Weekly Axis Of Easy #69
This week’s quote: “Freedom and order are not incompatible… truth is strength… free discussion is the very life of truth.” …by ?????
Last Week’s Quote was “Everything has been figured out, except how to live.” …which was not Jean-Paul Sartre, even though that’s who I thought it was last week. Tony King is the winner again, having cornered a niche in detecting the apocryphal.
THE RULES: No searching up the answer, must be posted to the comments below…
The Prize: First person to post get their next domain or hosting renewal is on us.
In this issue:
- Google concealed data breach from G+ users
- Google lied to a Senate committee and the media about Dragonfly
- Google: The Good Censor?
- Bloomberg Bombshell: China has hacked all the things. Or not.
- Smart HVAC blasts sleeping workers with cold air
- California bans weak passwords in IoT devices
- “Your speed is” signs may be spying on you
- CitizenLab uncovers Saudi espionage op against Canadian
- Bell Canada’s “Fair Play” copyright scheme shot down by CRTC
Google concealed data breach from G+ users
The Wall Street Journal broke the news that Google’s G+ social network exposed the data of hundreds of thousands of users to third-party app developers, and then concealed disclosure over fears that doing so would open them to regulatory scrutiny. Now that the cat’s out of the bag they’ve decided to shut down the Google+ network entirely (which I thought they’d already unplugged years ago).
Given that this is the type of calculus that goes on within the company, one can’t help but wonder what else is going on there that they aren’t disclosing?
Read: https://www.wsj.com/articles/google-exposed-user-data-feared-repercussions-of-disclosing-to-public-1539017194 (paywall)
Google lied to a Senate Committee and the media about Dragonfly
I didn’t even have the chance to even press “Send” on this issue before I had my answer to the previous question.
The Intercept has revealed that Google materially misrepresented the progress and readiness of Dragonfly. Recall that Dragonfly is Google’s censored search engine for the Chinese market, the one that flags search terms like “human rights” and “Nobel prize” and even matches those queries to users’ mobile devices.
On September 26, a Google exec told the Senate Commerce, Science and Transportation Committee that “there was a project Dragonfly” but that Google “was not close to launching a product in China”. When pushed by the committee the exec demurred that he was “not clear on the contours of what is in scope or out of scope for that project”. Nice line of bull crap there. I’m gonna save that one.
Days earlier, Ben Gomes, chief of search told reporters “there’s been some exploration but since we don’t have plans to launch anything there’s nothing to talk about”.
The reality, according to The Intercept, is that Google is ready to go: ‘In July, Gomes had informed employees that the plan was to launch the search engine as soon as possible — and to get it ready to be “brought off the shelf and quickly deployed” once approval from Beijing was received.’
Wow, a trifecta. I didn’t get the newsletter finished last night. Then I wake up this morning and there’s another Google bombshell, officially setting the record for the most uses of the word “bombshell” in a single issue of #AxisOfEasy. An internal 85-page Google research paper was leaked exclusively to Breitbart News and released this morning, my guess is by a marginalized conservative within Google. Breitbart posted the entire paper to Scribd. It essentially concludes that the role of the large net platforms like Google, Facebook and Twitter is moving away from the (US-centric) “free speech” ethos and toward a more European “civility and safety” stance – and that they should actively shape the overall narrative by assuming the role of “The Good Censors”.
Read the paper here: https://www.scribd.com/document/390521673/The-Good-Censor-GOOGLE-LEAK
(So far, the only outlets running with this story are Breitbart, RT and Daily Mail. I’ve been reading the paper all morning, it’s very concerning and I anxiously await the mainstream media outlets to pounce on this with characteristic journalistic fervour).
Bloomberg Bombshell: China has hacked all the things. Or not.
Another bombshell was dropped, or at least attempted to be dropped, over at Bloomberg. Last week they ran a story “The Big Hack” about how China has infiltrated over 30 US computing companies including Amazon and Apple using a tiny undocumented chip in Supermicro motherboards, the chips were discovered after Amazon acquired a video streaming company called Elemental Technologies. Once Amazon’s AWS began evaluating the technology they found their motherboards contained undocumented chips about the size of a grain of rice. These chips “allowed the attackers to create a stealth doorway into any network that included the altered machines. Multiple people familiar with the matter say investigators found that the chips had been inserted at factories run by manufacturing subcontractors in China.”
Amazon quickly came out with a denial, saying that at no time had they ever been contacted by Bloomberg and the story was flat out wrong. The department of homeland security also issued a statement that the Bloomberg story siding with the companies and saying there was no reason to believe this is true.
It’s hard to know which end is up on this one, I really don’t know.
Amazon denial: https://aws.amazon.com/blogs/security/setting-the-record-straight-on-bloomberg-businessweeks-erroneous-article/
DHS statement: https://www.dhs.gov/news/2018/10/06/statement-dhs-press-secretary-recent-media-reports-potential-supply-chain-compromise
Smart HVAC blasts sleeping workers with cold air
The largest air conditioner company in the world, Japan’s Daikin, which owns the Goodman brand in the US conducted research finding that an effective way to re-energize workers experiencing a typical mid-afternoon slump or energy crash, is to cool down the air around them. To that end they are partnering with NEC to launch a service “that would detect sleepiness in office workers through artificial intelligence and deliver a blast of cool air to an area around that person. The companies think it will be ready by 2020.”
Read: https://www.fastcompany.com/90247195/offices-that-blast-sleepy-workers-with-freezing-air-are-coming
California bans weak passwords in IoT devices
This one is inducing cognitive dissonance in me because as far as government edicts go, it’s not bad. California has issued a ban on lousy default passwords (like “password”) and goes further to mandate that each network connected device must have a unique default password when it ships. Bad default passwords are largely responsible for enabling botnets like Mirai, which caused a lot of carnage previously by knocking DNS provider Dynect off the air entirely for the better part of a day. The ban goes into effect in 2020.
“Your speed is” signs may be spying on you
We’ve all seen those “Your speed is NN MPH” signs (or KM/h here in Canada …or the rest of the world come to think of it) in residential neighbourhoods or tight curves where there is generally an incentive to s-l-o-w down. Well in the USA those soon may be reading more than your speed, and will in fact be equipped with digital licence plate readers that feed into the Drug Enforcement Agency’s national surveillance network. This according to a group of RFPs that were found on the US government tenders website by Quartz media reporters.
CitizenLab uncovers Saudi espionage op against Canadian
Toronto-based Citizen Lab released a report last week detailing an espionage operation conducted by the Saudi government against a permanent resident of Canada. You may recall we reported on Citizen Lab’s previous report “Hide and Seek” which tracked network surveillance against dissident targets in 45 countries and traced back to 30 government clients, many of which were not-so-nice governments. This report builds on Hide and Seek and traced its target to a Saudi Arabian political dissident with refugee status in Quebec.
Bell Canada’s “Fair Play” copyright scheme shot down by CRTC
Ding dong, the witch is dead. The CRTC rejected Bell Canada led consortium and their “Fair Play” proposal for new copyright rules which included provisions such as mandatory website blocking without court oversight on the part of ISPs and the establishment of a new “anti-piracy” agency.
That’s it for the week.
– mark
P.S. A few people have asked if non-easyDNS members are allowed to subscribe to #AxisOfEasy, the short answer is “yes”. Feel free to forward them an issue or send them to http://AxisOfEasy.com to opt-in. You may want to recommend they move their domains here while you’re at it 😉
Leave a Reply