Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:04):
Welcome to tech Stuff, a production from I Heart Radio.
Hey there, and welcome to tech Stuff. I'm your host,
Jonathan Strickland. I'm an executive producer with I Heart Radio
and I love all things tech, and it is time
for the tech news for Tuesday, July six, twenty one.
(00:27):
Let's get to it. An infosec researcher who goes by
the handle dr web Anti Virus. I love that handle,
posted a list of ten apps that are were found
in the Google Play Store that are host to a
trojan horse type of malware. This is a kind of
malware that acts as a carrier for some sort of
(00:49):
malicious payload. So you can think of it as kind
of the gel cap that contains something really nasty inside
it and just slips into a system. What specifically goes
into a trojan can vary, but in this case, the
malware's purpose is to scrape Facebook log and credentials off
of phones. So lots of apps have options that allow
(01:11):
users to link that app to a Facebook account, often
with dubious benefits to the user for doing so. It's
a pretty common practice and some users don't even think
twice about it. They just click right through. In this case,
doing that opens up the chance for someone to gain
your login and password to Facebook, which is also why
(01:32):
it's always a good idea to enable two factor authentication
on any services that offer it. It's a bit of
a hassle, but it can save you some real heartache
in the long run. The ten apps include p I
P Photo or PIP Photo Processing, Photo, Rubbish Cleaner, Horoscope,
(01:54):
Daily In, Well Fitness, app Lock, Keep block It, Mass Sir,
Horoscope Pie, and app lock Manager. Google has removed all
ten apps from the app store, but people have downloaded
these apps at least six million times collectively. Across all
the apps, the apps gave no indication that they were malicious.
(02:16):
All of them actually did what it was they claimed
to do. They just went above and beyond and harvested
Facebook data to on top of that, so if you
use Android devices, it's a good idea to check to
make sure you didn't download and install any of those apps.
It's also a good idea to change your Facebook password
and to activate two factor authentication. It's time for another
(02:39):
cryptocurrency story. This time the King of Bitcoin is in
legal trouble. I should add this is a self proclaimed
King of Bitcoin, Bitcoin is not now, nor has it
ever been, an actual monarchy. This guy's name is Claudio Livera,
and allegedly he embezzled a lot of money from investor
(03:00):
ers who are looking to get into cryptocurrency and buy
a lot of money. I'm talking somewhere in the neighborhood
of three hundred million dollars. Yelza. Olivera is the president
of a company called the Bitcoin Banko Group, and a
few years ago, in twenty nineteen, the group was in
financial trouble. The company reported that after balancing its books,
(03:22):
it came up with a shortfall of seven thousand bitcoins
or so. So, in other words, seven thousand bitcoins just
seemed to up and vanish. Now that could actually happen,
of course. I mean if the company were to store
the bitcoins in a digital wallet that in turn was
on you know, some specific device, and then the company
(03:42):
lost access to that device, like maybe they sold it
or threw it out or something, well, that money would
also be lost. It would be on that physical hardware.
At least the record of it that allows you to
use that money would be on that physical hardware. This
is equivalent to stuffing a physic sical like combination lock
safe full of cash and then throwing that safe into
(04:05):
the ocean at any rate. The company then applied for
permission from the Brazilian government to go through a process
that would allow the company to reorganize its finances in
order to you know, payoff creditors and and to not
go bankrupt, and the government agreed to this. But then
the Brazilian government noted that a year on into this process,
(04:27):
the company didn't seem to actually be following the court
prescribed process of reorganization. It wasn't doing what it was
supposed to do by court mandate. And that's when the
Brazilian government formed an investigation into Olivera, which ultimately concluded
that he had been skimming money from investors for himself,
and furthermore that he appeared to have had a history
(04:48):
of doing this in other places, including the United States.
Olivera is now in police custody in Brazil. Last Friday,
we learned that a networking company called Kause, which makes
products designed to help I T professionals maintain a minister
network systems and I T infrastructure, got hit with a
(05:08):
ransomware attack. Lots of companies rely on cause A products,
and according to the company, anywhere from eight hundred to
fifteen hundred customers may be affected by this UH and
it's actually kind of a cascading effects. So because A
gets targeted, right, they are the company that provides the
services overall. But in that process of targeting the company,
(05:32):
the hackers were able to breach data on about fifty
of cause As direct customers. But those fifty customers in
turn provide services to smaller companies, so we start to
see the effects ripple outward. That's where we get to
that range of eight d to fifteen hundred affected companies.
The affected companies are essentially locked out of their cloud
(05:52):
based systems. Hacker group called REvil m R e v
I L has claimed response ability and has demanded a
ransom of seventy million dollars in Bitcoin in order to
release the hold they have on that system to decrypt it. Essentially,
that's the most that any hacker group has ever demanded
as a ransom so far. The previous record holder was
(06:15):
um let's see here, oh you know what, still Rebuild.
They demanded fifty million dollars from Aser earlier this year.
A spokesperson for CAZA has declined to comment on paying
ransoms to terrorists, And just as a reminder, you know,
paying ransomware is not a great idea. It does not
(06:36):
guarantee that you're actually going to regain control of your systems,
and paying off the ransom sends the message that this
is an effective and profitable type of crime, and that
guarantees that you'll have more attacks in the future. Some
companies likely make the choice to pay off the ransom
because they happen to have some form of cyber insurance
(06:56):
against that kind of thing, and I guess that makes
sense from the company's perspective. I mean, if you can
pay off a ransom and get control of your systems
back and you get reimbursed for the money you spent
because you're insured, you kind of made it all someone
else's problem, right. Insurance companies are starting to see that
(07:16):
problem manifest now, which I imagine means we're going to
see some big changes in that kind of insurance moving forward. Anyway,
INFOSEC researchers believe that revel is based out of Russia
or possibly Eastern Europe, and we're seeing this a lot
with a lot of criminal groups in Russia in particular
picking up the pace. There's a general belief that the
Russian government allows these criminal groups to operate. Maybe they
(07:39):
even subcontract with these criminal organizations in order to target
specific political enemies. That's an allegation that the Russian government
itself denies. But generally speaking, if you're developing software and
you're in Russia, you're pretty much confined to the Russian market,
and hacking becomes a more viable means of making money.
(08:00):
So um, yeah, I can't say for certain that the
Russian government condones or actively supports these hacking uh activities,
but the government does seem to be reticent in pursuing
legal action against these hacker organizations. Let's put it that way.
(08:22):
At best, it appears they're looking the other way, and
at worst they're in cahoots. In addition to that, I
also want to mention that the company because has said
it is working to get the services restored today July six.
By the time you listen to this, that may have
already happened. Moving on, in India, Twitter is facing a
(08:47):
very tough situation. The Indian government has ruled that Twitter
has not been compliant with content regulation within the country,
and as a result, will not enjoy liability protection against
stuff that people post on Twitter. While in India, the
law states that Twitter is to remove posts quickly in
response to legal requests from you know, law enforcement, and
(09:10):
that the company is also supposed to share details about
the owner of accounts that post offending messages. So, in
other words, if someone posts something that is in violation
of these rules in India, then Twitter is supposed to
give up information about that person to Indian law enforcement.
Twitter was also to hire a compliance officer to ensure
(09:33):
that the company would follow India's national policies. Also supposed
to hire a grievance officer in charge of reviewing allegations
and a contact person who would respond to law enforcement
messages as soon as possible. And according to the government,
law enforcement received a complaint from an unknown or unnamed
Twitter user that said that they were the victims of
(09:55):
malicious messages that were posted on Twitter that violated these
rules that I've mentioned, and that the company had not
yet hired the officers that I mentioned earlier. This follows
on the heels of some really big stories in India
involving social media, including the government's attempts to suppress a
farmers protest within India, and also Twitter had labeled some
(10:17):
messages from Indian officials as being manipulated media, which caused
a big mess in India. Here in the United States,
social networking sites enjoy legal protection thanks to Section to thirty,
which says that platforms are not accountable for the stuff
that their users post to those platforms. But officials in
(10:37):
India point out that it is unreasonable for a company
to expect American laws and American legal protection while they're
operating in a totally different country. It is too early
to say how all this is going to play out
and whether or not Twitter executives will eventually have to
stand charge for content posted on Twitter in India, content
(10:58):
posted by you know, other people. But I expect we're
gonna see some pretty big stories come out of all this,
and not just with Twitter, but with any social networking
site that is operating within India, an enormous market. It's
not like these companies want to just pull out of India. However,
there is a place where they are threatening to do
(11:18):
just that, just not in India. So, speaking of American
social networks facing big decisions and overseas markets, let's talk
about Hong Kong. The local government there plans to enact
some new rules that would change data protection laws within
the city of Hong Kong, and the goal is to
fight doxing. Now, that's the practice of a person sharing
(11:40):
some other person's personal information without their consent, UH, typically
for malicious purposes, like to either encourage harassment or worse. So,
for example, if I were to share Ben Boland's home
address on this program, that would be doxing, and I
suspect that's why Ben always forces me to wear a
(12:02):
blindfold and sit in a card that then randomly drives
around the city for two hours before I can never
visit him anyway, Hong Kong's rules would set finds of
nearly dollars per incident plus up to five years imprisonment.
And apparently, as the rules are written, they could apply
to platforms that includes companies like Facebook, Twitter, and Google,
(12:25):
so not just the people posting to them, but the
platforms that carry the messages as well. The company's sent
a letter back in June that just became public this week,
and that letter warns Hong Kong officials that if the
rules are going to go into practice, these companies will
have no choice but to stop providing services within Hong Kong.
(12:46):
So it's kind of an ultimatum. Dots ng is a
truly abhorrent practice. But just to be clear and to
get the full context of this, these rules seem to
stem not from the way that private citizens have been
affected in Hong Kong, but that rather, during the anti
(13:06):
government protests in Hong Kong back in twenty nineteen, some
people were sharing private information about several police officers that
ended up making the rounds online. Now, again, this is
a terrible practice, like you know, it's it's it's not
good no matter which side is using this, and many
of those police officers ended up facing targeted harassment and worse,
(13:29):
including you know, their families. But I just wanted to
give context that the rules don't seem to be in
response to, you know, citizen concerns. It seems to be
more of a response to try and clamp down on
citizens and as a response to civilian challenges to the
government's activities. So in other words, I guess the the
(13:51):
short way of saying all that is people are way
more complicated than technology ever will be. We have a
couple more stories to get through. But before I do that,
let's take a quick break. Okay, we're back so over
(14:15):
in the United Kingdom, there is a semiconductor company called
Newport Wafer Fab or n WF, and it has a
new owner. That owner is next spire A That is
a company that is based in the Netherlands. However, that
company has its own parent company, because things always get
(14:35):
more complicated, and that parent company is a Chinese firm
called Wingtech Group. NWF is the UK's largest silicon chip
manufacturing company. The UK government might actually look into these
things a little more closely because the UK passed a
law that's called the National Security and Investment Act specifically
(14:57):
to review all acquisitions that could affect national security. In general,
the UK government views the practice of a foreign company
coming in to purchase big UK companies as being a
bit risky. But so far there's been no official resistance
to this acquisition. Resistance. That's an electricity pun about silicon chips,
(15:21):
and I didn't even mean to make that. So we'll
have to see if the UK government allows this to
move forward with no further comment. It is a little weird.
I mean, I find the way the UK government handles
things to be odd anyway. Now, I look at things
like Brexit, which seems to indicate that England or Britain,
(15:42):
rather the United Kingdom wants to stand on its own
and not be part of a larger collective. And yet
isn't necessarily blinking an eye when large foreign companies come
in and acquire major companies within the UK. Just seems
to be a disconnect, is all I'm saying, Just trying
to understand it. Also in acquisition news, we've got some
(16:03):
about Bugatti, which is a company that's known for its
outrageously expensive supercars that very wealthy folks drive at very
fast speeds. The company of Bugatti started more than a
century ago, and I covered a bit about it in
my episodes about the history of Volkswagen. The original run
of Bugatti ended around the nineteen fifties nineteen sixties. It
(16:27):
followed the death of its founder, A Torre Bugatti. His
son had passed away a few years earlier before he died,
and it essentially kind of faded from memory. And in
nineteen seven a an investor, a man named Roman rt Oli,
purchased the rights to the brand name Bugatti, so he
(16:48):
was able to bring Bugatti back from you know, like
the Junkyard of history. Volkswagen would then later purchase those
rights and launched Bugatti Automobiles in ninet So while the
name Bugatti has been in the automotive world since you know,
nine nine, you could argue that the Bugatti automobile line
(17:08):
has had sort of three distinct phases. Had the original
run with the founder, the run under Artioli when he
bought the branding, and then the Volkswagen run. Now an
electric vehicle startup called Ramack has acquired a majority stake
in Bugatti from Volkswagen Mate Ramak or perhaps Mate Ramak
(17:29):
I honestly don't know how to say his name anyway.
The founder of Ramak will lead the new organization, which
will fittingly be called Bugatti Ramak. The deal was an
all stock deal, and according to Raemak, the Bugotti and
Rhemack departments will still operate separately as distinct brands. They're
not going to be merged together. The Bugatti Raemack company
(17:50):
will guide both brands. Essentially, it will make the decisions
for each brand, but each brand will remain its own thing.
The plan is to introduce an electric vehicle version of
Bugatti by the end of the decade, along with some
hybrid models. Users of Audacity have noticed some changes since
the company mus Group acquired the open source app earlier
(18:12):
this year. Audacity is a free to download and free
to use audio recording and editing app. Uh And in fact,
it's what I used to record tech stuff when I'm
working from home, like today, I'm using Audacity. At work,
we use Adobe Audition in case you're curious. Audacity is
popular because one it's free and to it has a
(18:33):
fairly extensive set of features, features that I hardly use
because there are a lot of them, but understanding what
each one does takes a little bit of digging, so
I've only kind of dipped my toe in like maybe
two percent of the features that are available on Audacity.
The latest version of Audacity, however, includes changes to the
apps privacy policy, and those changes mentioned that the app
(18:56):
will collect quote data necessary for law enforcement, IT, litigation
and authorities requests if any end quote, which huh, yikes.
This is a piece of software that you use to
record audio and then edit that audio. You probably wouldn't
think of it as also passing information on to some
(19:18):
other entity, right, but apparently that's the case. These changes
prompted some folks to refer to Audacity as spyware, and
there's some indication that we might see a fork in
Audacity as open source developers go back to earlier versions,
pre muse group acquisition of Audacity and continue developing the
(19:39):
software through the open source approach. And in case you're
not familiar with open source, the idea is that you
make code readily available so that people can see exactly
how something is coded, and they can then take that
and depending upon the licensing agreement you set up, they
can take that code and build it in to something
(20:00):
of their own. Maybe they make their own version of
the thing that code stands for, and they can then,
depending on the license agreement, market that themselves. This all
depends on how the open code licensing is approached. There
are a lot of different ways of doing that. I've
covered that on previous episodes. But the big benefit of
(20:22):
open source is that you have it open to the
entire world of developers, as opposed to say, an internal
group working on a project. And when you open it
up to everyone, well, by nature, you end up getting
the best ideas. It may take some time for them
to all kind of rise to the top. But you're
(20:43):
going to benefit from the experience of the collective. So
it's a very effective way of creating powerful applications, but
it does come with this sort of limitation on how
you monetize it, or at least there are other factors
you have to take into consideration. Moving on, Atari, a
(21:05):
company that lays claim to an historic name in video
game culture is making a change. Now, before I get
into this, I should mention that the Atari of today
is not the same company as the Atari that was
part of the initial video game console boom of the
late seventies and early eighties. That version of Atari pretty
much doesn't exist anymore. Some of its intellectual property exists,
(21:30):
but but you could think of the current Atari as being,
you know, a reincarnation maybe. So the Attari of today
is trying to really establish itself in the modern gaming
sphere and announced that it's going to transition away from
developing free to play mobile games, which is an incredibly
competitive field, to focus more on making games for consoles
(21:54):
and the PC. These plans would potentially include developing new
games for the Atari VCS console, which was finally released
after multiple delays. This is a console that has a
throwback retro look to it. It plays classic Atari twenty
six games, among other things like it technically can play
(22:14):
lots of other stuff, but it was designed to kind
of dip into that nostalgia for gamers who are, you know,
my age or older. No word yet on how the
company is handling the planned opening of its string of
Attari hotels that we heard about a couple of years ago.
I actually wonder if that project is still on track
or not. The first of those hotels is supposed to
(22:37):
open in Las Vegas next year, and I know that
if I ever do return to c e S, I'm
going to have to try and book a room in
that hotel, assuming you know that it exists. And finally,
has this ever happened to you? You find yourself in
a tedious situation, so you reach over and pick up
your phone for a distraction. Maybe you're standing in a
(23:01):
line and you just want something to take your mind
off the fact that you're five people back from being
able to order your coffee. Maybe you're watching a TV
show and it's just gone to commercial. Maybe you're listening
to a podcast and the bald guy is just droning
on about stuff, or maybe you're part of a government
body hosting a debate about matters that could potentially affect
(23:23):
thousands of people's lives. That last one is a kicker, right, Like,
I mean, there's this general feeling that if you're at
an important debate, for example, let's say you are a
US politician in Congress, maybe you should be paying attention
to the proceedings, as at least theoretically, the outcome of
(23:44):
them stands to impact countless people, many of whom you
might actually represent. And yet politicians, like everyone else, you
can get a bit bored and occasionally they will look
to their phones for distractions. But the question how occasionally,
like how much or how little attention are the politicians
(24:05):
actually paying when it comes to, you know, running a government.
So an AI that's being called Drees Deporter is scrying
through video of televised political debates in Belgium. It's doing
that to see how frequently people are looking at their phones.
So the AI is looking at signs that politicians are
(24:27):
looking down at their phones, are actively typing on their
phones rather than paying attention to the proceedings at hand.
Then the AI takes screenshots of moments that determines count
as you know, politicians being distracted. Uh, and it even
highlights the region showing the phone in the hands of
that politician then posts those images to Twitter. So it's
(24:49):
it's essentially public shaming. It's it's saying, hey, you are
elected to do a job. That job might be boring,
but it's still important and you are entrusted to do
that job, so get off you gosh darn phone. Now.
I'm the first to say this does not sound entirely
fair to me, because we don't actually know why the
(25:11):
politicians are looking at their phones at any given time.
There could be cases where there is a legitimate reason
that isn't related to just you know, checking out from
whatever political discussion is going on at the moment. Still,
I thought it was a fairly funny story to end
our episode on today. And that is it. That's the
(25:33):
news for Tuesday, July six one. We'll have more coming
up on Thursday. If you have any suggestions for topics
I should cover in future episodes of Tech Stuff, reach
out to me and let me know what those are.
The best way to do that is over on Twitter,
the handle we use on Twitter is at text Stuff
hs W Now I will talk to you again really soon.
(26:02):
Text Stuff is an I heart Radio production. For more
podcasts from I Heart Radio, visit the i heart Radio app,
Apple Podcasts, or wherever you listen to your favorite shows.