Weekly Tech News for March 31, 2019

Raymond Tec News Podcast Cover Art
Raymond Tec News
Weekly Tech News for March 31, 2019
Loading
/

Intro

Welcome to the March 31st, 2019 episode of the Raymond Tec News podcast. Each week I curate the articles, tweets, and backchannel sources to provide a 15 to 20-minute summary of tech news.

I’ll start off, like I always do, with the headlines to keep you up at night; data breaches, privacy concerns, and security threats. I’ll follow with this week’s feature, then I’ll balance out the negative with a series of stories to restore your faith in technology, and, maybe, humanity.

Let’s dive in.

Table of Contents

Intro

Data Breaches

Privacy Headlines

Security Headlines

Other Headlines

Featured Story

Good News

Data Breaches

A popular South Korean cryptocurrency exchange was robbed by hackers Friday. Bithumb was attacked resulting in a loss of approximately 19 million dollars in cryptocurrency. The Hacker News

Earl Enterprises, a hospitality industry giant, has announced a breach of its payment card processing systems. Affected restaurants include: Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy!, Mixology, and Tequila Taqueria. ZDNet

Toyota dealerships in Japan were hit with a cyberattack compromising data on 3 million customers. DarkReading

A hacker named Zammis Clark, was sentenced in the UK this week. Court documents reveal he hacked into electronics manufacturers Vtech and Nintendo, as well as stealing files from internal Microsoft servers. The Verge

Thankfully it was a quiet week in data breaches. Let’s move on to Privacy Headlines.

Privacy Headlines

Mastercard has announced that it will be developing a secure, decentralized, universal ID system that lives on your local devices. Wired

Google has been wishy-washy on its position on China. Senator Josh Hawley, a Missouri Republican, has demanded Google be forthright in a public letter. The Verge

Telegram, an encrypted instant messaging app, has rolled out new unsend features. These will allow either party to delete messages from both the sender’s and recipient’s inboxes. 9 to 5 Mac

Facebook announced that it has quote, “mistakenly deleted,” end quote years of Mark Zuckerberg’s old Facebook posts. Yeah, right. Business Insider

The UK, having previously announced that it would break from the US and allow Huawei products in its 5G infrastructure, released a report this week stating that the issue with Huawei isn’t Chinese government backdoors, but buggy software. Wired

Poland, in its first court case enforcing Europe’s General Data Privacy Regulation, has drawn a hard line in the sand against non-consensual data scraping online. This could impact IBM and the US Government’s training of facial recognition systems, which I reported on last week. TechCrunch

According to a report by Motherboard, the Italian Government has been caught releasing spyware on the Google Play store to catch criminals, but unintentionally ensnaring innocent victims. Motherboard

Russia has ordered major VPN providers to adhere to its website blacklist, to ensure that Russian users can’t access sites the Russian government deems illegal. Torrent Freak

Australia has proposed a new bill increasing the financial penalties for privacy breaches which is scheduled to go to a vote in the second half of 2019. ZDNet

Microsoft warned this week, that if Australia’s anti-encryption law remains on the books, many companies will stop storing data there, potentially crippling Australia’s technological economy. Sophos Naked Security

In 2016, Chinese gaming company Beijing Kunlun Tech purchased a 60% stake of gay dating app Grindr. In 2018 they purchased the remaining shares. The US Government has demanded that Beijing Kunlun Tech sell the app due to concerns over the Chinese government spying on users. Wired

On Tuesday the European Union passed a directive to overhaul copyright law which could mean the end of memes, at least in Europe, but, likely, all over the world. Wired

Let’s move on to security headlines.

Security Headlines

A security researcher publicly disclosed two unpatched flaws in Microsoft Edge and Internet Explorer browsers after Microsoft did not respond to his private disclosure. Be on the look out for updates coming for those browsers in the next few weeks. The Hacker News

A Google Security engineer has released information on an unpatched flaw in TP-Link brand smart home routers after the company has failed to respond to a responsible disclosure. ZDNet

Kaspersky Labs announced that hackers had compromised Asus computer’s servers to poison software updates. These hacked updates allow attackers to gain remote access to end user’s computers. Despite this security breach, I still recommend updating your software regularly. Motherboard

Gustuff is a new Android Trojan that targets more than 100 banking, cryptocurrency, mobile payment, and ecommerce apps. It’s being distributed by a link in a text message. DarkReading

Microsoft has won a legal battle to take over and shut down 99 Iranian run phishing domains by proving in US court that it was illegal for these hacking groups to mislead users with sites that look like Microsoft sites. Axios

Apple has announced their new Apple Card, developed with Mastercard and Goldman Sachs which allows users to take advantage of the security of its Apple Pay service where Apple Pay isn’t accepted. Wired

Security researchers have recovered unencrypted crash footage, navigation data, including speeds, and much more on a salvaged Tesla Model 3. The Verge

Thatcham Research, a nonprofit UK insurer research center, has released a report listing the cars which are most and least vulnerable to wireless theft. It would seem not all keyless entry and ignition systems are built the same. Sophos Naked Security

The University of Hertfordshire has released a study that shows most users fail to properly erase USB drives before recycling them, potentially exposing sensitive data to unintended eyes. Data Breach Today

The Swiss Government’s e-voting system concluded its month-long penetration test this week, and a second flaw was discovered that could have been exploited for undetectable vote manipulation. Security Week

The US General Accountability Office, or GAO, has found dangerous security flaws in the Treasury Department’s systems for tracking the national debt, which could allow access for attackers to view a wealth of government data. Data Breach Today

The US Department of Homeland Security has issued a warning about several Medtronic devices, including their implanted insulin pumps. Attackers in close range can intercept the RF signals of the devices and potentially steal data transmitted because the devices don’t use any kind of authentication. Security Week

Let’s move on to other headlines.

Other Headlines

Facebook COO Sheryl Sandberg announced three steps the company is taking to prevent the spread of hate. Accounts that have previously violated community standards will have limited or no access to live broadcasting. They’ll be banning all white nationalist and separatist content. And, to support the affected in Christchurch New Zealand more directly, Facebook will be donating to four local well-being and mental health organizations. The Verge

Dream Market, the top dark web marketplace after the Silk Road was shut down, will be shutting down April 30th. There is much speculation from users about whether this is a sting by law enforcement. ZDNet

Tyler Barriss, a notorious swatter and bomb hoaxer was sentenced to 20 years in prison for his deadly pranks. For those unfamiliar, swatting is a term that refers to online harassers who spoof their location to get armed police or SWAT teams to target individuals. In one of Barriss’ attacks, the individual he was targeting no longer lived at the address where he sent the police, and the police shot and killed the current resident, Andrew Finch. TechCrunch

A 27-year-old Georgia man pleaded guilty to hacking Apple accounts of athletes and musicians. He stole personal data and spent thousands on stolen credit cards. He’s scheduled for sentencing on June 24, 2019. Security Week

Gavin de Becker, Jeff Bezos’ personal security chief, published an article in the Daily Beast this week stating that he believes the Saudi Government illegally obtained compromising photos of Bezos and gave them to the National Enquirer’s parent company AMI. Link in the show notes to the article. The Daily Beast

Google has finally removed a gay conversion therapy app from its Play Store, months after Apple and Amazon removed it from their marketplaces. Still no word on whether Google will stop allowing Saudi men to track women in their family. The Verge

Google has signed a deal with Cuba to install undersea fiber-optic cable to improve Cuba’s internet connection. 9 to 5 Google

Google has started rolling out changes to Google Maps, which will allow users to create events, similar to Facebook’s event features. The Verge

A 35-year-old mystery has been solved. Since the 80’s, bright orange pieces of Garfield phones have been washing up on a beach in France. A local farmer led environmental activists to a shipping container in a sea cave accessible only at low tide. The Verge

The Lyft IPO dominated news this week, with a valuation of 2.3 billion dollars, the stock closed up 9% on the first day of trading. But it wasn’t all good news, because drivers for both Uber and the perpetual money loser Lyft went on strike in protest of low wages and poor working conditions. TechCrunch | The Verge

Apple Music is coming to Android and its new Android interface paves the way for streaming your Apple Music library on Chromecast. I love the idea of not needing to have specific devices for each company’s eco-system. 9 to 5 Google

Apple’s product announcements this week included information on its soon-to-launch Apple News+ subscription news service as well as its subscription video streaming service. Their News+ service was built on the Texture platform Apple acquired last year. Since there’s no longer a need for the standalone Texture news service, that app will cease to operate on May 28th. TechCrunch | The Verge

Canoo, that’s c-a-n-o-o, is a new electric vehicle company started by defectors from EV company Faraday Future. Their first vehicle is set to go on sale in 2021 and all their vehicles will be available on a subscription model. The Verge

Sega will be releasing its Genesis Mini retro console in the third quarter of this year. The Verge

Valve, the company behind the Steam PC gaming platform, has just announced its own virtual reality headset called the Valve Index. The Verge

A study performed by the National Academy of the Sciences has determined that students in the US outperform their counterparts in Russia, China, and India in computer science skills. ZDNet

A new study has found that female privacy professionals now outnumber males in the US 53% to 47%. DarkReading

Melbourne, Australia and the wider Victoria region are now able to pay for mass transit tickets with their Android smartphones. ZDNet

That’s it for other news. Now for this week’s feature story.

Feature

The topic of this week’s feature story is Human Trafficking. Some of what I’m discussing may be inappropriate for young or sensitive listeners.

The BBC, and several other news organizations, announced this week that 50 women who were trafficking victims were suing Salesforce for their involvement with Backpage. Backpage was notorious for being a site where johns could find sex workers easily. It’s been estimated that as many as 1 in 20 of the ads on the site featured victims of trafficking. According to documents from the law suit, Salesforce, whose primary business is providing a tool for companies to find and retain customers, was heavily involved with setting up and maintaining the database system Backpage used. BBC | Business Insider

Let me back up a little. On March 21st, 2018 the US Senate passed the Fight Online Sex Trafficking Act, or FOSTA bill into law. This law changed the way online platforms are handled by the government. Previously, online publishers weren’t held responsible for the things their users posted, because they were protected by Section 230 of the Communications Decency Act. With the passing of FOSTA, site owners can now be held criminally liable for assisting, supporting, or facilitating sex trafficking. This is the bill that brought Backpage, Craigslist’s personal ads, and many other sites to an end. Daily Dot

This is, in theory, a good thing. Human trafficking is an enormous problem and even happens in “first world” countries. But laws like FOSTA in the US make more problems for legal sex workers and law enforcement alike. Legal sex workers, including those who provide services over the internet, used sites like Backpage and Craigslist personals to advertise their services, now, rather than having a centralized location for finding clients they’re forced to use multiple sites, decreasing the effectiveness of their efforts. Law enforcement is hampered for much the same reason. Now, rather than watching 2-3 sites for human trafficking, their time is spread thin across a wider range of ever-changing sites.

With an estimated 25 million victims, how did human trafficking come to be such a large problem? It started with The African slave trade, which was the first known instance of large-scale human trafficking. It was first outlawed by the British in 1807 and then the US in 1820. But then the issue of “white slavery” cropped up. In 1899 and 1902 international conferences were organized in Paris to tackle the issue of white slavery resulting in the 1904 International Agreement for the Suppression of “White Slave Traffic.” Shortly thereafter, WWI and WWII saw human trafficking for sexual purposes spike; the highest profile example of this would be the Japanese use of “comfort women.” Hankering for History

Modern trafficking is no longer exclusive to forced sexual servitude, even though prostitution is still one of the top reasons humans are treated like cattle. The internationally recognized definition for human trafficking now includes forced labor and organ farming, as well. This definition was changed after a case in 1997 where it was discovered that dozens of deaf Mexican men, women, and children were illegally transported to Queens, New York to sell trinkets on the streets, then were forced to turn all the money over to a family-operated trafficking ring. Human Rights First | Fair Observer

The internet has expanded the global market for human trafficking and made it easier for traffickers to connect with both victims and buyers. But it’s not just the internet that makes human trafficking so profitable, it’s legislation. Most states in the US, and many countries globally prohibit prostitution. But, as we’re well aware, prohibition is what creates these black markets. The United States’ war on drugs is an excellent example of how prohibition exacerbates problems rather than fixes them. Scoop Whoop

Beyond the US, countries like Cambodia have attempted to stem the tide of trafficking with laws but have missed the mark. Cambodia is a very poor country, and sex work is often seen as a viable and realistic option, but Cambodia’s Law on Suppression of Humans Trafficking and Sexual Exploitation has gone so far as to make carrying condoms illegal, which has created a public health crisis. The Muse

Thankfully, it’s not all bad news. There are many organizations making a difference. Forbes

  • Thorn: Digital Defenders has created an online tool for law enforcement agencies, called Spotlight, which has reduced investigation time by 43%. Thorn
  • The Defense Advanced Research Projects Agency, or DARPA, has created an advanced search engine called Memex that better organizes information to sift out the most important details for law enforcement officers. DARPA
  • Microsoft has developed PhotoDNA, which takes images of child exploitation and helps qualifying organizations search for identical images across the internet to identify victims of trafficking. Microsoft
  • The National Human Trafficking Resource Center, or NHTRC, operates a toll-free hotline, email service, and online tip reporting form for victims. NHTRC | Hotline | Email | Online Form

The solution to this problem is complex and requires cooperation from individuals, governments, and NGOs. Individuals can learn more about how to spot human trafficking by visiting the US State Department’s website. The State Department has put together a great list of things to look out for and resources for what to do if you’ve discovered a person being trafficked. US State Department

Governments need to engage with counter-trafficking activists to develop rational laws that don’t adversely impact sex workers and other uninvolved parties.

Finally, NGOs need support from both individuals and governments to continue doing the necessary research, development, and educational campaigns that assist in bringing attention to the problem.

Alright, that was heavy, let’s wrap up this episode with some good news.

Good News

As Venezuela’s internal struggles bubble over onto the world stage, residents struggle to survive in what may become a civil war. Communication is key for survival, and that has been made more difficult by the warring factions shutting down access to portions of the internet. Now, a voice chat app called Zello has become the saving grace of those trying to live in the country. The app can be used as a replacement for either shortwave radio or walkie-talkies allowing both broadcast-type communications as well as person-to-person conversations. With the power of the internet in their pockets, users can do more than just get updates on the latest happenings; Zello has been used to save lives in Venezuela by coordinating food and medicine drops for those in need. Wired

Sidewalk Labs, the urban planning subsidiary of Google’s parent company Alphabet, has created an app called CommonSpace to empower park operators. A simple idea based on crowdsourced data, the tool creates an evidence-based approach to making changes in how parks and public spaces are run. Currently, park managers can make guesses about how their public spaces are used and allot resources like trash collection and maintenance, but CommonSpace aims to improve the efficiency of this process by empowering managers with real data. And, in a move designed to ease privacy concerns, Sidewalk Labs has adhered to Privacy by Design by committing to not collecting any personal information about bystanders observed for the app. TechCrunch

Whether you’re a staunch advocate of the environment or just simply living on planet Earth, the move away from energies that pollute and deplete is beneficial for everyone. Finding methods to harness naturally occurring means of power production is crucial to continuing to live our best lives. Germany is leading the way in this climate charge, with over 120,000 households and small-business owners investing in solar technologies. Half of all these systems also include battery storage technology, enabling the household to run off solar power, even at night. 120,000 households are only a small percentage of Germany’s 81 million residents, but proponents of a green future see this as a step in the right direction. It will allow a decentralization of renewable energy generation and storage by using the existing power grid to transfer power from individual household generation points to where it’s needed. Wired

That’s it for this week in tech news that matters to you. If you’ve enjoyed the podcast, please share what you found interesting in a post on your social media by linking to Raytec dot co slash listen. That’s r-a-y-t-e-c dot c-o slash listen. That will always link directly to the current episode’s show notes along with a podcast player. I really appreciate anyone who’s willing to share my podcast.

As always, there are bonus links in the show notes. Articles in this week’s extracurricular reading include a Wired expose on tracking down the Robocall King, how to check if your computer has the Asus update malware, an article about what Fantasy Birding is, and so much more. The show notes have links to each of the podcast apps I’m listed on and links to my social media. If you have any information, updates, or constructive criticism, feel free to reach out via social media.

Thanks for listening and have a great week!