I couldn’t tweet a better description than the headline for this piece: After SolarWinds breach, lawmakers ask NSA for help in cracking Juniper cold case.

For those who haven’t heard this story, the context here is back in 2015 hackers broke into the source code repository of Juniper’s NetScreen firewalls and introduced serious vulnerabilities. 1/
Everyone has heard of the SolarWinds supply chain attack, but almost nobody outside our little community remembers Juniper. We don’t even know who the ultimate victim was. And there’s a reason for that. 2/
The reason is simple: following the Juniper hack, the FBI and Juniper put a tight lid on everything. Nobody, including members of Congress, were able to get straight answers about who did it or what the target was. So it vanished from our collective memory. 3/
This has real consequences. To some extent our lack of preparedness for SolarWinds is a direct result of our government’s decision to pretend that the previous major supply-chain attacks didn’t happen. 4/
Why has the Juniper attack been buried by secrecy? There are two possible answers. One has to do with the nature of the hack, which very likely repurposed an existing backdoor in NetScreen firewalls. The other has to do with the ultimate target. 5/
Regarding the first, we know that Juniper included a *likely* crypto backdoor based on an NSA algorithm called Dual_EC_DRBG even before the hack. We also know that the attackers repurposed that code to use new public keys of their choosing. This is very embarrassing. 6/
(We know this because people on Twitter and co-authors of mine were able to reverse engineer the details from the published firmware images. See here for a nice explanation. https://t.co/CPHw8oA6zA)
The second answer to “why was this buried” is much more speculative. It has to do with the identity of the actual target(s) that were attacked using the NetScreen vulnerabilities. We don’t know who they are, and they might be important. 8/
I continue to harbor the conspiracy theory that the Office of Personnel Management hack was in some way related to Juniper, based solely on the timing and some equipment manifests from that agency. I’m probably wrong, but that would be a hell of a reason to cover things up. 9/
The point here is that with attacks like this and a secrecy response, we’re screwed. Until we know what happened in these cases, we can’t learn from it. This makes us defenseless, and you can bet our adversaries prefer it that way. 10/
It’s as though the US government decided to react to Pearl Harbor by covering things up. You have to imagine that history would look a lot different. Hopefully we’ll stop making this mistake. //fin

More from Law

A Call for Help!
1. we have a petition/open letter for the WHO
https://t.co/Bie8pUy7WJ
2. 372 people signed it but we want to boost it
3. I post link ascomment on related YT videos
Tks @KevinMcH3 for the tip
4. You can help by liking the comments
5. That will increase visibility!


6. Links for YT videos with comments are here
1. China curtails hunt for virus origins
https://t.co/NhcYdtsd2Y
2. China: nearly 500,000 may have been infected in Wuhan
https://t.co/KRUQ5hFrii
3. WHO becomes US-China battleground | DW Documentary
https://t.co/8ah8M8bpiB


4. Gravitas: The 'hidden hunt' for COVID-19 origins
https://t.co/hHhhUqgPYt
5. Seeking the invisible: hunt for origins of deadly Covid-19 coronavirus will take scientists to Wuhan
https://t.co/tCPQqjUZF3
6. WHO team to probe COVID-19 origins in

7. How forensic researchers track down origins of SARS-CoV2
https://t.co/r7A1lkr5li
8. Bats, roadblocks & the origins of coronavirus - BBC
https://t.co/Kh9jacC54t
9. New coronavirus strain is far more infectious and spreading among young - BBC

10. https://t.co/OcpAZ9nrl3
11. https://t.co/OcpAZ9nrl3
12. https://t.co/OcpAZ9nrl3
13. https://t.co/PhmoSfvbD8
14. https://t.co/TsvB7SYN2c
15. https://t.co/0o5YbmiUbJ
16. https://t.co/ir7QiwmlWt
17. https://t.co/PTT3KZDi8F
18.

You May Also Like

A brief analysis and comparison of the CSS for Twitter's PWA vs Twitter's legacy desktop website. The difference is dramatic and I'll touch on some reasons why.

Legacy site *downloads* ~630 KB CSS per theme and writing direction.

6,769 rules
9,252 selectors
16.7k declarations
3,370 unique declarations
44 media queries
36 unique colors
50 unique background colors
46 unique font sizes
39 unique z-indices

https://t.co/qyl4Bt1i5x


PWA *incrementally generates* ~30 KB CSS that handles all themes and writing directions.

735 rules
740 selectors
757 declarations
730 unique declarations
0 media queries
11 unique colors
32 unique background colors
15 unique font sizes
7 unique z-indices

https://t.co/w7oNG5KUkJ


The legacy site's CSS is what happens when hundreds of people directly write CSS over many years. Specificity wars, redundancy, a house of cards that can't be fixed. The result is extremely inefficient and error-prone styling that punishes users and developers.

The PWA's CSS is generated on-demand by a JS framework that manages styles and outputs "atomic CSS". The framework can enforce strict constraints and perform optimisations, which is why the CSS is so much smaller and safer. Style conflicts and unbounded CSS growth are avoided.
1

From today, we will memorize the names of 27 Nakshatras in Vedic Jyotish to never forget in life.

I will write 4 names. Repeat them in SAME sequence twice in morning, noon, evening. Each day, revise new names + recall all previously learnt names.

Pls RT if you are in.

2

Today's Nakshatras are:-

1. Ashwini - अश्विनी

2. Bharani - भरणी

3. Krittika - कृत्तिका

4. Rohini - रोहिणी

Ashwini - अश्विनी is the FIRST Nakshatra.

Repeat these names TWICE now, tomorrow morning, noon and evening. Like this tweet if you have revised 8 times as told.

3

Today's Nakshatras are:-

5. Mrigashira - मृगशिरा

6. Ardra - आर्द्रा

7. Punarvasu - पुनर्वसु

8. Pushya - पुष्य

First recall previously learnt Nakshatras twice. Then recite these TWICE now, tomorrow morning, noon & evening in SAME order. Like this tweet only after doing so.

4

Today's Nakshatras are:-

9. Ashlesha - अश्लेषा

10. Magha - मघा

11. Purvaphalguni - पूर्वाफाल्गुनी

12. Uttaraphalguni - उत्तराफाल्गुनी

Purva means that comes before (P se Purva, P se pehele), and Uttara comes later.

Read next tweet too.

5

Purva, Uttara prefixes come in other Nakshatras too. Purva= pehele wala. Remember.

First recall previously learnt 8 Nakshatras twice. Then recite those in Tweet #4 TWICE now, tomorrow morning, noon & evening in SAME order. Like this tweet if you have read Tweets #4 & 5, both.