and regulatory capture disincentivizes innovation.
A transcript for those who prefer to read. (using flixier so forgive the lack of speaker indication and the few corrections I made.)
Transcription:
[redd]it is very unhappy that people are talking to us.
They have decided that their official position is that they will wait for us to make mistakes and then issue corrections in order to discredit our journalism.
That's straight up what they're doing.
I know this is what they're doing because we have a statement because they told us.
They told us Tim Rami, who runs coms at Reddit. This is the blanket statement will no longer comment on hearsay.
Unsubstantiated claims or baseless accusations from the verge will be in touch as corrections are needed.
Oh, my God.
I've been playing this game a long time.
We'll wait for you to make a mistake.
So then we can correct you and say your reporting was wrong is the oldest trick in the book and we are just not gonna fall for it.
So we're just gonna print this statement in every story from here on out, like that's the way it's gonna go.
If they want us to get it right they can... They can tell us what is actually happening, but I will come back to we're gonna take the people on the ground.
We're gonna take the users.
We're gonna take the moderators.
We're gonna take the employees every time.
And if you think they're wrong, you can tell us and you can explain why they're wrong.
But we're not gonna stop because you've you're running like a 1920 press playbook.
Like whatever.
Like I'm we're just gonna burn you every time and that it's that attitude.
It's this aggressive posture where people are worried and they're coming to reporters and saying,
Here are our worries.
Here's the communication we have received that makes us feel threatened.
And Reddit's response is Shut up.
That's what breaks your community.
So don't bring your submarines into the area. Brilliant!