July 28, 2023
- CYBERSECURITY HEADLINES TODAY -
Dear Jen, Merrick, and Lina. What's up with Microsoft?
Call of Duty? Watch out for the malware in the lobby
Here’s looking at you, Worldcoin!
9mm smart gun? What took you so long
This Day, July 28 & 29 in Tech History
In this Episode:
Mark Miller: “Dear Director Easterly, Attorney General Garland, and Chair Khan. I write to request that your agencies take action to hold Microsoft responsible for its negligent cybersecurity practices.” That’s the beginning of a letter from Senator Ron Wyden, Democrat from Oregon. What set this off for Wyden? Why is he asking for Microsoft’s head on a platter?
Edwin Kwan: Call of Duty game players are getting infected by a self-spreading malware. The malware, which is also a worm, spreads to other users who are online and in the game lobby. It does this automatically from one infected player to another.
Katy Craig: Step right up, folks, and get your eyeballs scanned by a mysterious silver orb! Welcome to the fascinating world of Worldcoin, a cryptocurrency project with the twist- biometric verification.
Hillary Coover: The Wall Street Journal recently covered an emerging innovation in firearm safety- smart gun technology. My question is, what took so long to develop this? According to research, 37% of accidental deaths could have been prevented with this type of technology.
Marcel Brown: July 29th, 1914. The first test call is made on the newly completed transcontinental telephone line taking place between New York and San Francisco. The last pole was erected and the line completed two days earlier on July 27th, but commercial service did not start until January 25th of the next year.
From Sourced Network Productions in Washington DC, It’s 5:05. I’m Hillary Coover. Today is Thursday, July 28th, 2023. Here’s the full story behind today’s cybersecurity and open source headlines.
Mark Miller: Dear Jen, Merrick, and Lina. What’s up with Microsoft?
” Dear Director Easterly, Attorney General Garland, and Chair Khan. I write to request that your agencies take action to hold Microsoft responsible for its negligent cybersecurity practices, which enabled a successful Chinese espionage campaign against the United States government.”
That’s the beginning of a letter from Senator Ron Wyden, Democrat from Oregon. Sent to Jan Easterly, the Director of Cybersecurity and Infrastructure Security Agency, Merrick Garland, Director Attorney General, US Department of Justice, and Lina Khan, Chair of the Federal Trade Commission. Let’s just say Wyden skipped a few rungs in the hierarchy and went straight to the top.
This is Mark Miller calling in from New York City where it’s a blistering 96 degrees.
What set this off for Wyden? Why is he asking for Microsoft’s head on a platter? There’s a little history behind it, but to start, on July 12th, 2023, CISA and the FBI published an advisory on a hacking scheme that culminated in the theft of at least a hundred thousand records of individual us government emails.
The NSA publicly identified this as “China doing espionage.”
The hacker’s stole MSA encryption key, allowing them to falsely authenticate and impersonate users to gain access to Microsoft hosted consumer accounts.
But what really pissed Wyden off wasn’t just this incident. Here, let me read exactly what lit the fire on this thing:
“Microsoft never took responsibility for its role in the SolarWinds hacking campaign. It blamed federal agencies for not pushing it to prioritize defending against the encryption key technique used by Russia, which Microsoft had known about since 2017. It blamed its customers for using the default logging settings chosen by Microsoft, and then blame them for not storing the high value encryption keys in a hardware vault.”
Wyden is correct. Laying the blame at the feet of the consumer is lame, if not downright negligent. He ends the letter with recommendations for each of the three agencies. And you can read those recommendations for yourself using the link in the resources section of this podcast.
It’s definitely worth reading.
Edwin Kwan: Call of Duty? Watch out for the malware in the lobby
This is Edwin Kwan from Sydney, Australia.
Call of Duty game players are getting infected by a self-spreading malware. Call of Duty Modern Warfare 2 is a first-person shooter game published by Activision and released in November, 2009.
Although it is an old game, it’s still played by more than 600 people on the online gaming platform, Steam. Most malware distributed through video games are done by either getting the players to download a trojanized version of the game installer, or having them install malware disguised as cheats.
This particular malware appears to take a new distribution approach and doesn’t require the victims to install anything. The malware, which is also a worm, spreads to other users who are online and in the game lobby. It does this automatically from one infected player to another. This indicates that the hackers must be exploiting bugs in the game to execute malicious code on other players’ computers.
The game was brought offline on Steam while Activision investigates the issue.
– Hackers are infecting Call of Duty players with a self-spreading malware | TechCrunch
Katy Craig: Here’s looking at you, Worldcoin!
Step right up, folks, and get your eyeballs scanned by a mysterious silver orb! Welcome to the fascinating world of Worldcoin, a cryptocurrency project with the twist- biometric verification.
This is Katy Craig in San Diego, California.
Here’s how it goes: you sign up via an app, get your eyeballs scanned by the magical orb, and voilà, you’re rewarded with 25 tokens, worth around $56. But it’s not just a cool party trick. Worldcoin is on a mission to distinguish between verified humans and AI systems. This is a secret handshake for the digital age.
The project led by Sam Altman of OpenAI, aka ChatGPT fame, aims to create universal access to the global economy, no matter your background or where you’re from. It’s all about benefiting in the age of AI.
The Worldcoin protocol grants biometrically verified users a digital identity in the form of a token- a token just for being a real, unique person. The project has been cooking for over three years and has already attracted 2 million users from 33 countries. Jack Dorsey, the Twitter founder, finds it “cute,” while Vitalik Buterin, co-founder of Ethereum, has some mixed feelings.
So will Worldcoin bring us closer to global scale alignment or send us into a dystopian future? The journey is challenging and the outcome is uncertain, but Altman thinks it’s one step closer to sharing technological prosperity for all.
This is Katy Craig, stay safe out there.
Hillary Coover: 9mm smart gun? What took you so long
Hi, this is Hillary Coover reporting from Washington, DC.
The Wall Street Journal recently covered an emerging innovation in firearm safety- smart gun technology. This technology features a 9mm smart gun designed to ensure that only authorized users can fire it using fingerprint or facial recognition technology.
One of the key benefits of smart guns is their potential to prevent accidental shootings and deter firearm thefts, which are significant concerns in our society. With biometric recognition systems, smart guns offer an added layer of security. My question is, What took so long to develop this? According to research, 37% of accidental deaths could have been prevented with this type of technology?
Why not add an extra layer of accountability and enforcement to our existing legal gun ownership regulations? I understand the fear that government mandates could limit consumer choice and potentially lead to the outlawing of traditional firearms without smart gun technology, but the benefits seem to outweigh the risks at this point.
As this technology continues to advance, conversations about gun control, responsible firearm ownership, and individual rights will also continue to advance. Mandating biometric authentication could eventually lead to fewer illegally obtained and used firearms and safer public spaces. Reliability of the technology is a concern, but that’s why there are two biometric options available- fingerprinting and facial recognition technology.
Marcel Brown: This Day, July 28 & 29 in Tech History
This is Marcel Brown bringing you some technology history for July 28th and 29th.
July 28th, 1981. IBM introduces their System/23 Data Master Desktop Computer only two weeks before they introduce their IBM PC. Geared towards small business for use as a word processor and data processor, the computer was designed to be set up by end users without the need of a computer specialist.
While now, a footnote in history, the importance of the Data Master is that many of the team members that developed it were reassigned to the Secret IBM PC project. Much of the knowledge they acquired working on the Data Master went into developing the IBM PC as quickly as possible.
For example, the choice of the Intel 8088 processor in the IBM PC was based on the team’s familiarity with the similar Intel 8085 processor used in the Data Master. So for your trivia buffs out there, technically this was IBM’s first desktop computer.
July 29th, 1914. The first test call is made on the newly completed transcontinental telephone line taking place between New York and San Francisco.
The last pole was erected and the line completed two days earlier on July 27th, but commercial service did not start until January 25th of the next year. The six month delay was due to AT&T’s wish to publicize the service in conjunction with San Francisco’s 1915 World Fair.
That’s your technology history for today. For more, tune in next week and visit my website ThisDayInHistory.com.
That’s our update for today, July 28th, 2023. I’m Hillary Coover. We’ll be back on Monday at 5:05.