NO. 359 | WhatsLeak, CCTV Ban, Meta Threats


Exploring the intersection of security, technology, and society—and what might be coming next…

Standard Web Edition | November 28, 2022

SECURITY NEWS


There appears to be a WhatsApp data leak of over 500 million users’ data in 84 countries. They’re supposedly selling the data for $7K in the UK, and around $2K in the US and Germany. MORE

The FCC has banned Chinese CCTV cameras on sensitive government sites and they’ve told organizations to rip and replace them wherever they can. And the UK has followed the lead. THE REGISTER ANALYSIS | MORE

The US GAO says US offshore oil and gas infrastructure is at significant risk from cyberattack and warns of possible impacts similar to the Deepwater Horizon disaster. MORE

The Markup found that multiple US tax preparation websites are sending financial data to Meta through The Meta Pixel. Data includes names, emails, and even income, refund amounts, and more. MORE

Meta says they found and terminated multiple influence campaigns run by the US government. They also said the 16 pages, two groups, and 26 Instagram accounts weren’t very effective and had very little engagement. MORE

Meta released their Adversarial Threat Report for Q3 2022, which included the US campaigns above but also other campaigns, including those from China and Russia. THE REPORT PDF

Meta built an AI called CICERO that beats most humans at Diplomacy, which is a strategy game where you have to convince people to cooperate with you and gang up on other players. It was considered a bastion of human gameplay because it requires so much interaction and negotiation, but this AI now has double the average score of a human player. ANNOUNCEMENT BLOG
 

TECHNOLOGY NEWS


Tesla’s full-self-driving (FSD) beta is now available to everyone in North America, regardless of safety record. Tesla maintains a safety score on everyone, which you can look up in your car’s profile. They weren’t letting people with low scores get FSD, but as of Thanksgiving it’s now available to everyone in North America. MORE

Google is evidently about to lay off around 10,000 people. More evidence of the Alaskan Fishing Boat model, in my view. 

It’s not just you: shopping on Amazon has gotten way worse because most everything is now an ad. MORE

Many sources are saying Alexa is failing at Amazon, at least in terms of making money. And rumors are that many of the coming Amazon job cuts will be in the Alexa hardware division. But I wouldn’t be surprised if these rumors are overstated. There’s more to gaining voice assistant dominance than the pure returns on the hardware. MORE

A computer musician named Holly Herndon did a TED talk on how she created an AI clone of her voice, and why she thinks other artists should do the same. MORE

HUMAN NEWS


It’s hard to know how widespread the protests are, but the protests at Foxconn’s iPhone plant appear to be spreading throughout China. MORE | NYTIMES ANALYSIS

A new study out of Stanford indicates that insulin resistance doubles the risk of major depressive disorder. MORE

The US is the only rich country with rising roadway deaths.  NYTIMES ANALYSIS

A government organization in Germany is banning Microsoft 365 due to privacy concerns. MORE

IDEAS & ANALYSIS


💡Companies as Alaskan Fishing Boats — Should companies be ruthlessly maintaining a tiny crew willing to endure extreme conditions for extreme pay? MY ESSAY

📢 A Conversation with Scott Kuffer at Nucleus Security (Sponsored) — I just had a great conversation with Scott Kuffer of Nucleus Security about their vulnerability management solution. Probably the best VM conversation I’ve ever had with a vendor, no joke. If you’re in the VM space you’ll want to hear this one. LISTEN

Longtermism
There’s a concept I’m seeing thrown around a lot called Longtermism, which is the idea that doing things to help more theoretical people in the future at the expense of the fewer people alive today is basically a poor excuse for being an asshole. I’m not sure what I think about it yet. At first viewing, I think the universal rule applies, i.e., both extremes are bad. It’s not good to screw over the future for ourselves, but it’s also weak sauce to be less humane towards today’s humans under the banner of people who don’t yet exist. And on that spectrum I’d probably say I’d balance more towards people today who are suffering acutely. ANALYSIS AGAINST LONGTERMISM | A BOOK THAT’S FOR IT

NOTES


We had a phenomenal book club yesterday that included some new people! We also picked the new book, which is the first book in an Indian sci-fi series, recommended by a member. Can’t wait to start listening today.

Thanksgiving was excellent. We had dinner at 1PM like we’re 77, at Flemmings, which has become our tradition.

Tons of progress on the studio. More sound treatment on the walls. More camera upgrades. And lights. Lots of lights. I’m loving learning this new discipline. Current mission: OBS mastery. And since many have asked, the purpose of all of this is to be able to do explainers and demos using attractive visuals. So imagine my essays and tutorials, but with visual support.

DISCOVERY


⚒️ octopii — Octopii is an open-source AI-powered Personal Identifiable Information (PII) scanner that can look for image assets such as Government IDs, passports, photos and signatures in a directory. TOOL | by REDHUNTLABS

⚒️ RustScan — A modern port scanner written in Rust. Finds ports quickly (3 seconds at its fastest). Runs scripts through its own scripting engine (Python, Lua, Shell supported). TOOL 

⚒️ kubeshark — The API traffic viewer for Kubernetes. It provides visibility and monitoring for traffic moving in, out, and across containers and pods. TOOL 

⚒️ hurl — A command line tool that runs HTTP requests defined in a simple plain text format. It can chain requests, capture values and evaluate queries on headers and body responses. TOOL 

⚒️ humans.txt — An initiative for knowing the people behind a website. It’s a TXT file that contains information about the different people who created the site. WEBSITE 

⚒️ All InfoSec News — A newish website that aggregates cybersecurity news in an efficient columnar format. WEBSITE 

🔭 [ Sponsor ] Keeper — How many of your company’s credentials are stored on sticky notes or shared on spreadsheets? How many employees just use Password123 for every system? TRY KEEPER FOR FREE

An Email That Elon Sent to Tesla Employees About Avoiding Wasteful Meetings MORE

A Security Tools Crash is Coming MORE

Narcissistic Collapse MORE

Stable Diffusion 2.0 is out with dramatically more detail and precision in its images. MORE

Cloudflare servers don’t own IPs anymore, so how do they connect to the Internet? MORE

RECOMMENDATION OF THE WEEK


We’ve always heard that we are what we eat. I think it’s somewhat true of food, but even more so with people and information. We are what we hang out with. We are what we read. We are what we hear. So we should be very careful about what we consume, whether that’s company or content. Who do you surround yourself with? Who do you call to spend free time? And what are your information sources? Those become you, or, you become them, so constantly re-evaluate.

APHORISM OF THE WEEK


“Things start out as hopes and end up as habits.”

Lillian Hellman





Source link