Welcome to the April 7th, 2019 episode of the Raymond Tec News podcast. Each week I curate the articles, tweets, and backchannel sources to provide a 15 to 20-minute summary of tech news.
I’ll start off, like I always do, with the headlines to keep you up at night; data breaches, privacy concerns, and security threats. I’ll follow with this week’s feature, then I’ll balance out the negative with a series of stories to restore your faith in technology, and, maybe, humanity.
Let’s dive in.
Cultura Colectiva, a Mexico-based content publisher, and At the Pool, a defunct app maker, have exposed more than 540 million Facebook records after improperly storing data accessible from the social media site. TechCrunch
A database managed by an Indian government healthcare agency was without password protection for more than three weeks, exposing 12.5 million pregnant women’s medical records. ZDNet
VoterVoice, a company that provides email contact forms for US legislators, has been caught insecurely storing details of people who contact their senators and representatives exposing email addresses and other personally identifiable information. TechCrunch
Macon, Georgia-based Navicent Health has determined a cyberattack from last year exposed records of more than a quarter of a million patients. Data Breach Today
Missouri-based Burrell Behavioral Health exposed about 67,000 patients’ data when a third-party business improperly configured an internet accessible server. Health IT Security
Let’s move on to Privacy Headlines.
A researcher at Talos, Cisco’s security division, revealed that cybercriminal groups are operating in plain sight on Facebook, some using their real profiles. These groups trafficked in stolen credit card data, identity info, spam lists, and hacking tools. Wired
Airbnb is back in privacy news this week, when a family from New Zealand found a camera hidden in a fake smoke detector live streaming the living room of their vacation rental. CNN
WhatsApp has added a new feature that will allow users to control who can add them to groups, in an effort to improve privacy and prevent the spread of fake news. This announcement comes on the heels of a new fact-checking tip line Facebook launched in India ahead of this year’s contentious elections. TechCrunch
A hoax dating back to 2011 has reared its head again this week on Facebook. This is a copy and paste post stating that hackers are publishing sexual videos on your timeline that you can’t see but your friends can; don’t fall for it. Sophos Naked Security
AI researchers at Google, Facebook, Microsoft, and in academia have published an open letter requesting that Amazon stop selling biased facial recognition technology to law enforcement agencies. The Verge
Amazon has announced that Alexa will now talk to internet-connected health monitoring devices, allowing users to verbally check their blood sugar, schedule doctors’ appointments, and receive post-op instructions from hospitals. Personally, I’d rather Amazon not know how I got pink eye. Wired
Israeli security researchers have published a proof of concept that shows malware can access medical scanners to automatically add and remove cancer from CT scans. Security Week
Sanitation workers in Nanjing, China are required to wear a bracelet that tracks their movement and vibrates if it detects that they’re idle for more than 20 minutes. The Verge
The US Justice Department’s Inspector General has announced that the FBI is not notifying victims of cybercrime of their rights in a timely manner. In response, the FBI announced it’s in the process of replacing their current notification system. Data Breach Today
Several members of the European Parliament have voted the wrong way on the Copyright directive, not realizing what the for and against buttons actually meant. These members have requested their votes be changed. Sophos Naked Security
Jackson Cosko, a former staffer of Senator Maggie Hassan, has admitted to doxing 5 senators by publishing their private phone numbers and home addresses to Wikipedia. The details emerged after Cosko pleaded guilty to computer fraud and other offenses. The Verge
Let’s move on to security headlines.
A phishing campaign has been targeting Verizon Mobile users since November of last year according to security research firm, Lookout Phishing AI. DarkReading
A new type of malware that targets IoT devices has been spotted in the wild. Dubbed Bashlite by researchers, the new strain focuses on WeMo brand home automation devices. ZDNet
Huawei has released a patch for its MateBook laptops that could have allowed an attacker to gain access to the system. This bug was first disclosed by Microsoft security researchers in January. The Verge
Dropbox, a leading cloud storage provider for individuals, has discovered 264 vulnerabilities after it ran a one-day bug bounty program. Reportedly, the company paid hackers more than $300,000 in bounties. ZDNet
The Android operating system now powers some 2 billion devices worldwide. Google has announced 75.7 billion downloads, or .04 percent of all downloads from its Google Play store in 2018 were harmful. These estimates are double the number from 2017. TechCrunch
Pharmaceutical giant, Bayer, has announced that they have successfully detected and defeated a Chinese cyberattack. Health IT Security
A critical security vulnerability has been discovered in Xiaomi’s MI and Mint browsers. Users are advised to discontinue using these browsers until a patch is released. The Hacker News
Scammers have been using a new trick to get more clicks on their advertising campaigns. By detecting when your mouse gets to the close button, the page resizes the ad forcing you to click on the ad. To avoid the scam, move your mouse to the close button and pause before clicking. ZDNet
A new report has announced that about 17,000 home and small office modems and routers are vulnerable to DNS Hijack Attacks. These attacks redirect your requests for legitimate sites to sites that serve malware. DarkReading
Waltham, Mass-based Care dot com has deleted tens of thousands of providers after a Wall Street Journal exposé revealed some providers were unlicensed and others had criminal backgrounds. The Verge
Former NSA contractor, Harold Thomas Martin III, has pleaded guilty to illegally accessing top-secret documents and cyber warfare tools. These tools have been found in the wild, most notably in the ransomware WannaCry. Sophos Naked Security
Chinese National Yujing Zhang was arrested last weekend for attempting to bring malware under the guise of attending a fabricated event to President Trump’s Mar-a-Lago golf club. President Trump was on the premises at the time. DarkReading
China has been trying to reunify with Taiwan for many years. To prevent China from tampering in the 2020 presidential election, Taiwan plans to ban Chinese search engine Baidu, and social media giant Tencent. ZDNet
GPS spoofing attacks have been rare and limited to cybercriminal groups until recently. Russia has been accused of the first large-scale GPS spoofing attack. These attacks interfere with the signals bounced back to GPS receivers to confuse navigation. Sophos Naked Security
Let’s move on to other headlines.
Though still very limited, Verizon has begun rolling out 5G in parts of Chicago and Minneapolis. The Verge
Google is continuing to take features from subsidiary Waze for its Google Maps application. Google Maps will soon warn you of traffic slowdowns. The Verge
Some Android TV users turned on their streaming devices to find Google has begun placing ads on their home screens. Many users were angered by the discovery. The Verge
Google and Walmart have announced that they’re teaming up to bring voice-based grocery shopping to consumers to combat Amazon’s push to be everything to everyone. ZDNet
North, the company that’s bringing stylish smart glasses to a wider market, have announced a slew of new features in their latest update including music playback controls, note transcriptions, and transit directions. The Verge
Netflix has announced that users will no longer be able to send shows between Apple devices using the AirPlay feature due to what it’s calling a technical limitation. The Verge
To compete with Apple TV and Amazon, Roku is now offering HBO subscriptions through its Roku Channel. TechCrunch
Fortnite developer Epic has announced they will be bringing more creative tools to its game to expand its community. This comes the same week that England’s Prince Harry called for the game to be banned, citing mental health professionals claims that it’s more addictive than drugs or alcohol. 9 to 5 Google | Variety
Snapchat is mirroring Chinese messaging apps by moving into the social gaming market. TechCrunch
TikTok, the China-based video streaming app, has developed a new talent show feature to draw more attention from users in Korea and Japan. The Verge
On November 20th of this year, Microsoft will be closing its HealthVault Patient-Records Service; all remaining data will be deleted. ZDNet
Microsoft is getting rid of that annoying requirement to click “safely remove hardware” when you disconnect USB thumb drives, hard drives, and smart phones. Unfortunately, it’s at the expense of transfer speed. ZDNet
Microsoft’s Skype has concluded a beta test of its new 50-person group video chat feature and is now available as an update. The Verge
To comply with the European Union’s antitrust ruling, Android devices will now prompt users to select browsers and search engines from a list, rather than defaulting to Google provided products. 9 to 5 Google
New York state has joined the ranks of California and Hawaii by enacting legislation to ban plastic bags in 2020. The Verge
Many publishers will release games exclusive to the North American or Asian markets and Steam has honored this tradition by blocking users from activating games they’ve purchased legitimately if they’re not in those locations. The European Union intends to put an end to this practice. TechCrunch
Hayabusa 2, a project team from the Japan Aerospace Exploration Agency, succeeded in the first part of its mission this week by landing rovers on an asteroid and collecting samples. In a few weeks, the team plans to fly around the asteroid, land on the other side, collect more samples, then fly the samples back to Earth. Adam Shostack & Friends
Australia is rushing laws through its legislature that could see executives do jail time if serious, violent crimes are streamed on their online platforms. ZDNet
The BBC and Discovery have announced they will be teaming up for a new streaming service focused on factual programming. TechCrunch
You’d almost think I planned that segue. Let’s move onto this week’s feature story, Fake News.
If someone asked you to define fake news, how would you answer? Webwise
I consider fake news to be the next logical step after yellow journalism to divide, conquer, and create tribalized groups. These groups become loyal to their news sources and the idols those news sources, on both sides of the political aisle, create and promote. Wikipedia
The roots of these tactics, and the term yellow journalism, date back more than a hundred years to the newspaper circulation war between Joseph Pulitzer and William Randolph Hearst. Pulitzer was a Hungarian immigrant, fluent in 4 languages, and a Union Army Veteran of the American Civil War, who worked his way up in the newspaper industry to become the owner of the New York World in 1883. William Randolph Hearst was handed his first editorial job at a newspaper by his wealthy father. Yellow Journalism Blog
Pulitzer created a journalistic style that appealed to the average person with simple words and phrases and dramatic headlines; this was looked down upon by his contemporaries. He believed news was important for everyone and, as if to prove it, people flocked to newsstands for his sensationalized headlines. Hearst initially worked for, revered, then mimicked Pulitzer’s style. Hearst’s father first gave him editorial control of The San Francisco Examiner, then, after circulation skyrocketed, he purchased the New York Journal to compete directly with Pulitzer.
Although, that doesn’t really explain where the term yellow journalism comes from. That tangent has a quaint start. Pulitzer ran a comic strip that became popular in his newspaper. It featured a child dressed in yellow. After Hearst purchased the New York Journal, he poached the cartoonist that created the yellow kid. An editor of another New York paper began referring to Pulitzer and Hearst’s tactics as yellow journalism sometime after that. Wikipedia
But the term has much more significance than stealing an employee.
In 1895, a revolt broke out in Cuba that became the Cuban War of Independence. Hearst and Pulitzer sensationalized stories and even created outright lies to provoke the interest of the general public in becoming involved in this war for independence. While the sinking of the USS Maine in Havana Harbor is generally considered to be the final straw that pushed America into this war between two foreign countries, there were many events politicized by Hearst and Pulitzer in the years between 1895 and 1898 which created a fervor for Americans to become involved in the war. Sound familiar? The Spanish American War Centennial Website
In the ensuing hundred and twenty-one years and countless technological advancements since the Spanish-American War, social media and the internet at large have bred a general distrust of the mainstream news media and further polarized our politics. Beyond that, they’ve created such a high baseline of general noise that it’s become nearly impossible to separate the media spin from the outright fabrications of fake news outlets.
To understand spin versus fake news, let’s say the US Department of Defense releases a report stating that 80 percent of all drones successfully hit their targets. A right-wing news agency might tout the efficiency and accuracy of American engineered weapons with the headline, “US Drones Have Near Perfect Record.” Whereas, a left-wing media outlet might use the headline, “Nearly a quarter of all US drones may kill unintended targets.” Both headlines are technically correct.
Or, consider the fact that I used spin at the beginning of the story to paint Pulitzer as a hard-working immigrant turned civil war veteran and Hearst as a spoiled rich kid.
But I want to make an important distinction between spin and fake news. Spin is massaging words to fit an agenda. Real new stories will be picked up and vetted by mainstream news media from both sides. Each will present differing views, but the basic facts will remain unchanged. Fake news takes tiny grains of truth or even rumors to build a following around its agenda. It’s important when consuming news to look past the headlines, read the articles, think critically about what’s being presented, and verify the sources.
One article I read recently claimed that cases of unaccompanied children crossing the southern border rose dramatically during the second half of the Obama presidency and stated explicitly that federal and state agencies were paying for these children to be trafficked. Doing my due diligence, I followed a link to a source article on the LA Times and found a retraction, at the bottom of the article, which contradicted the headline the fake news site was basing their opinion on. That retraction should have been at the top, not the bottom. Shame on you, Los Angeles Times. LA Times
When mainstream media makes a mistake, other MSM outlets will pounce on these flaws. Look at the 2000 election. CNN called Al Gore the winner then retracted that statement and called George W. Bush the winner, then retracted that because Florida wasn’t done counting votes. More recently, a Fox News graphic stated that President Trump was withdrawing funding from 3 Mexican countries. Mistakes and spin happen but aren’t malicious; fake news is malicious. Washington Post | Snopes
So, what can be done about fake news? There are many initiatives using artificial intelligence, machine learning, human moderators, and fact checking organizations. When it comes down to a machine deciding what’s real versus what’s fake, how can a programmer decide the criteria? Is it how repeated the story is? Claims were made during the 2016 presidential election that Hillary Clinton sold 20% of the US’s Uranium to the Russians in exchange for contributions to the Clinton Foundation. The claims were continued by President Trump well into his Presidency. But the claims were false. So, repeatability isn’t a metric. How can artificial intelligence or machine learning fix this? Snopes
It can’t. What it really comes down to is you, the consumer, doing your part to identify what’s real. Don’t form beliefs based on your news consumption, form opinions. Beliefs are forged to be unchangeable. Opinions are malleable to changing circumstances. Technology Review | TechCrunch | The Telegraph
Alright, let’s wrap up this episode with some good news.
Facebook users may remember when they added the “Why am I seeing this ad?” button in 2014. This week the social media giant announced it would be adding a “Why am I seeing this post?” button as well. This will give users more transparency about why they’re seeing one post versus another but, more interesting than that, it will give us a look at the algorithm that decides the content on our News Feeds, something Facebook has been very secretive about. Having this knowledge will allow Facebook users to more intelligently interact with the site. TechCrunch
In today’s world of streaming video and immediate gratification, movement of physical items is often much slower than we would like. Nowhere is this more obvious than in the world of medicine, where hours and minutes may mean the difference between life and death. Until now, old-fashioned human courier services were still the norm for moving tissue and blood samples from where they’re extracted by your doctor to where they’re analyzed by lab technicians. This week, the FAA granted UPS the first license for commercial, profit-generating drones. UPS will be transporting tissue and blood samples by drone in North Carolina, testing the waters for a wider, national system. Thanks to this smart move, doctors will no longer have to depend on humans traversing traffic-filled roads to make medical diagnoses. Wired
A Scottish teenager named Kal Turnbull has turned a simple subreddit into a forum for rational, reasoned discourse with over 700,000 members. In 2013, the 17-year-old realized the cultural limitations of his upbringing in the Scottish Highlands, so he created a subreddit called “Change My View.” 6 years on CMV is heralded by some as an online oasis. Turnbull and his small team of moderators have spent a great deal of time modifying Reddit’s flawed algorithms which decided what topics should be pushed to the top by hacking together a system that ranked users based on their ability to be civil, rational, and impactful. Unfortunately, this system was a bit complicated and time-consuming, so the now 23-year-old Turnbull has launched a stand-alone website called “Change a View” dot com. Beyond streamlining the way the subreddit worked, Turnbull and his team have built-in a system that allows users to see why conversations have been flagged and allows moderators to talk directly to users. The new site also eschews private messaging in favor of keeping discussions public, and, therefore, civil. This is an exciting win for logic, reason, and discourse on the internet. Wired