News & Analysis | No. 295


SECURITY NEWS

China is now requiring an annual security review for all entities that deal with critical information infrastructure. Such organizations now require a security team and are required to report breaches. More

A researcher found a database of FBI terror suspects on a misconfigured Elasticesarch server. It included names, genders, DOBs, and passport numbers for 1.9 million suspects. More

A US Customs and Border Patrol helicopter had a crazy encounter with a drone in February that they still can’t explain. It outran them and outmaneuvered them before disappearing into some clouds. At least they called it a drone and not a UFO.  More

Attackers are now emailing employees and offering to pay them a percentage of the ransom if they launch malware from the inside. More

Tetris is a web hacking framework most likely developed by a Chinese government hacking team. It targets 57 Chinese websites plus the New York Times, and was designed to target Chinese dissidents. More

T-Mobile had a breach that exposed at least 40 million peoples’ data, and now that number looks to be closer to 60 million. I got a call from the New York Times regarding the story and got quoted in their piece. More

Mastercard is phasing out magnetic strips on their cards starting in 2024, and moving completely to chips. They say the transition will take until 2033. More

Vulnerabilities:

  • Mandiant found a vulnerability in ThroughTek (Kalay) systems that affects millions of IoT devices. The impact could include accessing live audio and video streams or taking control of devices. More
  • Fortinet delayed patching a zero-day affecting their WAF until the end of August. More
  • Microsoft Power Apps service leaves data exposed. More
  • The Top 15 Linux vulnerabilities used by attackers. More

Companies:

  • Paladin has launched Knighthawk, a first responder drone for cities. More

TECHNOLOGY NEWS


The National Highway Traffic Safety Administration is opening an investigation into Tesla’s autonomous driving claims based on 11 crashes since 2018. 11 seems low, but I’m happy someone is paying attention to the riskiness of so-called autonomous driving in Teslas. I’m a happy owner myself, but I don’t trust self-driving outside of the lowest risk situations. More

The second-largest mortgage lender (UWM) will accept Bitcoin later this year, which just hit $50,000 again. They said they’ll support other cryptocurrencies soon after. More

Facebook is leaning hard into VR. They missed mobile because they don’t have a phone, so they are trying to be first into the next big thing. They believe that thing is VR glasses or some sort of sight-based system, and they’re trying to make this catch on through something practical, namely—meetings. They’ve launched Horizon Workrooms, which is basically Zoom except you’re in VR so everyone looks like an avatar of themselves. More

A company called Mudita made a phone that only makes calls and sends texts. It’s part of the minimalist phone revolution. More

Palantir bought a bunch of gold to hedge against a Black Swan event. More

Companies:

  • Role has raised $2.75 million to create a video collaboration platform for remote role-playing. More

 
HUMAN NEWS


The Pfizer-BioNTech vaccine now has full FDA approval, which means mandates are probably about to increase significantly. More

People now spend more at Amazon than Walmart, and now Amazon is planning to open large retail locations. I imagine they’ll take over the old end-cap store spots like Sears and JCPenny. They truly are the Borg, but in a good way. Mostly. What’s next? Probably healthcare. I’m guessing Walgreens or CVS. More More

65% of US workers are looking for a new job, and 9 out of 10 company executives say they’re seeing higher turnover. More

CONTENT, IDEAS & ANALYSIS


The EM Wave of Crisis and Appreciation — My essay on our repeating human oscillation between hardship, conflict, and appreciation. More

OnlyBans — OnlyFans, which is basically a sexual version of Twitch, is banning sexual content starting in October. How did they Tumblr themselves into such a situation? Because they take payments via Mastercard, and the payment processors are getting heavy-handed any place where child safety (or any other sensitive topic) is concerned. One theory, though, is that this whole child safety thing is an overblown PR campaign to push religious anti-sex politics. I’m reserving judgment until more data comes in, but this line of argument is interesting. More

NOTES


I’m currently reading Four Thousand Weeks, but I’m becoming skeptical. It’s a book on time management, but he’s spent three chapters saying the same thing already, and I’m starting to think he doesn’t have a system at all. More discussion in the UL Bookclub Slack channel. More Discuss

I got the leak fixed in my Reverse Osmosis water system. Simple replacement of a filter o-ring and avoided overtightening it this time. Absolutely love the water out of this thing, and thank you so much to the UL community for the great recommendation. More

DISCOVERY  


Walking and Creativity More

Killer feature of the new Apple TV: You can hit the Siri button during a scene and ask, “What did they say?”, and it’ll rewind the scene a bit and turn on captions temporarily so that you can hear/see what you missed. More

Thought-terminating Cliché More

“Grow your best employees or lose them”, a thressay by my buddy Travis McPeak. More

“Don’t be trapped in the 20th century.” More

The Tao of Unicode Sparklines More

jc — Turn multiple UNIX commands’ outputs into JSON that can be parsed with jq. More

Malicious PDF Generator — Generate different malicious PDFs with phone-home functionality. More

RECOMMENDATIONS

If you drink a lot of water and your tap water isn’t REALLY good, you should consider a dedicated water treatment system. This one I just installed not only cleans the water with 6 different filters, but also does automatic remineralization via Alkaline supplementation. Best water I’ve ever tasted. More

APHORISMS


“Freedom is nothing but a chance to be better.”

~ Albert Camus





Source link

Leave a Reply

Your email address will not be published.