Monday 4 January, 2021

HNY???

I saw this on Quentin’s blog. He got it in a WhatsApp feed, and so couldn’t give it an attribution. But one of his readers had a go and found an earlier version on Reddit. So, in a way, it’s sort-of generic. But it made me laugh this morning because it expresses what many people were thinking on Friday last!


Quote of the Day

ONE YEAR AGO TODAY: The World Health Organization tweeted: “China has reported to WHO a cluster of pneumonia cases — with no deaths — in Wuhan, Hubei Province. Investigations are underway to identify the cause of this illness.” (H/T Anne Alexander.) A year on, the WHO says there have been 83,322,449 confirmed cases of COVID-19 and 1,831,412 deaths.

  • From Politico this morning

Errata — Jerry Garcia and Bernard Malamud

This blog, the product of a multitasker equipped with the wrong algorithm, is prone to typos and occasional howlers — which, in general, are pointed out by sympathetic but razor-sharp readers. One, for example, pointed out an intriguing (but for a Deadhead like me deeply embarrassing) Spoonerism when Jerry Garcia of The Grateful Dead became Gerry Jarcia. And then the other day I described Bernard Malamud as a ‘playwright’ when he was, in fact, a novelist and short story writer. Many thanks to the readers who politely drew my attention to these gaffes.

When these things happen, I fondly recall Dr Johnson’s response to the indignant lady who asked him how could he have come to define “pastern” as “the knee of a horse” in his great Dictionary. “Ignorance, Madam, pure ignorance!” he replied. It’s always best to come clean.


Distant intimacy

I’ve been reading this over Christmas and really enjoying it. Raphael and Epstein are two writers I admire. But they’ve never met, nor even spoken to one another. They decided, however, as an experiment, to embark on a year-long email correspondence as a way of producing a book. As the weeks progress, one can see their friendship growing, and also appreciate the way they are egging one another on. Since they’re pretty good writers, it makes for great reading at times. They’re particularly good on their pet hates, which include Susan Sontag (Raphael) and Gore Vidal (Epstein). Here’s the latter on Vidal:

Gore Vidal is now in his early eighties and is perhaps best likened to a car with a dead engine whose horn nonetheless keeps sounding off. His act has been that of the crusty American aristocrat — Henry Adams with a bit of Edmund Wilson thrown in, the Wilson who claimed to look at Life magazine and not recognise the America in which he grew up — who finds his country vulgar, make that greedy, vile and vastly ignorant. The twist Vidal rang on this great American crank act was to hate America from the left instead of, more traditionally for this role, from the right. Nothing in the country he couldn’t look down his nose upon: its politics, its literature, its entertainment, above all its people. All this was admixed with a strong homosexual strain; Vidal used to call himself a “homosexualist,” a term that always reminded me of “aerialist”.


Music

Zadok the Priest | Choir of Westminster Abbey

Link

If that’ll doesn’t get you going on the first working day of 2021 then nothing will!


How to Get Rich Sabotaging Nuclear Weapons Facilities

With every passing day, assessment of the extent of the damage caused by Russia’s penetration of one company’s software update grows more sombre. But not enough attention has been focussed on the software company whose laxity let the hackers in — SolarWinds.

Matt Stoller has done sterling work in remedying this omission.

The point of entry for this major hack was not Microsoft, but a private equity-owned IT software firm called SolarWinds. This company’s products are dominant in their niche; 425 out of the Fortune 500 use Solar Winds. As Reuters reported about the last investor call in October, the CEO told analysts that “there was not a database or an IT deployment model out there to which [they] did not provide some level of monitoring or management.” While there is competition in this market, SolarWinds does have market power. IT systems are hard to migrate from, and this lock-in effect means that customers will tolerate price hikes or quality degradation rather than change providers. And it does have a large market share; as the CEO put it, “We manage everyone’s network gear.”

SolarWinds sells a network management package called Orion, and it was through Orion that the Russians invaded these systems, putting malware into updates that the company sent to clients. Now, Russian hackers are extremely sophisticated sleuths, but it didn’t take a genius to hack this company. It’s not just that criminals traded information about how to hack SolarWinds systems; one security researcher alerted the company last year that “anyone could access SolarWinds’ update server by using the password “solarwinds123.’”

The New York Times had a story about one “security adviser” at SolarWinds, who said that he warned management … that unless it took a more proactive approach to its internal security, a cybersecurity episode would be “catastrophic.” The executive in charge of security quit in frustration. Even after the hack, the company continued screwing up; SolarWinds didn’t even stop offering compromised software for several days after it was discovered.

This level of idiocy seems off-the-charts, says Mr Stoller, but it’s not that the CEO, Kevin Thompson, is stupid.

Far from it. “Employees say that under Mr. Thompson,” the Times continued, “an accountant by training and a former chief financial officer, every part of the business was examined for cost savings and common security practices were eschewed because of their expense.” The company’s profit tripled from 2010 to 2019. Thompson calculated that his business could run more profitably if it chose to open its clients to hacking risk, and he was right.

And yet, not every software firm operates like SolarWinds. Most seek to make money, but few do so with such a combination of malevolence, greed, and idiocy. What makes SolarWinds different? The answer is the specific financial model that has invaded the software industry over the last fifteen years, a particularly virulent strain of recklessness typically called private equity.

Of all the abuses of neoliberal capitalism in recent decades, private equity seems to me to head the list. The argument for it is that it provides a kind of corrective to lazy and incompetent management of viable businesses. In practice, much of the activity of private equity investors looks more like that of termites tearing an ageing wooden building apart.

Of course I’m prejudiced. Compared to Mr Stoller, though, I’m a Panglossian optimist. Private equity investors are, he writes,

financiers who raise large amounts of money and borrow even more to buy firms and loot them. These kinds of private equity barons aren’t specialists who help finance useful products and services, they do cookie cutter deals targeting firms they believe have market power to raise prices, who can lay off workers or sell assets, and/or have some sort of legal loophole advantage. Often they will destroy the underlying business. The giants of the industry, from Blackstone to Apollo, are the children of 1980s junk bond king and fraudster Michael Milken. They are essentially are super-sized mobsters who burn down businesses for the insurance money.

Except that in this case they seem to have burned down not just a lot of companies who depended on SolarWinds software, but a good deal of the US government as well.


Other, hopefully interesting or useful, links

  • The immediate future of European travel for British Citizens. Useful info. Link

  • The Mediterranean nearly dried up. A cataclysmic flood revived it. Wow! Who knew? Link


This blog is also available as a daily email. If you think this might suit you better, why not subscribe? One email a day, delivered to your inbox at 7am UK time. It’s free, and there’s a one-click unsubscribe if you decide that your inbox is full enough already!