September 2, 2021 • 31 mins
After numerous protests, Reddit shut down a subreddit dedicated to the spread of COVID-19 misinformation. Will it follow up on similar problematic subreddits? And in other news, India cracks down on VPNs, the feds still depend on facial recognition tech and Amazon and SpaceX are in a space fight.
Learn more about your ad-choices at https://www.iheartpodcastnetwork.com
See omnystudio.com/listener for privacy information.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:04):
Welcome to tech Stuff, a production from I Heart Radio.
Hey there, and welcome to tech Stuff. I'm your host,
Jonathan Strickland. I'm an executive producer with I Heart Radio
and I love all things tech. And this is the
tech news for Thursday, September second, two thousand twenty one.
(00:25):
Earlier this week, I talked about how thousands of subreddits
on the site Reddit are calling on Reddit to crack
down on COVID nineteen misinformation and disinformation that is otherwise
proliferating across the site. Reddit had quarantined a subreddit called
our slash No New Normal, meaning Reddit had effectively cut
(00:48):
off access to the subreddit for new users, but had
not actually shut it down. But now that's changed. Reddit
has subsequently banned the No New Normal subreddit completely, and
as warantined, more than fifty other subreddits also found to
have spread and promoted COVID misinformation. So it looks like
Reddit is making a shift, at least when it comes
(01:10):
to matters of public health. As I said earlier this week,
the official stance of the company had been let's just
let the users kind of hash out what to believe,
very similar to what Mark Zuckerberg said about content on Facebook.
And you know that can be fine if you're talking
about different points of view that have validity to them. Right,
(01:32):
If you have two people who disagree about something, but
they have valid reasons for that disagreement, letting them hash
it out, that makes sense and not taking sides until
we get that. But when it comes to truth versus misinformation,
it's a different matter entirely. Anyway, I'm not going to
go down that rabbit hole again. You already heard me
say that earlier this week. Instead, I'll say that Reddit
(01:52):
won't allow posts that promote quote falsifiable health information that
encourages or poses a significant risk of physical arm to
the reader end quote. I think that's the ethical choice here,
as this is not, you know, a case of the
dresses blue and black. No, you're an idiot, The dress
is white and gold. This is really about people spreading
(02:13):
narratives that have potentially tragic consequences, with more people getting sick,
hospitals becoming overwhelmed, and ultimately more people dying as a result.
I think Reddit's response is a good one. I also
think it was a necessary response, not just because it
was the right thing to do, as I believe it was,
(02:33):
but also because the subredits that were protesting all this
misinformation in the first place, We're starting to use some
pretty guerrilla warfare tactics to disrupt the subredits that we're
spreading misinformation going in there and like posting not safe
for work content and such in order to necessitate a
change in that subreddit status. And if Reddit had not
stepped in, the whole platform could have descended into a
(02:56):
chaotic mess. Samsung has entered used a new sensor for
mobile devices that has a resolution of two hundred megapixels.
That's pretty incredible stuff, but let's break down what that means.
Super Fast digital images when you zoom way way way in,
are made up of tiny little points of light called pixels,
(03:20):
and collectively, these pixels appear to us as you know,
photographs and videos and stuff when we're looking at them
on screens, and generally speaking, the more pixels you can
cram into a certain size frame, the more detail you
can capture in that image. Now, once you get beyond
a certain resolution, the human eye is going to have
(03:41):
a lot of trouble picking out any extra detail. So
if you're just looking at a full size image, you're
not likely to see the difference. So megapixels and cameras
really only matter up to a point unless you're looking
for a specific use case. So, for example, let's say
that you're a photographer and you want to take photos
(04:03):
of stuff that you later intend to enlarge so that
you can make movie poster sized print outs of it. Well,
in that case, you want a camera that has sensors
that can, yeah, you know, capture a lot of megapixels,
because otherwise, as you enlarge the image, you start to
lose that detail. If you've got, you know, are very
high megapixel camera, you can enlarge an image to a
(04:26):
pretty impressive degree and not lose any noticeable detail as
a result. So this means that in the future, if
you happen to buy one of these phones that's going
to have a two D megapixel image sensor, you could
theoretically snap a photo with your phone and then later
you could digitally zoom way, way way in on the
image to look at something specific, and you could even
(04:48):
crop the photo and have it take you know, a
full size photo as if you were you know, right
up on something as opposed to really far back from it,
and you don't lose any detail. In the image. That's
pretty cool, especially if you want to take photos of
stuff that you cannot get close to. Let's say like
you're taking a picture of a historic building and there's
(05:08):
a barrier where you're not supposed to cross, and you
want to get really fine detail on a specific part.
You can only zoom in so much with most digital cameras,
if especially if you don't have a telephoto lens. So
this is something that can help you with that, where
that pixel density can allow you to capture detail that
otherwise you might lose. Something else. The sensor does that
(05:30):
I think is really neat is it adapts to take
images in low light situations. So camera sensors are all
about capturing light when you get down to it, and
some digital cameras, whether they're in smartphones or otherwise, have
some trouble in dim light situations and they produce grainy
images as a result. The Samsung sensor will have blocks
(05:50):
of sixteen pixels essentially teaming up to act like a
single pixel. So in this case, the overall image would
get reduced to twelve point five megapixels instead of two
hundred because those blocks of sixteen would be acting as
one reducing it down to twelve point five megapixels, but
that those sixteen pixels will be able to more effectively
(06:12):
capture the light that's in the scene and thus produce
better low light photos as a result. So, yeah, there'll
be fewer megapixels, you won't be able to zoom in
as far without losing detail, but you'll be able to
get a better image out of a low light situation. Now,
there's no word yet on when we might expect to
see phones that actually have these sensors in them. I
imagine they'll be popping up after a generation or two
(06:35):
of new devices, So we're probably looking at you know,
not maybe not by early next year, but maybe mid
to late next year, maybe we start seeing devices that
have these kind of sensors in it. I think that's
pretty neat. You know. I've talked a lot this year
about data breaches and hackers in ransomware. I wish I
(06:57):
didn't have to talk about it so much, but it's
been happening a lot. Well, we're gonna get to some
similar stuff right now. Bleeping Computer, it's a website, has
a piece that says the ransomware hacker group lock Bit
two point oh is actively trying to recruit folks who
work inside large corporations and the whole purpose is to
(07:19):
try and help this ransomware group plant malware on corporate
machines to kind of act as like an in road
for the hackers. See, when we think about hackers and malware,
we often think about someone finding like, you know, a
technical backdoor vulnerability. They're on their computer, they're typing quickly,
you know, they type in a password a couple of
(07:41):
times to get access to a system. Or maybe we
think about someone using social engineering to convince a person
who is authorized to access systems to hand over that
access by tricking them. This is the classic. Hey, I'm
from I T and I need to install some new
software in your machine and it should only take a
few minutes if you want to go in, you know,
take a coffee break. That is more common than you
(08:04):
might think. But sometimes the malware is coming from inside
the house. Sometimes employees of these companies can be convinced
to turn on their employers and help out a ransomware group. Now,
ransomware gangs typically demand some pretty high prices to return
systems to their rightful owners. And in case you're not
(08:25):
really familiar with what ransomware is. It's usually some software
that will encrypt data on a computer system or a
full computer network so that that data becomes inaccessible unless
you happen to have the decryption key, and then the
ransomware group demands a ransom be paid in order for
them to turn over that decryption key, and so a
(08:47):
lot bit two point oh is saying that insiders stand
to earn quote millions of dollars end quote if they
go along with it. But let me say a couple
of things before some of you all decide that you're
going to stick it to the man and and become
the infection vector for malware to hit your company's systems. First,
the general advice that companies receive whenever they're hit with
(09:09):
ransomware is that they should not pay the ransom because one,
there's no guarantee that they will have control returned to them.
And to every single payout is a message that goes
out to the hacking community that says ransomware is a
good way to make money. So, in other words, paying
ransoms encourages future attacks, So that could mean you could
(09:31):
go through the trouble of performing a criminal act on
behalf of this ransomware group, putting yourself at risk and
your company at risk, and your company might never pay
out that ransom, so you end up making nothing for
that anyway, which means you've got a very high risk
in other words. But another reason not to do it
(09:51):
is that, let's say that the group is ready to
commit a crime and extort money out of a target, Well,
then what's to stop that same group from screwing over
the person and who gave them access in the first place.
I mean, it's not like you could come forward and say, hey,
those hackers that attack the systems, they promised to give
me money if I gave them access, and now they
stiffed me. You can't do that. It would be admitting
(10:14):
that you were part of the attack. So there's no
guarantee you would even get paid out. You know, don't
he help out ransomware gangs. And you know what, even
if they did pay you out, even if you did
get millions of dollars, you don't have to figure out
how to hide all that cash because trust me, organizations
(10:34):
like the I r S and law enforcement are really
gonna wonder how you got so flush with cash out
of nowhere. So long story short, don't pay ransoms and companies,
don't burn your employees and make them resent you, because
that's really what makes these sorts of schemes tempting. In fact,
we'll talk about more of along those lines in just
(10:55):
a moment, but before we get to that, let's take
a quick break. Okay, before the break, I was talking
about how companies need to be careful because if they
burn their employees, then they can create the sort of
environment where those employees would say, yeah, why don't I
(11:19):
screw over the company because they're screwing me over and
you don't want that. Well, let's talk about the story
of Julianna Barile, who recently pled guilty to charges that
she illegally accessed the computer systems of a New York
credit union and subsequently deleted more than twenty gigabytes of data.
(11:39):
So Bill was once an employee of this credit union
in New York, but she found her employment terminated this
past May. Now, someone in the I T department was
supposed to revoke her access to the credit union's computer systems,
which is pretty standard operating procedure when someone leaves a company,
whether it's through termination, or residue nation or retirement or
(12:01):
whatever it might be. It's just good info sec practice
to revoke system access when someone is no longer employed
by the company. But yeah, that didn't happen. And when
Barrill found out that she could still access the credit
Union system, she did, and then she started deleting stuff,
and that included like loan application folders and such. And
(12:24):
as someone who not too long ago went through the
process of applying for a loan, I could tell you
that any hiccup along the way is stressful and it's frustrating,
but having the whole thing wiped out by a disgruntled
former credit Union employee would make things way worse. According
to court documents, Burrile deleted some twenty thousand files and
(12:45):
more than three thousand directories in about forty minutes. The
credit Union has been able to restore some files from
backup and estimates that the cost for recovery has been
more than ten thousand dollars. And here's an example of
the sort of thing groups like lock a bit two
point oh that I talked about before the break. This
is what they're on the lookout for. People who have
(13:06):
access to a system and an ax to grind against
their company. What Brill did was wrong. She probably caused
more harm to the end the customers of the Create
Union than the Create Union itself, like all those people
who had loans in process. It's incredibly disruptive. Now. I
don't have the details around her termination, like why she
(13:29):
was let go, but obviously whether the reasons for that
termination were justified or not, we can all say that
the credit union really should have revoked her access straight away.
As soon as she was terminated, that access should have
been shut down. So there are you know, she's at fault,
certainly because she's the one who did the crime, but
(13:50):
the CREB union also bears some responsibility. I would not
be surprised if some credit Union customers sought action against
the Create Union for failing to protect their you know,
their information and their assets. Speaking of cybersecurity, let's talk
about cables for a second. Now. I think a lot
of people don't consider cables as you know, a cybersecurity
(14:11):
element that they need to worry about, particularly when you've
got tons of people connecting to public WiFi without running
a VPN or anything like that. But yeah, cables can
trip you up and uh, I don't just mean literally,
although they can do that too. Happens to be pretty
much once a day, but no. A cybersecurity researcher who
(14:32):
uses the handle MG has been creating cables that hide
sneaky hardware inside them for a while now, and he
calls them, oh MG cables cute, right, And he's recently
unveiled a new one that uses the USBC form factor,
which was something a lot of people thought wouldn't be
possible because if you look at one of those cables,
(14:54):
it has a very small plug at the end of it,
and you would think there's not a whole lot of
space for you to hide any secret tech in that
form factor. And for this to work, for these cables
to be a security threat, you have to be able
to hide specialized chips inside that cable, and you have
to do it effectively so that it doesn't look like
(15:15):
it's out of place. So what is so special about
these cables what makes them a security threat? Well, for
one thing, MG has incorporated a WiFi transceiver chip inside
the cable itself. So if you connect one of these
cables to a device like your phone or a tablet
or a computer, a remote hacker can see that WiFi
(15:37):
spot because the cable will have activated the WiFi hot spot,
it creates the power necessary to run it. The hacker
can log in through that WiFi hot spot to gain
access to the devices the cable connects to, and they
can start deploying payloads like a keystroke logger, which will
keep track of everything you type on that device, so
(15:59):
if you're typing out like passwords and stuff, they can
collect those passwords. The implications of this are pretty scary,
and it really drives home the fact that you should
not trust any cables that are not your own. Just
imagine someone quote unquote testing these cables by leaving them
in heavily trafficked areas like airport charging stations or a
(16:21):
coffee shop or whatever. The variations on these cables include
USBC two lightning connectors, which means you're not safe if
you're on a PC, an Android device, or an iOS
device if you are using one of these cables. And
like I said, from the outside, they look like just
normal USB or lightning cables. There's nothing about them that
(16:44):
would set you off and make you think, oh, well,
this is sus But they really are an incredibly effective
security penetration tool if the right person is making use
of them. The security company Hack five has partnered with
MG to sell these cables, which are now in mass production,
and the stated purpose. In fact, what hack five always
says is that this is all to provide security researchers
(17:06):
penetration testers with the tools they need to do various
testing and security measures. And to be fair, if something
is possible, even if you were to say, like, oh,
but you're making cables that could cause an enormous amount
of harm if they fell into the wrong hands, well,
the fact that we know it's possible just means that
someone sooner or later was going to make one for
(17:27):
nefarious purposes. So while while you might like feel weird
about the fact that a security researcher has creates something
that's a real security threat, in another way, you could
say it's a good thing because now we know that
this is possible, so we can be on the lookout
for stuff when we encounter it. Um Still, you know,
just knowing these things are out there kind of gives
(17:48):
me the heavy GEVs. So maybe I will get Shannon
Morris back on the show to talk about this, because
it's pretty incredible stuff, And again, don't trust anyone's cables
but your own, right unless you purchase stead and you
feel pretty good about it, don't use some other cable.
You never know what kind of tech it might be hiding.
It's also possible to have chips that could deploy malware
(18:11):
directly to a device if you plugged it in using
that cable. So word to the wise, be careful. Now
let's move over to India to talk about how that
country continues to make moves that I think are fairly
authoritarian when it comes to tech and digital information. I've
already taught about how the country's government has pressured social
(18:31):
networking platforms to either suppress messages that criticize the government
or to step back from enforcing misinformation policies when government
officials post stuff that appears to violate those policies. So,
in other words, like if a politician were to post
something that fact checkers thought was misleading or misinformation, then
(18:52):
Twitter might tag that post with a label that says
as much. And India has really objected to Twitter taking
that step, in fact, catting to the point where they
said we're shutting down Twitter in India. However, on top
of all those things I have not taught about VPNs
or virtual private networks, so vp ns are really legitimately useful.
(19:16):
A good VPN protects you from folks snooping on your business.
So you might use a vp N if you wanted
to connect to stuff like say your bank account, or
medical insurance, or any of a million things that are sensitive.
So essentially, you log into a server that's acting as
your virtual private network, and the server will then go
on to fetch all the stuff that you're wanting to
(19:39):
look at online and everything is encrypted. So let's say
you wanted to look at your bank statement, you would
send the command, it would go to the VPN first encrypted,
and then the VPN would go and send the request
to your bank, and the return would go through the
VPN before it came back to you, and from an
(20:00):
went outside, it would just look like all you were
doing was communicating with this one VPN server, but they
wouldn't be able to see what was happening. Beyond that point,
they wouldn't know what you were really looking at. As
long as the VPN is on the up and up,
which is an important point, and as long as the
VPN does you know good practices like purging user histories
(20:22):
that things are relatively secure and private. By the way,
you should be using a VPN pretty much any time
you're not on your own network, and if you don't
want your i sp knowing what you're looking at. For example,
let's say that you're shopping around for different I s
p s, Well, you might want to use a VPN
even on your home network as well. But India's Parliamentary
(20:45):
Standing Committee on Home Affairs wants a countrywide block on VPNs.
Why Well, the committee claims that VPNs are facilitating piracy
and illegal commerce and that it provides a haven for
hackers so that they can attack targets without fear of
being tracked down because all the attacks would seem to
originate from the VPN, not the hacker. But India also
(21:09):
recently liberalized VPNs. They noted that VPNs were really important
for people to be able to work remotely and log
into company systems. A lot of companies run their own
VPNs because it is a good security measure. It helps
protect proprietary or trade secret information from getting out into
(21:30):
the world at large. So VPNs do play a valid
and important role. So we have kind of a a
disconnect here, right, we have another example of governments trying
to get control of stuff that inherently is designed to
resist that kind of intrusion. And we'll have to see
(21:50):
how this one plays out. I've got a few more
stories for us to cover before we get to that.
Let's take another quick break. Okay, we're back and over
here in the United States, the Government Accountability Office recently
(22:11):
released a report, in fact, it was just last week
that revealed numerous federal agencies continued to use and even
plan on increasing the use of facial recognition technology. This
is disturbing because, as I have reported several times, even
if you're okay with the idea of this level of surveillance,
(22:33):
in general, this technology is imperfect and frequently there is
an inherent bias within the technology itself which leads to
false positives and misidentifications, particularly among populations of non white people. So,
in other words, this technology can lead to an increased
discrimination against non white groups. And there have already been
(22:58):
several cases in which, you know, law enforcement has relied
upon facial recognition technology that was later found to have
misidentified people of interest. And obviously, if the authorities have
tagged you as being someone they want to talk to
in connection with a crime that's pretty darn stressful and
can be incredibly disruptive to your life. And when you
(23:21):
have nothing to do with that crime, like you have
no connection to it whatsoever. It's just that this technology
has misidentified you, and then law enforcement is putting the
burden on you to somehow prove you had nothing to
do with a crime. Well, that's an injustice, and the
potential for such injustices appears to be on the rise.
According to this report, The g a O survey twenty
(23:43):
four different federal agencies and departments and found that eighteen
of them currently rely on facial recognition technology in some capacity,
and ten of them plan to use it even more
in the future. Now, this isn't just concerning to me.
The problem caused by facial recognition tech has been bad
enough that some major companies, including IBM, have stopped selling
(24:06):
that technology to law enforcement and regulation agencies. They have
essentially noted that this technology is it stands to do
more harm than good. Some states, like Maine have passed
laws that restrict the use of the tech, and there's
a debate at the federal level on issuing essentially a
nationwide ban on it, and here's hoping we see progress
(24:28):
here and less reliance on the technology that, at least
for some groups, has the capacity to cause a disproportionate
amount of harm. Facial recognition tech. I think it's great
if you're trying to unlock a phone, because if it
doesn't work, you can just put in your pen. You're fine.
It's irritating that it doesn't work in those cases, and
it does speak to a problem with bias, but that's
(24:50):
an inconvenience when we're talking about law enforcement using it
as justification to disrupt the lives of people who may
be completely innocent and have no connection to the matter
at hand. That's another issue entirely. It starts to get
close to some constitutional problems. Okay, time for some cryptocurrency talk.
So one problem with cryptocurrency isn't really the text fault.
(25:13):
And I know I come down on cryptocurrency pretty hard,
pretty frequently, But one thing that you know, I can't
really fault the tech for is that the technology itself
is so poorly understood that it gives scam artists the
opportunity to pull a fast one and cheat people out
of their money, or sometimes cheat entire businesses out of
(25:35):
their money. The United States Securities and Exchange Commission, or SEC,
has charged a man named Satish Kombani of violating various
registration laws meant to protect investors from scams. Kombani had
been the founder of bit Connect, a cryptocurrency exchange platform
that no longer exists because it was, you know, a
(25:59):
den of scumming villainy. I guess at the heart of
the matter is that Kombani fraudulently raised around two billion
dollars worth of investments from various retail companies in a
cryptocurrency investment scam. And as part of the scam, Kombani
showed potential investors fictitious returns of investment of around three
(26:20):
thousand seven annual return. So, in other words, let's say
that this was a real thing, that it was totally working,
and on January one, you invested one dollar into the
the strategy. January one, the following year, you would have
three thousand, seven hundred dollars. And if you invested ten grand,
(26:42):
or a hundred grand or a million, what you get
the idea, it's an astronomical return. Further, Kombani claimed that
bit connects own cryptocurrency which was called bit connect coin,
which isn't confusing at all, was a stable and safe
cryptocurrency that no one was gonna have to worry about.
(27:03):
Uh that failing only it totally wasn't stable and safe,
as the cryptocurrencies value plummeted by pent in January, and
that Kambani was doing the old Ponzi scheme. So that
involves getting a round of investors to give you money.
So you've got your initial flush of cash. Then when
(27:25):
it comes time to pay out the first investors, you
go find a second round of investors to give you
more money. You use the money from the second round
of investors to pay out your first round of investors.
But then you've got to go after a third round
of investors to help pay off that second round, and
so on. So ponzi schemes can break in huge amounts
(27:46):
of cash. They don't have to be connected at all
with cryptocurrency. But we have seen a lot of cryptocurrency
scams that are essentially Ponzi schemes in recent history, and
one common element about all of them is that they
always eventually come crashing down because sooner or later you
run out of folks who are willing to invest, and
it's time to pay the piper. Now. Maybe by then
(28:08):
you've made enough to make your escape, but it ain't
exactly the best get rich plan. Finally, Amazon and SpaceX
are having a fight down here on Earth over stuff
that's meant to float around in space. Specifically, the fight
revolves around Starlink, space X's satellite Internet communications system that
the company has had in beta testing for a while now.
(28:30):
So SpaceX's goal is to launch thousands of satellites up
into orbit to provide consistent satellite Internet coverage down here
on Earth. We're talking like thirty thousand satellites are more.
But SpaceX says that Amazon has been filing objections to
various SpaceX proposals in attempt to hinder SpaceX because, as
(28:52):
SpaceX puts it, Amazon's own satellite Internet solution, called Kiper,
is running behind schedule. So according to SpaceX, Amazon has
decided to try and slow down the competition while it
tries to get its own system up and running. Amazon, however,
filed complaints with the FCC saying that space X was
(29:15):
not following the proper rules when it comes to submitting
proposals for putting more satellites in orbit, and like I said,
we're talking about thousands of satellites here. And Amazon's complaint
is that SpaceX's proposal actually has two different configurations of
satellites in it, and you can't have two different ones
at the same time. Obviously, you can only have one.
(29:37):
And so Amazon says this is against the rules. The
rules require proposals to have no internal inconsistencies. You can't
say we might do it this way, or maybe we'll
do it this other way instead, according to Amazon, anyway,
the rules say you should commit to a single approach
in your proposal before the process can move forward. Meanwhile,
(29:59):
SpaceX is like, now, uh, you just want us to
not be able to go to the public comment phase.
And anyway, the public comment phase is where we could
hash all this out. It would all be fine. Now.
I am not on the side of either Amazon or
SpaceX in this matter. Personally, I actually worry about the
thousands of satellites that will be needed for both the
(30:20):
Starlink and the Amazon Keiper system to work. That is
a lot of stuff whizzing around out there in low
Earth orbit which could potentially become space junk and thus
interfere with other spacecraft. It can also interfere with astronomical
observations here on Earth. So I'm not super fan of
(30:41):
either of these things right now. But anyway, that's not
the point. The point is that Amazon and space X
are totes in a space fight just here on Earth,
and that's it. Those are all the stories I have
for you on Thursday, September two, two twenty one. I
hope you are well and safe. And for those of
you in the United States, I hope you have a
(31:01):
wonderful Labor Day weekend. And if you have any suggestions
for topics I should cover on tech Stuff, reach out
to me. The best way to do that is to
use Twitter, and I use the handle text stuff h
s W and I'll talk to you again really soon.
Text Stuff is an I Heart Radio production. For more
(31:24):
podcasts from I Heart Radio, visit the I Heart Radio app,
Apple Podcasts, or wherever you listen to your favorite shows.
Welcome to tech Stuff, a production from I Heart Radio.
Hey there, and welcome to tech Stuff. I'm your host,
Jonathan Strickland. I'm an executive producer with I Heart Radio
and I love all things tech. And this is the
tech news for Thursday, September second, two thousand twenty one.
(00:25):
Earlier this week, I talked about how thousands of subreddits
on the site Reddit are calling on Reddit to crack
down on COVID nineteen misinformation and disinformation that is otherwise
proliferating across the site. Reddit had quarantined a subreddit called
our slash No New Normal, meaning Reddit had effectively cut
(00:48):
off access to the subreddit for new users, but had
not actually shut it down. But now that's changed. Reddit
has subsequently banned the No New Normal subreddit completely, and
as warantined, more than fifty other subreddits also found to
have spread and promoted COVID misinformation. So it looks like
Reddit is making a shift, at least when it comes
(01:10):
to matters of public health. As I said earlier this week,
the official stance of the company had been let's just
let the users kind of hash out what to believe,
very similar to what Mark Zuckerberg said about content on Facebook.
And you know that can be fine if you're talking
about different points of view that have validity to them. Right,
(01:32):
If you have two people who disagree about something, but
they have valid reasons for that disagreement, letting them hash
it out, that makes sense and not taking sides until
we get that. But when it comes to truth versus misinformation,
it's a different matter entirely. Anyway, I'm not going to
go down that rabbit hole again. You already heard me
say that earlier this week. Instead, I'll say that Reddit
(01:52):
won't allow posts that promote quote falsifiable health information that
encourages or poses a significant risk of physical arm to
the reader end quote. I think that's the ethical choice here,
as this is not, you know, a case of the
dresses blue and black. No, you're an idiot, The dress
is white and gold. This is really about people spreading
(02:13):
narratives that have potentially tragic consequences, with more people getting sick,
hospitals becoming overwhelmed, and ultimately more people dying as a result.
I think Reddit's response is a good one. I also
think it was a necessary response, not just because it
was the right thing to do, as I believe it was,
(02:33):
but also because the subredits that were protesting all this
misinformation in the first place, We're starting to use some
pretty guerrilla warfare tactics to disrupt the subredits that we're
spreading misinformation going in there and like posting not safe
for work content and such in order to necessitate a
change in that subreddit status. And if Reddit had not
stepped in, the whole platform could have descended into a
(02:56):
chaotic mess. Samsung has entered used a new sensor for
mobile devices that has a resolution of two hundred megapixels.
That's pretty incredible stuff, but let's break down what that means.
Super Fast digital images when you zoom way way way in,
are made up of tiny little points of light called pixels,
(03:20):
and collectively, these pixels appear to us as you know,
photographs and videos and stuff when we're looking at them
on screens, and generally speaking, the more pixels you can
cram into a certain size frame, the more detail you
can capture in that image. Now, once you get beyond
a certain resolution, the human eye is going to have
(03:41):
a lot of trouble picking out any extra detail. So
if you're just looking at a full size image, you're
not likely to see the difference. So megapixels and cameras
really only matter up to a point unless you're looking
for a specific use case. So, for example, let's say
that you're a photographer and you want to take photos
(04:03):
of stuff that you later intend to enlarge so that
you can make movie poster sized print outs of it. Well,
in that case, you want a camera that has sensors
that can, yeah, you know, capture a lot of megapixels,
because otherwise, as you enlarge the image, you start to
lose that detail. If you've got, you know, are very
high megapixel camera, you can enlarge an image to a
(04:26):
pretty impressive degree and not lose any noticeable detail as
a result. So this means that in the future, if
you happen to buy one of these phones that's going
to have a two D megapixel image sensor, you could
theoretically snap a photo with your phone and then later
you could digitally zoom way, way way in on the
image to look at something specific, and you could even
(04:48):
crop the photo and have it take you know, a
full size photo as if you were you know, right
up on something as opposed to really far back from it,
and you don't lose any detail. In the image. That's
pretty cool, especially if you want to take photos of
stuff that you cannot get close to. Let's say like
you're taking a picture of a historic building and there's
(05:08):
a barrier where you're not supposed to cross, and you
want to get really fine detail on a specific part.
You can only zoom in so much with most digital cameras,
if especially if you don't have a telephoto lens. So
this is something that can help you with that, where
that pixel density can allow you to capture detail that
otherwise you might lose. Something else. The sensor does that
(05:30):
I think is really neat is it adapts to take
images in low light situations. So camera sensors are all
about capturing light when you get down to it, and
some digital cameras, whether they're in smartphones or otherwise, have
some trouble in dim light situations and they produce grainy
images as a result. The Samsung sensor will have blocks
(05:50):
of sixteen pixels essentially teaming up to act like a
single pixel. So in this case, the overall image would
get reduced to twelve point five megapixels instead of two
hundred because those blocks of sixteen would be acting as
one reducing it down to twelve point five megapixels, but
that those sixteen pixels will be able to more effectively
(06:12):
capture the light that's in the scene and thus produce
better low light photos as a result. So, yeah, there'll
be fewer megapixels, you won't be able to zoom in
as far without losing detail, but you'll be able to
get a better image out of a low light situation. Now,
there's no word yet on when we might expect to
see phones that actually have these sensors in them. I
imagine they'll be popping up after a generation or two
(06:35):
of new devices, So we're probably looking at you know,
not maybe not by early next year, but maybe mid
to late next year, maybe we start seeing devices that
have these kind of sensors in it. I think that's
pretty neat. You know. I've talked a lot this year
about data breaches and hackers in ransomware. I wish I
(06:57):
didn't have to talk about it so much, but it's
been happening a lot. Well, we're gonna get to some
similar stuff right now. Bleeping Computer, it's a website, has
a piece that says the ransomware hacker group lock Bit
two point oh is actively trying to recruit folks who
work inside large corporations and the whole purpose is to
(07:19):
try and help this ransomware group plant malware on corporate
machines to kind of act as like an in road
for the hackers. See, when we think about hackers and malware,
we often think about someone finding like, you know, a
technical backdoor vulnerability. They're on their computer, they're typing quickly,
you know, they type in a password a couple of
(07:41):
times to get access to a system. Or maybe we
think about someone using social engineering to convince a person
who is authorized to access systems to hand over that
access by tricking them. This is the classic. Hey, I'm
from I T and I need to install some new
software in your machine and it should only take a
few minutes if you want to go in, you know,
take a coffee break. That is more common than you
(08:04):
might think. But sometimes the malware is coming from inside
the house. Sometimes employees of these companies can be convinced
to turn on their employers and help out a ransomware group. Now,
ransomware gangs typically demand some pretty high prices to return
systems to their rightful owners. And in case you're not
(08:25):
really familiar with what ransomware is. It's usually some software
that will encrypt data on a computer system or a
full computer network so that that data becomes inaccessible unless
you happen to have the decryption key, and then the
ransomware group demands a ransom be paid in order for
them to turn over that decryption key, and so a
(08:47):
lot bit two point oh is saying that insiders stand
to earn quote millions of dollars end quote if they
go along with it. But let me say a couple
of things before some of you all decide that you're
going to stick it to the man and and become
the infection vector for malware to hit your company's systems. First,
the general advice that companies receive whenever they're hit with
(09:09):
ransomware is that they should not pay the ransom because one,
there's no guarantee that they will have control returned to them.
And to every single payout is a message that goes
out to the hacking community that says ransomware is a
good way to make money. So, in other words, paying
ransoms encourages future attacks, So that could mean you could
(09:31):
go through the trouble of performing a criminal act on
behalf of this ransomware group, putting yourself at risk and
your company at risk, and your company might never pay
out that ransom, so you end up making nothing for
that anyway, which means you've got a very high risk
in other words. But another reason not to do it
(09:51):
is that, let's say that the group is ready to
commit a crime and extort money out of a target, Well,
then what's to stop that same group from screwing over
the person and who gave them access in the first place.
I mean, it's not like you could come forward and say, hey,
those hackers that attack the systems, they promised to give
me money if I gave them access, and now they
stiffed me. You can't do that. It would be admitting
(10:14):
that you were part of the attack. So there's no
guarantee you would even get paid out. You know, don't
he help out ransomware gangs. And you know what, even
if they did pay you out, even if you did
get millions of dollars, you don't have to figure out
how to hide all that cash because trust me, organizations
(10:34):
like the I r S and law enforcement are really
gonna wonder how you got so flush with cash out
of nowhere. So long story short, don't pay ransoms and companies,
don't burn your employees and make them resent you, because
that's really what makes these sorts of schemes tempting. In fact,
we'll talk about more of along those lines in just
(10:55):
a moment, but before we get to that, let's take
a quick break. Okay, before the break, I was talking
about how companies need to be careful because if they
burn their employees, then they can create the sort of
environment where those employees would say, yeah, why don't I
(11:19):
screw over the company because they're screwing me over and
you don't want that. Well, let's talk about the story
of Julianna Barile, who recently pled guilty to charges that
she illegally accessed the computer systems of a New York
credit union and subsequently deleted more than twenty gigabytes of data.
(11:39):
So Bill was once an employee of this credit union
in New York, but she found her employment terminated this
past May. Now, someone in the I T department was
supposed to revoke her access to the credit union's computer systems,
which is pretty standard operating procedure when someone leaves a company,
whether it's through termination, or residue nation or retirement or
(12:01):
whatever it might be. It's just good info sec practice
to revoke system access when someone is no longer employed
by the company. But yeah, that didn't happen. And when
Barrill found out that she could still access the credit
Union system, she did, and then she started deleting stuff,
and that included like loan application folders and such. And
(12:24):
as someone who not too long ago went through the
process of applying for a loan, I could tell you
that any hiccup along the way is stressful and it's frustrating,
but having the whole thing wiped out by a disgruntled
former credit Union employee would make things way worse. According
to court documents, Burrile deleted some twenty thousand files and
(12:45):
more than three thousand directories in about forty minutes. The
credit Union has been able to restore some files from
backup and estimates that the cost for recovery has been
more than ten thousand dollars. And here's an example of
the sort of thing groups like lock a bit two
point oh that I talked about before the break. This
is what they're on the lookout for. People who have
(13:06):
access to a system and an ax to grind against
their company. What Brill did was wrong. She probably caused
more harm to the end the customers of the Create
Union than the Create Union itself, like all those people
who had loans in process. It's incredibly disruptive. Now. I
don't have the details around her termination, like why she
(13:29):
was let go, but obviously whether the reasons for that
termination were justified or not, we can all say that
the credit union really should have revoked her access straight away.
As soon as she was terminated, that access should have
been shut down. So there are you know, she's at fault,
certainly because she's the one who did the crime, but
(13:50):
the CREB union also bears some responsibility. I would not
be surprised if some credit Union customers sought action against
the Create Union for failing to protect their you know,
their information and their assets. Speaking of cybersecurity, let's talk
about cables for a second. Now. I think a lot
of people don't consider cables as you know, a cybersecurity
(14:11):
element that they need to worry about, particularly when you've
got tons of people connecting to public WiFi without running
a VPN or anything like that. But yeah, cables can
trip you up and uh, I don't just mean literally,
although they can do that too. Happens to be pretty
much once a day, but no. A cybersecurity researcher who
(14:32):
uses the handle MG has been creating cables that hide
sneaky hardware inside them for a while now, and he
calls them, oh MG cables cute, right, And he's recently
unveiled a new one that uses the USBC form factor,
which was something a lot of people thought wouldn't be
possible because if you look at one of those cables,
(14:54):
it has a very small plug at the end of it,
and you would think there's not a whole lot of
space for you to hide any secret tech in that
form factor. And for this to work, for these cables
to be a security threat, you have to be able
to hide specialized chips inside that cable, and you have
to do it effectively so that it doesn't look like
(15:15):
it's out of place. So what is so special about
these cables what makes them a security threat? Well, for
one thing, MG has incorporated a WiFi transceiver chip inside
the cable itself. So if you connect one of these
cables to a device like your phone or a tablet
or a computer, a remote hacker can see that WiFi
(15:37):
spot because the cable will have activated the WiFi hot spot,
it creates the power necessary to run it. The hacker
can log in through that WiFi hot spot to gain
access to the devices the cable connects to, and they
can start deploying payloads like a keystroke logger, which will
keep track of everything you type on that device, so
(15:59):
if you're typing out like passwords and stuff, they can
collect those passwords. The implications of this are pretty scary,
and it really drives home the fact that you should
not trust any cables that are not your own. Just
imagine someone quote unquote testing these cables by leaving them
in heavily trafficked areas like airport charging stations or a
(16:21):
coffee shop or whatever. The variations on these cables include
USBC two lightning connectors, which means you're not safe if
you're on a PC, an Android device, or an iOS
device if you are using one of these cables. And
like I said, from the outside, they look like just
normal USB or lightning cables. There's nothing about them that
(16:44):
would set you off and make you think, oh, well,
this is sus But they really are an incredibly effective
security penetration tool if the right person is making use
of them. The security company Hack five has partnered with
MG to sell these cables, which are now in mass production,
and the stated purpose. In fact, what hack five always
says is that this is all to provide security researchers
(17:06):
penetration testers with the tools they need to do various
testing and security measures. And to be fair, if something
is possible, even if you were to say, like, oh,
but you're making cables that could cause an enormous amount
of harm if they fell into the wrong hands, well,
the fact that we know it's possible just means that
someone sooner or later was going to make one for
(17:27):
nefarious purposes. So while while you might like feel weird
about the fact that a security researcher has creates something
that's a real security threat, in another way, you could
say it's a good thing because now we know that
this is possible, so we can be on the lookout
for stuff when we encounter it. Um Still, you know,
just knowing these things are out there kind of gives
(17:48):
me the heavy GEVs. So maybe I will get Shannon
Morris back on the show to talk about this, because
it's pretty incredible stuff, And again, don't trust anyone's cables
but your own, right unless you purchase stead and you
feel pretty good about it, don't use some other cable.
You never know what kind of tech it might be hiding.
It's also possible to have chips that could deploy malware
(18:11):
directly to a device if you plugged it in using
that cable. So word to the wise, be careful. Now
let's move over to India to talk about how that
country continues to make moves that I think are fairly
authoritarian when it comes to tech and digital information. I've
already taught about how the country's government has pressured social
(18:31):
networking platforms to either suppress messages that criticize the government
or to step back from enforcing misinformation policies when government
officials post stuff that appears to violate those policies. So,
in other words, like if a politician were to post
something that fact checkers thought was misleading or misinformation, then
(18:52):
Twitter might tag that post with a label that says
as much. And India has really objected to Twitter taking
that step, in fact, catting to the point where they
said we're shutting down Twitter in India. However, on top
of all those things I have not taught about VPNs
or virtual private networks, so vp ns are really legitimately useful.
(19:16):
A good VPN protects you from folks snooping on your business.
So you might use a vp N if you wanted
to connect to stuff like say your bank account, or
medical insurance, or any of a million things that are sensitive.
So essentially, you log into a server that's acting as
your virtual private network, and the server will then go
on to fetch all the stuff that you're wanting to
(19:39):
look at online and everything is encrypted. So let's say
you wanted to look at your bank statement, you would
send the command, it would go to the VPN first encrypted,
and then the VPN would go and send the request
to your bank, and the return would go through the
VPN before it came back to you, and from an
(20:00):
went outside, it would just look like all you were
doing was communicating with this one VPN server, but they
wouldn't be able to see what was happening. Beyond that point,
they wouldn't know what you were really looking at. As
long as the VPN is on the up and up,
which is an important point, and as long as the
VPN does you know good practices like purging user histories
(20:22):
that things are relatively secure and private. By the way,
you should be using a VPN pretty much any time
you're not on your own network, and if you don't
want your i sp knowing what you're looking at. For example,
let's say that you're shopping around for different I s
p s, Well, you might want to use a VPN
even on your home network as well. But India's Parliamentary
(20:45):
Standing Committee on Home Affairs wants a countrywide block on VPNs.
Why Well, the committee claims that VPNs are facilitating piracy
and illegal commerce and that it provides a haven for
hackers so that they can attack targets without fear of
being tracked down because all the attacks would seem to
originate from the VPN, not the hacker. But India also
(21:09):
recently liberalized VPNs. They noted that VPNs were really important
for people to be able to work remotely and log
into company systems. A lot of companies run their own
VPNs because it is a good security measure. It helps
protect proprietary or trade secret information from getting out into
(21:30):
the world at large. So VPNs do play a valid
and important role. So we have kind of a a
disconnect here, right, we have another example of governments trying
to get control of stuff that inherently is designed to
resist that kind of intrusion. And we'll have to see
(21:50):
how this one plays out. I've got a few more
stories for us to cover before we get to that.
Let's take another quick break. Okay, we're back and over
here in the United States, the Government Accountability Office recently
(22:11):
released a report, in fact, it was just last week
that revealed numerous federal agencies continued to use and even
plan on increasing the use of facial recognition technology. This
is disturbing because, as I have reported several times, even
if you're okay with the idea of this level of surveillance,
(22:33):
in general, this technology is imperfect and frequently there is
an inherent bias within the technology itself which leads to
false positives and misidentifications, particularly among populations of non white people. So,
in other words, this technology can lead to an increased
discrimination against non white groups. And there have already been
(22:58):
several cases in which, you know, law enforcement has relied
upon facial recognition technology that was later found to have
misidentified people of interest. And obviously, if the authorities have
tagged you as being someone they want to talk to
in connection with a crime that's pretty darn stressful and
can be incredibly disruptive to your life. And when you
(23:21):
have nothing to do with that crime, like you have
no connection to it whatsoever. It's just that this technology
has misidentified you, and then law enforcement is putting the
burden on you to somehow prove you had nothing to
do with a crime. Well, that's an injustice, and the
potential for such injustices appears to be on the rise.
According to this report, The g a O survey twenty
(23:43):
four different federal agencies and departments and found that eighteen
of them currently rely on facial recognition technology in some capacity,
and ten of them plan to use it even more
in the future. Now, this isn't just concerning to me.
The problem caused by facial recognition tech has been bad
enough that some major companies, including IBM, have stopped selling
(24:06):
that technology to law enforcement and regulation agencies. They have
essentially noted that this technology is it stands to do
more harm than good. Some states, like Maine have passed
laws that restrict the use of the tech, and there's
a debate at the federal level on issuing essentially a
nationwide ban on it, and here's hoping we see progress
(24:28):
here and less reliance on the technology that, at least
for some groups, has the capacity to cause a disproportionate
amount of harm. Facial recognition tech. I think it's great
if you're trying to unlock a phone, because if it
doesn't work, you can just put in your pen. You're fine.
It's irritating that it doesn't work in those cases, and
it does speak to a problem with bias, but that's
(24:50):
an inconvenience when we're talking about law enforcement using it
as justification to disrupt the lives of people who may
be completely innocent and have no connection to the matter
at hand. That's another issue entirely. It starts to get
close to some constitutional problems. Okay, time for some cryptocurrency talk.
So one problem with cryptocurrency isn't really the text fault.
(25:13):
And I know I come down on cryptocurrency pretty hard,
pretty frequently, But one thing that you know, I can't
really fault the tech for is that the technology itself
is so poorly understood that it gives scam artists the
opportunity to pull a fast one and cheat people out
of their money, or sometimes cheat entire businesses out of
(25:35):
their money. The United States Securities and Exchange Commission, or SEC,
has charged a man named Satish Kombani of violating various
registration laws meant to protect investors from scams. Kombani had
been the founder of bit Connect, a cryptocurrency exchange platform
that no longer exists because it was, you know, a
(25:59):
den of scumming villainy. I guess at the heart of
the matter is that Kombani fraudulently raised around two billion
dollars worth of investments from various retail companies in a
cryptocurrency investment scam. And as part of the scam, Kombani
showed potential investors fictitious returns of investment of around three
(26:20):
thousand seven annual return. So, in other words, let's say
that this was a real thing, that it was totally working,
and on January one, you invested one dollar into the
the strategy. January one, the following year, you would have
three thousand, seven hundred dollars. And if you invested ten grand,
(26:42):
or a hundred grand or a million, what you get
the idea, it's an astronomical return. Further, Kombani claimed that
bit connects own cryptocurrency which was called bit connect coin,
which isn't confusing at all, was a stable and safe
cryptocurrency that no one was gonna have to worry about.
(27:03):
Uh that failing only it totally wasn't stable and safe,
as the cryptocurrencies value plummeted by pent in January, and
that Kambani was doing the old Ponzi scheme. So that
involves getting a round of investors to give you money.
So you've got your initial flush of cash. Then when
(27:25):
it comes time to pay out the first investors, you
go find a second round of investors to give you
more money. You use the money from the second round
of investors to pay out your first round of investors.
But then you've got to go after a third round
of investors to help pay off that second round, and
so on. So ponzi schemes can break in huge amounts
(27:46):
of cash. They don't have to be connected at all
with cryptocurrency. But we have seen a lot of cryptocurrency
scams that are essentially Ponzi schemes in recent history, and
one common element about all of them is that they
always eventually come crashing down because sooner or later you
run out of folks who are willing to invest, and
it's time to pay the piper. Now. Maybe by then
(28:08):
you've made enough to make your escape, but it ain't
exactly the best get rich plan. Finally, Amazon and SpaceX
are having a fight down here on Earth over stuff
that's meant to float around in space. Specifically, the fight
revolves around Starlink, space X's satellite Internet communications system that
the company has had in beta testing for a while now.
(28:30):
So SpaceX's goal is to launch thousands of satellites up
into orbit to provide consistent satellite Internet coverage down here
on Earth. We're talking like thirty thousand satellites are more.
But SpaceX says that Amazon has been filing objections to
various SpaceX proposals in attempt to hinder SpaceX because, as
(28:52):
SpaceX puts it, Amazon's own satellite Internet solution, called Kiper,
is running behind schedule. So according to SpaceX, Amazon has
decided to try and slow down the competition while it
tries to get its own system up and running. Amazon, however,
filed complaints with the FCC saying that space X was
(29:15):
not following the proper rules when it comes to submitting
proposals for putting more satellites in orbit, and like I said,
we're talking about thousands of satellites here. And Amazon's complaint
is that SpaceX's proposal actually has two different configurations of
satellites in it, and you can't have two different ones
at the same time. Obviously, you can only have one.
(29:37):
And so Amazon says this is against the rules. The
rules require proposals to have no internal inconsistencies. You can't
say we might do it this way, or maybe we'll
do it this other way instead, according to Amazon, anyway,
the rules say you should commit to a single approach
in your proposal before the process can move forward. Meanwhile,
(29:59):
SpaceX is like, now, uh, you just want us to
not be able to go to the public comment phase.
And anyway, the public comment phase is where we could
hash all this out. It would all be fine. Now.
I am not on the side of either Amazon or
SpaceX in this matter. Personally, I actually worry about the
thousands of satellites that will be needed for both the
(30:20):
Starlink and the Amazon Keiper system to work. That is
a lot of stuff whizzing around out there in low
Earth orbit which could potentially become space junk and thus
interfere with other spacecraft. It can also interfere with astronomical
observations here on Earth. So I'm not super fan of
(30:41):
either of these things right now. But anyway, that's not
the point. The point is that Amazon and space X
are totes in a space fight just here on Earth,
and that's it. Those are all the stories I have
for you on Thursday, September two, two twenty one. I
hope you are well and safe. And for those of
you in the United States, I hope you have a
(31:01):
wonderful Labor Day weekend. And if you have any suggestions
for topics I should cover on tech Stuff, reach out
to me. The best way to do that is to
use Twitter, and I use the handle text stuff h
s W and I'll talk to you again really soon.
Text Stuff is an I Heart Radio production. For more
(31:24):
podcasts from I Heart Radio, visit the I Heart Radio app,
Apple Podcasts, or wherever you listen to your favorite shows.
TechStuff News
Hosts And Creators
Oz Woloshyn
Karah Preiss
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.
The Joe Rogan Experience
The official podcast of comedian Joe Rogan.