step 1: build a professional-looking, ad-free site that will perform formatting and validation on a wide variety of file types used for configuration and data transfer (.properties, YAML, .config, JSON, etc), and decrypt file contents if people will just paste in their handy dandy private key/shared secret/etc. Yes, there are already sites for this stuff, but they're fairly scattered and ad-infested.

step 2: perform whatever SEO skullduggery is needed to get your site to the top of the Google search rankings.

step 3: once your site has established itself, pass every single thing that gets pasted into it to a backend service. If you wanna be coy about it, continue doing the validation in Javascript and pretend that the backend calls are metrics. Listen, if you make the URL something like https://admin.yourhosthere.com/datadog-agent then 90% of devs are gonna go 'yeah that seems legit, it's just my good friend Datadog :)' and investigate no further.

step 4: parse every message for strings like 'username' and 'password'.

step 5: now that you have production credentials for about 40% of international corporations and governments, hold the planet hostage.

step 6: rule the world from a flying volcano lair staffed with jumpsuit-wearing henchmen.

(traditionally the henchmen would come before the world conquest, but like most things, supervillainy has gone through massive changes thanks the internet)

Ash Logistics and Traders Pvt Ltd is one of the Leading Logistics company in India that offers Cost-Effective, Customized and end to end containerized exim transportation to 800+ growing National and International Industries. Containerization in transportation has revolutionized global trade by making the process more efficient, secure, and cost-effective. To know more : https://ash-logistics.com Contact us : +91 95790 95790 E-mail Id : [email protected]

For those who are not aware: Bitlocker is encryption software, it encrypts your computer and makes it impossible to access the information on the computer unless you have the key.

It should be standard practice for IT companies to document the bitlocker keys as they are configuring bitlocker on a computer; generally you would do this by creating a record in your client management software for that specific device and putting the key in the record. Sometimes software can be used to extract that information in the event that it's necessary, but even if there's theoretically a way to extract the key, it should be documented somewhere *other* than on the encrypted computer.

This is something that a lot of IT people fuck up on kind of a lot (we've definitely had problems with missing bitlocker keys and I'm quite happy that the people who didn't document those keys aren't my coworkers anymore).

So what do you do if you want to use encryption software and you're NOT an IT company using a remote management tool that might be able to snag the keys?

When you are setting up encryption, put the encryption key in your password manager. Put it in your password manager. Document the important information that you cannot lose in your password manager. Your password manager is a good place to keep important things like your device encryption key, which you do not want lost or stolen. (If you run your password manager locally on an encrypted computer, export the data every once in a while, save it as an encrypted file, and put the file on your backup drive; you are going to have a bad time if your computer that hosts the only copies of your passwords shits the bed so *make a backup*)

This is my tip for home users for any kind of important recovery codes or software product keys: Print out the key and put it in your underwear drawer. Keep it there with your backup drive. That way you've got your important (small) computer shit in one place that is NOT your computer and is not likely to get shifted around and lost (the way that papers in desks often get shifted around and lost).

Spain lied about not selling weapons to Israel.

Even after October 7th, Spain has sold more than 1 million € of weapons to Israel. Norway and Finland make it possible.

In January, Spain made headlines word-wide when the government's Minister of Exteriors, José Manuel Albares (PSOE), claimed in Congress and later again in a radio interview that Spain had stopped selling weapons to Israel ever since October 7th. Israel's intensification of violence in Gaza following October 7th meant that, on top of decades of apartheid and ethnic cleansing, between October 7th and January 23rd Israel had already killed 28,000 people and forced 2 million out of their home. In this context, many people were demanding their governments stop arming and funding the genocide of the Palestinian people, and here on Tumblr and other social media sites like Twitter I think we all saw the many posts praising the Spanish government for this.

Well, it turns out it was a lie.

According to Albares, "Since October 7th there are no more weapons exportations [from Spain] to Israel". But in November alone, Spain exported weapons to Israel for 987,000€, as was published on the Spanish Government's official website dedicated to exterior commerce (Comex). A researcher from Centre Delàs (an independent centre for peace studies) found it and published it, and it has also been verified by newspapers such as elDiario.es.

This 987,000€ worth of weapons in November was not the only ammunition that Spain has sent to Israel in 2023. In 2023, Spain exported a total of 1.48 million € in war material to Israel.

All of the weapons sent in November come from the factory of Nammo Palencia (Castilla y León), a corporation that is 50% property of the Government of Norway and 50% owned by a public Finnish business. However, even if the owners are foreigners, the ammunition was sent from Spain and thus it had to be authorized by the an organism of the Spanish Government named Junta Interministerial de Defensa y Doble Uso, whose deliberations on whether a weapons exportation is accepted or denied are kept secret. The only cases where they have denied exporting weapons to Israel have been when they thought that Israel would re-sell these weapons to the Philippines.

Spain has had a close relation with Israel for years. As published by the Spanish Government, Spain has sold 20 million € of weapons to Israel between 2012 and 2022. Spain also buys weapons and military software from Israel (for example, the Spanish Intelligence Service has been using the Israeli software Pegasus to illegally spy on Catalan activists, journalists, politicians and civil society members and their relatives to attack the Catalan independence movement), and Spain has continued buying from Israel and allocating defense contracts to Israel even after the October 7th attacks. It is very difficult to track the concessions of public contracts such as buying weapons, but some contracts have been known. For example, on November 24th 2023, Spain bought 287.5 million € of missiles from Israel. This is not unusual: between 2011 and 2021, it is publicly known that Spain bought war material from Israel for at least 268 million €, but experts say that the real number could be two or three times as much.

Spain has also continued allocating concessions to Israel. For example, on December 15th 2023 Spain allocated a contract worth over 576 million € to Israel for a rocket launcher programme. On November 22nd, Spain allocated another another Israeli company to provide missiles for 237 million € at the same time as the Spanish army bought Israeli inhibitors for 1.4 million €. The very next day, November 23rd, Spain signed another military allocation to Israel for 82,600€. The following week, Spain signed yet another allocation with a different Israeli military corporation for 3.7 million €.

Spain also allows Israeli weapon manufacturing companies to produce weapons through their branches located in Spain. This way, Israeli weapons make their way to markets with which Israel doesn't have diplomatic ties but Spain does, like Saudi Arabia. And since Spain is a member of NATO, Israeli weapons produced in Spain are approved according to NATO standards and access it easily. In the same way, these Israeli weapons manufacturers also access European Union defense funds through their branches in Spain. (source).

As I said, I saw a lot of positive posts around when Albares said Spain was going to embargo, but I haven't seen any post about how they didn't do it. I also (personally) haven't seen anything on international media, and barely anything on Spanish media, which is already busy with the PSOE covid material corruption scandal. So I share this in the hope of helping put pressure on Spain to cut all ties with Israel immediately.

SHAME ON EVERYONE WHO GIVES ISRAEL THE MATERIAL AND MONEY THAT WILL BE USED TO MASSACRE THE PALESTINIAN PEOPLE. SHAME ON SPAIN, NORWAY, AND FINLAND.

Canada shouldn’t retaliate with its US tariffs

Picks and Shovels is a new, standalone technothriller starring Marty Hench, my two-fisted, hard-fighting, tech-scam-busting forensic accountant. You can pre-order it on my latest Kickstarter, which features a brilliant audiobook read by Wil Wheaton.

Five years ago, Trump touted his "big, beautiful" replacement for NAFTA, the "free trade agreement" between the US, Mexico and Canada. Trump's NAFTA-2 was called the USMCA (US-Mexico-Canada Agreement) and it was pretty similar to NAFTA, to be honest.

That tells you a couple things: first, NAFTA was, broadly speaking a good thing for Trump and the ultra-wealthy donors who backed him (and got far richer as a result). That's why he kept it intact. NAFTA and USMCA are, at root, a way to make rich people richer by making poorer people poorer. Trump's base hated NAFTA because they (correctly) believed that it was being used to erode wages by chasing cheaper labor and more lax environmental controls in other countries. Neither NAFTA nor USMCA have any stipulations requiring exported goods to be manufactured by unionized workers, or in factories with robust environmental and workplace safety rules.

The point of NAFTA/USMCA is to goose profits by despoiling the environment, maiming workers, stealing their wages, paying them less, all while poisoning the Earth. Trump's "new" NAFTA was just the old NAFTA with some largely cosmetic changes so that Trump's base could be (temporarily) fooled into thinking Trump was righting the historic wrong of NAFTA.

However, there was one part of USMCA that marked a huge departure from NAFTA: the "IP" chapter. USCMA bound Canada and Mexico to implementing brutal new IP laws. For example, Mexico was forced to pass an anti-circumvention law that makes it a crime to tamper with "digital locks." This means that Mexican mechanics can't bypass the locks US car companies use to lock-out third party repair. Mexican farmers can't fix their own tractors. And, of course, Mexican software developers can't make alternative app stores for games consoles and mobile devices – they must sell their software through US Big Tech companies that take 30% of every sale:

https://pluralistic.net/2020/09/09/free-sample/#que-viva

Shamefully, Canada had already capitulated to most of these demands. Two Canadian Conservative Party politicians, Tony Clement and James Moore, had sold the country out in 2012, throwing away 6,138 negative responses to a consultation on a new DRM law (on the grounds that they were "babyish" views of "radical extremists"), siding instead with the 54 cranks and industry shills who supported their proposal:

https://pluralistic.net/2024/11/15/radical-extremists/#sex-pest

When Canadian politicians are pressed on why these anti-interoperability policies are good for Canada, they'll say that it's a condition of free trade, and the benefits of being able to export Canadian goods to the US without tariffs outweigh the costs of having to pay rents to American companies for consumables (like car parts or printer ink), repair, and software sales.

Sure, when Canadian software authors sell iPhone apps to Canadian customers, the payments take a round trip through Cupertino, California and return 30% short. But Canadian consumers get to buy iPhones without paying tariffs on them, and the oil, timber, and minerals we rip out of the ground can be sent to America without tariffs, either (oh, also, a few things that are still manufactured in Canada can do this, too).

Enter Trump, carrying a 25% tariff on all Canadian goods, which he has vowed to impose on his first day in office. Obviously, this demands a policy response. What should Canada do when Trump tears up his "big, beautiful" trade deal and whacks Canadian exporters? One obvious response is to impose a 25% retaliatory tariff on American exporters:

https://mishtalk.com/economics/canada-says-it-will-match-us-tariffs-if-trump-launches-trade-war/

After all, Canada and the US are one another's mutual largest trading partners. American businesses rely on selling things to Canadians, so a massive tariff on US goods will certainly make some of Trump's business-lobby backers feel pain, and maybe they'll talk some sense into him.

I think this would be a huge mistake. The most potent political lesson of the past four years is that politicians who preside over rising prices – regardless of their role in causing them – will swiftly feel the wrath of their voters. The public is furious about inflation, whether it comes from transient covid supply chain shocks, Russia's invasion of Ukraine, or cartels using "inflation" as cover for illegal, collusive price-gouging.

Canadians are very reliant on American imports of finished goods. That's another legacy of NAFTA: it crashed Canada's manufacturing sector. Canadian manufacturing companies treated the US as a "nearshore" source of non-union labor and weak environmental and safety rules, and shipped Canadian union jobs to American scabs. Canada's economy is supposedly now all about "services" but what we really export is stuff we tear out of the Earth.

Countries that are organized around resource extraction don't need fancy social safety nets or an educational system capable of producing a high-tech workforce. All you need to extract resources is a hole in the ground surrounded by guns, which explains a lot about shifts to the Canadian political climate since the Mulroney years.

Since Canada is now substantially reorganized as an open-pit mine for American manufacturers, cutting off American imports would drive the prices of everyday good sky-high, and would be political suicide.

But there's another way.

Because, of course, Canada – like any other country – has the capacity to make all kinds of things, including high-tech things. Sure, it's unlikely that Canada will launch another Research in Motion with a Blackberry smart-phone that will put the iPhone and Android in the shade. The mobile duopoly has the market sewn up, and can use predatory pricing, refusal to deal, and other anticompetitive tactics to strangle any competitor in its cradle.

But you know what Canada could make? A Canadian App Store. That's a store that Canadian software authors could use to sell Canadian apps to Canadian customers, charging, say, the standard payment processing fee of 5% rather than Apple's 30%. Canada could make app stores for the Android, Playstation and Xbox, too.

There's no reason that a Canadian app store would have to confine itself to Canadian software authors, either. Canadian app stores could offer 5% commissions on sales to US and global software authors, and provide jailbreaking kits that allows device owners all around the world to install the Canadian app stores where software authors don't get ripped off by American Big Tech companies.

Canadian companies like Honeybee already make "front-ends" for John Deere tractors – these are the components that turn a tractor into a plow, or a thresher, or another piece of heavy agricultural equipment. Honeybee struggles constantly to get its products to interface with Deere tractors, because Deere uses digital locks to block its products:

https://honeybee.ca/

Canada could produce jailbreaking kits for John Deere tractors, too – not just for Honeybee. Every ag-tech company in the world would benefit from commercially available, professionally supported John Deere jailbreaking kits. So would farmers, because these kits would restore farmers' Right to Repair their own tractors:

https://pluralistic.net/2022/05/08/about-those-kill-switched-ukrainian-tractors/

Speaking of repair: Canadian companies could jailbreak every make and model of every US automobile, and make independent, constantly updated diagnostic tools that every mechanic in the world could buy for hundreds of dollars, rather than paying the five-figure ransom that car makers charge for their own underpowered, junk versions of these tools.

Jailbreaking cars doesn't stop with repair, either. Cars like the Tesla are basically giant rent-extraction machines. If you want to use all the "features" your Tesla ships with – like access to the full charge on your battery – you have to pay tens of thousands of dollars in subscription fees over the life of the car, and when you sell your car, all that "downloadable content" is clawed back. No one will pay extra to buy your used Tesla just because you spent thousands on manufacturer upgrades, because they're all downgraded when you sign over the pink slip.

But Canadian companies could make jailbreaking kits for Teslas that unlock all the features in the car for a single low price – and again, they could sell these to every Tesla owner in the world.

Elon Musk doesn't invent anything, he just takes credit for other people's ideas, and that's as true of bad ideas as it is for good ones. Musk didn't invent the extractive Tesla rip-off: he stole it from inkjet printer companies like HP, who have used the fact that jailbreaking is illegal to turn printer ink into the most expensive fluid in the world, selling for more than $10,000/gallon.

Canadian companies could sell jailbreaking kits for inkjet printers that disconnect them from "subscription" services and disable the anti-features that check for and reject third party ink. People all over the world would buy these.

What's standing in the way of a Canadian industrial policy that focuses on raiding the sky-high margins of American monopolists with third-party add-ons, mods and jailbreaks?

Only the IP laws that Canada has agreed to in order to get tariff-free access to American markets. You know, the access that Trump has promised to end in less than a week's time?

Canada should tear up these laws – and not impose tariffs on American goods. That way, Canadians can still buy cheap American goods, and then they can save billions of dollars every year on the consumables, parts, software, and service for those goods.

This is hurting American big business where it hurts – in the ongoing rents it extracts from Canadians through IP laws like Bill C-11 (the law that bans jailbreaking). Canada could become a global high-tech export powerhouse, selling "complementary" goods that disenshittify all the worst practices of US tech monopolists, from car parts to insulin pumps.

It's the only kind of trade war that Canadian politicians can win against Americans: the kind where prices for Canadians don't go up because of tariffs; where the price of apps, repair, parts, and upgrades goes way down; and where a new, high-tech manufacturing sector pulls in vast sums from customers all over the world.

Canada can win this kind of war, even against a country as big and powerful as the USA. After all, we did it once before:

https://www.youtube.com/watch?v=5CK3EDncjGI

Check out my Kickstarter to pre-order copies of my next novel, Picks and Shovels!

If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2025/01/15/beauty-eh/#its-the-only-war-the-yankees-lost-except-for-vietnam-and-also-the-alamo-and-the-bay-of-ham

The genocide is also experimentation on living beings

Israel is currently testing new weapons in Gaza, some of which will soon be sold globally as "battle-tested," according to Antony Loewenstein, an author who has written a widely acclaimed book on the issue.

For years, the Israeli defense sector has used Palestine as a laboratory for new weapons and surveillance tech, he told Anadolu, adding that this is also the case in the current ongoing war on Gaza.

One of the main reasons why "many nations, democracies and dictatorships support Israeli occupation" of Palestine is because it allows them to buy these "battle-tested" weapons, asserted Loewenstein, author of The Palestine Laboratory: How Israel Exports the Technology of Occupation Around the World.

Another aspect of Israel's war on Gaza has been the use of artificial intelligence technology, he said.

According to Loewenstein, AI has been one of the key targeting tools used by the Israeli military in its deadly campaign of airstrikes, leading to mass killings of Palestinians-now over 28,500-and damage on an unprecedented scale.

The current war on Gaza is "inarguably one of the most consequential and bloody," he said.

He described Israel's use of AI against Palestinians as "automated murder," stressing that this model "will be studied and copied by other nation-states" and Tel Aviv will sell them these technologies as tried and tested weapons.

In the last 50 years, Israel has exported hi-tech surveillance tools to at least 130 countries around the world.

To maintain its illegal occupation of the West Bank and East Jerusalem, and blockade of the Gaza Strip, Israel has developed a range of tools and technologies that have made it the world's leading exporter of spyware and digital forensics tools.

But analysts say the intelligence failure during the Oct. 7, 2023 Hamas attacks casts doubts over Tel Avis's technological capabilities.

Israel's reliance on technology "is an illusion of safety, while imprisoning 2.3 million people under endless occupation," said Loewenstein, who is Jewish and holds Australian and German nationalities.

He described Israel's response in Gaza as "apocalyptic," stressing that the killings of Palestinian civilians, including children and women, is "on a scale of indiscriminate slaughter."

- 'BLOOD MONEY'

Loewenstein, who is also a journalist, said Israel has honed its weapons and technology expertise over decades as an occupying power, acting with increasing impunity in the Palestinian territories.

This led a small country like Israel to become one of the top 10 arms dealers in the world, he said, adding that Israeli arms sales in 2021 were "the highest on record, surging 55% over the previous two years to $11.3 billion."

In his book, Loewenstein explores thoroughly Israel's ties with autocracies and regimes engaged in mass displacement campaigns, and governments slinking their way into phones.

The Israeli NSO Group sold its well-known Pegasus software to numerous governments, a spyware tool for phones that gives access to the entire content, including conversations, text messages, emails and photos even when the device is switched off.

Israeli drones were first tested over Gaza, the besieged enclave that Loewenstein referred to as "the perfect laboratory for Israeli ingenuity in domination."

Surveillance technology developed in Israel has also been sold to the US in the form of watch towers now used on the border with Mexico.

The EU's border agency Frontex is known to have used Israeli drone technology to monitor refugees.

Loewenstein explains in his book that the EU has partnered with leading Israeli defense companies to use its drones, "and of course years of experience in Palestine is a key selling point."

"So again, one sees how there are so many examples of nations that are wanting to copy what Israel is doing in their own area in their own country on their own border," he said.

These technologies and "are sold by Israel as battle-tested," he said.

In other words, he contends that Palestinians essentially have become "guinea pigs," and despite some nations and the UN publicly criticizing the Israeli occupation, in reality "they're desperate for this technology for themselves for their own countries."

"And that's how in fact, the Palestine laboratory has been so successful for Israel for so long," he said.

In his exhaustive probe into Israel's dealings with arms sales around the world, he noted that the country has monetized the occupation of Palestine, by selling weapons, spyware tools and technologies to repressive regimes such as Rwanda during the genocide in 1994 and to Myanmar during its genocide against the Muslim Rohingya people in 2017.

"This to me is blood money. I mean, there's no other way to see that and again, as someone Jewish, who has spent many, many years reporting on this conflict, both within Israel and Palestine but also elsewhere, it's deeply shameful that Israel is making huge amounts of money from the misery of others," he said.

"This is not a legacy that I can be proud of."

- 'NO NATION ACTUALLY HOLDING ISRAEL TO ACCOUNT'

Profiting from misery is to some extent the nature of what capitalism has always been about, but Israel does this with a great deal of impunity, "because Israel does what it wants," said Loewenstein.

"There is no accountability, there is no transparency, there is no nation actually holding Israel to account," he added.

Israel's regime is shielded from any political backlash for years to come because nations are reliant on Israeli weapons and spyware, said the author.

Israel may not be the only player employing surveillance technology that leads to human rights violations, but it still plays a dominant role, which is why Loewenstein insists that it deserves singular attention.

Israel's foreign policy has always been "amoral and opportunistic," he said, calling on all nations to take a stand and hold Israel accountable, and acknowledge that the world is buying what Israel is selling.

Elon Musk’s so-called Department of Government Efficiency (DOGE) has plans to stage a “hackathon” next week in Washington, DC. The goal is to create a single “mega API”—a bridge that lets software systems talk to one another—for accessing IRS data, sources tell WIRED. The agency is expected to partner with a third-party vendor to manage certain aspects of the data project. Palantir, a software company cofounded by billionaire and Musk associate Peter Thiel, has been brought up consistently by DOGE representatives as a possible candidate, sources tell WIRED.

Two top DOGE operatives at the IRS, Sam Corcos and Gavin Kliger, are helping to orchestrate the hackathon, sources tell WIRED. Corcos is a health-tech CEO with ties to Musk’s SpaceX. Kliger attended UC Berkeley until 2020 and worked at the AI company Databricks before joining DOGE as a special adviser to the director at the Office of Personnel Management (OPM). Corcos is also a special adviser to Treasury Secretary Scott Bessent.

Since joining Musk’s DOGE, Corcos has told IRS workers that he wants to pause all engineering work and cancel current attempts to modernize the agency’s systems, according to sources with direct knowledge who spoke with WIRED. He has also spoken about some aspects of these cuts publicly: "We've so far stopped work and cut about $1.5 billion from the modernization budget. Mostly projects that were going to continue to put us down the death spiral of complexity in our code base," Corcos told Laura Ingraham on Fox News in March.

Corcos has discussed plans for DOGE to build “one new API to rule them all,” making IRS data more easily accessible for cloud platforms, sources say. APIs, or application programming interfaces, enable different applications to exchange data, and could be used to move IRS data into the cloud. The cloud platform could become the “read center of all IRS systems,” a source with direct knowledge tells WIRED, meaning anyone with access could view and possibly manipulate all IRS data in one place.

Over the last few weeks, DOGE has requested the names of the IRS’s best engineers from agency staffers. Next week, DOGE and IRS leadership are expected to host dozens of engineers in DC so they can begin “ripping up the old systems” and building the API, an IRS engineering source tells WIRED. The goal is to have this task completed within 30 days. Sources say there have been multiple discussions about involving third-party cloud and software providers like Palantir in the implementation.

Corcos and DOGE indicated to IRS employees that they intended to first apply the API to the agency’s mainframes and then move on to every other internal system. Initiating a plan like this would likely touch all data within the IRS, including taxpayer names, addresses, social security numbers, as well as tax return and employment data. Currently, the IRS runs on dozens of disparate systems housed in on-premises data centers and in the cloud that are purposefully compartmentalized. Accessing these systems requires special permissions and workers are typically only granted access on a need-to-know basis.

A “mega API” could potentially allow someone with access to export all IRS data to the systems of their choosing, including private entities. If that person also had access to other interoperable datasets at separate government agencies, they could compare them against IRS data for their own purposes.

“Schematizing this data and understanding it would take years,” an IRS source tells WIRED. “Just even thinking through the data would take a long time, because these people have no experience, not only in government, but in the IRS or with taxes or anything else.” (“There is a lot of stuff that I don't know that I am learning now,” Corcos tells Ingraham in the Fox interview. “I know a lot about software systems, that's why I was brought in.")

These systems have all gone through a tedious approval process to ensure the security of taxpayer data. Whatever may replace them would likely still need to be properly vetted, sources tell WIRED.

"It's basically an open door controlled by Musk for all American's most sensitive information with none of the rules that normally secure that data," an IRS worker alleges to WIRED.

The data consolidation effort aligns with President Donald Trump’s executive order from March 20, which directed agencies to eliminate information silos. While the order was purportedly aimed at fighting fraud and waste, it also could threaten privacy by consolidating personal data housed on different systems into a central repository, WIRED previously reported.

In a statement provided to WIRED on Saturday, a Treasury spokesperson said the department “is pleased to have gathered a team of long-time IRS engineers who have been identified as the most talented technical personnel. Through this coalition, they will streamline IRS systems to create the most efficient service for the American taxpayer. This week the team will be participating in the IRS Roadmapping Kickoff, a seminar of various strategy sessions, as they work diligently to create efficient systems. This new leadership and direction will maximize their capabilities and serve as the tech-enabled force multiplier that the IRS has needed for decades.”

Palantir, Sam Corcos, and Gavin Kliger did not immediately respond to requests for comment.

In February, a memo was drafted to provide Kliger with access to personal taxpayer data at the IRS, The Washington Post reported. Kliger was ultimately provided read-only access to anonymized tax data, similar to what academics use for research. Weeks later, Corcos arrived, demanding detailed taxpayer and vendor information as a means of combating fraud, according to the Post.

“The IRS has some pretty legacy infrastructure. It's actually very similar to what banks have been using. It's old mainframes running COBOL and Assembly and the challenge has been, how do we migrate that to a modern system?” Corcos told Ingraham in the same Fox News interview. Corcos said he plans to continue his work at IRS for a total of six months.

DOGE has already slashed and burned modernization projects at other agencies, replacing them with smaller teams and tighter timelines. At the Social Security Administration, DOGE representatives are planning to move all of the agency’s data off of legacy programming languages like COBOL and into something like Java, WIRED reported last week.

Last Friday, DOGE suddenly placed around 50 IRS technologists on administrative leave. On Thursday, even more technologists were cut, including the director of cybersecurity architecture and implementation, deputy chief information security officer, and acting director of security risk management. IRS’s chief technology officer, Kaschit Pandya, is one of the few technology officials left at the agency, sources say.

DOGE originally expected the API project to take a year, multiple IRS sources say, but that timeline has shortened dramatically down to a few weeks. “That is not only not technically possible, that's also not a reasonable idea, that will cripple the IRS,” an IRS employee source tells WIRED. “It will also potentially endanger filing season next year, because obviously all these other systems they’re pulling people away from are important.”

(Corcos also made it clear to IRS employees that he wanted to kill the agency’s Direct File program, the IRS’s recently released free tax-filing service.)

DOGE’s focus on obtaining and moving sensitive IRS data to a central viewing platform has spooked privacy and civil liberties experts.

“It’s hard to imagine more sensitive data than the financial information the IRS holds,” Evan Greer, director of Fight for the Future, a digital civil rights organization, tells WIRED.

Palantir received the highest FedRAMP approval this past December for its entire product suite, including Palantir Federal Cloud Service (PFCS) which provides a cloud environment for federal agencies to implement the company’s software platforms, like Gotham and Foundry. FedRAMP stands for Federal Risk and Authorization Management Program and assesses cloud products for security risks before governmental use.

“We love disruption and whatever is good for America will be good for Americans and very good for Palantir,” Palantir CEO Alex Karp said in a February earnings call. “Disruption at the end of the day exposes things that aren't working. There will be ups and downs. This is a revolution, some people are going to get their heads cut off.”

+005: Tetris Forever is marketing disguised as a documentary

CANON FIRE is made possible by the generous contributions of readers like you. Support more writing like this on Patreon. Thank you!

The latest in Digital Eclipse’s game/documentary hybrids, Tetris Forever presents a view of history that omits so much it’s nearly historical revisionism. Ironically, for a documentary about a Soviet export, Tetris Forever is more concerned with its capitalist success than anything else. 

Multiple chapters are spent on the saga of Henk Rogers’ acquisition of the rights to the game, the business deals that led to its financial success, and the total ownership that the Tetris Company finally achieved.

Rogers talks about buying out the remains of the Soviet ministry of computer technology, shutting down a successful Tetris clone keychain, taking ownership of Bombliss from designer--and Pokemon founder--Tsunekazu Ishihara, and it's presented as if they were inspirational stories, not ruthless business decisions. He even adds that he paid Ishihara 100 Yen per unit, “because it was the right thing to do”, even though he legally didn’t need to.

Tetris Forever’s narrative is not the story of Tetris, but the Tetris Company. It’s a story of great men doing great things, mythmaking for people who have very literally already bought in. You can see it in the collection’s roster of games, which only includes titles developed by Bullet Proof Software, games that Rogers had a hand in directly, and are outright owned by the Tetris Company.

For as much as they hype up the Game Boy as a key to the Tetris’ worldwide success, its absence leaves a gaping hole in what’s supposed to be a historical collection. Even if it's already well known to many, its absence makes it hard to take Tetris Forever seriously as a historical archive. 

Alongside Tengen Tetris, which they fought a protracted legal battle to bury, and NES Tetris, which has exploded in popularity recently with a number of world records, a growing competitive scene and a recreation in Tetris Effect, there’s several milestone releases that are not only not playable, but not given little focus in the documentary. 

The greatest of these omissions is easily SEGA Tetris. While Tetris dominated the console space in the West, SEGA’s arcade entry was highly influential in Japan, becoming the de facto representative of the series there, spinning off into competitive entries, and becoming the groundwork for several fan games of the time, and eventually Tetris the Grand Master. 

Together with TGM, SEGA Tetris would play a huge part in defining the “feel” of Tetris. Mechanics like lock delay, ghost pieces and wall kicks were created here, in arcades, then rolled into the official Tetris Guideline, the blueprint of what a modern Tetris game should look like. Rogers himself has said as much in other interviews. 

In leaving out those entries, Tetris Forever buries a slew of other stories. The stories of how a collaboration between ex-Street Fighter devs and Japanese comedians would change the series forever, how feedback from an office lady led to a game defining mechanic, and how the game would make an international name for itself years after its release due to streaming. 

Instead SEGA Tetris is limited to a single paragraph, a short video of Tetsuya Mizuguchi talking about watching it in arcades, and a summary basically saying “it’s influential” TGM and Arika are given even less, with the only comment being that TGM is known for its speed. It’s about the same level of attention as they give to the times they made Tetris cabinets that were REALLY BIG. 

And where are the stories of the NES game champions? THe ridiculous limitations that make the NES version uniquely difficulty to play, the absurd techniques that players developed to get around the physical limitations of the controller they play with? 

Where are the showcases of speedruns and high level competition? Why aren’t there interviews with the devs of different titles, like the experimental N64 entries from H2O Entertainment, or the composer of the CDI Tetris? Digital Eclipse had a chance to showcase the diversity of people and ideas that have touched Tetris, but all of that is barely mentioned, if at all. 

Licensing was surely a factor here, but as Tetris Forever points out, the Tetris Company has fought many battles over rights. Why stop when it's time to tell your story? 

Instead what we get itls historical revisionism by exclusion. A story canonizing what we already know, and leaving out the contributions of the many hands that have touched the game in the decades since its success. 

Tetris Forever would have you believe that's Tetris’ success is the story of Alexi Pajitnov discovering a diamond, and Henk Rogers convincing everyone it was valuable. But a gem's value isn't in its raw material but the refining process--something I'm sure the son of a gem merchant like Rogers would know.

Tetris’ refinements have come as a result of decades of community contributions. From fans making works in both official and unofficial capacities. Tetris is the story of a conversation between a game and its players. It's a cultural phenomenon built by many hands. 

Perhaps, comrades, that's the real legacy of what they once called THE SOVIET MIND GAME.

I was looking at storyboard pro perpetual license a couple years ago and was like "why is this more expensive than the animation software. Storyboard happens before animation". Coughs blood. Like if it costs that much I'll stick to my tedious method of exporting each frame and editing in a separate program when i do fan animatics.

Its ridiculous. I think the unfortunate truth is that it is a unique software unlike anything else out there and is industry standard in Canada at least so there is no competition because no other company has made a storyboard program that operates with easy to edit strokes and vectors with a timeline built purely for animatic panels. And this makes Toon Boom feel that they can simply charge whatever they want. Also the price used to not be so high a few years ago so I think the perpetual license went up to encourage more people to use the subscription format...Toon boom you are my enemy but also I need you

They should have never let software companies figure out how to assign device-specific licenses to use their software they should have never let companies figure out they can save their files in some weird format only software under their IP is able to open or export forcing people to buy the file-generating software and the file-reading software separately and sometimes even on a subscription service forever. One day this will all be a bad dream and all the greedy companies will die and send their software into the beautiful Open Access Cloud in the sky or store as downloadable files stored on discs instead of trapping it under copyright hell forever and no student will ever have to go to the lab at 1AM to make a f*cking graph all bc the lab would never stretch their budget just to let the glorified unpaid intern use their standard analysis software on her own laptop

We, Abhi Impact Logistics Solutions Pvt. Ltd. is one of the leading cross border transportation network helping with supply chain management and efficient flow of products in compliance with international legals and custom clearance.

Join us : https://impact-logistics.in/

Call now : +91 95790 95790

Email Id : [email protected]

came for the juicy and rare prowl posts discussing things in his perspective, all the shit done to him, the unfairness done to his characterization (they are beautiful i LOVE it op). stayed for the 3d things. as an aspiring 3d artist and wanting to be a game developer too, should i try to practice in blender first? i mean, i did have 3ds max but the free one i got is only for a 1-year student plan thing, and i am gonna graduate so, is like blender the safe way to practice? i don't know if i make sense op but i just wanna know if investing my time in learning blender would go somewhere 😭 because i kept hearing that companies don't use blender that often? idk huhuhu

Glad you like the Prowl posts! They've definitely become something of a staple on my blog, lol.

As far as 3D goes, my perspective is that as long as you're learning modeling (or rigging, or animation, or whatever) and not just learning a program, it really doesn't matter what you use. Yeah, different programs have different strengths, and some are more widely used than others, but most of what you need to learn as a 3D artist has nothing to do with software.

Like, you could just learn some basic tools and then make whatever you want. It might not be easy, but you could do it. But if you just jumped in and started moving vertices around, it would be a mess. You need to take the time to learn good topology so you can make models that are easy to edit, deform properly when they're animated, and look right when they're rendered. And the more you learn, the more you realize good topology is hard. But it's also a skill you only need to learn once: once you know what good topology looks like and how to achieve it, learning to model in a new program is just figuring out a different path to the same results.

In your case, 3ds Max is up there with Maya as far as being used by a lot of AAA studios, so if you still have it, I would definitely say use it while you can. It doesn't hurt to get a head start on learning how it works. But you can also absolutely use Blender to learn skills that are applicable regardless of the program. Plus, a lot of small studios use Blender, so if you're interested in joining indie teams or doing freelance work, you actually could end up using it on a project.

A couple tips and suggestions, since modeling for game dev is also one of my end goals:

Not everything you can do in Blender can be exported into a game engine. You're probably fine with basic models and rigs, and you can create animations in Blender and export those, but engines handle stuff like textures and shaders differently. It's a good idea to export models periodically while you're working on them and see how they behave in your engine of choice. Bendy bones are also a Blender exclusive and can't be used in other programs - you might see people say the same about geometry nodes, but there are now ways to convert them to mesh so they can be exported (although when I tried this with Godot, the objects were untextured. This may or may not have been because of my export settings).

You might also see people say that whatever gets you the results you want is the right way to do things: I would suggest ignoring that advice unless you know what rule you're breaking and why you're breaking it. For example, N-gons (faces with 5 or more sides) are generally something you want to avoid, but sometimes you need them.

People also say that computers have gotten powerful enough that poly count doesn't matter anymore. It's still a good idea to use as few polys as you can, both to make models easier to work with and as a kindness to those of us who don't own a gaming computer.

Basically, if someone suggests taking the easy way out and their reasoning amounts to "don't worry about it", they probably don't know what they're talking about.

Imposing Duties to Address the Synthetic Opioid Supply Chain in the People's Republic of China

Issued February 1, 2025.

By the authority vested in me as President by the Constitution and the laws of the United States of America, including the International Emergency Economic Powers Act (50 U.S.C. 1701 et seq.) (IEEPA), the National Emergencies Act (50 U.S.C. 1601 et seq.) (NEA), section 604 of the Trade Act of 1974, as amended (19 U.S.C. 2483), and section 301 of title 3, United States Code,

I, DONALD J. TRUMP, President of the United States of America, find that the sustained influx of synthetic opioids has profound consequences on our Nation, including by killing approximately two hundred Americans per day, putting a severe strain on our healthcare system, ravaging our communities, and destroying our families. Synthetic opioid overdose is the leading cause of death for people aged 18 to 45 in the United States.

During my first term, I took steps to end the direct flow of fentanyl and other synthetic opioids from the People's Republic of China (PRC) to the United States. Since then, the Chinese Communist Party (CCP), which exerts ultimate control over the government and enterprises of the PRC, has subsidized and otherwise incentivized PRC chemical companies to export fentanyl and related precursor chemicals that are used to produce synthetic opioids sold illicitly in the United States.

Furthermore, the PRC provides support to and safe haven for PRC-origin transnational criminal organizations (TCOs) that launder the revenues from the production, shipment, and sale of illicit synthetic opioids. These PRC-origin TCOs coordinate and communicate using PRC social media software applications in the conduct of their businesses.

Many PRC-based chemical companies also go to great lengths to evade law enforcement and hide illicit substances in the flow of legitimate commerce. Some of the techniques employed by these PRC-based companies to conceal the true contents of the parcels and the identity of the distributors include the use of re-shippers in the United States, false invoices, fraudulent postage, and deceptive packaging. While more than 500,000 pounds of drugs have been seized at the southern border each of the last 3 fiscal years, in addition, more than 42,000 pounds of drugs have been seized at the northern border each year on average over the last 3 years. Illicit drugs kill tens of thousands of Americans each year, including 75,000 deaths per year attributed to fentanyl alone.

The influx of these drugs to our Nation threatens the fabric of our society. The PRC plays a central role in this challenge, not merely by failing to stem the ultimate source of many illicit drugs distributed in the United States, but by actively sustaining and expanding the business of poisoning our citizens.

The flow of contraband drugs like fentanyl to the United States through illicit distribution networks has created a national emergency, including a public health crisis in the United States, as outlined in the Presidential Memorandum of January 20, 2025 (America First Trade Policy), Proclamation 10886 of January 20, 2025 (Declaring a National Emergency at the Southern Border of the United States), and Executive Order 14157 of January 20, 2025 (Designating Cartels and Other Organizations as Foreign Terrorist Organizations and Specially Designated Global Terrorists).

Despite multiple attempts to resolve this crisis at its root source through bilateral dialogue, PRC officials have failed to follow through with the decisive actions needed to stem the flow of precursor chemicals to known criminal cartels and shut down the money laundering TCOs. The PRC implements the most sophisticated domestic surveillance network coupled with the most comprehensive domestic law enforcement apparatus in the world. The PRC also routinely exerts extraterritorial reach across the globe to threaten, harass, and suppress what it views as political dissent. As such, the CCP does not lack the capacity to severely blunt the global illicit opioid epidemic; it simply is unwilling to do so.

Immediate action is required to address the national emergency I declared to finally end this emergency, including the public health crisis caused by opioid use and addiction, which will not happen until the full compliance and cooperation of the PRC government is assured.

I hereby determine and order:

Section 1. (a) As President of the United States, my highest duty is the defense of the country and its citizens. I will not stand by and allow our citizens to be poisoned, our laws to be trampled, our communities to be ravaged, or our families to be destroyed.

I previously declared a national emergency with respect to the grave threat to the United States posed by the influx of illegal aliens and drugs into the United States in Proclamation 10886. Pursuant to the NEA, I hereby expand the scope of the national emergency declared in that proclamation to cover the failure of the PRC government to arrest, seize, detain, or otherwise intercept chemical precursor suppliers, money launderers, other TCOs, criminals at large, and drugs. In addition, this failure to act constitutes an unusual and extraordinary threat, which has its source in substantial part outside the United States, to the national security, foreign policy, and economy of the United States. I hereby declare and reiterate a national emergency under the NEA and IEEPA to deal with that threat. This national emergency requires decisive and immediate action, and I have decided to impose, consistent with law, ad valorem tariffs on articles that are products of the PRC as set forth in this order. In doing so, I invoke my authority under section 1702(a)(1)(B) of IEEPA, and specifically find that action under other authority to impose tariffs is inadequate to address this unusual and extraordinary threat.

Sec. 2. (a) All articles that are products of the PRC, as defined by the Federal Register notice described in section 2(d) of this order (the Federal Register notice), shall be, consistent with law, subject to an additional 10 percent ad valorem rate of duty. Such rate of duty shall apply with respect to goods entered for consumption, or withdrawn from warehouse for consumption, on or after 12:01am eastern time on February 4, 2025, except that goods entered for consumption, or withdrawn from warehouse for consumption, after such time that were loaded onto a vessel at the port of loading or in transit on the final mode of transport prior to entry into the United States before 12:01am eastern time on February 1, 2025, shall not be subject to such additional duty, only if the importer certifies to U.S. Customs and Border Protection within the Department of Homeland Security as specified in the Federal Register notice.

(b) The rates of duty established by this order are in addition to any other duties, fees, exactions, or charges applicable to such imported articles.

(c) Should the PRC retaliate against the United States in response to this action through import duties on United States exports to the PRC or similar measures, the President may increase or expand in scope the duties imposed under this Executive Order to ensure the efficacy of this action.

(d) In order to establish the duty rate on imports of articles that are products of the PRC, the Secretary of Homeland Security shall determine the modifications necessary to the Harmonized Tariff Schedule of the United States (HTSUS) in order to effectuate this order consistent with law and shall make such modifications to the HTSUS through notice in the Federal Register. The modifications made to the HTSUS by this notice shall be effective with respect to goods entered for consumption, or withdrawn from warehouse for consumption, on or after 12:01am eastern time on February 4, 2025, except as otherwise noted in subsection 2(a) of this section, and shall continue in effect until such actions are expressly reduced, modified, or terminated.

(e) Articles that are products of the PRC, except those that are eligible for admission under "domestic status" as defined in 19 CFR 146.43, which are subject to the duties imposed by this order and are admitted into a United States foreign trade zone on or after 12:01am eastern time on February 4, 2025, except as otherwise noted in subsection 2(a) of this section, must be admitted as "privileged foreign status" as defined in 19 CFR 146.41. Such articles will be subject upon entry for consumption to the rates of duty related to the classification under the applicable HTSUS subheading in effect at the time of admittance into the United States foreign trade zone.

(f) No drawback shall be available with respect to the duties imposed pursuant to this order.

(g) For avoidance of doubt, duty-free de minimis treatment under 19 U.S.C. 1321 shall not be available for the articles described in subsection (a) of this section.

(h) Any prior Presidential Proclamation, Executive Order, or other presidential directive or guidance related to trade with the PRC that is inconsistent with the direction in this order is hereby terminated, suspended, or modified to the extent necessary to give full effect to this order.

(i) The articles described in subsection (a) of this section shall include those encompassed by 50 U.S.C. 1702(b).

Sec. 3. (a) The Secretary of Homeland Security shall regularly consult with the Secretary of State, the Attorney General, the Assistant to the President for National Security Affairs, and the Assistant to the President for Homeland Security on the situation regarding the PRC. The Secretary of Homeland Security shall inform the President of any circumstances that, in the opinion of the Secretary of Homeland Security, indicate that the PRC government has taken adequate steps to alleviate the opioid crisis through cooperative actions. Upon the President's determination of sufficient action to alleviate the crisis, the tariffs described in section 2 of this order will be removed.

(b) The Secretary of Homeland Security, in coordination with the Secretary of State, the Attorney General, the Assistant to the President for National Security Affairs, and the Assistant to the President for Homeland Security shall recommend additional action, if necessary, should the PRC fail to take adequate steps to alleviate the illicit drug crises through cooperative enforcement actions.

Sec. 4. The Secretary of Homeland Security, in consultation with the Secretary of the Treasury, the Attorney General, and the Secretary of Commerce, is hereby authorized to take such actions, including adopting rules and regulations, and to employ all powers granted to me by IEEPA as may be necessary to implement this order. The Secretary of Homeland Security may, consistent with applicable law, redelegate any of these functions within the Department of Homeland Security. All agencies shall take all appropriate measures within their authority to implement this order.

Sec. 5. The Secretary of Homeland Security, in coordination with the Secretary of the Treasury, the Attorney General, the Secretary of Commerce, the Assistant to the President for National Security Affairs, and the Assistant to the President for Homeland Security, is hereby authorized to submit recurring and final reports to the Congress on the national emergency under IEEPA declared in this order, consistent with section 401(c) of the NEA (50 U.S.C. 1641(c)) and section 204(c) of IEEPA (50 U.S.C. 1703(c)).

Sec. 6. General Provisions. (a) Nothing in this order shall be construed to impair or otherwise affect:

(i) the authority granted by law to an executive department, agency, or the head thereof; or

(ii) the functions of the Director of the Office of Management and Budget relating to budgetary, administrative, or legislative proposals.

(b) This order shall be implemented consistent with applicable law and subject to the availability of appropriations.

(c) This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity by any party against the United States, its departments, agencies, or entities, its officers, employees, or agents, or any other person.

China's Tech Dominance: The UK's Struggle to Keep Up

China’s growing success in technology is not a mere accident but the result of deliberate, long-term policy investments. A recent example is the emergence of DeepSeek, a ChatGPT competitor created by a little-known hedge fund in Hangzhou, which claims to have spent just $5.6 million to develop the AI. This development is indicative of China's broader efforts to dominate the tech sector.

At the core of artificial intelligence (AI) development are three critical elements: microchips, data, and PhDs in science and technology. On two of these fronts—advanced education and data—China is already ahead of many Western nations. Chinese universities produce over 6,000 STEM (science, technology, engineering, and mathematics) PhDs each month, compared to about 2,000 to 3,000 in the United States and 1,500 in the UK.

China has also surpassed the US in patent filings, with 1.7 million patents filed in 2023, compared to just 600,000 in the US. Two decades ago, China filed just a fraction of the patents that the US did, but today, it has taken a leading position globally. While questions remain about the quality of some patents, China has also outpaced the US in "citation-weighted" patents, which measure the influence of innovations based on how often they are referenced.

In addition to AI, China’s advances are notable in other industries, such as electric vehicles (EVs), where it has become the world's largest exporter. Chinese manufacturers have cornered supply chains and technology for lithium-ion batteries, drastically lowering costs over the past decade. This success in EVs is paired with China’s efforts to lead in "electric intelligent vehicles," a sector where traditional automakers are struggling to compete, especially in software development.

China is also electrifying its entire economy at an unprecedented rate. The country now files for three-quarters of all clean tech patents globally, a massive increase from the start of the century, when it filed only a small fraction.

In AI, China is positioned to become the global leader, as highlighted by a recent US National Science Board report, which noted that China now outpaces the US in AI research publications, patents, and the production of STEM graduates.

The UK has recognized China's technological rise, with Chancellor Rachel Reeves visiting Beijing earlier this month. The trip underscored the UK's interest in strengthening long-term economic ties with China, particularly in the realms of AI, clean technology, and innovation. Chinese tech companies like Huawei are also attracting attention, with UK executives noting the company’s impressive campus and its role in global tech development.

However, there are significant concerns about data security, censorship, and democratic values, especially as China's tech industry thrives on access to vast amounts of data—something much harder to obtain in the West. This raises questions about the implications of China's AI dominance, particularly with regard to privacy and geopolitics.

While the UK government faces a delicate balancing act in its relations with China, the country's tech innovations, such as DeepSeek and advancements in AI, represent a major challenge. European nations like Spain have already encouraged China to share its advanced battery technologies, and there are growing concerns about whether China’s influence will extend beyond consumer goods like electronics and EVs to include data-hungry AI models. This shift could have profound implications not only for the tech industry but also for the global economy and geopolitics.

UNC5537: Extortion and Data Theft of Snowflake Customers

Targeting Snowflake Customer Instances for Extortion and Data Theft, UNC5537 Overview. Mandiant has discovered a threat campaign that targets Snowflake client database instances with the goal of extortion and data theft. This campaign has been discovered through Google incident response engagements and threat intelligence collections. The multi-Cloud data warehousing software Snowflake can store and analyze massive amounts of structured and unstructured data.

Mandiant is tracking UNC5537, a financially motivated threat actor that stole several Snowflake customer details. UNC5537 is using stolen customer credentials to methodically compromise Snowflake client instances, post victim data for sale on cybercrime forums, and attempt to blackmail many of the victims.

Snowflake instance According to Mandiant’s analysis, there is no proof that a breach in Snowflake’s enterprise environment led to unauthorized access to consumer accounts. Rather, Mandiant was able to link all of the campaign-related incidents to hacked client credentials.

Threat intelligence about database records that were later found to have come from a victim’s Snowflake instance was obtained by Mandiant in April 2024. After informing the victim, Mandiant was hired by the victim to look into a possible data theft affecting their Snowflake instance. Mandiant discovered during this investigation that a threat actor had gained access to the company’s Snowflake instance by using credentials that had previously been obtained through info stealer malware.

Using these credentials that were taken, the threat actor gained access to the customer’s Snowflake instance and eventually stole important information. The account did not have multi-factor authentication (MFA) activated at the time of the intrusion.

Following further intelligence that revealed a wider campaign aimed at more Snowflake customer instances, Mandiant notified Snowflake and potential victims via their Victim Notification Programme on May 22, 2024.

Snowflakes Mandiant and Snowflake have notified about 165 possibly vulnerable organizations thus far. To guarantee the security of their accounts and data, these customers have been in direct contact with Snowflake’s Customer Support. Together with collaborating with pertinent law enforcement organizations, Mandiant and Snowflake have been undertaking a cooperative investigation into this continuing threat campaign. Snowflake released comprehensive detection and hardening guidelines for Snowflake clients on May 30, 2024.

Campaign Synopsis According to Google Cloud current investigations, UNC5537 used stolen customer credentials to gain access to Snowflake client instances for several different organizations. The main source of these credentials was many info stealer malware campaigns that compromised systems controlled by people other than Snowflake.

As a result, a sizable amount of customer data was exported from the corresponding Snowflake customer instances, giving the threat actor access to the impacted customer accounts. Subsequently, the threat actor started personally extorting several of the victims and is aggressively trying to sell the stolen consumer data on forums frequented by cybercriminals.

Mandiant Mandiant discovered that most of the login credentials utilized by UNC5537 came from infostealer infections that occurred in the past, some of which were from 2020. Three main causes have contributed to the multiple successful compromises that UNC5537’s threat campaign has produced:

Since multi-factor authentication was not enabled on the affected accounts, successful authentication just needed a working login and password. The credentials found in the output of the infostealer virus were not cycled or updated, and in certain cases, they remained valid years after they were stolen. There were no network allow lists set up on the affected Snowflake client instances to restrict access to reliable sources. Infostealer Mandiant found that the first infostealer malware penetration happened on contractor computers that were also used for personal purposes, such as downloading pirated software and playing games. This observation was made during multiple investigations related to Snowflake.

Customers that hire contractors to help them with Snowflake may use unmonitored laptops or personal computers, which worsen this initial entry vector. These devices pose a serious concern because they are frequently used to access the systems of several different organizations. A single contractor’s laptop can enable threat actors to access numerous organizations if it is infected with infostealer malware, frequently with administrator- and IT-level access.

Identifying The native web-based user interface (SnowFlake UI, also known as SnowSight) and/or command-line interface (CLI) tool (SnowSQL) on Windows Server 2022 were frequently used to get initial access to Snowflake customer instances. Using an attacker-named utility called “rapeflake,” which Mandiant records as FROSTBITE, Mandiant discovered more access.

Mandiant believes FROSTBITE is used to conduct reconnaissance against target Snowflake instances, despite the fact that Mandiant has not yet retrieved a complete sample of FROSTBITE. Mandiant saw the use of FROSTBITE in both Java and.NET versions. The Snowflake.NET driver communicates with the.NET version. The Snowflake JDBC driver is interfaced with by the Java version.

SQL recon actions by FROSTBITE have been discovered, including a listing of users, current roles, IP addresses, session IDs, and names of organizations. Mandiant also saw UNC5537 connect to many Snowflake instances and conduct queries using DBeaver Ultimate, a publicly accessible database management tool.

Finish the mission Mandiant saw UNC5537 staging and exfiltrating data by continuously running identical SQL statements on many client Snowflake systems. The following instructions for data staging and exfiltration were noted.

Generate (TEMP|TEMPORARY) STAGE UNC5537 used the CREATE STAGE command to generate temporary stages for data staging. The data files that are loaded and unloaded into database tables are stored in tables called stages. When a stage is created and designated as temporary, it is removed after the conclusion of the creator’s active Snowflake session.

UNC5537 Credit Since May 2024, Mandiant has been monitoring UNC5537, a threat actor with financial motivations, as a separate cluster. UNC5537 often extorts people for financial benefit, having targeted hundreds of organizations globally. Under numerous aliases, UNC5537 participates in cybercrime forums and Telegram channels. Mandiant has recognized individuals who are linked to other monitored groups. Mandiant interacts with one member in Turkey and rates the composition of UNC5537 as having a moderate degree of confidence among its members who are located in North America.

In order to gain access to victim Snowflake instances, Attacker Infrastructure UNC5537 mostly leveraged Mullvad or Private Internet Access (PIA) VPN IP addresses. Mandiant saw that VPS servers from Moldovan supplier ALEXHOST SRL (AS200019) were used for data exfiltration. It was discovered that UNC5537 was storing stolen victim data on other foreign VPS providers in addition to the cloud storage provider MEGA.

Prospects and Significance The campaign launched by UNC5537 against Snowflake client instances is not the product of a highly advanced or unique method, instrument, or process. The extensive reach of this campaign is a result of both the expanding infostealer market and the passing up of chances to further secure credentials:

UNC5537 most likely obtained credentials for Snowflake victim instances by gaining access to several infostealer log sources. There’s also a thriving black market for infostealerry, with huge lists of credentials that have been stolen available for purchase and distribution both inside and outside the dark web.

Infostealers Multi-factor authentication was not necessary for the impacted customer instances, and in many cases, the credentials had not been changed in up to four years. Additionally, access to trusted locations was not restricted using network allow lists.

This ad draws attention to the ramifications of a large number of credentials floating throughout the infostealer market and can be a sign of a targeted attack by threat actors on related SaaS services. Mandiant predicts that UNC5337 will carry on with similar intrusion pattern, soon focusing on more SaaS systems.

This campaign’s wide-ranging effects highlight the pressing necessity for credential monitoring, the ubiquitous application of MFA and secure authentication, traffic restriction to approved sites for royal jewels, and alerts regarding unusual access attempts. See Snowflake’s Hardening Guide for additional suggestions on how to fortify Snowflake environments.

Read more on Govindhtech.com

On April 15, U.S. chipmaker Nvidia published a filing to the U.S. Securities and Exchange Commission indicating that the government has restricted the company from selling its less advanced graphics processing unit (GPU)—the H20—to China. The company is now required to obtain a license from the U.S. Commerce Department’s Bureau of Industry and Security to sell the H20 and any other chips “achieving the H20’s memory bandwidth, interconnect bandwidth, or combination thereof” to China, according to the filing.

Similarly, a filing from AMD stated that the firm is now restricted from selling its MI308 GPU to China—and likely any chips that have equal or higher performance in the future. Intel’s artificial intelligence accelerator Gaudi will also be restricted under the new control threshold, which reportedly appears to limit chips with total DRAM bandwidth of 1,400 gigabytes per second or more, input/output bandwidth of 1,100 GB per second or more, or a total of both of 1,700 GB per second or more.

The possible new threshold not only restricts the advanced chips that were already controlled but also the less advanced chips from Nvidia, AMD, and other chipmakers, including Nvidia’s H20, AMD’s MI308X, and Intel’s Gaudi, which were used to comply with the export control threshold and intended primarily for sale in the Chinese market.

The new restriction came roughly a week after NPR reported that the Trump administration had decided to back off on regulating the H20. Prior to that report, curbs on the H20 and chips with comparable performance had been widely anticipated by analysts on Wall Street, industry experts in Silicon Valley, and policy circles in Washington.

The latest set of chip controls could be seen as following on from export restrictions during the Biden administration and as continuation of the Trump administration’s efforts to limit China’s access to advanced AI hardware. But the new measure carries far-reaching industry implications that could fundamentally reshape the landscape of China’s AI chip market.

The impact of the new rule on the industry is profound. With the new controls, Nvidia is estimated to immediately lose about $15 billion to $16 billion, according to a J.P. Morgan analysis. AMD, on the other hand, faces $1.5 billion to 1.8 billion in lost revenue, accounting for roughly 10 percent of its estimated data center revenue this year.

Yet the implications go beyond immediate financial damage. If the restriction persists, it will fundamentally reshape the Chinese AI chip market landscape and mark the start of a broader retreat for U.S. AI accelerators from China. That includes not only GPU manufacturers such as Nvidia, AMD, and Intel but also firms providing application-specific integrated circuits—another type of chips targeting specific AI workloads, such as Google’s TPU and Amazon Web Servies’ Trainium.

The new rule will make it nearly impossible for U.S. firms such as Nvidia and AMD to design and sell chips that are export-compliant and competitive in the Chinese market. That means these firms’ market share in the Chinese AI chip market will decline over time, as they are forced to withdraw almost all of their offerings of both advanced and less advanced chips while Chinese firms gradually capture the remaining market.

The H20 and the upgraded H20E are already only marginally ahead of their Chinese competitors. Huawei’s latest AI chip Ascend 910C delivers 2.6 times the computational performance of the H20, although it offers 20 percent less memory bandwidth, which is vital for the inference training and reasoning models that are a key part of modern AI.

The H20’s memory bandwidth, along with Nvidia’s widely adopted software stack, a parallel computing platform and programming model that enables efficient GPU utilization for AI, high-performance computing, and scientific workloads, have been key differentiators driving demand from Chinese AI firms and keeping them competitive in the Chinese market. China acquired more than 1 million units of the H20 in 2024 and has been stockpiling the chip in response to looming concerns about controls since early 2025.

The narrowing gap between the H20 and Huawei’s 910C highlights the growing ability of Chinese AI chipmakers to meet domestic compute demand without foreign GPUs. As of today, Huawei’s 910C is in mass production, with units already delivered to customers and broader mass shipments reportedly starting in May. Most recently, Huawei is reportedly approaching customers about testing its enhanced version of the 910-series GPU—the 910D. Its next-generation chip—the Ascend 920—is expected to enter mass production in the second half of 2025.

Notably, Huawei is just one of many Chinese firms poised to fill the gap left by U.S. suppliers. Chinese AI chip companies such as Cambricon, Hygon, Enflame, Iluvatar CoreX, Biren, and Moore Threads are actively developing more competitive domestic AI chips to capture this expanding market.

Over the next few years, Chinese firms such as Alibaba, ByteDance, Baidu, and Tencent will likely continue to rely on existing inventories of Nvidia and AMD chips—such as the H100, H200, H800, and H20—acquired prior to the implementation of export controls. For example, ByteDance’s current GPU inventory in China is rumored to include 16,000-17,000 units of the A100, 60,000 units of the A800, and 24,000-25,000 units of the H800. Its overseas businesses likely have more than 20,000 units of the H100, 270,000 of the H20, and tens of thousands of cards such as the L20 and L40.

Advanced chips, including the limited amount of Nvidia’s Blackwell-series GPUs, may also continue entering the Chinese market via illicit or gray-market channels, given the enduring performance advantage and wide adoption of these chips over most Chinese domestic alternatives. The Blackwell GPUs and other cutting-edge chips could still be sold legally to the oversea data centers of leading Chinese AI companies to potentially train their AI models.

Similarly, other leading Chinese AI firms still possess significant chip stockpiles. Assuming export controls continue to restrict Chinese AI companies’ access to advanced computing resources, existing GPU inventories should still enable model development over the next several years. Typically, GPUs have a four- to five-year depreciation lifecycle, providing a window during which Chinese domestic GPU manufacturers can advance their capabilities and begin supplying more competitive chips to support domestic AI development.

Ultimately, time is now on the Chinese firms’ side. As inventories of foreign GPUs gradually depreciate and become obsolete, Chinese firms are expected to shift toward and adopt more domestically produced AI chips to meet ongoing compute needs at a time when local chipmakers offer more powerful alternatives. China’s overall computing demand will steadily rise, given the continued advancement of the AI industry, and such incremental growth in demand will likely be met by Chinese AI chipmakers.

As a result, the tens of billions of dollars in revenue that would have gone to Nvidia and AMD will be gradually captured by Chinese AI firms in the coming years. In a rough assessment, the latest ban causes Nvidia and AMD instant losses of about $16.5 billion to $17.8 billion—about 70 percent of what Huawei spent on research and development in 2024.

This new market paradigm will not only strengthen the market position and financial sustainability of domestic Chinese AI chipmakers but also enhance their capacity to reinvest in R&D. In turn, this will accelerate innovation, improve competitiveness, and fortify China’s broader AI hardware supply chain—ultimately contributing to the long-term resilience and advancement of Chinese AI capabilities.

More importantly, the growing domestic adoption of Chinese GPUs enables local firms to refine their products more efficiently through accelerated and larger feedback loops from local enterprises. As the Nvidia-led GPU ecosystem stalls and gradually retreats from the Chinese market, this shift creates space for local players to build a domestic GPU ecosystem—one that may increasingly lock out foreign competitors and raise re-entry barriers over time.

A total ban on the H20 would likely slow China’s short-term growth in AI compute capacity by removing a key source of advanced chips. But the medium- to longer-term impact is less clear. Chinese AI companies, as previously noted, remain very capable of developing their AI by using a large number of existing Nvidia and AMD GPUs for the next few years, alongside a growing supply of improving domestic alternatives. The U.S. leadership’s ultimate goal of using export controls to constrain China’s AI development remains uncertain, as the gap between the two countries’ AI model capabilities appears to be narrowing rather than widening.

What is clear, however, is the broader industry impact of the new controls. If sustained, they will mark the beginning of a major withdrawal of U.S. AI chipmakers from the Chinese market—paving the way for a significant boost to domestic Chinese AI chipmakers. In trying to isolate China, the United States may end up giving Chinese firms a leg up.