The Internet is at a tipping point, here’s what you’ve probably never heard coming next.

Time for a thread 👇👇👇

Linux code injection paint-by-numbers.

Can we launch a process that looks one way to (superficial) auditors but is, in fact, entirely different? (Think process hollowing and the like on Windows).

Firstly, how are processes created and what does related auditing look like?

The most common pattern is fork() → execve(). Where the fork() syscall create a duplicate of the running process context and execve() overlays a copy of the target program onto that context.

After calling fork(), we’ll have two processes, the original one and a new - duplicated - one (with a new pid).

Control will return from fork() to both process instances. In the child process, the return value will simply by 0, in the parent it will hold the pid of the child.

Thus we can determine whether we are running in the child context and call execv() accordingly, while allowing the parent to continue.

Now, let’s take a look at where the auditing hooks lie. From calling execve(), we’ll eventually land up in exec_binrpm().

Only 1 / 67 antivirus engines list SUNBURST backdoor as malicious - SolarWinds.Orion.Core.BusinessLayer.dll https://t.co/taaiUtSJzR #SUNBURST #UNC2452

SolarWinds' digital certificate hasn't been revoked yet.

The full compromised package is still being hosted online as well 😓 hxxps://downloads.solarwinds[.]com/solarwinds/CatalogResources/Core/2019.4/2019.4.5220.20574/SolarWinds-Core-v2019.4.5220-Hotfix5.msp

Job class within the backdoored #Sunburst DLL is pretty straight forward and aligns with @FireEye's analysis. CollectSystemDescription:

DeleteFile

Facebook -- having taken out full-page ads in the NYT, Washington Post, and WSJ -- is generally seen as the primary victim of the new app privacy controls coming in iOS14. But Google is perhaps even more vulnerable to ATT. Why has Google remained silent? (1/X)

2/ First, background: here's a high-level overview of how ATT / IDFA deprecation impacts advertisers and ad networks, and why this whole ordeal has put advertisers and ad networks into a state of panic:

3/ Google is equally as susceptible to harm from ATT as Facebook. Google's UAC product -- esp its tROAS and tCPA campaign objectives -- relies as much on IDFA-indexed monetization and engagement data as FB's mobile product does. But Google has one big weakness wrt ATT: YouTube

4/ Broadly, view-through attribution accounts for a disproportionate % of conversions from YouTube app install impressions. This means: user sees the YT ad, doesnt click, downloads app later, & Google is able to claim it by reconciling IDFA seen at impression to IDFA seen in app

5/ View-through attribution is nonexistent in the ATT paradigm as it relies on the IDFA; some significant portion of YT's attributed conversions will evaporate. So why isnt Google vocally opposing ATT? Two reasons: consumer optics and its duality as ad network / mobile platform

How to Remove Background Images

Photoshop is one of the best software for manipulating images (editing). This software made by the Adobe company has proven effective in producing new edited images that are different from the original. One of the most common types of photo editing in Photoshop is removing the.

Play is our future

Skill is measurable w/ two resources 1) time, 2) energy

Players whose actions make better use of these resources can be defined as optimal. This is not subjective

Time (faster)/overload/conscious/stress
Energy(easier)/underload/unconscious/low anxiety

Orgel's First Rule:

"Whenever a spontaneous process is too slow or too inefficient a protein will evolve to speed it up or make it more efficient."

Faster (speed/strength)-Deliberate Practice
Easier--Play

Overload (D.Practice) builds faster=hypertrophy and results in measurable selection resulting in problems such as Relative Age Effect, and players with very fast cars saddled with inexperienced drivers

It's more likely to be wrapped around a tree than finish the race.

as Orgel says, if we allow it, play will produce faster and easier

Kids in play build the driving sills first, in Go Karts, like Ayrton Senna

Big brains, slow cars, easier

But where speed is limited by physics,

Ideas are plentiful and under resourced in US youth sport

Almost every coach will agree w/ the following

Competition is important
Training is more important than games
Play is more important than both

But,

the big thing is to keep the big thing the big thing