Turbotodd

Ruminations on tech, the digital media, and some golf thrown in for good measure.

Posts Tagged ‘cybersecurity

A Picture’s Worth…

leave a comment »

If you’re wondering what happened to your images on Facebook’s News Feed, Instagram, WhatsApp, and Messenger….well, you and over a billion other people.

The Verge is reporting that Facebook is working to resolve the outage and “to get things back to normal as quickly as possible.”

This once again proves the complexities and challenges of publishing multiple pieces of content from multiple sources into a single page. Welcome to the cloud-driven Web of 2019.

But let’s talk soccer. We witnessed yet another storied defeat by the U.S. women’s team last evening in the FIFA Women’s World Cup, beating England 2-1, in a game which missed play of wunderwoman Megan Rapinoe due to a hamstring injury.

Those women are awesome (give them a raise!).

On to the dealmaking…talk all over the place about a possible acquisition of cybersecurity firm Symantec by Broadcom, with Bloomberg reporting Broadcom is in advanced talks to buy them in a deal that could be reached “in weeks.”

From Bloomberg Intelligence:

Broadcom’s potential purchase of another asset with $4+ billion in software sales is likely its most ambitious deal yet – leaderless Symantec has been losing share, even in its core segments. Broadcom CEO Hock Tan will likely need to aggressively cut Symantec costs while keeping sales stable.

– Anand Srinivasan, technology analyst

And on to Chimerica…Mixed signals emanating from the Trump Administration on Huawei, with Reuters reporting a senior U.S. official telling the Commerce Department’s enforcement staff this week that China’s Huawei should still be treated as blacklisted only a few days after the President vowed to ease a ban on sales to the firm.

While Commerce tries to get its story straight, Nikkei Asian Review is reporting that there’s an electronics exodus from China underway:

Global consumer electronics makers HP, Dell, Microsoft and Amazon are all looking to shift substantial production capacity out of China, joining a growing exodus that threatens to undermine the country’s position as the world’s powerhouse for tech gadgets.

HP and Dell, the world’s No. 1 and No. 3 personal computer makers who together command around 40% of the global market, are planning to reallocate up to 30% of their notebook production out of China, several sources told the Nikkei Asian Review.

While this is just smart supply chain management and oversight by electronics firms, it’s a blow to China, which is the world’s largest producer of PCs and smartphones.

It could be a very good time to learn to speak Vietnamese!

Okay, over and out. For those of you in the U.S., Happy Independence Day. And if you’re in D.C. for the big celebration, you can be assured the tanks brought in are expected to be stationary.

But watch your feet, just in case.

Written by turbotodd

July 3, 2019 at 2:37 pm

LinkedIn, Algoed Up

leave a comment »

Happy Tuesday.

Yesterday was a bad tooth day. I had my first root canal since I don’t want to remember when. 

The headphones with classic rock with Pandora, some deep bone antisthetic shots to fully numb my tooth, and a steady stream of nitrous oxide made a root canal a nearly fun experience. 

Endondontists everywhere, more nitrous for all root canals.

While I was down in the endo’s chair, I learned this AM how a small ISP in Pennsylvania “tanked a big chunk of the Web” yesterday.

According to a story from Slate’s “Future Tense,” a Web outage in the Northeast affected “Verizon users and thousands of Website serviced by Cloudflare.”

Cloudflare provides security and performance services to 16 million websites and demonstrates how “one little error…can cause swaths of the Web to break with little warning.”

The outage started around 7 a.m. and affected Verizon before spreading to Amazon Web Services, web-hosting provider WP Engine, live-streaming platform Twitch, Reddit, and several others.

While we wait for the 404s to fade away, know that Axios is reporting some big time algo changes over at LinkedIn.

Axios reports the company has made the algorithm changes over the past 12-18 months to favor conversations in the LI feed that cater to “niche professional interests,” as opposed to elevating viral content. 

Specifically, Axios reports LinkedIn is focused on:

  • Elevating content that users are most likely to join in conversation, which typically means people that users interact with directly in the feed through comments and reactions, or people who have shared interests with you based on your profile.
  • Elevating a post from someone closer to a users’ interests or network if it needs more engagement, not if it’s already going viral.
  • Elevating conversations with things that encourage a response (like opinions commentary alongside content), as well as posts that use mentions and hashtags to bring other people and interests into the conversation and elevating posts from users that respond to commenters.
  • Elevating niche topics of conversation will perform better than broad ones. (When it comes to length, LinkedIn says its algorithm doesn’t favor any particular format, despite rumors that it does.)

This matters because…advertisers want higher-quality engagement, which in turn leads to happier advertisers, which in turn leads to more ad revenue for LI.

Have *you* noticed a difference in your LI feed?

Written by turbotodd

June 25, 2019 at 10:04 am

No Slackers

leave a comment »

Greetings from my South Austin bunker on a hill.

There’s an onslaught of relevant tech news this AM. First, let’s cover off the mo-nay situations.

Slack is expected to go public today, and it’s direct listing reference price has been set at $26. That would value Slack at roughly $15.7B

In case you didn’t know what a direct listing is, The Wall Street Journal explains:

In a

direct listing

, a company simply floats its existing stock onto a public exchange without raising any money or using underwriters. The company doesn’t choose an IPO price or who gets to buy in the night before trading begins, as is the case in a traditional IPO. Spotify Technology SA, which made its trading debut in April 2018, is the only other major company to go public via direct listing.

I think, therefore I Slack. All day, every day.

So, good luck, Slackers everywhere.

You know who’s not Slack? Apple, which, according to a report from Nikkei and as reconnoitered in The Verge, is looking at moving between 15 and 30 percent of its hardware production out of China and has apparently asked key partners like Foxconn, Pegatron, and Wistron to “evaluate the available options.”

The catalyst for the shift is the ongoing trade war between China and the US, which is expected to intensify at the end of this month with the

introduction of 25 percent tariffs

on devices including phones, laptops, and tablets. However, Apple reportedly wants to shift production regardless of whether the trade dispute gets resolved.

Florida’s Riviera Beach has decided to pay $600K in ransom to hackers that took over its computer system. It was a classic email spearphish attack that led to ransomware situation, and, according to a report from the AP, spokeswoman Rose Anne Brown “said Wednesday that the city of 35,000 residents has been working with outside security consultants, who recommended the ransom be paid.”

I guess that whole “We don’t negotiate with terrorists” thing is an outdated trope when it comes to the cyber realm, because it appears more and more municipalities are paying the ransom, as opposed to just saying “No.” Call me old fashioned, but just saying “Yes” simply invites more such attacks.

And yes, the payment is being made via Bitcoin.

Closing on a positive note. Fresno-based Bitwise Industries, which offers training for software developers, has raised a $27M Series A round led by Kapor Capital, which will allow the firm to potentially expand its training to other unusual suspect, underserved cities for tech (like El Paso, Texas, and Knoxville in Appalachia).

As James Fallows writes in The Atlantic:

“Some people have had opportunities by accident, and others do not,” she said [Irma Olguin, from venture firm New Voices Fund]. “We need to make those opportunities less a matter of chance and serendipity, and more a matter of deliberately creating opportunities and exposing young people to different possibilities for their lives.”

Written by turbotodd

June 20, 2019 at 10:52 am

Who Turned Out The Lights?

leave a comment »

Happy Monday!

Okay, golf fans out there, how about that U.S. Open?  Hats off to Gary Woodland, who held off the always lurking Brooks Koepka (and previous two-years-in-a-row U.S. Open winner) and fastidious Justin Rose to win his first ever major championship.

And there was hardly any bitching about the conditions of the venue, Pebble Beach, which I consider to be a good sign (i.e., no out of control rough, crazy fast greens, streaking fans…okay, that last one I made up just to see if I have your attention).

Of course, it’s kind of hard to bitch much about Pebble Beach — I’ve never been there in person, but even on TV it’s breathtaking.

Now, if you happened to be at a Target over the weekend trying to buy some merch, you might have had reason to bitch. For two days in a row, Target experienced a register outage that caused long lines and forced some customers to pay with cash.

You remember cash, right? That green stuff issued by the Federal Reserve that has pictures of past presidents and stuff on it?

Target shares are down more than 1.5% today as investors figured the missing weekend cash into the investment equation. The Wall Street Journal “Morning Download” email newsletter this morning cited Target as explaining the incident wasn’t security related, but rather blamed the outage on a data center issued related to “routine maintenance.” 

Tell me about those self-driving cars, again?  You know, the ones inextricably linked to the same clouds that are running the Target cash registers??

It could have been worse. You could have been trying to do the tango in Argentina (and Paraguay…and Uruguay…and parts of Chile…and Brazil). The power went off and left tens of millions in darkness for several hours on Sunday, and nobody seems to know why.

This as The New York Times on Sunday reported that the U.S. is escalating cyber attacks on Russia’s electric power grid and has placed potentially crippling malware inside the Russian system. Moscow responded today by saying such hacks could escalate into a cyberwar with the U.S.

Mutually assured power outages, anyone?

And on the subject of mutually assured whatever, Huawei’s CEO is doing some advance damage control on the U.S./China Chill-But-Getting-Colder trade war, explaining he expects the company’s revenues to drop $30B below forecast over the next two years.

That’s due largely to a drop of 40 to 60 million international smartphone shipments. 

I would recommend he go talk to Alexa about his problems, but according to a recent survey of 1,000+ U.S. adults, 46 percent never use voice assistants, and 19 percent use them less than once a month.

And for those who do use virtual assistants, 49 percent use them via smartphones as opposed to 18 percent on smart speakers.

Siri, tell Google Assistant to text Alexa not to bother me!

Written by turbotodd

June 17, 2019 at 11:14 am

Broad Spectrum

leave a comment »

Happy Friday.

It appears that Amazon is interested in buying prepaid mobile wireless service Boost Mobile from US carriers T-Mobile and Sprint.

According to a report in Reuters, Amazon is considering buying Boost because the deal would allow it to use the “New T-Mobile” wireless network for at least six years.

New T-Mobile is the name that T-Mobile and Sprint use to refer to the new entity that would result from their merger, one that still requires regulatory approval.

Reuters also reported that Amazon would be interested as well in any wireless spectrum that could be divested as part of the deal.

Analysts estimate that Boost has seven to eight million customers and a transaction could be valued at $4.5 billion if the deal included wireless spectrum and facilities.

Meanwhile, we’re getting some of our first public looks at Uber earnings…the company reported $3.1B in revenue in Q1, which was up 20% year-over-year, and gross bookings of $14.65B dollars, up 34% year-over-year but with a net loss of $1.01B.

From CNBC:

On a call with analysts, Uber CEO Dara Khosrowshahi said he likes “what we see on the competitor front in the U.S.,” referencing Lyft’s earnings call where executives said they are beginning to compete more on brand.
“I think that competing on brand and product is, call it, a healthier mode of competition than just throwing money at a challenge,” Khosrowshahi said.

If you’re a Chrome user and interested in security, see this piece from WIRED, one entitled “Google is finally making Chrome extensions more secure.”

The improvements come as part of a wider company push to evaluate how much user data third-party applications can access. Google launched the audit, known as Project Strobe, in October alongside an announcement that Google+ had suffered data exposuresand would be shuttered.
Later this year, Google will begin requiring that extensions only request access to the minimum amount of user data necessary to function. The company is also expanding its requirements around privacy policies: Previously, only extensions that dealt with personal and sensitive user data had to post the policies, but now extensions that handle personal communications and other user-generated content will need to articulate policies, as well. Google says it is announcing these changes now so developers have time to adapt before the new rules take effect this fall.

Some funding news: BabbleLabs, which is focused on improving speech quality, accuracy, and personalization in voice apps, has raised a $14M Series A. The round was co-led by Dell Technologies Capital and Intel Capital.

Written by turbotodd

May 31, 2019 at 11:23 am

Assange Charged With Conspiracy

leave a comment »

Julian Assange was arrested earlier today at the Ecuadorean Embassy in London, where he had been sheltered for going on seven years (since 2012).

According to reporting from The New York Times, the U.S. charged Assange of conspiring to hack a computer as part of the 2010 release of reams of secret American documents. 

The charge was filed in March 2018 and carries a penalty of up to five years in prison. The Times noted that it was not an espionage charge, which could have carried much more significant penalties.

Mr. Assange has been in the sights of the United States government since his organization’s 2010 disclosures. Most recently, Mr. Assange has been under attack for his organization’s release during the 2016 presidential campaign of thousands of emails stolen from the computer systems of the Democratic National Committee, leading to a series of revelations that embarrassed the party and Hillary Clinton’s campaign. United States investigators have said that the systems were hacked by Russian agents; the conspiracy charge against Mr. Assange unsealed Thursday is not related to the special counsel’s investigation into Russia’s election influence.

Mr. Assange will have the right to contest the United States extradition request in British courts. Most people who fight extradition requests argue that the case is politically motivated rather than driven by legitimate legal concerns.

But the Times also note that his:

initial arrest on Thursday arose from something much more innocuous: He faces a charge in a British court of jumping bail, and the Metropolitan Police said in a statement that Mr. Assange had been arrested by officers at the embassy on a warrant issued by Westminster Magistrates’ Court in 2012, for failing to surrender to the court. A British judge found him guilty of skipping out on bail.

So why did Ecuador give Assange up?

“Finally two days ago, WikiLeaks, the organization of Mr. Assange, threatened the government of Ecuador,” Mr. Moreno said, an apparent reference to allegations from the organization that Mr. Assange had been subject to a spying operation. “My government has nothing to fear and doesn’t act under threat.”

In his video, Mr. Moreno singled out the recent release by WikiLeaks of information about the Vatican as evidence that Mr. Assange had continued to work with WikiLeaks to violate “the rule of nonintervention in the internal affairs of other states.”

Written by turbotodd

April 11, 2019 at 11:32 am

Facebook Security Flaw

leave a comment »

The New York Times is reporting that Facebook said today an attack on its computer network led to the exposure of information from nearly 50 million of its users.

Facebook said it discovered the breach earlier this week, “finding that attackers had exploited a feature in Facebook code that allowed them to take over user accounts.”

The Times reports that Facebook said it did not know the origin or identity of the attackers, nor had it fully assessed the scope of the attack, and is in the beginning stages of its investigation.

Here’s Facebook’s detailed explanation of the exploit and the actions it says it has taken:

Our investigation is still in its early stages. But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted “View As”, a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.

Here is the action we have already taken. First, we’ve fixed the vulnerability and informed law enforcement.

Second, we have reset the access tokens of the almost 50 million accounts we know were affected to protect their security. We’re also taking the precautionary step of resetting access tokens for another 40 million accounts that have been subject to a “View As” look-up in the last year. As a result, around 90 million people will now have to log back in to Facebook, or any of their apps that use Facebook Login. After they have logged back in, people will get a notification at the top of their News Feed explaining what happened.

Third, we’re temporarily turning off the “View As” feature while we conduct a thorough security review.

This attack exploited the complex interaction of multiple issues in our code. It stemmed from a change we made to our video uploading feature in July 2017, which impacted “View As.” The attackers not only needed to find this vulnerability and use it to get an access token, they then had to pivot from that account to others to steal more tokens.

The Times goes went on to write that:

One of Facebook’s most significant challenges has been convincing its users that it is responsible enough to handle the incredible wealth of data the company handles. More than 2 billion people use Facebook every month, and another two billion separately use WhatsApp, a messaging app owned by Facebook, and Instagram, the Facebook-owned popular photo-sharing app.

You know the drill.  Check your password, change it, etc ad nauseum ad infinitum.

Written by turbotodd

September 28, 2018 at 12:22 pm

Posted in 2018, cybersecurity

Tagged with , ,

%d bloggers like this: