The developer who breached two of his own open-source code repositories, disrupting thousands of apps that used them, has a colorful past, including embracing a QAnon theory involving Aaron Swartz, a well-known hacker activist and programmer, who committed suicide in 2013.
What the hell happened to Aaron Swartz?
Squires didn’t explain the reason for the move, but in the readme file that came with last week’s malicious update, he included the line “What the hell happened to Aaron Swartz?”
Swartz tragically ended his own life after facing federal hacking charges that could land him in prison for 50 years. The charges — alleged computer hacking crimes and wire fraud — stemmed from Swartz logging into an MIT network and stealing millions of academic papers behind paywalls. After being locked out of the MIT Wi-Fi system, he went into the MIT network cabinet and plugged his laptop directly into the campus network.
While he included the cryptic Swartz reference in the README, Squires also tweet Those same words, and included a link to this thread, alleges that Swartz was murdered after child abuse porn was found on MIT servers. This now-deleted post included in the thread states:
No, it’s not Aaron Swartz who should be tried, but that noble institution of learning for hire, MIT, responsible for the heinous crimes that led to his death. The risks Swartz is taking have threatened MIT and can only be understood through the issue of child pornography, orchestrated and crafted by its eminent professors and distributed to their wealthy and powerful sponsors. The MIT cyberpimp caters to a client base that includes the highest echelons of the State Department, major corporations, intelligence agencies, military executives and the White House.
Every element of the Swartz case suggests that he died in a heroic attempt to expose the perversion that corrupted the hearts and minds of the global elite, a heinous and often deadly vice that harms the innocent children and threatens every family on this planet.
There is also evidence that Squires may have been charged with reckless endangerment two years ago in connection with a fire in his Queens, New York, apartment. At the time, a 37-year-old man named Malak Squires was arrested after being taken to a hospital where authorities allegedly observed him behaving erratically as he responded to the fire, according to news reports.
The article described Squires as a software developer and early Bitcoin investor.A month after the fire, Squire report on twitter “Lost everything I had in an apartment fire” and demanded financial support.
I lost everything in an apartment fire and was barely homeless. Can’t access most of my accounts. All precious metals are gone. If anyone could bless firstname.lastname@example.org with a little cash it would help me from freezing on the street. Ha ha.
– Brilliant (@marak) October 25, 2020
Squires did not respond to a message requesting comment on this post.
Throwing wrenches in the supply chain
The disruptions last week raised concerns about the security of the software supply chain, which is critical to a slew of organizations, including Fortune 500 companies. The two broken libraries – Faker.js and Colors.js – caused trouble for people using the Amazon Cloud SDK. Critics have long argued that big companies benefit from the open source ecosystem without adequately compensating developers for their time. In turn, the developers responsible for the software were unfairly pressured.
In fact, Squires said in 2020 that he would no longer support big companies working for free. “Take this as an opportunity to send me a six-figure annual contract, or fork the project and get others involved,” he wrote.
The ability of a single developer to throw a wrench into such a large application base highlights a fundamental weakness in the current structure of free and open source software. Add to that the havoc wrought by overlooked security flaws in widely used open source applications – think last month’s Log4j fiasco or the devastating Heartbleed zero-day attack on OpenSSL systems in 2014 – and you have a potentially catastrophic Tips.
go to see more here in tech news