Re: [AFMUG] Ubiquiti played fast and loose with the truth?
Children grow. Would need constant inventory cycling and training to get them to respond to their proper call sign. Plus they eat a lot when they get to a certain size. My personal preference would be to just have a fleet of trunk monkeys.. https://www.youtube.com/watch?v=XW8iAVwt_Yc Much more versatile Could take away half of Steve's moonlighting opportunities (or increase them if he gets his own fleet) with all the things they could be used for in addition to maintaining passwords. From: Dietrich Rushing mailto:drush...@sixpathssolutions.com>> Sent: Wednesday, March 31, 2021 12:18 PM To: James Howard mailto:ja...@litewire.net>> Subject: Re: [AFMUG] Ubiquiti played fast and loose with the truth? We should just use children instead. An even better use of space and they are more compliant. I hear they can even be armed! On 3/31/21 8:46 AM, James Howard wrote: Stacked in the basement. Much more efficient space usage. From: AF <mailto:af-boun...@af.afmug.com> On Behalf Of Adam Moffett Sent: Tuesday, March 30, 2021 8:34 PM To: af@af.afmug.com<mailto:af@af.afmug.com> Subject: Re: [AFMUG] Ubiquiti played fast and loose with the truth? Why midgets though? Could be people of any height. On 3/30/2021 4:45 PM, Mathew Howard wrote: It seems like a reasonable solution to me. And if they're well-armed, it will also be quite secure. On Tue, Mar 30, 2021 at 3:25 PM Steve Jones mailto:thatoneguyst...@gmail.com>> wrote: Im am unopposed to this On Tue, Mar 30, 2021 at 2:49 PM Mike Hammett mailto:af...@ics-il.net>> wrote: Well right, but there's not really any way around that, short of having a bunch of midgets you keep stacked in the basement with passwords written on their foreheads and you summon them by yelling the name of the site or service you need the password for. - Mike Hammett Intelligent Computing Solutions<http://www.ics-il.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/ICSIL>[http://www.ics-il.com/images/googleicon.png]<https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/intelligent-computing-solutions>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/ICSIL> Midwest Internet Exchange<http://www.midwest-ix.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/mdwestix>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/midwest-internet-exchange>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/mdwestix> The Brothers WISP<http://www.thebrotherswisp.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/thebrotherswisp>[http://www.ics-il.com/images/youtubeicon.png] <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> From: "Mathew Howard" mailto:mhoward...@gmail.com>> To: "AnimalFarm Microwave Users Group" mailto:af@af.afmug.com>> Sent: Tuesday, March 30, 2021 2:42:19 PM Subject: Re: [AFMUG] Ubiquiti played fast and loose with the truth? I think Steve's point is that if you have all of your stuff stored in one place, if somebody gets access to that place, they have all your stuff. Whether that place is Lastpass, a TXT file or a forehead isn't particularly important. On Tue, Mar 30, 2021 at 2:23 PM Mike Hammett mailto:af...@ics-il.net>> wrote: Right, I read that. That doesn't mean anything. It could have just as well said that they were previously stored in a TXT file on the desktop or written backwards on the SysAdmin's forehead. - Mike Hammett Intelligent Computing Solutions<http://www.ics-il.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/ICSIL>[http://www.ics-il.com/images/googleicon.png]<https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/intelligent-computing-solutions>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/ICSIL> Midwest Internet Exchange<http://www.midwest-ix.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/mdwestix>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/midwest-internet-exchange>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/mdwestix> The Brothers WISP<http://www.thebrotherswisp.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/thebrotherswisp>[http://www.ics-il.com/images/youtubeicon.png] <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> ________ From: "Steve Jones" mailto:thatoneguyst...@gmail.com>> To: "AnimalFarm Microwave Users Group" mailto:af@af.afmug.com>>
Re: [AFMUG] Ubiquiti played fast and loose with the truth?
Stacked in the basement. Much more efficient space usage. From: AF On Behalf Of Adam Moffett Sent: Tuesday, March 30, 2021 8:34 PM To: af@af.afmug.com Subject: Re: [AFMUG] Ubiquiti played fast and loose with the truth? Why midgets though? Could be people of any height. On 3/30/2021 4:45 PM, Mathew Howard wrote: It seems like a reasonable solution to me. And if they're well-armed, it will also be quite secure. On Tue, Mar 30, 2021 at 3:25 PM Steve Jones mailto:thatoneguyst...@gmail.com>> wrote: Im am unopposed to this On Tue, Mar 30, 2021 at 2:49 PM Mike Hammett mailto:af...@ics-il.net>> wrote: Well right, but there's not really any way around that, short of having a bunch of midgets you keep stacked in the basement with passwords written on their foreheads and you summon them by yelling the name of the site or service you need the password for. - Mike Hammett Intelligent Computing Solutions<http://www.ics-il.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/ICSIL>[http://www.ics-il.com/images/googleicon.png]<https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/intelligent-computing-solutions>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/ICSIL> Midwest Internet Exchange<http://www.midwest-ix.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/mdwestix>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/midwest-internet-exchange>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/mdwestix> The Brothers WISP<http://www.thebrotherswisp.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/thebrotherswisp>[http://www.ics-il.com/images/youtubeicon.png] <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> From: "Mathew Howard" mailto:mhoward...@gmail.com>> To: "AnimalFarm Microwave Users Group" mailto:af@af.afmug.com>> Sent: Tuesday, March 30, 2021 2:42:19 PM Subject: Re: [AFMUG] Ubiquiti played fast and loose with the truth? I think Steve's point is that if you have all of your stuff stored in one place, if somebody gets access to that place, they have all your stuff. Whether that place is Lastpass, a TXT file or a forehead isn't particularly important. On Tue, Mar 30, 2021 at 2:23 PM Mike Hammett mailto:af...@ics-il.net>> wrote: Right, I read that. That doesn't mean anything. It could have just as well said that they were previously stored in a TXT file on the desktop or written backwards on the SysAdmin's forehead. - Mike Hammett Intelligent Computing Solutions<http://www.ics-il.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/ICSIL>[http://www.ics-il.com/images/googleicon.png]<https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/intelligent-computing-solutions>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/ICSIL> Midwest Internet Exchange<http://www.midwest-ix.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/mdwestix>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/midwest-internet-exchange>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/mdwestix> The Brothers WISP<http://www.thebrotherswisp.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/thebrotherswisp>[http://www.ics-il.com/images/youtubeicon.png] <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> ____________ From: "Steve Jones" mailto:thatoneguyst...@gmail.com>> To: "AnimalFarm Microwave Users Group" mailto:af@af.afmug.com>> Sent: Tuesday, March 30, 2021 2:18:41 PM Subject: Re: [AFMUG] Ubiquiti played fast and loose with the truth? from the sounds of it thats how they gained the access Adam says the attacker(s) had access to privileged credentials that were previously stored in the LastPass<https://en.wikipedia.org/wiki/LastPass> account of a Ubiquiti IT employee, and gained root administrator access to all Ubiquiti AWS accounts, including all S3 data buckets, all application logs, all databases, all user database credentials, and secrets required to forge single sign-on (SSO) cookies. On Tue, Mar 30, 2021 at 2:10 PM Mike Hammett mailto:af...@ics-il.net>> wrote: I don't know that LastPass really had anything to do with it, other than that's where someone stored a password. - Mike Hammett Intelligent Computing Solutions<http://www.ics-il.com/> [http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/ICSIL>[http://www.ics-il.com
Re: [AFMUG] Ubiquiti played fast and loose with the truth?
You can stack more of them On Tue, Mar 30, 2021, 8:35 PM Adam Moffett wrote: > Why midgets though? Could be people of any height. > On 3/30/2021 4:45 PM, Mathew Howard wrote: > > It seems like a reasonable solution to me. And if they're well-armed, it > will also be quite secure. > > On Tue, Mar 30, 2021 at 3:25 PM Steve Jones > wrote: > >> Im am unopposed to this >> >> On Tue, Mar 30, 2021 at 2:49 PM Mike Hammett wrote: >> >>> Well right, but there's not really any way around that, short of having >>> a bunch of midgets you keep stacked in the basement with passwords written >>> on their foreheads and you summon them by yelling the name of the site or >>> service you need the password for. >>> >>> >>> >>> - >>> Mike Hammett >>> Intelligent Computing Solutions <http://www.ics-il.com/> >>> <https://www.facebook.com/ICSIL> >>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>> <https://twitter.com/ICSIL> >>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>> <https://www.facebook.com/mdwestix> >>> <https://www.linkedin.com/company/midwest-internet-exchange> >>> <https://twitter.com/mdwestix> >>> The Brothers WISP <http://www.thebrotherswisp.com/> >>> <https://www.facebook.com/thebrotherswisp> >>> >>> >>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >>> -- >>> *From: *"Mathew Howard" >>> *To: *"AnimalFarm Microwave Users Group" >>> *Sent: *Tuesday, March 30, 2021 2:42:19 PM >>> *Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the truth? >>> >>> I think Steve's point is that if you have all of your stuff stored in >>> one place, if somebody gets access to that place, they have all your stuff. >>> Whether that place is Lastpass, a TXT file or a forehead isn't particularly >>> important. >>> >>> On Tue, Mar 30, 2021 at 2:23 PM Mike Hammett wrote: >>> >>>> Right, I read that. That doesn't mean anything. It could have just as >>>> well said that they were previously stored in a TXT file on the desktop or >>>> written backwards on the SysAdmin's forehead. >>>> >>>> >>>> >>>> - >>>> Mike Hammett >>>> Intelligent Computing Solutions <http://www.ics-il.com/> >>>> <https://www.facebook.com/ICSIL> >>>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>>> <https://twitter.com/ICSIL> >>>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>>> <https://www.facebook.com/mdwestix> >>>> <https://www.linkedin.com/company/midwest-internet-exchange> >>>> <https://twitter.com/mdwestix> >>>> The Brothers WISP <http://www.thebrotherswisp.com/> >>>> <https://www.facebook.com/thebrotherswisp> >>>> >>>> >>>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >>>> -- >>>> *From: *"Steve Jones" >>>> *To: *"AnimalFarm Microwave Users Group" >>>> *Sent: *Tuesday, March 30, 2021 2:18:41 PM >>>> *Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the truth? >>>> >>>> from the sounds of it thats how they gained the access >>>> >>>> Adam says the attacker(s) had access to privileged credentials that >>>> were previously stored in the LastPass >>>> <https://en.wikipedia.org/wiki/LastPass> account of a Ubiquiti IT >>>> employee, and gained root administrator access to all Ubiquiti AWS >>>> accounts, including all S3 data buckets, all application logs, all >>>> databases, all user database credentials, and secrets required to forge >>>> single sign-on (SSO) cookies. >>>> >>>> On Tue, Mar 30, 2021 at 2:10 PM Mike Hammett wrote: >>>> >>>>> I don't know that LastPass really had anything to do with it, other >>>>> than that's where someone stored a password. >>>>> >>>>> >>>>> >>>>> - >>>>> Mike Hammett >>>>
Re: [AFMUG] Ubiquiti played fast and loose with the truth?
Why midgets though? Could be people of any height.
On 3/30/2021 4:45 PM, Mathew Howard wrote:
It seems like a reasonable solution to me. And if they're well-armed,
it will also be quite secure.
On Tue, Mar 30, 2021 at 3:25 PM Steve Jones <mailto:thatoneguyst...@gmail.com>> wrote:
Im am unopposed to this
On Tue, Mar 30, 2021 at 2:49 PM Mike Hammett mailto:af...@ics-il.net>> wrote:
Well right, but there's not really any way around that, short
of having a bunch of midgets you keep stacked in the basement
with passwords written on their foreheads and you summon them
by yelling the name of the site or service you need the
password for.
-
Mike Hammett
Intelligent Computing Solutions <http://www.ics-il.com/>
<https://www.facebook.com/ICSIL><https://plus.google.com/+IntelligentComputingSolutionsDeKalb><https://www.linkedin.com/company/intelligent-computing-solutions><https://twitter.com/ICSIL>
Midwest Internet Exchange <http://www.midwest-ix.com/>
<https://www.facebook.com/mdwestix><https://www.linkedin.com/company/midwest-internet-exchange><https://twitter.com/mdwestix>
The Brothers WISP <http://www.thebrotherswisp.com/>
<https://www.facebook.com/thebrotherswisp>
<https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
*From: *"Mathew Howard" mailto:mhoward...@gmail.com>>
*To: *"AnimalFarm Microwave Users Group" mailto:af@af.afmug.com>>
*Sent: *Tuesday, March 30, 2021 2:42:19 PM
*Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the
truth?
I think Steve's point is that if you have all of your stuff
stored in one place, if somebody gets access to that place,
they have all your stuff. Whether that place is Lastpass, a
TXT file or a forehead isn't particularly important.
On Tue, Mar 30, 2021 at 2:23 PM Mike Hammett mailto:af...@ics-il.net>> wrote:
Right, I read that. That doesn't mean anything. It could
have just as well said that they were previously stored in
a TXT file on the desktop or written backwards on the
SysAdmin's forehead.
-
Mike Hammett
Intelligent Computing Solutions <http://www.ics-il.com/>
<https://www.facebook.com/ICSIL><https://plus.google.com/+IntelligentComputingSolutionsDeKalb><https://www.linkedin.com/company/intelligent-computing-solutions><https://twitter.com/ICSIL>
Midwest Internet Exchange <http://www.midwest-ix.com/>
<https://www.facebook.com/mdwestix><https://www.linkedin.com/company/midwest-internet-exchange><https://twitter.com/mdwestix>
The Brothers WISP <http://www.thebrotherswisp.com/>
<https://www.facebook.com/thebrotherswisp>
<https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
*From: *"Steve Jones" mailto:thatoneguyst...@gmail.com>>
*To: *"AnimalFarm Microwave Users Group" mailto:af@af.afmug.com>>
*Sent: *Tuesday, March 30, 2021 2:18:41 PM
*Subject: *Re: [AFMUG] Ubiquiti played fast and loose with
the truth?
from the sounds of it thats how they gained the access
Adam says the attacker(s) had access to privileged
credentials that were previously stored in the LastPass
<https://en.wikipedia.org/wiki/LastPass> account of a
Ubiquiti IT employee, and gained root administrator access
to all Ubiquiti AWS accounts, including all S3 data
buckets, all application logs, all databases, all user
database credentials, and secrets required to forge single
sign-on (SSO) cookies.
On Tue, Mar 30, 2021 at 2:10 PM Mike Hammett
mailto:af...@ics-il.net>> wrote:
I don't know that LastPass really had anything to do
with it, other than that's where someone stored a
password.
-
Mike Hammett
Intelligent Computing Solutions <http://www.ics-il.com/>
<https://www.facebook.com/ICSIL><https://plus.google.com/+IntelligentComputingSolutionsDeKalb><https://www.linkedin.com/company/intelligent-computing-solutions><https://twitter.com/ICSIL>
Midwest Internet Exchange <http://www.midwest-ix.com/>
<https://www.facebook.c
Re: [AFMUG] Ubiquiti played fast and loose with the truth?
It seems like a reasonable solution to me. And if they're well-armed, it will also be quite secure. On Tue, Mar 30, 2021 at 3:25 PM Steve Jones wrote: > Im am unopposed to this > > On Tue, Mar 30, 2021 at 2:49 PM Mike Hammett wrote: > >> Well right, but there's not really any way around that, short of having a >> bunch of midgets you keep stacked in the basement with passwords written on >> their foreheads and you summon them by yelling the name of the site or >> service you need the password for. >> >> >> >> - >> Mike Hammett >> Intelligent Computing Solutions <http://www.ics-il.com/> >> <https://www.facebook.com/ICSIL> >> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >> <https://www.linkedin.com/company/intelligent-computing-solutions> >> <https://twitter.com/ICSIL> >> Midwest Internet Exchange <http://www.midwest-ix.com/> >> <https://www.facebook.com/mdwestix> >> <https://www.linkedin.com/company/midwest-internet-exchange> >> <https://twitter.com/mdwestix> >> The Brothers WISP <http://www.thebrotherswisp.com/> >> <https://www.facebook.com/thebrotherswisp> >> >> >> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >> -- >> *From: *"Mathew Howard" >> *To: *"AnimalFarm Microwave Users Group" >> *Sent: *Tuesday, March 30, 2021 2:42:19 PM >> *Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the truth? >> >> I think Steve's point is that if you have all of your stuff stored in one >> place, if somebody gets access to that place, they have all your stuff. >> Whether that place is Lastpass, a TXT file or a forehead isn't particularly >> important. >> >> On Tue, Mar 30, 2021 at 2:23 PM Mike Hammett wrote: >> >>> Right, I read that. That doesn't mean anything. It could have just as >>> well said that they were previously stored in a TXT file on the desktop or >>> written backwards on the SysAdmin's forehead. >>> >>> >>> >>> - >>> Mike Hammett >>> Intelligent Computing Solutions <http://www.ics-il.com/> >>> <https://www.facebook.com/ICSIL> >>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>> <https://twitter.com/ICSIL> >>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>> <https://www.facebook.com/mdwestix> >>> <https://www.linkedin.com/company/midwest-internet-exchange> >>> <https://twitter.com/mdwestix> >>> The Brothers WISP <http://www.thebrotherswisp.com/> >>> <https://www.facebook.com/thebrotherswisp> >>> >>> >>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >>> -- >>> *From: *"Steve Jones" >>> *To: *"AnimalFarm Microwave Users Group" >>> *Sent: *Tuesday, March 30, 2021 2:18:41 PM >>> *Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the truth? >>> >>> from the sounds of it thats how they gained the access >>> >>> Adam says the attacker(s) had access to privileged credentials that were >>> previously stored in the LastPass >>> <https://en.wikipedia.org/wiki/LastPass> account of a Ubiquiti IT >>> employee, and gained root administrator access to all Ubiquiti AWS >>> accounts, including all S3 data buckets, all application logs, all >>> databases, all user database credentials, and secrets required to forge >>> single sign-on (SSO) cookies. >>> >>> On Tue, Mar 30, 2021 at 2:10 PM Mike Hammett wrote: >>> >>>> I don't know that LastPass really had anything to do with it, other >>>> than that's where someone stored a password. >>>> >>>> >>>> >>>> - >>>> Mike Hammett >>>> Intelligent Computing Solutions <http://www.ics-il.com/> >>>> <https://www.facebook.com/ICSIL> >>>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>>> <https://twitter.com/ICSIL> >>>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>>> <https://www.facebook.com/mdwestix> >>>> <https://www.linkedin.com/company/midwest-internet-exchange&g
Re: [AFMUG] Ubiquiti played fast and loose with the truth?
Im am unopposed to this On Tue, Mar 30, 2021 at 2:49 PM Mike Hammett wrote: > Well right, but there's not really any way around that, short of having a > bunch of midgets you keep stacked in the basement with passwords written on > their foreheads and you summon them by yelling the name of the site or > service you need the password for. > > > > - > Mike Hammett > Intelligent Computing Solutions <http://www.ics-il.com/> > <https://www.facebook.com/ICSIL> > <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> > <https://www.linkedin.com/company/intelligent-computing-solutions> > <https://twitter.com/ICSIL> > Midwest Internet Exchange <http://www.midwest-ix.com/> > <https://www.facebook.com/mdwestix> > <https://www.linkedin.com/company/midwest-internet-exchange> > <https://twitter.com/mdwestix> > The Brothers WISP <http://www.thebrotherswisp.com/> > <https://www.facebook.com/thebrotherswisp> > > > <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> > ---------- > *From: *"Mathew Howard" > *To: *"AnimalFarm Microwave Users Group" > *Sent: *Tuesday, March 30, 2021 2:42:19 PM > *Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the truth? > > I think Steve's point is that if you have all of your stuff stored in one > place, if somebody gets access to that place, they have all your stuff. > Whether that place is Lastpass, a TXT file or a forehead isn't particularly > important. > > On Tue, Mar 30, 2021 at 2:23 PM Mike Hammett wrote: > >> Right, I read that. That doesn't mean anything. It could have just as >> well said that they were previously stored in a TXT file on the desktop or >> written backwards on the SysAdmin's forehead. >> >> >> >> - >> Mike Hammett >> Intelligent Computing Solutions <http://www.ics-il.com/> >> <https://www.facebook.com/ICSIL> >> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >> <https://www.linkedin.com/company/intelligent-computing-solutions> >> <https://twitter.com/ICSIL> >> Midwest Internet Exchange <http://www.midwest-ix.com/> >> <https://www.facebook.com/mdwestix> >> <https://www.linkedin.com/company/midwest-internet-exchange> >> <https://twitter.com/mdwestix> >> The Brothers WISP <http://www.thebrotherswisp.com/> >> <https://www.facebook.com/thebrotherswisp> >> >> >> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >> -- >> *From: *"Steve Jones" >> *To: *"AnimalFarm Microwave Users Group" >> *Sent: *Tuesday, March 30, 2021 2:18:41 PM >> *Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the truth? >> >> from the sounds of it thats how they gained the access >> >> Adam says the attacker(s) had access to privileged credentials that were >> previously stored in the LastPass >> <https://en.wikipedia.org/wiki/LastPass> account of a Ubiquiti IT >> employee, and gained root administrator access to all Ubiquiti AWS >> accounts, including all S3 data buckets, all application logs, all >> databases, all user database credentials, and secrets required to forge >> single sign-on (SSO) cookies. >> >> On Tue, Mar 30, 2021 at 2:10 PM Mike Hammett wrote: >> >>> I don't know that LastPass really had anything to do with it, other than >>> that's where someone stored a password. >>> >>> >>> >>> - >>> Mike Hammett >>> Intelligent Computing Solutions <http://www.ics-il.com/> >>> <https://www.facebook.com/ICSIL> >>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >>> <https://www.linkedin.com/company/intelligent-computing-solutions> >>> <https://twitter.com/ICSIL> >>> Midwest Internet Exchange <http://www.midwest-ix.com/> >>> <https://www.facebook.com/mdwestix> >>> <https://www.linkedin.com/company/midwest-internet-exchange> >>> <https://twitter.com/mdwestix> >>> The Brothers WISP <http://www.thebrotherswisp.com/> >>> <https://www.facebook.com/thebrotherswisp> >>> >>> >>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >>> -- >>> *From: *"Steve Jones" >>> *To: *"AnimalFarm Microwave Users Group" >>> *Sent: *Tuesday, March 30, 2021 2:06:13 PM >>> *Subject: *Re: [AFMUG
Re: [AFMUG] Ubiquiti played fast and loose with the truth?
Well right, but there's not really any way around that, short of having a bunch of midgets you keep stacked in the basement with passwords written on their foreheads and you summon them by yelling the name of the site or service you need the password for. - Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP - Original Message - From: "Mathew Howard" To: "AnimalFarm Microwave Users Group" Sent: Tuesday, March 30, 2021 2:42:19 PM Subject: Re: [AFMUG] Ubiquiti played fast and loose with the truth? I think Steve's point is that if you have all of your stuff stored in one place, if somebody gets access to that place, they have all your stuff. Whether that place is Lastpass, a TXT file or a forehead isn't particularly important. On Tue, Mar 30, 2021 at 2:23 PM Mike Hammett < af...@ics-il.net > wrote: Right, I read that. That doesn't mean anything. It could have just as well said that they were previously stored in a TXT file on the desktop or written backwards on the SysAdmin's forehead. - Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP From: "Steve Jones" < thatoneguyst...@gmail.com > To: "AnimalFarm Microwave Users Group" < af@af.afmug.com > Sent: Tuesday, March 30, 2021 2:18:41 PM Subject: Re: [AFMUG] Ubiquiti played fast and loose with the truth? from the sounds of it thats how they gained the access Adam says the attacker(s) had access to privileged credentials that were previously stored in the LastPass account of a Ubiquiti IT employee, and gained root administrator access to all Ubiquiti AWS accounts, including all S3 data buckets, all application logs, all databases, all user database credentials, and secrets required to forge single sign-on (SSO) cookies. On Tue, Mar 30, 2021 at 2:10 PM Mike Hammett < af...@ics-il.net > wrote: I don't know that LastPass really had anything to do with it, other than that's where someone stored a password. - Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP From: "Steve Jones" < thatoneguyst...@gmail.com > To: "AnimalFarm Microwave Users Group" < af@af.afmug.com > Sent: Tuesday, March 30, 2021 2:06:13 PM Subject: Re: [AFMUG] Ubiquiti played fast and loose with the truth? hahaha, lastpass. I like to keep all eggs in a single basket, that way when i have both hands in the cookie jar, all a guy need to do is walk off with the basket and make an omelette On Tue, Mar 30, 2021 at 1:59 PM Cameron Crum < cc...@murcevilo.com > wrote: We are shocked. SHOCKED I say! On Tue, Mar 30, 2021 at 1:18 PM Robert Andrews < i...@avantwireless.com > wrote: I guess I should have not just put in a link without commenting... So: Why am I surprised? On 03/30/2021 11:15 AM, Robert Andrews wrote: > https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/ > > > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Ubiquiti played fast and loose with the truth?
I think Steve's point is that if you have all of your stuff stored in one place, if somebody gets access to that place, they have all your stuff. Whether that place is Lastpass, a TXT file or a forehead isn't particularly important. On Tue, Mar 30, 2021 at 2:23 PM Mike Hammett wrote: > Right, I read that. That doesn't mean anything. It could have just as well > said that they were previously stored in a TXT file on the desktop or > written backwards on the SysAdmin's forehead. > > > > - > Mike Hammett > Intelligent Computing Solutions <http://www.ics-il.com/> > <https://www.facebook.com/ICSIL> > <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> > <https://www.linkedin.com/company/intelligent-computing-solutions> > <https://twitter.com/ICSIL> > Midwest Internet Exchange <http://www.midwest-ix.com/> > <https://www.facebook.com/mdwestix> > <https://www.linkedin.com/company/midwest-internet-exchange> > <https://twitter.com/mdwestix> > The Brothers WISP <http://www.thebrotherswisp.com/> > <https://www.facebook.com/thebrotherswisp> > > > <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> > ---------- > *From: *"Steve Jones" > *To: *"AnimalFarm Microwave Users Group" > *Sent: *Tuesday, March 30, 2021 2:18:41 PM > *Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the truth? > > from the sounds of it thats how they gained the access > > Adam says the attacker(s) had access to privileged credentials that were > previously stored in the LastPass <https://en.wikipedia.org/wiki/LastPass> > account > of a Ubiquiti IT employee, and gained root administrator access to all > Ubiquiti AWS accounts, including all S3 data buckets, all application logs, > all databases, all user database credentials, and secrets required to forge > single sign-on (SSO) cookies. > > On Tue, Mar 30, 2021 at 2:10 PM Mike Hammett wrote: > >> I don't know that LastPass really had anything to do with it, other than >> that's where someone stored a password. >> >> >> >> - >> Mike Hammett >> Intelligent Computing Solutions <http://www.ics-il.com/> >> <https://www.facebook.com/ICSIL> >> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> >> <https://www.linkedin.com/company/intelligent-computing-solutions> >> <https://twitter.com/ICSIL> >> Midwest Internet Exchange <http://www.midwest-ix.com/> >> <https://www.facebook.com/mdwestix> >> <https://www.linkedin.com/company/midwest-internet-exchange> >> <https://twitter.com/mdwestix> >> The Brothers WISP <http://www.thebrotherswisp.com/> >> <https://www.facebook.com/thebrotherswisp> >> >> >> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> >> -- >> *From: *"Steve Jones" >> *To: *"AnimalFarm Microwave Users Group" >> *Sent: *Tuesday, March 30, 2021 2:06:13 PM >> *Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the truth? >> >> hahaha, lastpass. I like to keep all eggs in a single basket, that way >> when i have both hands in the cookie jar, all a guy need to do is walk off >> with the basket and make an omelette >> >> On Tue, Mar 30, 2021 at 1:59 PM Cameron Crum wrote: >> >>> We are shocked. SHOCKED I say! >>> >>> On Tue, Mar 30, 2021 at 1:18 PM Robert Andrews >>> wrote: >>> >>>> I guess I should have not just put in a link without commenting... >>>> >>>> So: >>>> >>>> Why am I surprised? >>>> >>>> On 03/30/2021 11:15 AM, Robert Andrews wrote: >>>> > >>>> https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/ >>>> > >>>> > >>>> >>>> -- >>>> AF mailing list >>>> AF@af.afmug.com >>>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>>> >>> -- >>> AF mailing list >>> AF@af.afmug.com >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Ubiquiti played fast and loose with the truth?
Right, I read that. That doesn't mean anything. It could have just as well said that they were previously stored in a TXT file on the desktop or written backwards on the SysAdmin's forehead. - Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP - Original Message - From: "Steve Jones" To: "AnimalFarm Microwave Users Group" Sent: Tuesday, March 30, 2021 2:18:41 PM Subject: Re: [AFMUG] Ubiquiti played fast and loose with the truth? from the sounds of it thats how they gained the access Adam says the attacker(s) had access to privileged credentials that were previously stored in the LastPass account of a Ubiquiti IT employee, and gained root administrator access to all Ubiquiti AWS accounts, including all S3 data buckets, all application logs, all databases, all user database credentials, and secrets required to forge single sign-on (SSO) cookies. On Tue, Mar 30, 2021 at 2:10 PM Mike Hammett < af...@ics-il.net > wrote: I don't know that LastPass really had anything to do with it, other than that's where someone stored a password. - Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP From: "Steve Jones" < thatoneguyst...@gmail.com > To: "AnimalFarm Microwave Users Group" < af@af.afmug.com > Sent: Tuesday, March 30, 2021 2:06:13 PM Subject: Re: [AFMUG] Ubiquiti played fast and loose with the truth? hahaha, lastpass. I like to keep all eggs in a single basket, that way when i have both hands in the cookie jar, all a guy need to do is walk off with the basket and make an omelette On Tue, Mar 30, 2021 at 1:59 PM Cameron Crum < cc...@murcevilo.com > wrote: We are shocked. SHOCKED I say! On Tue, Mar 30, 2021 at 1:18 PM Robert Andrews < i...@avantwireless.com > wrote: I guess I should have not just put in a link without commenting... So: Why am I surprised? On 03/30/2021 11:15 AM, Robert Andrews wrote: > https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/ > > > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Ubiquiti played fast and loose with the truth?
from the sounds of it thats how they gained the access Adam says the attacker(s) had access to privileged credentials that were previously stored in the LastPass <https://en.wikipedia.org/wiki/LastPass> account of a Ubiquiti IT employee, and gained root administrator access to all Ubiquiti AWS accounts, including all S3 data buckets, all application logs, all databases, all user database credentials, and secrets required to forge single sign-on (SSO) cookies. On Tue, Mar 30, 2021 at 2:10 PM Mike Hammett wrote: > I don't know that LastPass really had anything to do with it, other than > that's where someone stored a password. > > > > - > Mike Hammett > Intelligent Computing Solutions <http://www.ics-il.com/> > <https://www.facebook.com/ICSIL> > <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> > <https://www.linkedin.com/company/intelligent-computing-solutions> > <https://twitter.com/ICSIL> > Midwest Internet Exchange <http://www.midwest-ix.com/> > <https://www.facebook.com/mdwestix> > <https://www.linkedin.com/company/midwest-internet-exchange> > <https://twitter.com/mdwestix> > The Brothers WISP <http://www.thebrotherswisp.com/> > <https://www.facebook.com/thebrotherswisp> > > > <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> > ---------- > *From: *"Steve Jones" > *To: *"AnimalFarm Microwave Users Group" > *Sent: *Tuesday, March 30, 2021 2:06:13 PM > *Subject: *Re: [AFMUG] Ubiquiti played fast and loose with the truth? > > hahaha, lastpass. I like to keep all eggs in a single basket, that way > when i have both hands in the cookie jar, all a guy need to do is walk off > with the basket and make an omelette > > On Tue, Mar 30, 2021 at 1:59 PM Cameron Crum wrote: > >> We are shocked. SHOCKED I say! >> >> On Tue, Mar 30, 2021 at 1:18 PM Robert Andrews >> wrote: >> >>> I guess I should have not just put in a link without commenting... >>> >>> So: >>> >>> Why am I surprised? >>> >>> On 03/30/2021 11:15 AM, Robert Andrews wrote: >>> > >>> https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/ >>> > >>> > >>> >>> -- >>> AF mailing list >>> AF@af.afmug.com >>> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >>> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Ubiquiti played fast and loose with the truth?
I don't know that LastPass really had anything to do with it, other than that's where someone stored a password. - Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP - Original Message - From: "Steve Jones" To: "AnimalFarm Microwave Users Group" Sent: Tuesday, March 30, 2021 2:06:13 PM Subject: Re: [AFMUG] Ubiquiti played fast and loose with the truth? hahaha, lastpass. I like to keep all eggs in a single basket, that way when i have both hands in the cookie jar, all a guy need to do is walk off with the basket and make an omelette On Tue, Mar 30, 2021 at 1:59 PM Cameron Crum < cc...@murcevilo.com > wrote: We are shocked. SHOCKED I say! On Tue, Mar 30, 2021 at 1:18 PM Robert Andrews < i...@avantwireless.com > wrote: I guess I should have not just put in a link without commenting... So: Why am I surprised? On 03/30/2021 11:15 AM, Robert Andrews wrote: > https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/ > > > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Ubiquiti played fast and loose with the truth?
hahaha, lastpass. I like to keep all eggs in a single basket, that way when i have both hands in the cookie jar, all a guy need to do is walk off with the basket and make an omelette On Tue, Mar 30, 2021 at 1:59 PM Cameron Crum wrote: > We are shocked. SHOCKED I say! > > On Tue, Mar 30, 2021 at 1:18 PM Robert Andrews > wrote: > >> I guess I should have not just put in a link without commenting... >> >> So: >> >> Why am I surprised? >> >> On 03/30/2021 11:15 AM, Robert Andrews wrote: >> > >> https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/ >> > >> > >> >> -- >> AF mailing list >> AF@af.afmug.com >> http://af.afmug.com/mailman/listinfo/af_af.afmug.com >> > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Ubiquiti played fast and loose with the truth?
We are shocked. SHOCKED I say! On Tue, Mar 30, 2021 at 1:18 PM Robert Andrews wrote: > I guess I should have not just put in a link without commenting... > > So: > > Why am I surprised? > > On 03/30/2021 11:15 AM, Robert Andrews wrote: > > > https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/ > > > > > > -- > AF mailing list > AF@af.afmug.com > http://af.afmug.com/mailman/listinfo/af_af.afmug.com > -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
Re: [AFMUG] Ubiquiti played fast and loose with the truth?
I guess I should have not just put in a link without commenting... So: Why am I surprised? On 03/30/2021 11:15 AM, Robert Andrews wrote: https://krebsonsecurity.com/2021/03/whistleblower-ubiquiti-breach-catastrophic/ -- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
