anand_venkatanarayanan - Network

The AIIMS Ransomware attack which is not a ransomware attack. Quite amused about media articles in India. They all think that you sanitize a...

The AIIMS Ransomware attack which is not a ransomware attack. Quite amused about media articles in India. They all think that you sanitize a ransomware by spraying disinfectant on a hospital floor.

The AIIMS ransomware attack is very interesting. It is a premier hospital where several state heads get routinely treated and it had lost...

The AIIMS ransomware attack is very interesting. It is a premier hospital where several state heads get routinely treated and it had lost complete control of the primary backup and also the entire patient and health database. And yet there is no ransom demand yet.

My theory is that this is not a ransomware operation and is a dossier collection operation.

I am slightly surprised about this breach notification on the public domain. Because the nature of the Indian state and it's corporate...

I am slightly surprised about this breach notification on the public domain.

Because the nature of the Indian state and it's corporate culture is that, they deny everything and go after anyone who writes about the breaches with vengeance.

(Personal experience from the days of reporting the Nuke reactor breach by the North Koreans).

https://techcrunch.com/2022/11/18/cdsl-malware-internal-systems/

Twitter content safety now marking critical articles on the party as "Spammy". This is most interesting tactic because it is not...

Twitter content safety now marking critical articles on the party as "Spammy". This is most interesting tactic because it is not moderation or suppression, but still achieves the same effect.

At this point in time, I guess anything goes.

Douek making mistake here. The way in which things work is not just by the law, but also through extra-judicial approaches. For instance,...

Douek making mistake here. The way in which things work is not just by the law, but also through extra-judicial approaches. For instance, you might not get a job, your employment might cease, your landlord will throw you out, your house will be visited by goons etc.

When you combine that with the law, you are basically done. The law is just a tiny part of the overall armory. The extra judicial approaches do almost all the other work.

The legal team is 100% done. It is hard enough to run a court case against the govt already and with this level of cuts, I would be...

The legal team is 100% done. It is hard enough to run a court case against the govt already and with this level of cuts, I would be surprised if they even show up in the court.

Going to jail because you work in tech company managing content moderation is a real risk here in India. Some of us knew these details long...

Going to jail because you work in tech company managing content moderation is a real risk here in India. Some of us knew these details long time ago and kind of figured that these issues will now pop up more often.

https://time.com/6230338/twitter-india-elon-musk-free-speech/

My top rated impersonation bug, created/implemented/outed with the CEO's blessing. Where else can you see this type of bug in real time?

My top rated impersonation bug, created/implemented/outed with the CEO's blessing. Where else can you see this type of bug in real time?

I mean look at how fast things escalated. https://twitter.com/alanisnking/status/1590870005968621568

I mean look at how fast things escalated.

https://twitter.com/alanisnking/status/1590870005968621568

I have spent a long time on Identity scams in India and one thing I learnt is "Everything is hard to do at scale for the defenders...

I have spent a long time on Identity scams in India and one thing I learnt is "Everything is hard to do at scale for the defenders until attackers figure out how".

https://twitter.com/yoyoel/status/1589804652589379585