Welcome to tech Stuff, a production from I Heart Radio. Hey there, and welcome to tech Stuff. I'm your host, Jonathan Strickland. I'm an executive producer with I Heart Radio and a lot of all things tech. And this is the tech news for Tuesday, December twenty one, twenty twenty one. Before we get into it, the rest of the episodes this week will be classic episodes in order for us to take some time off for the holidays. I hope you guys enjoy that we will have a couple of new episodes next week. My hope is to have some episodes that are the wrap up for the year in tech one. Those are gonna be some doozies. I'm sure it's gonna be more than one episode, but I have not actually written them yet, so we'll see. But let's get to the news for today. The trial of Elizabeth Holmes, the founder of the company Theronos, is now in the hands of the jury. They will meet for a second day of deliberations today to determine a verdict for Holmes, who is facing eleven charges of wire fraud and conspiracy to commit wire fraud. Now, in case you managed to miss out on the Tharonis story. Over the last decade, Holmes founded a medical startup company with the goal of producing a device that could run a battery of tests on a single micro drop of blood. Holmes has said that her fear of needles and a desire to democratize medicine drove her to found Theoris, and if the deck had worked, it could have truly revolutionized medicine, potentially to the point where a household would have its own Theoris device, almost like a desktop printer, and they could use it to run tests and share that information with a physician. But unfortunately, as was slowly revealed in a series of expose s and documentaries and testimonials, the tech just could not live up to that promise. But didn't stop sarin Us from raising nearly one billion dollars in investments over the years. And that's kind of the nub of the case. Did Holmes knowingly misrepresent what her technology could do and how it performed in order to get investors and partnerships with healthcare companies? Did she intend to mislead them? That's what the jury has to determine. She certainly adopted a lavish and eccentric lifestyle and there are records of her interactions with employees who brought up concerns with her. It seemed to indicate that she was not keen on accepting the possibility that the whole endeavor was fruitless. But her lawyers have argued, essentially that she was just as bought in to the hype as her investors were, which would mean she did not purposefully lie to anyone. Honestly, it's a pretty tough call from a legal standpoint, though, I think it goes without saying that what the company did was wrong and an enormous amount of money was wasted on this. Not only that, but for people who are depending upon blood tests to come back from Tharaos, that's another matter entirely, right, Like, that's the level of criminality that goes beyond just fraud. There are people who you know, whose health is at stake here. Anyway, We may have a verdict later this week, but as I record this episode, we're still in the deliberation phase. And now to transition into the cyber crime part of this episode, buckledown, folks, there's a lot to cover first up, According to a company called Group or eighty Group a I T e. I don't know how you say the name, but nearly half of all Americans were victims of some form of financial identity theft in twenty That is a really crazy statistic. Now, if I were being flippant, I would suggest that it's the other half of all Americans who stole the identities of the first half. So if you're not in one group, you're in the other. But that's obviously not true. That's just a bad joke. Losses from those incidents amounted to more than seven hundred billion dollars, according to this research firm, which published its findings in a paper titled US Identity Theft The Stark Reality. A big slice of that crime pie goes to folks who committed some form of unemployment identity theft, using false information to claim unemployment benefits. So, just to be clear, the folks who were abusing unemployment weren't necessarily people who didn't want to work. That was like the common narrative you would hear from certain circles, right, like, you can't you can't boost unemployment, it will just encourage people not to work. No, it turns out the people who were really abusing the system were thieves who are victimizing other people and stealing from the system in order to fund themselves. They weren't like layabouts, they were actually actively victimizing oaks who deserved unemployment benefits. By the way, if you're between the ages of thirty five and forty four, well, congratulations, you are in the prime target zone for those kinds of attacks, because that age group represented the highest percentage of consumers who found themselves victimized in twenty twenty. The report also found that Kansas, Rhode Island, Illinois, Nevada, and Washington were the states with the highest number of identity theft reports. Now, when it comes to fraud, the states the top that list were Nevada again, Delaware, Florida, Maryland, and my home state of Georgia. The number one state, as in the state with the highest number of reported cyber crimes was Kansas, with one thousand, four hundred eighty three reports per one hundred thousand people. The safest state was South Dakota, which had just seventy two reports per one hundred thousand people. However, we take territories into account, the real prize goes to Puerto Rico, which only had fifty two reports per one thousand people. But wait, it keeps getting worse. The report points out that there have been some big data breaches and cases of companies failing to secure data over the last year, from a case where more than two million records from Microsoft customers was found on the web unprotected to the ransomware attack on Colonial pipeline that interfered with fuel transportation and distribution earlier this year. So yeah, bad news. Meanwhile, there are the robo calls, another branch of scams and crimes. T Mobile released an end of the year report on scam calls and robo calls, saying that the number of calls more than doubled over the course of so that in January there were around one point one billion scam call attempts and in November there were two point five billion, and people wonder why I never pick up my phone anymore? And way. T Mobile says it already blocked more than twenty one billion scam calls this year through its scam Shield service. Even so, scammers were able to siphon away nearly thirty billion dollars from targets. Now. According to T Mobile, more than half of those calls came in the form of a scam vehicle warranty message, and I could say I've actually received some of those. Uh, the few times that a scammer actually bothered to leave a voicemail that is because I don't pick up the phone. And you know, that's actually pretty rich, because there's no car in my name. I don't have a car in my name, so I didn't know what I'd be warranteeing in the first place. But following up on that are calls that claim to be from the Social Security Office, which suggests a focus on older targets, and the Federal Communications Commission or FCC, has really been going after robocall operations in the United States, levying hefty fines for companies found to engage in the practice and pushing for tell calm companies to institute systems that would eliminate stuff like spoofing. Spoofing is when a scammer uses a bit of software to make it seem as though the call is coming from a different phone number, often one that appears to be local to whatever the targets phone number is, in an effort to commence them to pick up. Like you're more likely to pick up a phone if the phone number looks somewhat familiar. That's the thought process. The UK's National Crime Agency and National Cyber Crime Unit found a database containing two hundred twenty five million stolen login credentials for various services and websites. The agencies handed this cash of data over to a service called Have I Been Poned? That's a have I Been pw in e ed. That service gives folks the chance to search their own email information to see if any of the accounts that email is part of have been compromised in the past, and if their passwords have been exposed. And so it's really a way for people to to kind of take action and see if their loggin credentials are still safe. This is also a good time to remind you all that it is important to set strong passwords. Do not use the same password for multiple accounts. I know you all know this, but I'm gonna say it anyway. Also, I find that password vault programs really help with this because that way you don't have to remember two hundred unique strong passwords. I totally get that that's not really feasible. So password vault's a good password vault is invaluable. And finally, if a service that you subscribe to offers two factor authentication, Definitely activate that, choose that option. It will really cut back on the chance that someone will compromise one of your accounts. We have some more stories to cover in this episode, but before we get to that, let's tay a quick break. Okay, we're back and we're still talking about cybersecurity. You might remember that I did a recent episode in which I talked about a zero day vulnerability in apaches logging library service log for J. Tons of companies, tons of systems and services all rely on log for J, and as the name suggests, log for J logs data. It essentially is about keeping a record of what's going on within a system anyway. This particular vulnerability would allow someone like a hacker to gain access to a system running log for J and potentially get control where they can execute whatever code they want and thus execute code that would give them full control of that remote server just by you know, using this vulnerability in this logging service. Apache issued a patch to fix the vulnerability, but you have to install patches right Just because the patches there doesn't magically solve the issue and cure all these systems that have logged for J on them, you have to actually install that patch, and the problem is that not everyone is super responsive. Not everyone jumps on that right away. Sometimes it's not necessarily the fault of the company, maybe that their system is so huge and diverse that rolling out a patch actually takes a lot of time. That means that while there are technically fixes to this problem, not everyone is actually incorporating them, not to the same degree in the same speed. So some systems, perhaps tens of thousands of them, remain vulnerable, and likely some of them will remain vulnerable for years to come. Meanwhile, a hacker group called CONTI, known primarily for in someware attacks, has developed an attack chain that leverages the log for J vulnerability. CONTI is a prolific ransomware hacker gang. They're based out of Russia. They're potentially state sponsored or at least state sanctioned, meaning the Russian authorities have shown very little interest in shutting down this hacker group, and security experts at at a dv INTEL say Conte's scale is really large, it's a big operation, and that their methods are very sophisticated, which makes them particularly dangerous and it sounds to me like two, where's is going to be another big year of of big ransomware attacks. It really drives home that organizations will need to spend a lot of time and resources to patch vulnerable systems, which again is a process that's laborious and time consuming. So you know, it's it's a big mess. It's absolutely critical, and it's also not easy to do a fun combination. Over in Belgium, the Ministry of Defense recently announced that the department was the target of cyber attacks and that yes, the attackers exploited that log for J vulnerability I was just talking about. According to the department quote, some of the Ministry's activities were paralyzed for several days end quote. Now, it sounds as though staff detected the attack fairly early on, and they were able to sequester the infected systems and thus compartmentalize their computer systems so that the ministry could mostly continue doing what it does while simultaneously containing the threat to the affected systems. Now, as I record this, no one has yet to identify the attackers, so we don't know who was responsible. It is a pretty scary story, right, and countries defense ministry being effectively targeted by hackers. It's not out of the ordinary. I mean, we know that cyber warfare is raging all the time, we just don't necessarily know about it most of the time. But to see something like that UH is incredibly sobering because obviously you could have hostile countries really disabling the functionality of massive and critical infrastructure in other countries. Very scary stuff. But while I'm talking about Belgium, I should also mention that back in June, the government of Belgium proposed a law that would require companies that run encrypted messaging services like WhatsApp and Signal to include a tool that would decrypt communications upon request by authorities in the course of criminal investigations. Of course, doing that would completely invalidate encryption in the first place. I mean, the whole point of the system is that no one other than the parties involved in that communication are able to decrypt the messages, not not even the service provider. Like that's that's got to be key to an encrypted messaging service, that the service itself cannot decrypt the messages. To incorporate a work around would negate all of that. It would also require an entirely different approach to providing the service, but that's another matter anyway. Once the public learned of this this part of the law, criticism followed. Many rightly pointed out that creating a back door in a secure system means that you've just removed any security from that system. A backdoor, when you really break it down, is a vulnerability, and people can learn about and exploit vulnerabilities. So generally speaking, you want to identify and eliminate vulnerabilities, not introduce new ones. What analogy I was used is that you can have like a bank vault and you have like one of those big, massive vault doors that totally locks in place and has time locks and all this stuff, and it's really hard to break through. But if you install a screen door in the back of the vault so that you could just you know, come in and out more easily, then you've just invalidated that that giant door. Right, it doesn't matter, same sort of thing when we talk about back doors and secure systems. It is a terrible idea. Fortunately, the Belgian government listened to the criticism and has subsequently removed the decryption requirement from that law. Now it's time for a couple of Bitcoin stories. Bitcoin the choice for money launderers around the world. So an employee of Sony's life insurance company allegedly embezzled around a hundred fifty four million dollars during a financial transfer transaction between two Sony company accounts. So essentially the job was to move money from one Sony account to another Sony account. It's just that along the way, a measly hundred fifty four million dollars worth of Sony's resources found their way into the personal account of this particular Sony employee. That is a heck of a dip into the corporate piggy bank. Then that employee allegedly converted all of that money into bitcoin, around three thousand, eight hundred seventy nine bitcoin, and the FBI got on the case and seized the bitcoin in question. And today that bitcoin amount is worth around a hundred eighty million dollars. That's not not bad amount of interest, right It started off with a hundred fifty four million, Now you're at a hundred eighty million, like cow. So the Sony employee, now former employee, is under arrest in Japan. No big surprise there. I'm not sure if this means Sony will actually end up with more money than what was stolen from it, thanks to the appreciation and value of bitcoin between May, when the theft happened and when the FBI was able to seize the bitcoin. That's a question I can't answer. Pretty curious stuff, But yeah, bitcoin continues to be associated with people who are doing some pretty shady stuff. Again, like I've said, with a lot of other technologies, there's nothing about bitcoin that inherently makes it bad. It's just that a lot of bitcoins features are ones that also become really useful if you want to do shady things, So the tool itself not necessarily bad, although I have other very obvious feelings about bitcoin. But yeah, you see a lot of folks running some unethical operations relying on bitcoin. Speaking of bitcoin, and a report that probably didn't surprise that many people, the Wall Street Journal says that the top ten thousand bitcoin accounts hold five million bitcoins. That's equal to more than two hundred thirty billion dollars. That would be about ten thousand out of around a hundred fourteen million people, and the Wall Street Journal points out this means the top point zero one percent of bitcoin holders control nearly of all bitcoin in circulation, so this would be the tippy tippy top of a pyramid if you were to compare bitcoin to a pyramid scheme. Some folks have tried to do that, although I think it's more of a speculation engine than a pyramid scheme. This is a greater disparity than we see in the United States in general, where the top one percent of the wealthiest people control around a third of all wealth in the US. But one percent is a whole lot more than point zero one. Anyway, in the crypto community, the accounts that control a lot of bitcoin are referred to as whales, and I'm not sure if the researchers who looked into this differentiated between accounts that belong to, say, a single individual, and those that belong to crypto pools or exchanges and that kind of thing. Moving on, let's talk about Amazon on because there are a couple of big stories. They're One is that Reuter's reports that Amazon scrubbed negative reviews of Chi Jinping's book The Governance of China. Chi Jinping is the president of China. Now, apparently Amazon was told to strike any review that wasn't five stars from its Chinese operated sites like the sites that operate within China, and the company subsequently removed and disabled reviews for that book. This happened about two years ago, and the report drives home how big tech companies will often enable authoritarian regimes if it means getting access to their very huge markets. China has more than one point four billion people in it, and so big companies naturally really want access to the money those people may or may not have. And if that means the company has to engage in a little censorship or perhaps enable a propaganda arm of authoritarian regime, well in many cases that's kind of waved away as the price of doing business. It's never framed that way, by the way, no one would ever frame it that way, because that would just be a pr nightmare to it to say the quiet part out loud. They always frame it in a way where they claim that they're giving access to more information. But if it's information that only goes through a government filter before it gets to people, I don't really buy that argument anyway. Considering China's record on stuff like human rights violations, this is pretty darn insidious, but it's also not surprising, which is incredibly sad. All Right, we have several more stories that we need to finish out before we close this episode. But before we do that, let's take another quick break. Boeing and Airbus have issued warnings that five G technology rollouts could create problems for the aviation industry. The warning says that five G radio waves could interfere with aircraft electronics like radio altimeters. This follows awarding from the Federal Aviation Ministration or f a A that also said five G interference could cause flight diversions, which obviously is a pretty serious problem. Companies like A, T and T and Verizon have delayed their activation of five G networks while working on this issue, looking to adopt precautionary measures to limit five G interference, but Boeing and Airbus claim that these proposals don't go far enough, and they want to see a commitment to limiting five G so that it doesn't operate within range of like forty of the world's major airports. The US wireless industry is pushing back against this, saying that the aviation industry is distorting the truth that they are essentially saying that this problem is way worse than any actual problem that might exist, and they argue that delays in five G rollouts cause harm to the companies and consumers alike. I may have to do a full episode about this in the future and really look into what's going on at a technical level, because I honestly don't know what argument here is. The most realistic musician Brian Eno has a pretty skeptical perspective on n f T s, which means he and I share that in common. Also, I used to record in a podcasting studio named after him. All our podcasting studios at the office are named after musicians like Eno, Bowie, Prince, and York. Anyway, Eno says he feels n f T s are being peddled by the equivalent of snake oil salespeople and marketed to suckers, hucksters and suckers I think is how he put it, which sounds like p T. Barnum would be all over the n f T market if you are alive today. I happen to agree with Eno on this. Should we actually build a metaverse and you can listen to yesterday's episode to hear my thoughts about that, then n f T S could arguably be is full if you wanted to port digital goods from one environment into another, though that process would also require that a lot of other pieces fall into place, and it's by no means a guarantee that it would actually happen. But right now, n f t s are really just a digital record of a transaction, and you don't actually end up owning anything tangible, at least not in the sense that we typically think of. I've often said it's kind of like buying a star. If you've ever seen one of those commercials, you don't really actually own anything, and there's no way to say, hey, that's my star, so no one else can buy it, Like there's nothing stopping some other companies saying, well, we're selling stars, and that same star is owned by like eight different people. I mean, not that anyone would really care or do anything about it. It's just it's it's meaningless, is what I'm saying. Anyway, One thing n f T s can do is allow fans of an artist or creator a chance to support that person's work and show their enthusiasm for it. So if an artist works primary le in web based media, it can be difficult to monetize that work. You might create a Patreon account or something like that, But there are fundamental differences between an artist who works in the digital realm versus someone who works in a physical form of media. N f T s can be one way to financially support artists, but that's not really how n f t s are marketed. They're pushed more as a status symbol or speculative investments, and I feel that that's pretty harmful and that that was mostly what Eno was getting at. You can read up on what he has to say at the Crypto Syllabus website and it's under the article Brian Eno on n f T s and automaticism. Finally, New Scientists has published an article titled human brain cells in a dish learned to play Pong faster than an Ai, which is all sorts of clickbait for yours. Truly, the headline appears to have been engineered in such a way that there's no way I could avoid clicking on it. It brings to mind something like a Frankenstein film in which a doctor has a little bit of brain matter and a dish, and he's watching a screen and sees a paddle hit a ball on the screen and then proclaim it's alive a love But what is actually going on here? All right? Well, so some scientists at Cortical Labs took living brain cells, incorporated them into a processor, and connected that to a quote unquote virtual game world. A large discipline within AI and machine learning is the creation of what are called artificial neural networks. Well, this is kind of similar, except it's using actual neural tissue to serve as neural nodes. I would love to tell you more about this, but the article is distressingly short on details, and Cortical Labs their website gets a bit loosey goosey with their own language. For example, from a blog post that was posted just a couple of days ago called what does it mean to Grow a Mind? The Cortical Lab blog reads up, we don't know what we're making because nothing like this has ever existed before, an entirely new mode of being, a fusion of silicon and neuron, a native to the digital world, lit with the Promethean fire of the human mind. So they don't really know what they're making. Well, nothing could go wrong there, you know. Um, I'll set aside my pessimism and skepticism and need to know more and just say that bio circuits are fascinating and they come complete with their own set of ethical issues to consider, but they might also end up being the backbone of a new branch of machine learning and AI. And that's it for this episode of the Tech News Tech Stuff. When we come back later this week, like I said, we're going to have some reruns of classic episodes, but we'll be back next week with some new ones. And I hope every and out there is having a safe, healthy and happy holiday season. I know that is incredibly challenging considering the the way things work today, but I still hope you're all well, and I look forward to talking to you again and really soon. Text Stuff is an I Heart Radio production. For more podcasts from I Heart Radio, visit the I Heart Radio app, Apple Podcasts, or wherever you listen to your favorite shows.

Welcome to tech Stuff, a production from I Heart Radio. Hey there, and welcome to tech Stuff. I'm your host, Jonathan Strickland. I'm an executive producer with I Heart Radio and a lot of all things tech. And this is the tech news for Tuesday, December twenty one, twenty twenty one. Before we get into it, the rest of the episodes this week will be classic episodes in order for us to take some time off for the holidays. I hope you guys enjoy that we will have a couple of new episodes next week. My hope is to have some episodes that are the wrap up for the year in tech one. Those are gonna be some doozies. I'm sure it's gonna be more than one episode, but I have not actually written them yet, so we'll see. But let's get to the news for today. The trial of Elizabeth Holmes, the founder of the company Theronos, is now in the hands of the jury. They will meet for a second day of deliberations today to determine a verdict for Holmes, who is facing eleven charges of wire fraud and conspiracy to commit wire fraud. Now, in case you managed to miss out on the Tharonis story. Over the last decade, Holmes founded a medical startup company with the goal of producing a device that could run a battery of tests on a single micro drop of blood. Holmes has said that her fear of needles and a desire to democratize medicine drove her to found Theoris, and if the deck had worked, it could have truly revolutionized medicine, potentially to the point where a household would have its own Theoris device, almost like a desktop printer, and they could use it to run tests and share that information with a physician. But unfortunately, as was slowly revealed in a series of expose s and documentaries and testimonials, the tech just could not live up to that promise. But didn't stop sarin Us from raising nearly one billion dollars in investments over the years. And that's kind of the nub of the case. Did Holmes knowingly misrepresent what her technology could do and how it performed in order to get investors and partnerships with healthcare companies? Did she intend to mislead them? That's what the jury has to determine. She certainly adopted a lavish and eccentric lifestyle and there are records of her interactions with employees who brought up concerns with her. It seemed to indicate that she was not keen on accepting the possibility that the whole endeavor was fruitless. But her lawyers have argued, essentially that she was just as bought in to the hype as her investors were, which would mean she did not purposefully lie to anyone. Honestly, it's a pretty tough call from a legal standpoint, though, I think it goes without saying that what the company did was wrong and an enormous amount of money was wasted on this. Not only that, but for people who are depending upon blood tests to come back from Tharaos, that's another matter entirely, right, Like, that's the level of criminality that goes beyond just fraud. There are people who you know, whose health is at stake here. Anyway, We may have a verdict later this week, but as I record this episode, we're still in the deliberation phase. And now to transition into the cyber crime part of this episode, buckledown, folks, there's a lot to cover first up, According to a company called Group or eighty Group a I T e. I don't know how you say the name, but nearly half of all Americans were victims of some form of financial identity theft in twenty That is a really crazy statistic. Now, if I were being flippant, I would suggest that it's the other half of all Americans who stole the identities of the first half. So if you're not in one group, you're in the other. But that's obviously not true. That's just a bad joke. Losses from those incidents amounted to more than seven hundred billion dollars, according to this research firm, which published its findings in a paper titled US Identity Theft The Stark Reality. A big slice of that crime pie goes to folks who committed some form of unemployment identity theft, using false information to claim unemployment benefits. So, just to be clear, the folks who were abusing unemployment weren't necessarily people who didn't want to work. That was like the common narrative you would hear from certain circles, right, like, you can't you can't boost unemployment, it will just encourage people not to work. No, it turns out the people who were really abusing the system were thieves who are victimizing other people and stealing from the system in order to fund themselves. They weren't like layabouts, they were actually actively victimizing oaks who deserved unemployment benefits. By the way, if you're between the ages of thirty five and forty four, well, congratulations, you are in the prime target zone for those kinds of attacks, because that age group represented the highest percentage of consumers who found themselves victimized in twenty twenty. The report also found that Kansas, Rhode Island, Illinois, Nevada, and Washington were the states with the highest number of identity theft reports. Now, when it comes to fraud, the states the top that list were Nevada again, Delaware, Florida, Maryland, and my home state of Georgia. The number one state, as in the state with the highest number of reported cyber crimes was Kansas, with one thousand, four hundred eighty three reports per one hundred thousand people. The safest state was South Dakota, which had just seventy two reports per one hundred thousand people. However, we take territories into account, the real prize goes to Puerto Rico, which only had fifty two reports per one thousand people. But wait, it keeps getting worse. The report points out that there have been some big data breaches and cases of companies failing to secure data over the last year, from a case where more than two million records from Microsoft customers was found on the web unprotected to the ransomware attack on Colonial pipeline that interfered with fuel transportation and distribution earlier this year. So yeah, bad news. Meanwhile, there are the robo calls, another branch of scams and crimes. T Mobile released an end of the year report on scam calls and robo calls, saying that the number of calls more than doubled over the course of so that in January there were around one point one billion scam call attempts and in November there were two point five billion, and people wonder why I never pick up my phone anymore? And way. T Mobile says it already blocked more than twenty one billion scam calls this year through its scam Shield service. Even so, scammers were able to siphon away nearly thirty billion dollars from targets. Now. According to T Mobile, more than half of those calls came in the form of a scam vehicle warranty message, and I could say I've actually received some of those. Uh, the few times that a scammer actually bothered to leave a voicemail that is because I don't pick up the phone. And you know, that's actually pretty rich, because there's no car in my name. I don't have a car in my name, so I didn't know what I'd be warranteeing in the first place. But following up on that are calls that claim to be from the Social Security Office, which suggests a focus on older targets, and the Federal Communications Commission or FCC, has really been going after robocall operations in the United States, levying hefty fines for companies found to engage in the practice and pushing for tell calm companies to institute systems that would eliminate stuff like spoofing. Spoofing is when a scammer uses a bit of software to make it seem as though the call is coming from a different phone number, often one that appears to be local to whatever the targets phone number is, in an effort to commence them to pick up. Like you're more likely to pick up a phone if the phone number looks somewhat familiar. That's the thought process. The UK's National Crime Agency and National Cyber Crime Unit found a database containing two hundred twenty five million stolen login credentials for various services and websites. The agencies handed this cash of data over to a service called Have I Been Poned? That's a have I Been pw in e ed. That service gives folks the chance to search their own email information to see if any of the accounts that email is part of have been compromised in the past, and if their passwords have been exposed. And so it's really a way for people to to kind of take action and see if their loggin credentials are still safe. This is also a good time to remind you all that it is important to set strong passwords. Do not use the same password for multiple accounts. I know you all know this, but I'm gonna say it anyway. Also, I find that password vault programs really help with this because that way you don't have to remember two hundred unique strong passwords. I totally get that that's not really feasible. So password vault's a good password vault is invaluable. And finally, if a service that you subscribe to offers two factor authentication, Definitely activate that, choose that option. It will really cut back on the chance that someone will compromise one of your accounts. We have some more stories to cover in this episode, but before we get to that, let's tay a quick break. Okay, we're back and we're still talking about cybersecurity. You might remember that I did a recent episode in which I talked about a zero day vulnerability in apaches logging library service log for J. Tons of companies, tons of systems and services all rely on log for J, and as the name suggests, log for J logs data. It essentially is about keeping a record of what's going on within a system anyway. This particular vulnerability would allow someone like a hacker to gain access to a system running log for J and potentially get control where they can execute whatever code they want and thus execute code that would give them full control of that remote server just by you know, using this vulnerability in this logging service. Apache issued a patch to fix the vulnerability, but you have to install patches right Just because the patches there doesn't magically solve the issue and cure all these systems that have logged for J on them, you have to actually install that patch, and the problem is that not everyone is super responsive. Not everyone jumps on that right away. Sometimes it's not necessarily the fault of the company, maybe that their system is so huge and diverse that rolling out a patch actually takes a lot of time. That means that while there are technically fixes to this problem, not everyone is actually incorporating them, not to the same degree in the same speed. So some systems, perhaps tens of thousands of them, remain vulnerable, and likely some of them will remain vulnerable for years to come. Meanwhile, a hacker group called CONTI, known primarily for in someware attacks, has developed an attack chain that leverages the log for J vulnerability. CONTI is a prolific ransomware hacker gang. They're based out of Russia. They're potentially state sponsored or at least state sanctioned, meaning the Russian authorities have shown very little interest in shutting down this hacker group, and security experts at at a dv INTEL say Conte's scale is really large, it's a big operation, and that their methods are very sophisticated, which makes them particularly dangerous and it sounds to me like two, where's is going to be another big year of of big ransomware attacks. It really drives home that organizations will need to spend a lot of time and resources to patch vulnerable systems, which again is a process that's laborious and time consuming. So you know, it's it's a big mess. It's absolutely critical, and it's also not easy to do a fun combination. Over in Belgium, the Ministry of Defense recently announced that the department was the target of cyber attacks and that yes, the attackers exploited that log for J vulnerability I was just talking about. According to the department quote, some of the Ministry's activities were paralyzed for several days end quote. Now, it sounds as though staff detected the attack fairly early on, and they were able to sequester the infected systems and thus compartmentalize their computer systems so that the ministry could mostly continue doing what it does while simultaneously containing the threat to the affected systems. Now, as I record this, no one has yet to identify the attackers, so we don't know who was responsible. It is a pretty scary story, right, and countries defense ministry being effectively targeted by hackers. It's not out of the ordinary. I mean, we know that cyber warfare is raging all the time, we just don't necessarily know about it most of the time. But to see something like that UH is incredibly sobering because obviously you could have hostile countries really disabling the functionality of massive and critical infrastructure in other countries. Very scary stuff. But while I'm talking about Belgium, I should also mention that back in June, the government of Belgium proposed a law that would require companies that run encrypted messaging services like WhatsApp and Signal to include a tool that would decrypt communications upon request by authorities in the course of criminal investigations. Of course, doing that would completely invalidate encryption in the first place. I mean, the whole point of the system is that no one other than the parties involved in that communication are able to decrypt the messages, not not even the service provider. Like that's that's got to be key to an encrypted messaging service, that the service itself cannot decrypt the messages. To incorporate a work around would negate all of that. It would also require an entirely different approach to providing the service, but that's another matter anyway. Once the public learned of this this part of the law, criticism followed. Many rightly pointed out that creating a back door in a secure system means that you've just removed any security from that system. A backdoor, when you really break it down, is a vulnerability, and people can learn about and exploit vulnerabilities. So generally speaking, you want to identify and eliminate vulnerabilities, not introduce new ones. What analogy I was used is that you can have like a bank vault and you have like one of those big, massive vault doors that totally locks in place and has time locks and all this stuff, and it's really hard to break through. But if you install a screen door in the back of the vault so that you could just you know, come in and out more easily, then you've just invalidated that that giant door. Right, it doesn't matter, same sort of thing when we talk about back doors and secure systems. It is a terrible idea. Fortunately, the Belgian government listened to the criticism and has subsequently removed the decryption requirement from that law. Now it's time for a couple of Bitcoin stories. Bitcoin the choice for money launderers around the world. So an employee of Sony's life insurance company allegedly embezzled around a hundred fifty four million dollars during a financial transfer transaction between two Sony company accounts. So essentially the job was to move money from one Sony account to another Sony account. It's just that along the way, a measly hundred fifty four million dollars worth of Sony's resources found their way into the personal account of this particular Sony employee. That is a heck of a dip into the corporate piggy bank. Then that employee allegedly converted all of that money into bitcoin, around three thousand, eight hundred seventy nine bitcoin, and the FBI got on the case and seized the bitcoin in question. And today that bitcoin amount is worth around a hundred eighty million dollars. That's not not bad amount of interest, right It started off with a hundred fifty four million, Now you're at a hundred eighty million, like cow. So the Sony employee, now former employee, is under arrest in Japan. No big surprise there. I'm not sure if this means Sony will actually end up with more money than what was stolen from it, thanks to the appreciation and value of bitcoin between May, when the theft happened and when the FBI was able to seize the bitcoin. That's a question I can't answer. Pretty curious stuff, But yeah, bitcoin continues to be associated with people who are doing some pretty shady stuff. Again, like I've said, with a lot of other technologies, there's nothing about bitcoin that inherently makes it bad. It's just that a lot of bitcoins features are ones that also become really useful if you want to do shady things, So the tool itself not necessarily bad, although I have other very obvious feelings about bitcoin. But yeah, you see a lot of folks running some unethical operations relying on bitcoin. Speaking of bitcoin, and a report that probably didn't surprise that many people, the Wall Street Journal says that the top ten thousand bitcoin accounts hold five million bitcoins. That's equal to more than two hundred thirty billion dollars. That would be about ten thousand out of around a hundred fourteen million people, and the Wall Street Journal points out this means the top point zero one percent of bitcoin holders control nearly of all bitcoin in circulation, so this would be the tippy tippy top of a pyramid if you were to compare bitcoin to a pyramid scheme. Some folks have tried to do that, although I think it's more of a speculation engine than a pyramid scheme. This is a greater disparity than we see in the United States in general, where the top one percent of the wealthiest people control around a third of all wealth in the US. But one percent is a whole lot more than point zero one. Anyway, in the crypto community, the accounts that control a lot of bitcoin are referred to as whales, and I'm not sure if the researchers who looked into this differentiated between accounts that belong to, say, a single individual, and those that belong to crypto pools or exchanges and that kind of thing. Moving on, let's talk about Amazon on because there are a couple of big stories. They're One is that Reuter's reports that Amazon scrubbed negative reviews of Chi Jinping's book The Governance of China. Chi Jinping is the president of China. Now, apparently Amazon was told to strike any review that wasn't five stars from its Chinese operated sites like the sites that operate within China, and the company subsequently removed and disabled reviews for that book. This happened about two years ago, and the report drives home how big tech companies will often enable authoritarian regimes if it means getting access to their very huge markets. China has more than one point four billion people in it, and so big companies naturally really want access to the money those people may or may not have. And if that means the company has to engage in a little censorship or perhaps enable a propaganda arm of authoritarian regime, well in many cases that's kind of waved away as the price of doing business. It's never framed that way, by the way, no one would ever frame it that way, because that would just be a pr nightmare to it to say the quiet part out loud. They always frame it in a way where they claim that they're giving access to more information. But if it's information that only goes through a government filter before it gets to people, I don't really buy that argument anyway. Considering China's record on stuff like human rights violations, this is pretty darn insidious, but it's also not surprising, which is incredibly sad. All Right, we have several more stories that we need to finish out before we close this episode. But before we do that, let's take another quick break. Boeing and Airbus have issued warnings that five G technology rollouts could create problems for the aviation industry. The warning says that five G radio waves could interfere with aircraft electronics like radio altimeters. This follows awarding from the Federal Aviation Ministration or f a A that also said five G interference could cause flight diversions, which obviously is a pretty serious problem. Companies like A, T and T and Verizon have delayed their activation of five G networks while working on this issue, looking to adopt precautionary measures to limit five G interference, but Boeing and Airbus claim that these proposals don't go far enough, and they want to see a commitment to limiting five G so that it doesn't operate within range of like forty of the world's major airports. The US wireless industry is pushing back against this, saying that the aviation industry is distorting the truth that they are essentially saying that this problem is way worse than any actual problem that might exist, and they argue that delays in five G rollouts cause harm to the companies and consumers alike. I may have to do a full episode about this in the future and really look into what's going on at a technical level, because I honestly don't know what argument here is. The most realistic musician Brian Eno has a pretty skeptical perspective on n f T s, which means he and I share that in common. Also, I used to record in a podcasting studio named after him. All our podcasting studios at the office are named after musicians like Eno, Bowie, Prince, and York. Anyway, Eno says he feels n f T s are being peddled by the equivalent of snake oil salespeople and marketed to suckers, hucksters and suckers I think is how he put it, which sounds like p T. Barnum would be all over the n f T market if you are alive today. I happen to agree with Eno on this. Should we actually build a metaverse and you can listen to yesterday's episode to hear my thoughts about that, then n f T S could arguably be is full if you wanted to port digital goods from one environment into another, though that process would also require that a lot of other pieces fall into place, and it's by no means a guarantee that it would actually happen. But right now, n f t s are really just a digital record of a transaction, and you don't actually end up owning anything tangible, at least not in the sense that we typically think of. I've often said it's kind of like buying a star. If you've ever seen one of those commercials, you don't really actually own anything, and there's no way to say, hey, that's my star, so no one else can buy it, Like there's nothing stopping some other companies saying, well, we're selling stars, and that same star is owned by like eight different people. I mean, not that anyone would really care or do anything about it. It's just it's it's meaningless, is what I'm saying. Anyway, One thing n f T s can do is allow fans of an artist or creator a chance to support that person's work and show their enthusiasm for it. So if an artist works primary le in web based media, it can be difficult to monetize that work. You might create a Patreon account or something like that, But there are fundamental differences between an artist who works in the digital realm versus someone who works in a physical form of media. N f T s can be one way to financially support artists, but that's not really how n f t s are marketed. They're pushed more as a status symbol or speculative investments, and I feel that that's pretty harmful and that that was mostly what Eno was getting at. You can read up on what he has to say at the Crypto Syllabus website and it's under the article Brian Eno on n f T s and automaticism. Finally, New Scientists has published an article titled human brain cells in a dish learned to play Pong faster than an Ai, which is all sorts of clickbait for yours. Truly, the headline appears to have been engineered in such a way that there's no way I could avoid clicking on it. It brings to mind something like a Frankenstein film in which a doctor has a little bit of brain matter and a dish, and he's watching a screen and sees a paddle hit a ball on the screen and then proclaim it's alive a love But what is actually going on here? All right? Well, so some scientists at Cortical Labs took living brain cells, incorporated them into a processor, and connected that to a quote unquote virtual game world. A large discipline within AI and machine learning is the creation of what are called artificial neural networks. Well, this is kind of similar, except it's using actual neural tissue to serve as neural nodes. I would love to tell you more about this, but the article is distressingly short on details, and Cortical Labs their website gets a bit loosey goosey with their own language. For example, from a blog post that was posted just a couple of days ago called what does it mean to Grow a Mind? The Cortical Lab blog reads up, we don't know what we're making because nothing like this has ever existed before, an entirely new mode of being, a fusion of silicon and neuron, a native to the digital world, lit with the Promethean fire of the human mind. So they don't really know what they're making. Well, nothing could go wrong there, you know. Um, I'll set aside my pessimism and skepticism and need to know more and just say that bio circuits are fascinating and they come complete with their own set of ethical issues to consider, but they might also end up being the backbone of a new branch of machine learning and AI. And that's it for this episode of the Tech News Tech Stuff. When we come back later this week, like I said, we're going to have some reruns of classic episodes, but we'll be back next week with some new ones. And I hope every and out there is having a safe, healthy and happy holiday season. I know that is incredibly challenging considering the the way things work today, but I still hope you're all well, and I look forward to talking to you again and really soon. Text Stuff is an I Heart Radio production. For more podcasts from I Heart Radio, visit the I Heart Radio app, Apple Podcasts, or wherever you listen to your favorite shows.