Microsoft purchased RiskIQ a couple of years ago and things were fine for a while. I tried the new offering, Microsoft Defender Threat Intelligence, and the kindest thing I can say is “Windows RiskIQ”. It was sloppy, it was slow, it was too limited to do anything useful. I wrote about it in Using BuiltWith And Threat Intel On A Domain and then never touched it again.
Last fall I noticed the Maltego transforms for Passive Total, the original name for the RiskIQ system, had stopped working. That was not unexpected, but was still a bit of a nuisance.
The precise date of RiskIQ’s demise was surely announced, but I missed it. Last night I needed it for troubleshooting something, and the loss of this marvelous eye in the sky is weighing on my mind.
Attention Conservation Notice:
Attribution is getting harder for the little guy with each passing month. I am about to complain about this at length …
The Fallen:
We lost a variety of important tools during 2024. The ones I can think of immediately are:
RiskIQ - no more quality hosting forensics.
Maltego - I am among the last Classic license holders.
Google Voice has begun aggressively cancelling seldom used numbers.
Google Voice outbound calling has become problematic.
Systems that need DDR3 memory are dropping like flies.
Disinfodrome is gliding for the moment, but its days are numbered.
RiskIQ offers offered a commanding view of the entire internet’s hosting environment. Everything you wanted to know about domains, registrars, IP addresses, SSL certificates, marketing tracking codes, it was all in there. Knowing it’s truly gone, I feel a bit blinded and disempowered.
I missed my Maltego license update in May of last year and was terrified to learn that the loss of my grandfathered Classic license would raise my annual cost from $500 to $5,000(!) I am going to have a windfall this month and I plan on getting a bit ahead of the curve, since this is a tool that I’ll use every day for a month straight some times. I haven’t needed to onboard anyone else for quite a while, but now that’s out of reach.
The Google Voice cancellation problem is tricky for me, I discovered this was an issue when I lost access to some domains associated with a number I haven’t actively used in nine years. I’m not sure why outbound calls are suddenly a circus, but I suspect it’s part of the overall use it or lose it trend. My advice of shielding burner phones using Google still stands, but I HAVE taken steps to replace it with something else for my occasional PSTN calls. Watch this space for further changes.
My DDR3 systems are all around twelve years old and they need to rest. I’ve written about it a number of times and I will note that my one day experiment of using my MacBook Pro as a desktop is approaching the ninety day mark. My HP Z420 is still under my desk but it’s been powered off for several weeks.
Disinfodrome is still running but it’s gliding. The shift of the indexers 1) from my hands to client’s hands and 2) from U.S. to an uncooperative foreign jurisdiction is proceeding as expected. Foolish subpoena and search warrant games are going to slam face first into a brick wall.
Rising Forces:
It’s not all gloom and doom. Disinfodrome is gliding, but I’ve found a European VPS provider that is truly marvelous. I really prefer to be in charge of the hardware handling large volumes of data, but I may even give that up, too. The idea of having equipment safely out of reach of whatever ninnies ends up in charge of the DOJ and FBI is quite comforting. The fact that it’s in a slick virtualization system is even better. I could name the provider, but if I don’t do that, it thwarts any unfounded search warrants. That probably won’t work anyway, see prior paragraph, but not even stating which provider(s) are in use is just another pitfall for any of those aforementioned ninnies.
Sapper Labs Cloak has been doing its job and I’m hoping to see even more work shifted there. Activist groups and lone gun researchers are still going to need something like the advice I’ve been giving in ToolTime, but Cloak is going to be great for groups.
TailScale, an overlay VPN meant for securing connections between all of one’s systems, has really grown on me. It’s been twenty five years since I really studied a networking technology, but I feel the need to fully grasp what this system can do.
The Raspberry Pi5s I received two months ago have become fairly embedded here, no pun intended, and the Teetek KVM is a revelation. I didn’t realize how many tasks I had been avoiding because they required me to get under my desk and move cables. Now macOS and Linux swap with the touch of a button, and a Windows 11 machine will be joining them later this month.
Conclusion:
2025 is going to be a shitshow if even a quarter of the so called “plans” of the incoming administration come to pass. The wind whistling through every journalism related chat room I had in early November was THE warning, which I promptly took to heart. December involved two security related gigs, both intrusions, and January involves me dispensing preventative medicine.
Longer term, there’s a book I got around this time five years ago, with the thought I was going to reset my career, as I did with Cisco certifications back at the turn of the century. Reading it was an uphill battle then, but with a couple astonishing health improvements the last eighteen months, I can now read material like this and have it stick.
There’s a subtle hint in the title of this article, a microcosm that has a whole of society analog. The era of the rule of law in the U.S. is coming to an end, and with it we are all going to need to be much smarter about what is and is not a problem. You’d better be working on upping YOUR risk IQ, because 2025 be like dat.