Welcome to tech Stuff, a production from I Heart Radio. Hey there, and welcome to tech Stuff. I'm your host, Jonathan Strickland. I'm an executive producer with I Heart Radio and I love all things tech. And this is the tech news for Thursday, September second, two thousand twenty one. Earlier this week, I talked about how thousands of subreddits on the site Reddit are calling on Reddit to crack down on COVID nineteen misinformation and disinformation that is otherwise proliferating across the site. Reddit had quarantined a subreddit called our slash No New Normal, meaning Reddit had effectively cut off access to the subreddit for new users, but had not actually shut it down. But now that's changed. Reddit has subsequently banned the No New Normal subreddit completely, and as warantined, more than fifty other subreddits also found to have spread and promoted COVID misinformation. So it looks like Reddit is making a shift, at least when it comes to matters of public health. As I said earlier this week, the official stance of the company had been let's just let the users kind of hash out what to believe, very similar to what Mark Zuckerberg said about content on Facebook. And you know that can be fine if you're talking about different points of view that have validity to them. Right, If you have two people who disagree about something, but they have valid reasons for that disagreement, letting them hash it out, that makes sense and not taking sides until we get that. But when it comes to truth versus misinformation, it's a different matter entirely. Anyway, I'm not going to go down that rabbit hole again. You already heard me say that earlier this week. Instead, I'll say that Reddit won't allow posts that promote quote falsifiable health information that encourages or poses a significant risk of physical arm to the reader end quote. I think that's the ethical choice here, as this is not, you know, a case of the dresses blue and black. No, you're an idiot, The dress is white and gold. This is really about people spreading narratives that have potentially tragic consequences, with more people getting sick, hospitals becoming overwhelmed, and ultimately more people dying as a result. I think Reddit's response is a good one. I also think it was a necessary response, not just because it was the right thing to do, as I believe it was, but also because the subredits that were protesting all this misinformation in the first place, We're starting to use some pretty guerrilla warfare tactics to disrupt the subredits that we're spreading misinformation going in there and like posting not safe for work content and such in order to necessitate a change in that subreddit status. And if Reddit had not stepped in, the whole platform could have descended into a chaotic mess. Samsung has entered used a new sensor for mobile devices that has a resolution of two hundred megapixels. That's pretty incredible stuff, but let's break down what that means. Super Fast digital images when you zoom way way way in, are made up of tiny little points of light called pixels, and collectively, these pixels appear to us as you know, photographs and videos and stuff when we're looking at them on screens, and generally speaking, the more pixels you can cram into a certain size frame, the more detail you can capture in that image. Now, once you get beyond a certain resolution, the human eye is going to have a lot of trouble picking out any extra detail. So if you're just looking at a full size image, you're not likely to see the difference. So megapixels and cameras really only matter up to a point unless you're looking for a specific use case. So, for example, let's say that you're a photographer and you want to take photos of stuff that you later intend to enlarge so that you can make movie poster sized print outs of it. Well, in that case, you want a camera that has sensors that can, yeah, you know, capture a lot of megapixels, because otherwise, as you enlarge the image, you start to lose that detail. If you've got, you know, are very high megapixel camera, you can enlarge an image to a pretty impressive degree and not lose any noticeable detail as a result. So this means that in the future, if you happen to buy one of these phones that's going to have a two D megapixel image sensor, you could theoretically snap a photo with your phone and then later you could digitally zoom way, way way in on the image to look at something specific, and you could even crop the photo and have it take you know, a full size photo as if you were you know, right up on something as opposed to really far back from it, and you don't lose any detail. In the image. That's pretty cool, especially if you want to take photos of stuff that you cannot get close to. Let's say like you're taking a picture of a historic building and there's a barrier where you're not supposed to cross, and you want to get really fine detail on a specific part. You can only zoom in so much with most digital cameras, if especially if you don't have a telephoto lens. So this is something that can help you with that, where that pixel density can allow you to capture detail that otherwise you might lose. Something else. The sensor does that I think is really neat is it adapts to take images in low light situations. So camera sensors are all about capturing light when you get down to it, and some digital cameras, whether they're in smartphones or otherwise, have some trouble in dim light situations and they produce grainy images as a result. The Samsung sensor will have blocks of sixteen pixels essentially teaming up to act like a single pixel. So in this case, the overall image would get reduced to twelve point five megapixels instead of two hundred because those blocks of sixteen would be acting as one reducing it down to twelve point five megapixels, but that those sixteen pixels will be able to more effectively capture the light that's in the scene and thus produce better low light photos as a result. So, yeah, there'll be fewer megapixels, you won't be able to zoom in as far without losing detail, but you'll be able to get a better image out of a low light situation. Now, there's no word yet on when we might expect to see phones that actually have these sensors in them. I imagine they'll be popping up after a generation or two of new devices, So we're probably looking at you know, not maybe not by early next year, but maybe mid to late next year, maybe we start seeing devices that have these kind of sensors in it. I think that's pretty neat. You know. I've talked a lot this year about data breaches and hackers in ransomware. I wish I didn't have to talk about it so much, but it's been happening a lot. Well, we're gonna get to some similar stuff right now. Bleeping Computer, it's a website, has a piece that says the ransomware hacker group lock Bit two point oh is actively trying to recruit folks who work inside large corporations and the whole purpose is to try and help this ransomware group plant malware on corporate machines to kind of act as like an in road for the hackers. See, when we think about hackers and malware, we often think about someone finding like, you know, a technical backdoor vulnerability. They're on their computer, they're typing quickly, you know, they type in a password a couple of times to get access to a system. Or maybe we think about someone using social engineering to convince a person who is authorized to access systems to hand over that access by tricking them. This is the classic. Hey, I'm from I T and I need to install some new software in your machine and it should only take a few minutes if you want to go in, you know, take a coffee break. That is more common than you might think. But sometimes the malware is coming from inside the house. Sometimes employees of these companies can be convinced to turn on their employers and help out a ransomware group. Now, ransomware gangs typically demand some pretty high prices to return systems to their rightful owners. And in case you're not really familiar with what ransomware is. It's usually some software that will encrypt data on a computer system or a full computer network so that that data becomes inaccessible unless you happen to have the decryption key, and then the ransomware group demands a ransom be paid in order for them to turn over that decryption key, and so a lot bit two point oh is saying that insiders stand to earn quote millions of dollars end quote if they go along with it. But let me say a couple of things before some of you all decide that you're going to stick it to the man and and become the infection vector for malware to hit your company's systems. First, the general advice that companies receive whenever they're hit with ransomware is that they should not pay the ransom because one, there's no guarantee that they will have control returned to them. And to every single payout is a message that goes out to the hacking community that says ransomware is a good way to make money. So, in other words, paying ransoms encourages future attacks, So that could mean you could go through the trouble of performing a criminal act on behalf of this ransomware group, putting yourself at risk and your company at risk, and your company might never pay out that ransom, so you end up making nothing for that anyway, which means you've got a very high risk in other words. But another reason not to do it is that, let's say that the group is ready to commit a crime and extort money out of a target, Well, then what's to stop that same group from screwing over the person and who gave them access in the first place. I mean, it's not like you could come forward and say, hey, those hackers that attack the systems, they promised to give me money if I gave them access, and now they stiffed me. You can't do that. It would be admitting that you were part of the attack. So there's no guarantee you would even get paid out. You know, don't he help out ransomware gangs. And you know what, even if they did pay you out, even if you did get millions of dollars, you don't have to figure out how to hide all that cash because trust me, organizations like the I r S and law enforcement are really gonna wonder how you got so flush with cash out of nowhere. So long story short, don't pay ransoms and companies, don't burn your employees and make them resent you, because that's really what makes these sorts of schemes tempting. In fact, we'll talk about more of along those lines in just a moment, but before we get to that, let's take a quick break. Okay, before the break, I was talking about how companies need to be careful because if they burn their employees, then they can create the sort of environment where those employees would say, yeah, why don't I screw over the company because they're screwing me over and you don't want that. Well, let's talk about the story of Julianna Barile, who recently pled guilty to charges that she illegally accessed the computer systems of a New York credit union and subsequently deleted more than twenty gigabytes of data. So Bill was once an employee of this credit union in New York, but she found her employment terminated this past May. Now, someone in the I T department was supposed to revoke her access to the credit union's computer systems, which is pretty standard operating procedure when someone leaves a company, whether it's through termination, or residue nation or retirement or whatever it might be. It's just good info sec practice to revoke system access when someone is no longer employed by the company. But yeah, that didn't happen. And when Barrill found out that she could still access the credit Union system, she did, and then she started deleting stuff, and that included like loan application folders and such. And as someone who not too long ago went through the process of applying for a loan, I could tell you that any hiccup along the way is stressful and it's frustrating, but having the whole thing wiped out by a disgruntled former credit Union employee would make things way worse. According to court documents, Burrile deleted some twenty thousand files and more than three thousand directories in about forty minutes. The credit Union has been able to restore some files from backup and estimates that the cost for recovery has been more than ten thousand dollars. And here's an example of the sort of thing groups like lock a bit two point oh that I talked about before the break. This is what they're on the lookout for. People who have access to a system and an ax to grind against their company. What Brill did was wrong. She probably caused more harm to the end the customers of the Create Union than the Create Union itself, like all those people who had loans in process. It's incredibly disruptive. Now. I don't have the details around her termination, like why she was let go, but obviously whether the reasons for that termination were justified or not, we can all say that the credit union really should have revoked her access straight away. As soon as she was terminated, that access should have been shut down. So there are you know, she's at fault, certainly because she's the one who did the crime, but the CREB union also bears some responsibility. I would not be surprised if some credit Union customers sought action against the Create Union for failing to protect their you know, their information and their assets. Speaking of cybersecurity, let's talk about cables for a second. Now. I think a lot of people don't consider cables as you know, a cybersecurity element that they need to worry about, particularly when you've got tons of people connecting to public WiFi without running a VPN or anything like that. But yeah, cables can trip you up and uh, I don't just mean literally, although they can do that too. Happens to be pretty much once a day, but no. A cybersecurity researcher who uses the handle MG has been creating cables that hide sneaky hardware inside them for a while now, and he calls them, oh MG cables cute, right, And he's recently unveiled a new one that uses the USBC form factor, which was something a lot of people thought wouldn't be possible because if you look at one of those cables, it has a very small plug at the end of it, and you would think there's not a whole lot of space for you to hide any secret tech in that form factor. And for this to work, for these cables to be a security threat, you have to be able to hide specialized chips inside that cable, and you have to do it effectively so that it doesn't look like it's out of place. So what is so special about these cables what makes them a security threat? Well, for one thing, MG has incorporated a WiFi transceiver chip inside the cable itself. So if you connect one of these cables to a device like your phone or a tablet or a computer, a remote hacker can see that WiFi spot because the cable will have activated the WiFi hot spot, it creates the power necessary to run it. The hacker can log in through that WiFi hot spot to gain access to the devices the cable connects to, and they can start deploying payloads like a keystroke logger, which will keep track of everything you type on that device, so if you're typing out like passwords and stuff, they can collect those passwords. The implications of this are pretty scary, and it really drives home the fact that you should not trust any cables that are not your own. Just imagine someone quote unquote testing these cables by leaving them in heavily trafficked areas like airport charging stations or a coffee shop or whatever. The variations on these cables include USBC two lightning connectors, which means you're not safe if you're on a PC, an Android device, or an iOS device if you are using one of these cables. And like I said, from the outside, they look like just normal USB or lightning cables. There's nothing about them that would set you off and make you think, oh, well, this is sus But they really are an incredibly effective security penetration tool if the right person is making use of them. The security company Hack five has partnered with MG to sell these cables, which are now in mass production, and the stated purpose. In fact, what hack five always says is that this is all to provide security researchers penetration testers with the tools they need to do various testing and security measures. And to be fair, if something is possible, even if you were to say, like, oh, but you're making cables that could cause an enormous amount of harm if they fell into the wrong hands, well, the fact that we know it's possible just means that someone sooner or later was going to make one for nefarious purposes. So while while you might like feel weird about the fact that a security researcher has creates something that's a real security threat, in another way, you could say it's a good thing because now we know that this is possible, so we can be on the lookout for stuff when we encounter it. Um Still, you know, just knowing these things are out there kind of gives me the heavy GEVs. So maybe I will get Shannon Morris back on the show to talk about this, because it's pretty incredible stuff, And again, don't trust anyone's cables but your own, right unless you purchase stead and you feel pretty good about it, don't use some other cable. You never know what kind of tech it might be hiding. It's also possible to have chips that could deploy malware directly to a device if you plugged it in using that cable. So word to the wise, be careful. Now let's move over to India to talk about how that country continues to make moves that I think are fairly authoritarian when it comes to tech and digital information. I've already taught about how the country's government has pressured social networking platforms to either suppress messages that criticize the government or to step back from enforcing misinformation policies when government officials post stuff that appears to violate those policies. So, in other words, like if a politician were to post something that fact checkers thought was misleading or misinformation, then Twitter might tag that post with a label that says as much. And India has really objected to Twitter taking that step, in fact, catting to the point where they said we're shutting down Twitter in India. However, on top of all those things I have not taught about VPNs or virtual private networks, so vp ns are really legitimately useful. A good VPN protects you from folks snooping on your business. So you might use a vp N if you wanted to connect to stuff like say your bank account, or medical insurance, or any of a million things that are sensitive. So essentially, you log into a server that's acting as your virtual private network, and the server will then go on to fetch all the stuff that you're wanting to look at online and everything is encrypted. So let's say you wanted to look at your bank statement, you would send the command, it would go to the VPN first encrypted, and then the VPN would go and send the request to your bank, and the return would go through the VPN before it came back to you, and from an went outside, it would just look like all you were doing was communicating with this one VPN server, but they wouldn't be able to see what was happening. Beyond that point, they wouldn't know what you were really looking at. As long as the VPN is on the up and up, which is an important point, and as long as the VPN does you know good practices like purging user histories that things are relatively secure and private. By the way, you should be using a VPN pretty much any time you're not on your own network, and if you don't want your i sp knowing what you're looking at. For example, let's say that you're shopping around for different I s p s, Well, you might want to use a VPN even on your home network as well. But India's Parliamentary Standing Committee on Home Affairs wants a countrywide block on VPNs. Why Well, the committee claims that VPNs are facilitating piracy and illegal commerce and that it provides a haven for hackers so that they can attack targets without fear of being tracked down because all the attacks would seem to originate from the VPN, not the hacker. But India also recently liberalized VPNs. They noted that VPNs were really important for people to be able to work remotely and log into company systems. A lot of companies run their own VPNs because it is a good security measure. It helps protect proprietary or trade secret information from getting out into the world at large. So VPNs do play a valid and important role. So we have kind of a a disconnect here, right, we have another example of governments trying to get control of stuff that inherently is designed to resist that kind of intrusion. And we'll have to see how this one plays out. I've got a few more stories for us to cover before we get to that. Let's take another quick break. Okay, we're back and over here in the United States, the Government Accountability Office recently released a report, in fact, it was just last week that revealed numerous federal agencies continued to use and even plan on increasing the use of facial recognition technology. This is disturbing because, as I have reported several times, even if you're okay with the idea of this level of surveillance, in general, this technology is imperfect and frequently there is an inherent bias within the technology itself which leads to false positives and misidentifications, particularly among populations of non white people. So, in other words, this technology can lead to an increased discrimination against non white groups. And there have already been several cases in which, you know, law enforcement has relied upon facial recognition technology that was later found to have misidentified people of interest. And obviously, if the authorities have tagged you as being someone they want to talk to in connection with a crime that's pretty darn stressful and can be incredibly disruptive to your life. And when you have nothing to do with that crime, like you have no connection to it whatsoever. It's just that this technology has misidentified you, and then law enforcement is putting the burden on you to somehow prove you had nothing to do with a crime. Well, that's an injustice, and the potential for such injustices appears to be on the rise. According to this report, The g a O survey twenty four different federal agencies and departments and found that eighteen of them currently rely on facial recognition technology in some capacity, and ten of them plan to use it even more in the future. Now, this isn't just concerning to me. The problem caused by facial recognition tech has been bad enough that some major companies, including IBM, have stopped selling that technology to law enforcement and regulation agencies. They have essentially noted that this technology is it stands to do more harm than good. Some states, like Maine have passed laws that restrict the use of the tech, and there's a debate at the federal level on issuing essentially a nationwide ban on it, and here's hoping we see progress here and less reliance on the technology that, at least for some groups, has the capacity to cause a disproportionate amount of harm. Facial recognition tech. I think it's great if you're trying to unlock a phone, because if it doesn't work, you can just put in your pen. You're fine. It's irritating that it doesn't work in those cases, and it does speak to a problem with bias, but that's an inconvenience when we're talking about law enforcement using it as justification to disrupt the lives of people who may be completely innocent and have no connection to the matter at hand. That's another issue entirely. It starts to get close to some constitutional problems. Okay, time for some cryptocurrency talk. So one problem with cryptocurrency isn't really the text fault. And I know I come down on cryptocurrency pretty hard, pretty frequently, But one thing that you know, I can't really fault the tech for is that the technology itself is so poorly understood that it gives scam artists the opportunity to pull a fast one and cheat people out of their money, or sometimes cheat entire businesses out of their money. The United States Securities and Exchange Commission, or SEC, has charged a man named Satish Kombani of violating various registration laws meant to protect investors from scams. Kombani had been the founder of bit Connect, a cryptocurrency exchange platform that no longer exists because it was, you know, a den of scumming villainy. I guess at the heart of the matter is that Kombani fraudulently raised around two billion dollars worth of investments from various retail companies in a cryptocurrency investment scam. And as part of the scam, Kombani showed potential investors fictitious returns of investment of around three thousand seven annual return. So, in other words, let's say that this was a real thing, that it was totally working, and on January one, you invested one dollar into the the strategy. January one, the following year, you would have three thousand, seven hundred dollars. And if you invested ten grand, or a hundred grand or a million, what you get the idea, it's an astronomical return. Further, Kombani claimed that bit connects own cryptocurrency which was called bit connect coin, which isn't confusing at all, was a stable and safe cryptocurrency that no one was gonna have to worry about. Uh that failing only it totally wasn't stable and safe, as the cryptocurrencies value plummeted by pent in January, and that Kambani was doing the old Ponzi scheme. So that involves getting a round of investors to give you money. So you've got your initial flush of cash. Then when it comes time to pay out the first investors, you go find a second round of investors to give you more money. You use the money from the second round of investors to pay out your first round of investors. But then you've got to go after a third round of investors to help pay off that second round, and so on. So ponzi schemes can break in huge amounts of cash. They don't have to be connected at all with cryptocurrency. But we have seen a lot of cryptocurrency scams that are essentially Ponzi schemes in recent history, and one common element about all of them is that they always eventually come crashing down because sooner or later you run out of folks who are willing to invest, and it's time to pay the piper. Now. Maybe by then you've made enough to make your escape, but it ain't exactly the best get rich plan. Finally, Amazon and SpaceX are having a fight down here on Earth over stuff that's meant to float around in space. Specifically, the fight revolves around Starlink, space X's satellite Internet communications system that the company has had in beta testing for a while now. So SpaceX's goal is to launch thousands of satellites up into orbit to provide consistent satellite Internet coverage down here on Earth. We're talking like thirty thousand satellites are more. But SpaceX says that Amazon has been filing objections to various SpaceX proposals in attempt to hinder SpaceX because, as SpaceX puts it, Amazon's own satellite Internet solution, called Kiper, is running behind schedule. So according to SpaceX, Amazon has decided to try and slow down the competition while it tries to get its own system up and running. Amazon, however, filed complaints with the FCC saying that space X was not following the proper rules when it comes to submitting proposals for putting more satellites in orbit, and like I said, we're talking about thousands of satellites here. And Amazon's complaint is that SpaceX's proposal actually has two different configurations of satellites in it, and you can't have two different ones at the same time. Obviously, you can only have one. And so Amazon says this is against the rules. The rules require proposals to have no internal inconsistencies. You can't say we might do it this way, or maybe we'll do it this other way instead, according to Amazon, anyway, the rules say you should commit to a single approach in your proposal before the process can move forward. Meanwhile, SpaceX is like, now, uh, you just want us to not be able to go to the public comment phase. And anyway, the public comment phase is where we could hash all this out. It would all be fine. Now. I am not on the side of either Amazon or SpaceX in this matter. Personally, I actually worry about the thousands of satellites that will be needed for both the Starlink and the Amazon Keiper system to work. That is a lot of stuff whizzing around out there in low Earth orbit which could potentially become space junk and thus interfere with other spacecraft. It can also interfere with astronomical observations here on Earth. So I'm not super fan of either of these things right now. But anyway, that's not the point. The point is that Amazon and space X are totes in a space fight just here on Earth, and that's it. Those are all the stories I have for you on Thursday, September two, two twenty one. I hope you are well and safe. And for those of you in the United States, I hope you have a wonderful Labor Day weekend. And if you have any suggestions for topics I should cover on tech Stuff, reach out to me. The best way to do that is to use Twitter, and I use the handle text stuff h s W and I'll talk to you again really soon. Text Stuff is an I Heart Radio production. For more podcasts from I Heart Radio, visit the I Heart Radio app, Apple Podcasts, or wherever you listen to your favorite shows.

Welcome to tech Stuff, a production from I Heart Radio. Hey there, and welcome to tech Stuff. I'm your host, Jonathan Strickland. I'm an executive producer with I Heart Radio and I love all things tech. And this is the tech news for Thursday, September second, two thousand twenty one. Earlier this week, I talked about how thousands of subreddits on the site Reddit are calling on Reddit to crack down on COVID nineteen misinformation and disinformation that is otherwise proliferating across the site. Reddit had quarantined a subreddit called our slash No New Normal, meaning Reddit had effectively cut off access to the subreddit for new users, but had not actually shut it down. But now that's changed. Reddit has subsequently banned the No New Normal subreddit completely, and as warantined, more than fifty other subreddits also found to have spread and promoted COVID misinformation. So it looks like Reddit is making a shift, at least when it comes to matters of public health. As I said earlier this week, the official stance of the company had been let's just let the users kind of hash out what to believe, very similar to what Mark Zuckerberg said about content on Facebook. And you know that can be fine if you're talking about different points of view that have validity to them. Right, If you have two people who disagree about something, but they have valid reasons for that disagreement, letting them hash it out, that makes sense and not taking sides until we get that. But when it comes to truth versus misinformation, it's a different matter entirely. Anyway, I'm not going to go down that rabbit hole again. You already heard me say that earlier this week. Instead, I'll say that Reddit won't allow posts that promote quote falsifiable health information that encourages or poses a significant risk of physical arm to the reader end quote. I think that's the ethical choice here, as this is not, you know, a case of the dresses blue and black. No, you're an idiot, The dress is white and gold. This is really about people spreading narratives that have potentially tragic consequences, with more people getting sick, hospitals becoming overwhelmed, and ultimately more people dying as a result. I think Reddit's response is a good one. I also think it was a necessary response, not just because it was the right thing to do, as I believe it was, but also because the subredits that were protesting all this misinformation in the first place, We're starting to use some pretty guerrilla warfare tactics to disrupt the subredits that we're spreading misinformation going in there and like posting not safe for work content and such in order to necessitate a change in that subreddit status. And if Reddit had not stepped in, the whole platform could have descended into a chaotic mess. Samsung has entered used a new sensor for mobile devices that has a resolution of two hundred megapixels. That's pretty incredible stuff, but let's break down what that means. Super Fast digital images when you zoom way way way in, are made up of tiny little points of light called pixels, and collectively, these pixels appear to us as you know, photographs and videos and stuff when we're looking at them on screens, and generally speaking, the more pixels you can cram into a certain size frame, the more detail you can capture in that image. Now, once you get beyond a certain resolution, the human eye is going to have a lot of trouble picking out any extra detail. So if you're just looking at a full size image, you're not likely to see the difference. So megapixels and cameras really only matter up to a point unless you're looking for a specific use case. So, for example, let's say that you're a photographer and you want to take photos of stuff that you later intend to enlarge so that you can make movie poster sized print outs of it. Well, in that case, you want a camera that has sensors that can, yeah, you know, capture a lot of megapixels, because otherwise, as you enlarge the image, you start to lose that detail. If you've got, you know, are very high megapixel camera, you can enlarge an image to a pretty impressive degree and not lose any noticeable detail as a result. So this means that in the future, if you happen to buy one of these phones that's going to have a two D megapixel image sensor, you could theoretically snap a photo with your phone and then later you could digitally zoom way, way way in on the image to look at something specific, and you could even crop the photo and have it take you know, a full size photo as if you were you know, right up on something as opposed to really far back from it, and you don't lose any detail. In the image. That's pretty cool, especially if you want to take photos of stuff that you cannot get close to. Let's say like you're taking a picture of a historic building and there's a barrier where you're not supposed to cross, and you want to get really fine detail on a specific part. You can only zoom in so much with most digital cameras, if especially if you don't have a telephoto lens. So this is something that can help you with that, where that pixel density can allow you to capture detail that otherwise you might lose. Something else. The sensor does that I think is really neat is it adapts to take images in low light situations. So camera sensors are all about capturing light when you get down to it, and some digital cameras, whether they're in smartphones or otherwise, have some trouble in dim light situations and they produce grainy images as a result. The Samsung sensor will have blocks of sixteen pixels essentially teaming up to act like a single pixel. So in this case, the overall image would get reduced to twelve point five megapixels instead of two hundred because those blocks of sixteen would be acting as one reducing it down to twelve point five megapixels, but that those sixteen pixels will be able to more effectively capture the light that's in the scene and thus produce better low light photos as a result. So, yeah, there'll be fewer megapixels, you won't be able to zoom in as far without losing detail, but you'll be able to get a better image out of a low light situation. Now, there's no word yet on when we might expect to see phones that actually have these sensors in them. I imagine they'll be popping up after a generation or two of new devices, So we're probably looking at you know, not maybe not by early next year, but maybe mid to late next year, maybe we start seeing devices that have these kind of sensors in it. I think that's pretty neat. You know. I've talked a lot this year about data breaches and hackers in ransomware. I wish I didn't have to talk about it so much, but it's been happening a lot. Well, we're gonna get to some similar stuff right now. Bleeping Computer, it's a website, has a piece that says the ransomware hacker group lock Bit two point oh is actively trying to recruit folks who work inside large corporations and the whole purpose is to try and help this ransomware group plant malware on corporate machines to kind of act as like an in road for the hackers. See, when we think about hackers and malware, we often think about someone finding like, you know, a technical backdoor vulnerability. They're on their computer, they're typing quickly, you know, they type in a password a couple of times to get access to a system. Or maybe we think about someone using social engineering to convince a person who is authorized to access systems to hand over that access by tricking them. This is the classic. Hey, I'm from I T and I need to install some new software in your machine and it should only take a few minutes if you want to go in, you know, take a coffee break. That is more common than you might think. But sometimes the malware is coming from inside the house. Sometimes employees of these companies can be convinced to turn on their employers and help out a ransomware group. Now, ransomware gangs typically demand some pretty high prices to return systems to their rightful owners. And in case you're not really familiar with what ransomware is. It's usually some software that will encrypt data on a computer system or a full computer network so that that data becomes inaccessible unless you happen to have the decryption key, and then the ransomware group demands a ransom be paid in order for them to turn over that decryption key, and so a lot bit two point oh is saying that insiders stand to earn quote millions of dollars end quote if they go along with it. But let me say a couple of things before some of you all decide that you're going to stick it to the man and and become the infection vector for malware to hit your company's systems. First, the general advice that companies receive whenever they're hit with ransomware is that they should not pay the ransom because one, there's no guarantee that they will have control returned to them. And to every single payout is a message that goes out to the hacking community that says ransomware is a good way to make money. So, in other words, paying ransoms encourages future attacks, So that could mean you could go through the trouble of performing a criminal act on behalf of this ransomware group, putting yourself at risk and your company at risk, and your company might never pay out that ransom, so you end up making nothing for that anyway, which means you've got a very high risk in other words. But another reason not to do it is that, let's say that the group is ready to commit a crime and extort money out of a target, Well, then what's to stop that same group from screwing over the person and who gave them access in the first place. I mean, it's not like you could come forward and say, hey, those hackers that attack the systems, they promised to give me money if I gave them access, and now they stiffed me. You can't do that. It would be admitting that you were part of the attack. So there's no guarantee you would even get paid out. You know, don't he help out ransomware gangs. And you know what, even if they did pay you out, even if you did get millions of dollars, you don't have to figure out how to hide all that cash because trust me, organizations like the I r S and law enforcement are really gonna wonder how you got so flush with cash out of nowhere. So long story short, don't pay ransoms and companies, don't burn your employees and make them resent you, because that's really what makes these sorts of schemes tempting. In fact, we'll talk about more of along those lines in just a moment, but before we get to that, let's take a quick break. Okay, before the break, I was talking about how companies need to be careful because if they burn their employees, then they can create the sort of environment where those employees would say, yeah, why don't I screw over the company because they're screwing me over and you don't want that. Well, let's talk about the story of Julianna Barile, who recently pled guilty to charges that she illegally accessed the computer systems of a New York credit union and subsequently deleted more than twenty gigabytes of data. So Bill was once an employee of this credit union in New York, but she found her employment terminated this past May. Now, someone in the I T department was supposed to revoke her access to the credit union's computer systems, which is pretty standard operating procedure when someone leaves a company, whether it's through termination, or residue nation or retirement or whatever it might be. It's just good info sec practice to revoke system access when someone is no longer employed by the company. But yeah, that didn't happen. And when Barrill found out that she could still access the credit Union system, she did, and then she started deleting stuff, and that included like loan application folders and such. And as someone who not too long ago went through the process of applying for a loan, I could tell you that any hiccup along the way is stressful and it's frustrating, but having the whole thing wiped out by a disgruntled former credit Union employee would make things way worse. According to court documents, Burrile deleted some twenty thousand files and more than three thousand directories in about forty minutes. The credit Union has been able to restore some files from backup and estimates that the cost for recovery has been more than ten thousand dollars. And here's an example of the sort of thing groups like lock a bit two point oh that I talked about before the break. This is what they're on the lookout for. People who have access to a system and an ax to grind against their company. What Brill did was wrong. She probably caused more harm to the end the customers of the Create Union than the Create Union itself, like all those people who had loans in process. It's incredibly disruptive. Now. I don't have the details around her termination, like why she was let go, but obviously whether the reasons for that termination were justified or not, we can all say that the credit union really should have revoked her access straight away. As soon as she was terminated, that access should have been shut down. So there are you know, she's at fault, certainly because she's the one who did the crime, but the CREB union also bears some responsibility. I would not be surprised if some credit Union customers sought action against the Create Union for failing to protect their you know, their information and their assets. Speaking of cybersecurity, let's talk about cables for a second. Now. I think a lot of people don't consider cables as you know, a cybersecurity element that they need to worry about, particularly when you've got tons of people connecting to public WiFi without running a VPN or anything like that. But yeah, cables can trip you up and uh, I don't just mean literally, although they can do that too. Happens to be pretty much once a day, but no. A cybersecurity researcher who uses the handle MG has been creating cables that hide sneaky hardware inside them for a while now, and he calls them, oh MG cables cute, right, And he's recently unveiled a new one that uses the USBC form factor, which was something a lot of people thought wouldn't be possible because if you look at one of those cables, it has a very small plug at the end of it, and you would think there's not a whole lot of space for you to hide any secret tech in that form factor. And for this to work, for these cables to be a security threat, you have to be able to hide specialized chips inside that cable, and you have to do it effectively so that it doesn't look like it's out of place. So what is so special about these cables what makes them a security threat? Well, for one thing, MG has incorporated a WiFi transceiver chip inside the cable itself. So if you connect one of these cables to a device like your phone or a tablet or a computer, a remote hacker can see that WiFi spot because the cable will have activated the WiFi hot spot, it creates the power necessary to run it. The hacker can log in through that WiFi hot spot to gain access to the devices the cable connects to, and they can start deploying payloads like a keystroke logger, which will keep track of everything you type on that device, so if you're typing out like passwords and stuff, they can collect those passwords. The implications of this are pretty scary, and it really drives home the fact that you should not trust any cables that are not your own. Just imagine someone quote unquote testing these cables by leaving them in heavily trafficked areas like airport charging stations or a coffee shop or whatever. The variations on these cables include USBC two lightning connectors, which means you're not safe if you're on a PC, an Android device, or an iOS device if you are using one of these cables. And like I said, from the outside, they look like just normal USB or lightning cables. There's nothing about them that would set you off and make you think, oh, well, this is sus But they really are an incredibly effective security penetration tool if the right person is making use of them. The security company Hack five has partnered with MG to sell these cables, which are now in mass production, and the stated purpose. In fact, what hack five always says is that this is all to provide security researchers penetration testers with the tools they need to do various testing and security measures. And to be fair, if something is possible, even if you were to say, like, oh, but you're making cables that could cause an enormous amount of harm if they fell into the wrong hands, well, the fact that we know it's possible just means that someone sooner or later was going to make one for nefarious purposes. So while while you might like feel weird about the fact that a security researcher has creates something that's a real security threat, in another way, you could say it's a good thing because now we know that this is possible, so we can be on the lookout for stuff when we encounter it. Um Still, you know, just knowing these things are out there kind of gives me the heavy GEVs. So maybe I will get Shannon Morris back on the show to talk about this, because it's pretty incredible stuff, And again, don't trust anyone's cables but your own, right unless you purchase stead and you feel pretty good about it, don't use some other cable. You never know what kind of tech it might be hiding. It's also possible to have chips that could deploy malware directly to a device if you plugged it in using that cable. So word to the wise, be careful. Now let's move over to India to talk about how that country continues to make moves that I think are fairly authoritarian when it comes to tech and digital information. I've already taught about how the country's government has pressured social networking platforms to either suppress messages that criticize the government or to step back from enforcing misinformation policies when government officials post stuff that appears to violate those policies. So, in other words, like if a politician were to post something that fact checkers thought was misleading or misinformation, then Twitter might tag that post with a label that says as much. And India has really objected to Twitter taking that step, in fact, catting to the point where they said we're shutting down Twitter in India. However, on top of all those things I have not taught about VPNs or virtual private networks, so vp ns are really legitimately useful. A good VPN protects you from folks snooping on your business. So you might use a vp N if you wanted to connect to stuff like say your bank account, or medical insurance, or any of a million things that are sensitive. So essentially, you log into a server that's acting as your virtual private network, and the server will then go on to fetch all the stuff that you're wanting to look at online and everything is encrypted. So let's say you wanted to look at your bank statement, you would send the command, it would go to the VPN first encrypted, and then the VPN would go and send the request to your bank, and the return would go through the VPN before it came back to you, and from an went outside, it would just look like all you were doing was communicating with this one VPN server, but they wouldn't be able to see what was happening. Beyond that point, they wouldn't know what you were really looking at. As long as the VPN is on the up and up, which is an important point, and as long as the VPN does you know good practices like purging user histories that things are relatively secure and private. By the way, you should be using a VPN pretty much any time you're not on your own network, and if you don't want your i sp knowing what you're looking at. For example, let's say that you're shopping around for different I s p s, Well, you might want to use a VPN even on your home network as well. But India's Parliamentary Standing Committee on Home Affairs wants a countrywide block on VPNs. Why Well, the committee claims that VPNs are facilitating piracy and illegal commerce and that it provides a haven for hackers so that they can attack targets without fear of being tracked down because all the attacks would seem to originate from the VPN, not the hacker. But India also recently liberalized VPNs. They noted that VPNs were really important for people to be able to work remotely and log into company systems. A lot of companies run their own VPNs because it is a good security measure. It helps protect proprietary or trade secret information from getting out into the world at large. So VPNs do play a valid and important role. So we have kind of a a disconnect here, right, we have another example of governments trying to get control of stuff that inherently is designed to resist that kind of intrusion. And we'll have to see how this one plays out. I've got a few more stories for us to cover before we get to that. Let's take another quick break. Okay, we're back and over here in the United States, the Government Accountability Office recently released a report, in fact, it was just last week that revealed numerous federal agencies continued to use and even plan on increasing the use of facial recognition technology. This is disturbing because, as I have reported several times, even if you're okay with the idea of this level of surveillance, in general, this technology is imperfect and frequently there is an inherent bias within the technology itself which leads to false positives and misidentifications, particularly among populations of non white people. So, in other words, this technology can lead to an increased discrimination against non white groups. And there have already been several cases in which, you know, law enforcement has relied upon facial recognition technology that was later found to have misidentified people of interest. And obviously, if the authorities have tagged you as being someone they want to talk to in connection with a crime that's pretty darn stressful and can be incredibly disruptive to your life. And when you have nothing to do with that crime, like you have no connection to it whatsoever. It's just that this technology has misidentified you, and then law enforcement is putting the burden on you to somehow prove you had nothing to do with a crime. Well, that's an injustice, and the potential for such injustices appears to be on the rise. According to this report, The g a O survey twenty four different federal agencies and departments and found that eighteen of them currently rely on facial recognition technology in some capacity, and ten of them plan to use it even more in the future. Now, this isn't just concerning to me. The problem caused by facial recognition tech has been bad enough that some major companies, including IBM, have stopped selling that technology to law enforcement and regulation agencies. They have essentially noted that this technology is it stands to do more harm than good. Some states, like Maine have passed laws that restrict the use of the tech, and there's a debate at the federal level on issuing essentially a nationwide ban on it, and here's hoping we see progress here and less reliance on the technology that, at least for some groups, has the capacity to cause a disproportionate amount of harm. Facial recognition tech. I think it's great if you're trying to unlock a phone, because if it doesn't work, you can just put in your pen. You're fine. It's irritating that it doesn't work in those cases, and it does speak to a problem with bias, but that's an inconvenience when we're talking about law enforcement using it as justification to disrupt the lives of people who may be completely innocent and have no connection to the matter at hand. That's another issue entirely. It starts to get close to some constitutional problems. Okay, time for some cryptocurrency talk. So one problem with cryptocurrency isn't really the text fault. And I know I come down on cryptocurrency pretty hard, pretty frequently, But one thing that you know, I can't really fault the tech for is that the technology itself is so poorly understood that it gives scam artists the opportunity to pull a fast one and cheat people out of their money, or sometimes cheat entire businesses out of their money. The United States Securities and Exchange Commission, or SEC, has charged a man named Satish Kombani of violating various registration laws meant to protect investors from scams. Kombani had been the founder of bit Connect, a cryptocurrency exchange platform that no longer exists because it was, you know, a den of scumming villainy. I guess at the heart of the matter is that Kombani fraudulently raised around two billion dollars worth of investments from various retail companies in a cryptocurrency investment scam. And as part of the scam, Kombani showed potential investors fictitious returns of investment of around three thousand seven annual return. So, in other words, let's say that this was a real thing, that it was totally working, and on January one, you invested one dollar into the the strategy. January one, the following year, you would have three thousand, seven hundred dollars. And if you invested ten grand, or a hundred grand or a million, what you get the idea, it's an astronomical return. Further, Kombani claimed that bit connects own cryptocurrency which was called bit connect coin, which isn't confusing at all, was a stable and safe cryptocurrency that no one was gonna have to worry about. Uh that failing only it totally wasn't stable and safe, as the cryptocurrencies value plummeted by pent in January, and that Kambani was doing the old Ponzi scheme. So that involves getting a round of investors to give you money. So you've got your initial flush of cash. Then when it comes time to pay out the first investors, you go find a second round of investors to give you more money. You use the money from the second round of investors to pay out your first round of investors. But then you've got to go after a third round of investors to help pay off that second round, and so on. So ponzi schemes can break in huge amounts of cash. They don't have to be connected at all with cryptocurrency. But we have seen a lot of cryptocurrency scams that are essentially Ponzi schemes in recent history, and one common element about all of them is that they always eventually come crashing down because sooner or later you run out of folks who are willing to invest, and it's time to pay the piper. Now. Maybe by then you've made enough to make your escape, but it ain't exactly the best get rich plan. Finally, Amazon and SpaceX are having a fight down here on Earth over stuff that's meant to float around in space. Specifically, the fight revolves around Starlink, space X's satellite Internet communications system that the company has had in beta testing for a while now. So SpaceX's goal is to launch thousands of satellites up into orbit to provide consistent satellite Internet coverage down here on Earth. We're talking like thirty thousand satellites are more. But SpaceX says that Amazon has been filing objections to various SpaceX proposals in attempt to hinder SpaceX because, as SpaceX puts it, Amazon's own satellite Internet solution, called Kiper, is running behind schedule. So according to SpaceX, Amazon has decided to try and slow down the competition while it tries to get its own system up and running. Amazon, however, filed complaints with the FCC saying that space X was not following the proper rules when it comes to submitting proposals for putting more satellites in orbit, and like I said, we're talking about thousands of satellites here. And Amazon's complaint is that SpaceX's proposal actually has two different configurations of satellites in it, and you can't have two different ones at the same time. Obviously, you can only have one. And so Amazon says this is against the rules. The rules require proposals to have no internal inconsistencies. You can't say we might do it this way, or maybe we'll do it this other way instead, according to Amazon, anyway, the rules say you should commit to a single approach in your proposal before the process can move forward. Meanwhile, SpaceX is like, now, uh, you just want us to not be able to go to the public comment phase. And anyway, the public comment phase is where we could hash all this out. It would all be fine. Now. I am not on the side of either Amazon or SpaceX in this matter. Personally, I actually worry about the thousands of satellites that will be needed for both the Starlink and the Amazon Keiper system to work. That is a lot of stuff whizzing around out there in low Earth orbit which could potentially become space junk and thus interfere with other spacecraft. It can also interfere with astronomical observations here on Earth. So I'm not super fan of either of these things right now. But anyway, that's not the point. The point is that Amazon and space X are totes in a space fight just here on Earth, and that's it. Those are all the stories I have for you on Thursday, September two, two twenty one. I hope you are well and safe. And for those of you in the United States, I hope you have a wonderful Labor Day weekend. And if you have any suggestions for topics I should cover on tech Stuff, reach out to me. The best way to do that is to use Twitter, and I use the handle text stuff h s W and I'll talk to you again really soon. Text Stuff is an I Heart Radio production. For more podcasts from I Heart Radio, visit the I Heart Radio app, Apple Podcasts, or wherever you listen to your favorite shows.