As #Tucker #Carlson almost alone pointed out: the issue of white nationalism is a #politicallyMotivated charge and a hoax. And the #statistics—which you will never hear quoted by the #media, including on #Fox—confirm this.#White #nationalism is not a national #problem. It's a #hoax. The #facts don't back it up.
The #perception that #mass #shootings are a “white man’s problem” lingers around the country because white mass shooters tend to get more #publicity. And, the twisted young male who goes on a public shooting spree fits a certain kind of media #narrative. But when we actually study the mass shootings that took place in #2019, it’s clear that Patrick #Crusius and Connor #Betts are not the norm, but #aberrations.
Mass shooters have no particular #ideology. Crusius and Betts were opposites ideologically. (Though both cared deeply about the #environment.) Nor are mass shooters a white problem or a #black problem. Over the same #bloody weekend, William Patrick #Williams, who is #African-American, appeared in court after being #arrested by the #FBI for planning to #shoot up a #Texas hotel with an #AK-47 #rifle.
Looking at the data from the Mass Shooting Tracker, widely utilized by the media, as of this writing, of the 72 mass shooters, perpetrators in shootings that #killed or #wounded 4 or more people, whose race is known, 21 were white, 37 were black, 8 were Latino, and 6 were members of other groups.
51% of mass shooters in 2019 were black, 29% were white, and 11% were #Latino.
The [ #leftyLogic ] here, of course, is thus inescapable and follows directly on from the message of “ #TheHunt,” all the talk of putting #illegals in #Nazi-style #concentration #camps, and similar Nazi and white nationalist memes over the past two and half years:
The sooner those of us who qualify as “ #deplorables” understand that, the sooner we comprehend that there is no #compromise possible whatsoever with those #progressivists and #Leftists—the sooner we understand that the #self-appointed leaders of the Establishment “ #Conservative Movement” are not our #defenders but 5th Column #collaborationists, then, the sooner we come to the sobering realization that we hold our #destiny and the #future in our hands.
- President #Trump and the “deplorables” are Nazis or at least implicitly Nazi supporters (as well as “white nationalists”—there is no difference);
- #Nazis, of course, are the ultimate #evil and can only be dealt with by #extinguishing and #eliminating them;
- Therefore, Trump—but even more so, the “deplorables”—must be “dealt with,” and ALL methods are licit, from #shaming, #doxxing, in-your-face and #violent demonstrations, #banning on the #Internet (happening as we speak), #legal action and #lawsuits, and, yes, even to #physical violence. “Nazis” cannot be allowed in the new #globalist #America.
the two sides are so far apart that there can be no #compromise. One side wants #freemarkets and #liberty. The other wants #socialism and all that goes with it. I have seen where that particular road ALWAYS leads.from the comments on this article
Some things are simply so repugnant, and so against #freedom and #decency that I cannot #agreetodisagree. The point here is that we live in #society that claims to #value freedom. It has been demonstrated again and again that #gun control doesn't work. #Background checks don't work. So why continue to do something that doesn't work and deprives people of #liberty?
I refuse to agree that it is OK for the #left to demand that I give up my freedoms, so that we can agree to disagree as they begin the
march towards #communism. You see, what they are wanting to do is NOT agree to disagree. If they get their way, laws will be passed that REQUIRE that I do things their way, on penalty of #imprisonment or #death, if I #resist. That is hardly "agreeing to disagree."
\* Approximately 5 days of GitHub being unavailable for Gentoo use.
\* Pull request CI was down; only master was being tested for issues.
\* The Gentoo Proxy Maintainers Project was impacted as many proxy-maint contributors use GitHub to submit PRs.
\* The entity attempted to wipe user content by adding "rm -rf" to various repositories; however this code was unlikely to be executed by end users due to various technical guards in place.
\* Development not related to proxy-maint continued as normal; over 700 commits were made during the incident.
Malicious content available
\* gentoo/gentoo: (2018-06-28 20:38 - 2018-06-29 06:58)
\* gentoo/musl: (2018-06-28 20:56 - 2018-06-29 06:59)
\* gentoo/systemd: (2018-06-28 21:07 - 2018-06-29 06:57)
\* Gentoo responded quickly to reports of problems.
\* GitHub responded quickly and had a function to hide the impacted organization.
\* Gentoo quickly removed account access once the entry point was located.
\* GitHub provided audit logs that helped map out the incident.
\* Initial communications were unclear and lacking detail in two areas.
\* How can users verify their tree to be sure they had a clean copy?
\* Clearer guidelines that even if users got bad copies of data with malicious commits, that the malicious commits would not execute.
\* Communications had three avenues (www.gentoo.org, infra-status.gentoo.org, and email lists.) Later we added a wiki page (this page) and were inconsistent on where to get updates.
\* GitHub failed to block access to the repositories via git, resulting in the malicious commits being externally accessible. Gentoo had to force-push over them as soon as this was discovered that.
\* Credential revocation procedures were incomplete.
\* We did not have a backup copy of the Gentoo GitHub Organization detail.
\* The systemd repo is not mirrored from Gentoo, but is stored directly on GitHub.
\* Numerous Gentoo Developers have personal contacts at GitHub, and in the security industry and these contacts proved valuable throughout the incident response.
\* The attack was loud; removing all developers caused everyone to get emailed. Given the credential taken, its likely a quieter attack would have provided a longer opportunity window.
\* The method by which the attackers pushed commits (force pushing their commits) made downstream consumption more conspicuous; this would have blocked git from silently pulling in new content to existing checkouts on ʼgit pullʼ.
\* action-item: make frequent offline backup of GH settings
\* action-item: stream GH audit log into gentoo infra
\* action-item: review 2FA requirements for GitHub org
\* done: Gentoo GitHub Organization currently requires 2FA to join.
\* action-item: reduce number of people with GitHub owner power
\* action-item: be more proactive in retiring inactive people from infra
\* Simply remove unused access.
\* action-item: see if there is a way we can emails for everybody as they are added to the org
\* action-item: validate infra member retirement procedures separately from undertaker procedures.
\* During the access revocation, some hosts were missed.
\* action-item: prod gentoo-infra members to start using local password managers (pass, gopass, etc.)
\* action-item: Apply 2fa protection to gentoo services generally for all users.
\* action-item: Document an incident plan for communications.
\* Draft incident plan is in place.
\* action-item: sponsor potential for hardware based 2FA for Gentooʼs devs? (C.f. nitrokey / Linux Foundation)
\* action-item: Publish clear password policy for the org, including recommendations for password management.
\* action-item: mirror systemd repo on git.gentoo.org
\* action-item: Audit gentoo system logins for 90d to verify no unexpected activity.
\* action-item: Audit logs for compromised account.
\* action-item: Rotate credentials for compromised account.
\* 20:05 2nd to last known legimate commit to gentoo/gentoo. Matches git.gentoo.org/repo/gentoo.git
\* Auto-pushed by mirror bot.
\* Commit ID 38281f4252f89e3ef9cbae54dfc1ad553d296979
\* 20:08 Last known legimate commit to gentoo/musl. matches git.gentoo.org/proj/musl.git.
\* Commit ID 60461ca1385809bacf6a114a7f1ecfe22f6da47f
\* 20:19 Attacker tries a bad password on the account.
\* 20:19 Attacker successfully gains administrative access
\* 20:25 Attacker invites a dummy account to the org
\* 20:25 Attacker creates a dummy account with administrative access.
\* 20:25 Last known legimate commit to gentoo/gentoo. Matches git.gentoo.org/repo/gentoo.git
\* Auto-pushed by mirror bot.
\* Commit ID 73b724093b9c2a8756b8c35d3e09793342fa9ca9
\* Does NOT appear in the GitHub audit log for the org.
\* 20:25 Attacker starts removing valid users
\* 20:26 Earliest email timestamp of someone being removed from the organization.
\* 20:29 First person notices that something is going on with the GitHub organization
\* 20:30 Attacker invites a second malicious user.
\* 20:32 Attacker adds second malicious user with admin privileges.
\* 20:34 Malicious commit to gentoo/gentoo, 73b72409->fdd8da2e
\* adds readme.me file with racist text.
\* 20:36 First report to Infra that something is going on with the GitHub organization.
\* 20:38 Malicious commit to gentoo/gentoo, fdd8da2e->49464b73.
* adds rm -rf /*& at the top of skel.ebuild
\* 20:39 Attacker changes billing email, the first time.
\* 20:45 Malicious commit 49464b73 is first noticed
\* 20:48 Attacker changes billing email, the second time
\* 20:49 First abuse report to GitHub support
\* 20:50 Malicious commit to gentoo/gentoo, 49464b73->afcdc03b.
* adds rm -rf /* at the top of every ebuild.
\* 20:51 Infraʼs informal contact to GitHub via multiple personal channels
\* 20:53 Second abuse report to GitHub
\* 20:55 Malicious commit to gentoo/gentoo, afcdc03b->e6db0eb4, force-push.
* Squash of entire history as of afcdc03b (rm -rf /* in ebuilds)
\* 20:56 Malicious commit to gentoo/musl, 60461ca1->e6db0eb4. Force-push.
\* Same history as gentoo/gentoo in a squashed commit.
\* 21:00 (approx) GitHub informal report that they are starting to look
\* 21:05 Infraʼs formal ticket to GitHub Support
\* 21:07 Malicious commit to gentoo/systemd, bf0e0a4d->50e3544d.
\* Payload: slightly obfuscated rm -rf $HOME ~/ at the top of the configure script.
\* 21:11 Malicious commit to gentoo/systemd, 50e3544d->c46d8bbf. Force-push.
\* Revert of previous commit bf0e0a4d squashed with commit 50e3544d.
\* 21:28 GitHub support responds; Gentoo GitHub org frozen.
\* 22:14 Gentoo emails GitHub requesting activity logs.
\* 22:45 GitHub locks suspected entry point
\* GitHub does not disclose this to Gentoo, itʼs found in an audit log of the compromised userʼs account on 2018-06-29T14:30:18Z
\* 22:47 GitHub responds, assuring Gentoo that the audit is ongoing and logs will be produced soon.
\* 23:35 GitHub provides limited access to the org to Gentoo.
\* 23:40 Gentoo determines which account was the entry point. Gentoo Infra preemptively removes all access for that account from primary Gentoo properties (git repos, bugs, email, etc.)
\* 23:47 GitHub formally responds with audit logs and security recommendations (e.g. 2FA)
\* 00:00 Gentoo reviews activity of compromised account to see if it was used on other services.
\* 00:05 Gentoo emails GitHub, requesting the org be hidden again while Gentoo affects repairs. Of particular concern are the PRs and how we can audit them.
\* 00:25 GitHub responds saying they have re-hidden the org, and will wait for confirmation before un-hiding it again, but are concerned about proper operation for organization members
\* 01:20 Gentoo responds to GitHub saying keeping it hidden during the investigation is preferable to keeping it operable (but potentially unreliable / malicious.
\* 01:38 GitHub and Gentoo discuss various cleanup strategies over email.
\* 02:33 Formal request from Gentoo to GitHub for an audit log for the affected compromised account (with explicit consent from the compromised user.)
\* 05:27 Gentoo Infra restores billing email.
\* 06:39 Gentoo emails GitHub request incident commander handoff (robbat2 => mgorny) and we trade contact information.
\* 06:57 Gentoo Infra does force-push on gentoo/systemd to restore state. c46d8bbf->bf0e0a4d.
\* 06:58 Gentoo Infra does force-push on gentoo/gentoo to restore state. e6db0eb4->73b72409.
\* Push takes several minutes due to size.
\* 06:59 Gentoo Infra does force-push on gentoo/musl to restore state. e6db0eb4->60461ca1.
\* 13:05 GitHub unlocks the compromised account and resets the password.
\* 14:14 Compromised account holder regains account access, produces a security log from that account.
\* 14:29 Gentoo does another incident handoff (mgorny => robbat2) and Gentoo requests an update on the remediation plan for open PR requests.
\* 20:07 GitHub responds with a statement that they are still working on a remediation plan.
\* 20:46 Gentoo emails GitHub asking for an ETA for remediation.
\* 23:06 GitHub responds with an ETA for the remediation. Internal discussion ensues regarding whether to wait, or try to unlock the org over the weekend.
\* 01:47 Attacker probes compromised account to see if the stolen credential still functions; but this attempt fails.
\* 17:34 Gentoo emails GitHub asking for clarification on remediation actions and what security logs Gentoo thinks are still required.
\* 03:51 GitHub responds with the result of their investigation and described remediation actions they took on their side.
\* 10:10 Gentoo responds to GitHub and asks that the organization be made public so Gentoo can conclude repairs.
\* 11:46 GitHub responds and unlocks the Gentoo GitHub Organization, making it publicly visible once again,
\* gentoo/gentoo, master branch:
\* e6db0eb4 (force-push)
\* gentoo/musl, master branch:
\* c46d8bbf (force-push)