Jonathan Swift is a renowned English writer, best known for his novel Gulliver’s Travels. In the novel, the protagonist, Lemuel Gulliver, comes across a dispute in the Liliputian society regarding whether one should open a boiled egg from the big end or the little end. This satirical observation has been carried forward to computer science, where the least significant bytes of integers are stored at the lowest memory addresses, referred to as little-endian, and those that put the most significant bytes first in memory are known as big-endian. Swift also pointed out the tendency of open-source supply chain attacks where programmers decide to use project X, only to find that X depends on Y, which itself depends on Z, and so on.
In recent times, Checkmarx, a supply-chain security testing outfit, has warned of a phishing attack conducted through popular repositories such as NPM, where the criminals create packages that contain README files with links that lead to malicious websites. These links are often accompanied by referral codes, so that the scammers can earn a reward even if the person clicking through does so out of curiosity. Fortunately, the attackers left a list of their malicious packages, which included titles such as “active-amazon-promo-codes-list-that-work-updates-daily-106” and “jackpot_world_free_coins_and_jewels307”.
In light of these issues, it is important to remember to think before clicking any suspicious links, and to avoid filling in online surveys, as they often contain personally identifiable information. If one runs a blog or community site, it is highly suggested to implement moderation to ensure that no malicious links are posted.
Key Points:
• Jonathan Swift is best known for his novel Gulliver’s Travels, which satirically observes a dispute in Liliputian society.
• The observation has been carried forward to computer science, where little-endian and big-endian are used to store integers.
• Swift also noted the tendency of open-source supply chains to contain countless dependencies.
• Recently, Checkmarx has warned of a phishing attack conducted through repositories such as NPM, where criminals create packages with links to malicious websites.
• It is important to think before clicking any suspicious links, and to avoid filling in online surveys.
• If one runs a blog or community site, it is highly suggested to implement moderation to ensure that no malicious links are posted.