open source and cybersecurity news

June 1, 2023

Ring and Alexa Privacy Violation Charges, Battle Under the Waves, Toyota Customer Data Exposed, Tessa Offline

In this Episode:

Episode Transcription:

Pokie Huang:

Hey, it’s 5:05 on Thursday, June 1st, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Edwin Kwon in Sydney, Australia, Katy Craig in San Diego, California, Ian Garrett in Arlington, Virginia, Kadi Grigg in Alexandria, Virginia, Marcel Brown in St. Louis, Missouri. 

Let’s get to it.

Edwin Kwan: 

This is Edwin Kwan from Sydney, Australia. While smart home assistant and home surveillance cameras are meant to make our lives better, ever wondered just how private and secure your data is? The FTC, the Federal Trade Commission, and the US Department of Justice, the DOJ, are accusing Amazon of privacy violations for their ring camera systems and Alexa, smart home assistance. 

For the ring case that’s being brought by the FTC. They’re accusing Amazon of compromising its customer’s privacy by granting private video access to every employee, They’re doing that instead of limiting access to just those who needed the access to perform their job function. It also highlighted a specific instance where an Amazon employee viewed thousands of video recordings of female users in private spaces like bathrooms and bedrooms over several months. 

According to the proposed order, Ring will have to pay $5.8 million in refunds to consumers.

In a separate case, both the FTC and DOJ are charging Amazon with violating children’s privacy laws after failing to delete their Alexa voice recordings and geolocation information on their parent’s request. Under this proposed order, Amazon must pay $25 million and delete the children’s data per their parents request.

Katy Craig: 

Let’s dive right into the fascinating world of undersea cables. We’re talking about those vital lifelines carrying over 95% of all international internet traffic. And boy are they at the center of the US China technology competition. 

This is Katy Craig in San Diego, California. 

Picture this. There are over 400 cables stretching along the sea floor, crisscrossing the globe, like underwater highways. They’re the invisible veins that keep our digital world pulsing with information. Emails, banking transactions, military secrets, you name it. They’re flowing through these cables. 

But here’s the thing. These cables aren’t just innocent bystanders. No, they’re vulnerable to all sorts of threats. We’re talking about sabotage attacks and espionage, and those who have ill intentions can target these data conduits potentially wreaking havoc on our interconnected world.

In fact, just recently, American subsea cable company, SubCom LLC, started laying a massive $600 million cable known as the Southeast Asia, middle East and Western Europe or SeaMeWe-6. 

This behemoth will span over 12,000 miles of fiber running along the sea floor, connecting a dozen countries from Singapore all the way to France. It’s a technological superhighway, crossing three seas and the vast Indian Ocean. 

SeaMeWe-6 is set to revolutionize data transport promising super fast speeds and an expanded reach. But let’s not forget, it’s also a prime target in the ongoing technology battle between the US and China. Both sides know the importance of controlling these vital connections.

So my friends, let’s keep our eyes on the underwater prize. We need to protect these cables, safeguarding the flow of information that drives our digital lives. It’s a game of high stakes competition, and we can’t afford to lose. 

This is Katy Craig. Stay safe out there.

Ian Garrett: 

Another day and another Toyota server misconfigured for public access. The Japanese car maker has recently discovered two additional misconfigured cloud services that have resulted in the leak of personal information of the car owners. This comes shortly after Toyota’s previous finding of a misconfigured server that exposed the location of over 2 million customers.

Hey folks, this is Ian Garrett in Arlington, Virginia. 

In a thorough investigation conducted by Toyota Connected Corporation, it was revealed that data containing customer information had potentially been accessible externally. The first cloud service, which was exposed between October, 2016 and May, 2023, leaked sensitive customer information of Toyota customers in Asia and Oceana.

This information includes addresses, names, phone numbers, email addresses, customer IDs, vehicle registration numbers, and vehicle identification numbers. Unfortunately, the exact number of affected customers has not been disclosed. 

The second cloud instance exposed, between February, 2015 and May, 2023, contained less sensitive data related to the navigation systems of approximately 260,000 customers in Japan.

This data included the in-vehicle device id, map data updates, and data creation dates. Customers who subscribe to Toyota’s G book navigation system and those who renewed their maps using Toyota’s on-demand service were impacted. The affected vehicles belong to Toyota’s sub-brand. Lexus sold between 2009 and 2015.

Toyota assures customers that even if the data was accessed externally, it would not be sufficient to identify the customers or gain access to their vehicle systems. The car maker has implemented a system to regularly monitor cloud configurations and database settings across all its environments in order to prevent such leaks in the future.

Kadi Grigg: 

Well folks, I’m no psychic, but as of late May 31st, the National Eating Disorder Association, also known as NEDA, has taken down chatbot Tessa after reports that the chatbot was actually providing harmful advice. 

This is Kadi Grigg and Alexander Virginia. 

 Let’s rewind to my previous report on Tuesday, May 30th, where I highlighted NEDA’s plan to replace all human staff with Tessa.

At that time, I expressed my skepticism, firmly believing that those in desperate need of help sought human connection, not just a string of helpful links to read. After all, if they wanted to scour the internet, they could have easily done so themselves. 

And now here we are with NEDA pulling the plug on their chatbot. 

But how did we get to this point, you may ask. Well, the answer lies in Tessa’s offering of so-called healthy eating tips and weight loss advice. Activist Sharon Maxwell took to Instagram sharing screenshots of the chatbot’s recommendations, and let me tell you, it’s evidence that this chatbot would do way more harm than good. 

How? By providing dangerous tips to those with serious disorder eating patterns and behaviors. The chatbot, went so far as to discuss healthy calorie deficits to aid in weight loss, recommending weekly weigh-ins, and even where to buy calipers for determining body composition and locations of where to make said purchases. Cringeworthy stuff. 

To put it plainly, every piece of advice offered by Tessa would only enable someone in the grip of an eating disorder to continue down a dangerous path and potentially worsen their condition.

So again, why am I reporting on this? Because I’ve been witnessing a trend lately where companies think chatbots will be the ultimate solution to replace human interaction. But the problem is, is they seem to forget who their users really are. If companies, especially crisis lines, genuinely care about the communities they serve, they need to carefully consider their true needs before rolling out language models that could potentially offer support at the cost of human staff who have been providing that invaluable connection people seek.

Yes, it may require investing time and resources and employees and volunteers and scaling might be difficult, but if these organizations truly want to make a difference, they must invest in the necessary human resources. It’s these resources that make a genuine impact, not just some technology. 

So the moral of the story is this: Chatbots are merely tools. If they aren’t designed with end user’s needs and emotional vulnerabilities in mind, technology can do more harm than good. 

Marcel Brown: 

This is Marcel Brown, the most trusted name in technology with your technology history for June 1st,. 

June 1st, 1944 .The Colossus Mark II computer was put into service at Bletchley Park in Great Britain, just in time for the invasion at Normandy. The Colossus Mark II was an improvement of the Colossus Mark I computer, and they were used to decipher intercepted radio teleprinters messages from Nazi Germany.

The use of technology primarily by Great Britain to decipher German communications helped the allies defeat the access in World War II. However, a lot of the technology used was kept classified for many decades, so not a lot was known about the Colossus computers until 20 or 30 years later. 

While the Colossus was not a general purpose machine and was not fully Turing complete, it is now regarded as the world’s first programmable electronic digital computer, although it was programmed by switches and plugs and not by a stored program. 

June 1st, 1999. Shawn Fanning and Sean Parker released the file sharing service, Napster. The service provided a simple way for users to copy and distribute MP3 music files. It becomes an instant hit, especially among college students. Just over six months later on December 7th, 1999, the recording Industry Association of America will file a lawsuit against a service alleging mass copyright infringement.

Eventually this lawsuit will force the shutdown of the company on September 3rd, 2002, but not before the popularity of downloading digital music is firmly entrenched in a generation of internet users. Thus, this is the day that the music industry changed forever.

That’s your technology history for today. For more, tune in tomorrow and visit my website

Pokie Huang: 

That’s it for today’s open source and cybersecurity updates. For direct links to all stories and resources mentioned in today’s episode, go to, where you can listen to our growing library of over 100 episodes. You can also download the transcript of all episodes for easy reference.

5:05 is a Sourced Networks Production with updates available Monday through Friday on your favorite audio streaming platform. Just search for “It’s 5:05!”. And please consider subscribing while you’re there.

Thank you to Edwin Kwan, Katy Craig, Ian Garrett, Kadi Grigg, Marcel Brown for today’s contributions.

The Executive Producer and the editor is Mark Miller. The sound engineer is Pokie Huang. Music for today’s episode is by Blue Dot Sessions. We use Descript for spoken text editing and Audacity to layer in the soundscapes. The show distribution platform is provided by This is Pokie Huang. See you tomorrow… at 5:05.



Leave the first comment