Cowboy Who?

Harris quickly has become the Democratic party's presumptive nominee to serve in the White House after President Joe Biden announced Sunday he would not seek reelection against former president and Republican nominee Donald Trump.

In brief: Although the coast has largely been spared heavy rainfall for the last two days, it now appears that the axis of strongest storms will shift there on Wednesday and Thursday. Due to this heightened threat for widespread street flooding, we are elevating coastal counties to a Stage 2 flood alert for now through Thursday evening.

Wary of offshore rains

As the Houston region has fallen into a very wet pattern over the last two days, the heaviest rains have fallen north of the city. Some locations in The Woodlands, for example, have received in excess of 9 inches of rainfall, and areas near Kingwood have received 4 to 6 inches. These heaviest rains have been fairly isolated, however, as most of the Houston region has picked up 1 to 2 inches so far.

We have a couple of more days during which the threat of heavy rainfall is high, so what will happen next? The majority of our modeling guidance suggests the threat will shift southward, particularly from southern Brazoria County up the coast through Galveston Island and all the way to Beaumont-Port Arthur. For this reason, we are elevating our flood alert for coastal counties to Stage 2 on our flood scale.

This means that for coastal counties—Brazoria, Galveston, Chambers, Jefferson, and Orange—there is the threat of flash flooding today, tonight, and on Thursday. Under Stage 2 conditions we generally expect widespread street flooding, and the potential for some localized flooding of homes and businesses. For the rest of the Houston metro area, and particularly areas along and inland of Interstate 10, lesser impacts are expected. We are maintaining a Stage 1 flood alert there.

Wednesday

Just before sunrise this morning we are seeing moderate showers across much of the Houston area, and for now these are totally manageable. But there is a line of showers and thunderstorms just off the coast that is more menacing. There is a fairly good chance this line will slowly lift northward into the coast, including Galveston Island, this morning. This will pose a distinct threat to flood streets.

These showers will gradually spread inland today, but based on our latest modeling they should gradually have a reduced impact and weaken some as they do so. Due to widespread showers and mostly cloudy skies, we can expect highs today to top out in the the low- to mid-80s for most locations.

Wednesday night and Thursday

The most likely scenario is that we see a similar pattern tonight. Some time after midnight another line of showers and thunderstorms appears likely to congeal offshore and then push into Galveston, Chambers, and Jefferson counties during the wee hours. This may spark another round of flooding for areas along and near the coast through Thursday morning. These showers should move inland during the daytime, albeit with likely reduced intensity.

All told, most locations south of Interstate 10 should receive at least 2 to 6 inches of rainfall on Wednesday and Thursday. My concern, and the reason for a heightened flood scale alert, is the possibility for some of these storms to dump 10+ inches of rainfall right along the coast. The models are increasingly highlighting this threat for places such as Galveston Island and the Beaumont-Port Arthur area.

Friday, Saturday, and Sunday

The threat of very heavy rainfall should end by Thursday evening or so, but that does not mean our wet pattern will end. Rather, we’ll continue to see a healthy chance of showers through the weekend. We don’t expect to see the kinds of storms that will produce significant flooding, but there look to be fairly widespread showers. If you have outdoor activities planned, especially for Saturday, I would not feel great about them.

Highs for this period will range from the upper 80s to lower 90s, with partly to mostly cloudy skies. There is a chance of some sunshine by Sunday afternoon, however.

Next week

As high pressure starts to build into the area, next week should be hotter. Starting Monday, I expect we’ll reach at least the low-90s, and by midweek I expect Houston to be solidly in the mid-90s with lots of sunshine. We cannot rule out a stray shower here or there along the sea breeze, but these should not result in any serious accumulations.

We will have an addtional update later this afternoon or early evening to keep tabs on the situation.

Click here to go see the bonus panel!

Hovertext:
Okay, but you should see the thing that gets 2 minutes.

Today's News:

NEW YORK—Pleading with the individual to think rationally, onlookers reportedly urged suicidal jumper Harrison Zwillet to leap from a higher floor Wednesday. “No! Please! Go higher!” called out just one good Samaritan from the ground below, doing her best to deter the distressed stranger from jumping from such a…

Read more...

Some time ago, my colleague Aaron Margosis wrote about how most “Unquoted Service Paths” findings are unnecessarily alarmist. But that doesn’t stop people from reporting it anyway.

Usually from people who don’t actually know what they’re doing.

We often get unquoted service path vulnerability reports. Sometimes they go like this:

We have identified an unquoted service path: The XYZ service has a listed service path of C:\Program Files\Windows Xyz\XyzSvc.exe with no quotation marks to protect the spaces.

Attached find a proof of concept. Copy this program to C:\Program.exe or C:\Program Files\Windows.exe, then use the Services MMC snap-in to stop the XYZ service, then start it. The proof of concept program will run.

As with most unquoted service path vulnerabilities, this one requires that the attacker be on the other side of the airtight hatchway: Creating files in C:\ or in C:\Program Files already requires administrator privilege, so this attack presupposes that the attacker has gained administrator access. It is not surprising that an attacker with administrator access can gain administrator access.

Nevertheless, when we resolve the issue as “Not exploitable, fix in next version”, the finder intended to go public and sent us a preliminary copy of a blog entry they intended to publish.

The blog entry admitted that a default-configured system is not vulnerable due to the inability of non-administrative users to plant Program.exe in an exploitable directory, but noted that a system administrator might misconfigure the system to grant write access to those sensitive directories.

Of course, we have now wandered into the realm of creating an insecure system and then being surprised that it’s insecure.

As far as I can tell, the finder never published that blog entry.

But at least this is a case where the finder actually understood the issues. Often we’re not so lucky, and the finder just spits out some tool output without providing any diagnosable information.

The XYZ service has an unquoted service path, which could allow a user to gain SYSTEM privileges. Attached please find screen shots demonstrating the issue.

The screen shots are heavily redacted captures from some unknown vulnerability scanning software.

Service name	Vulnerable systems
Xyz	7

That’s nice, but there’s nothing diagnosable here. The finder did include a screen shot of the scanning software reporting a non-vulnerable service, but that doesn’t help us identify the vulnerable one.

After some back and forth with the finder, we were able to obtain the path to the vulnerable service, and it was of the form C:\ProgramData\Microsoft\Windows Xyz\XyzSvc.exe, which is not exploitable because it requires administrator privileges to write to the C:\ProgramData\Microsoft\Windows directory.

Quoting service paths is a best practice. If you forget, most of the time, other defense in depth measures prevent it from being exploitable. It’s still good to fix them even though they aren’t exploitable, because you don’t want to rely on the kindness of others. However, you don’t have to fix them with the urgency of a security vulnerability.

Another example of an alleged unquoted service path vulnerability is this one:

The lack of proper quotation marks around the service path for the XYZ service means that this vulnerability could be exploited to achieve privilege escalation. I found this on multiple systems after running a Contoso security scan.

C:\Windows\system32\svchost.exe -k xyz

In this case, the finder ran a commercial scanning tool with a free trial, and the tool reportedly claimed that this service path was unquoted.

While it’s true that the path is unquoted, it’s also true that quotation marks aren’t needed because there are no spaces in the path.

The path is C:\Windows\system32\svchost.exe. The extra -k xyz are command line arguments to the program. They aren’t part of the path-with-spaces. In other words, this service is not trying to run a program with the funny name svchost.exe -k xyz.exe in the C:\Windows\system32 directory. The intention is to run the C:\Windows\system32\svchost.exe program. The lack of quotation marks is the intended interpretation.

Some script kiddies try to supplement their report with breathless prose cobbled together from fragments of other vulnerability reports they found on the Internet.¹

This unquoted path can lead the system to access resources in a parent path. A local attacker can place an executable file in the path of the service. When the service starts or restarts, the malicious file is executed instead of the intended service.

It’s not clear what “place an executable file in the path of the service” means here. If they mean insert an executable file in the same directory as the service, then that doesn’t work. The system will still run the intended file.

If they mean to put a file in a directory in the service’s PATH environment variable, that still doesn’t work, because the service is registered with a full path. (And even if the service were register with an unqualified path, attacking the PATH directories is not fruitful because all of those directories by default are writable only by administrators anyway.)

If they mean to overwrite the service executable with another executable, well, quotation marks won’t do anything to block that.

In this particular report, their so-called “repro steps” didn’t actually repro any attack. All they did in the repro steps was enable the service. They never planted any file to trigger unauthorized code execution. All we can do is guess what they meant; we can’t try to infer it from their proof of concept.

But the clincher was the output of their alleged repro steps:

C:\> sc query xyz
    SERVICE_NAME: xyz
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : "C:\Program Files\Microsoft Xyz\XyzSvc.exe"
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Microsoft XYZ Service
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

The reportedly unquoted service path is quoted!

Bonus chatter: When the security vulnerability reports reach the engineering team, the identifying information about the finder has often been removed. I’m guessing that this is done to remove sources of bias that could be introduced by recognizing, “Oh no, it’s this guy again,” and not giving the report due consideration because of its source.

That said, it’s still possible to identify that two reports came from the same person. The writing styles may match up (and sometimes the two reports are word-for-word identical, just with a service name changed). And one time, I noticed that the proof of concept video that was included with the report had exactly the same wallpaper and desktop icons as another report.

¹ Sometimes the breathless prose is outright wrong.

An attacker could place a malicious executable in a directory whose name contains a space.

As noted above, the attack vector is not placing a malicious executable in a directory whose name contains a space. It’s placing a malicious execute in a directory whose name is a truncation of the unquoted path.

The post Unquoted service paths: The new frontier in script kiddie security vulnerability reports appeared first on The Old New Thing.

“MAGA Republicans are subjecting Vice President Kamala Harris to a barrage of racist and sexist attacks as she has stormed out in front as the likely 2024 nominee…GOP Rep. Tim Burchett of Tennessee said that “100 percent, she was a DEI hire” insisting of Biden’s choice of Harris: “When you go down that route, you get mediocrity.” — Rolling Stone, 7/22/24

With Joe Biden dropping out of the race, Vice President Kamala Harris is now the presumptive nominee for the Democratic Party. As a conservative, it’s clear to me that Harris is a DEI hire who hasn’t earned the credentials necessary to be president. This is especially true compared to Donald Trump, who has never been handed anything in his life.

Donald Trump is nothing if not a self-made man. In 1966, Trump chose to transfer from Fordham University to the more prestigious Wharton School of Finance. He attended the transfer interview with his father, Fred Trump, by his side for support, the way any normal student would. And, though we have yet to see his grades, we can only assume they were stellar.

Meanwhile, Kamala Harris did her undergraduate at Howard University, likely taking a spot from one of the millions of White and Asian students who apply to Howard every year.

After graduating, Donald Trump got his first job at Trump Management, his father’s real estate company. Nobody in their right mind could argue that Donald Trump got that job as part of a “diversity initiative” or “underrepresented talent incubator.” He then started several businesses with nothing more than a dream and a few small loans from his father. And he led six of those businesses all the way from start to finish. Donald Trump is the candidate with the most experience seeing ideas all the way through to the end, whether it’s a casino or American democracy.

Kamala Harris was seemingly plucked out of obscurity for the VP pick in 2020. Her only prior experience in public service was as the District Attorney of San Francisco, the Attorney General of California, and as a United States Senator. And the only reason she got the job was because 81 million people mistakenly believed she was qualified.

Donald Trump, on the other hand, earned the presidency in 2016 by getting the second-most votes out of any of the candidates in contention. It’s a good thing the electoral college was structured in a way that Hillary Clinton couldn’t be handed the presidency simply because she was a woman.

DEI is running amok in this country. White men make up around 31 percent of the United States population, yet make up only 55 percent of Fortune 500 corporate board seats and hold only 62 percent of elected offices. The presidency is one of the few occupations that has remained (mostly) untainted from diversity hires. And after a brief period in which white men made up only 97.73 percent of United States presidents, it’s good to see that number has climbed back up to 97.83 percent. A drop down to 95.74 percent would be nothing short of catastrophic. We cannot afford to repeat the mistake of electing woefully unqualified candidates like Barack Obama rather than people who earned it by making a name for themselves, like George W. Bush.

Between Kamala Harris and Donald Trump, it’s clear who has benefitted the most from their race and gender. And the American people deserve a president who hasn’t gained massive advantages in life from policies that gave preference to one group of people over another.

Government officials say at least 10,000 people were forced to evacuate from the Jasper townsite after a wildfire moved dangerously close to the community late Monday night.

Researchers from the University of Calgary spent the weekend trying to uncover more details about trailblazing Black cowboy John Ware, who carved a path for himself against all odds as a respected Alberta rancher in the 1880s.

British Columbians have flung open their doors to welcome evacuees from wildfires, but government officials are warning space in the province is limited.

NASA is facing a tight budget and wants to wrap up the Chandra X-ray Observatory, but astronomers don't want to see the 25-year-old X-ray space telescope mission go.

(Image credit: NASA/SAO/CXC)

A glut of federal dollars for rail projects and a growing realization that road expansions won’t ease chronic congestion on the state’s busiest highways have some Texas officials and policymakers flirting once more with the idea of expanded passenger rail.

After the Harris County METRO Transit Authority approved more than $1 million to fund an ongoing microtransit program, Houston City Council member Letitia Plummer expressed doubts. 

This post was written by Alison Green and published on Ask a Manager.

A reader writes:

I’d be really interested to hear your take on a situation that cropped up for me while I was attending an internal job interview this week.

I’d been asked to prepare a presentation of “no longer than” 10 minutes. I practiced plenty in advance and was generally coming in at 8 minutes, 30 seconds, so comfortably within.

On the day of the interview, I was halfway through presenting my slide deck when one of the interview panel interrupted with a question, which I answered. This turned into three or four minutes of other queries and broader chat amongst the panel members — all very positive about the content — before they asked me to continue. I’d barely got any further when I was warned that I had less than a minute left: They hadn’t stopped the clock for their conversational detour. As a result, I had to push through the final couple of points far more swiftly than I’d intended.

Fortunately the rest of the interview went well, though ultimately I didn’t get the role. During the call to inform me, the interviewer explained that another candidate had more management experience than me (fair). But upon asking for any other feedback, I was told that I should have had more confidence when presenting, particularly during the last minute or so, and that I could have planned the timing better.

I thanked them for the feedback but I’ve been left wondering what I can really do with this for next time? I was hardly in a position to ban any questions, but putting my foot down and demanding extra presentation time to make up for their interruption sounds like a guaranteed way to lose the job. How can I work on this feedback?

It’s unlikely they wanted you to demand extra time to make up for the interruption.

But it’s very possible they assessed you in part on how well you handled the interruptions, like whether you were able to diplomatically regain control over the presentation and keep going — especially if presenting was a core function of the job. (In fact, if it was, they may have even interrupted intentionally to see how you handled it.) This isn’t necessarily 100% fair, because a lot of job candidates wouldn’t feel comfortable redirecting their interviewers — and if they wanted to assess that, they’d get better results by telling you beforehand that they wanted to see you demonstrate those skills, so you’d understand they were role-playing audience members and not worry as much about “interrupting” your job interviewers.

Or, if not that, they might have assessed you on whether you were able to recover smoothly and adjust on the fly in the time you had remaining.

Or they might not have intended to assess you on any of that, but a different candidate handled those things really well and that gave them an advantage.

It’s also possible the feedback means nothing at all — that when you asked for additional feedback beyond what they’d already offered, the person you were talking to just grasped for something without it being a factor that mattered much in their decision.

It’s hard to know whether there’s really anything here that would be useful to work on — but if you’re looking for something, I’d say it’s planning for audience interruptions and adapting in real time when they happen.

SAUSALITO, CA—Stressing that she had done everything in her power to avoid medical intervention, local vet Dr. Anita Kaiser, DMV reportedly told a French bulldog Tuesday that she had bad news about her natural birth. “While I know it can be hard for dogs of your breed to hear, unfortunately, centuries of inbreeding…

Read more...

WASHINGTON—A new report published Tuesday by the Pew Research Center found that 78% of Americans were too distracted by politics to appreciate the summer Glen Powell is having. “Between the attempted assassination of one party’s presidential candidate and a last-minute replacement of the other, more than three…

Read more...

BALTIMORE—Aiming to raise awareness of the sexually transmitted disease, a new study published Tuesday by the University of Maryland School of Medicine revealed that nearly 14% of college freshmen will contract human papillomavirus by the end of their campus tour. “New data shows a staggering number of incoming…

Read more...

WASHINGTON—Doing her best to appear elated while a large, throbbing vein protruded from her forehead, former Secretary of State Hillary Clinton said she was ‘really, really, really happy’ for Vice President Kamala Harris as she shook the presumptive Democratic nominee’s hand and refused to let go of it. “So, so, so…

Read more...

GRAND RAPIDS, MI—Addressing supporters at his latest rally, former President Donald Trump vowed over the weekend to unite the nation against the common enemy of other Americans. “We must come together to defeat the scourge that is our fellow Americans,” said the Republican presidential nominee, who reportedly spoke…

Read more...

SAN FRANCISCO—Pledging to never leave behind the many millionaires and billionaires from the region who helped shape him into the person he is now, vice presidential candidate J.D. Vance vowed in a speech Tuesday that he would always fight for the forgotten communities in Silicon Valley. “Many of the Democratic …

Read more...

New Cyanide and Happiness Comic

“I’ll come back inside when the air fryer’s ready to apologise”

OTTAWA – Aides to Prime Minister Trudeau have reportedly spent several hours attempting to explain how Joe Biden, a similarly left-leaning incumbent with low polling numbers, actually willingly chose to end his re-election campaign. “So wait… he was headed for a certain electoral defeat where he was gonna drag his entire party down with him… […]

The post Aides explaining to confused Trudeau how unpopular leader dropped re-election bid appeared first on The Beaverton.

NPR’S Ari Shapiro talks with Republican strategist and self-described "never-Trumper" Sarah Longwell about how President Biden dropping out of the race will reshape the election.

With the announcement that President Biden would no longer run for the Democratic nomination, and his endorsement of Vice President Harris, the focus is on who Harris might choose as her running mate.

(Image credit: Drew Angerer/Getty Images; Jon Cherry/Getty Images for Concordia; Allison Joyce/Getty Images; Kent Nishimura/Getty Images; Jeff Chiu/AP; Brian Cassella/Chicago Tribune/Tribune News Service via Getty Images; Bill Pugliano/Getty Images)

SAN FRANCISCO—As front-office executives surveyed the damage done to their record-keeping facility, Major League Baseball announced Monday that it had lost millions of stats Monday in a devastating warehouse blaze. “It is with a heavy heart that I share today the news of an accidental fire that has reduced to ash the…

Read more...

WASHINGTON—Arriving for a campaign strategy session with the vice president and staring in disbelief at her frail, hunched-over form, top Democratic Party officials reportedly began panicking Monday after they discovered Kamala Harris had aged 40 years in a single night. “What the hell happened to her? She was only 59…

Read more...

The city plans to put more than 400 Houston BCycle bikes up for auction over the next several months, along with docking stations and base plates for those stations, after its bike-sharing network shuttered last month.

Read more...