Weekly Axis Of Easy #77
This week’s quote: “The most important product of science is knowledge. However, the most important product of knowledge is ignorance” …by ????
Last Week’s Quote was “We are almost entirely incapable of predicting the future, yet economics strangely purports to be exempt from this fact of life. ” …by George Gilder, winner was David Gordon-Brown
THE RULES: No searching up the answer, must be posted in the comments below:
The Prize: First person to post get their next domain or hosting renewal is on us.
- easyDNS introduces a new and improved account recovery mechanism
- Popular NPM package compromised
- Marriott discloses data breach spanning 4 years affecting 500 million customers
- Scientists propose massive centralized DNA database will protect privacy
- Amazon to data mine patient health records for profit
- Blockchain study find 0.00% percent of use cases are successful
- NBC to use AI to match ads to the content you’re watching
- These smart mattresses do not record the sounds you make while in bed (yet)
- Second genome-edited baby “in the oven”, as China yanks project
- Swedes abandon cash in favour of The Mark of the Beast
We’ve introduced a better way to handle account recovery in the new Enhanced Security Module (ESM). Under this system it generates a series of recovery phrases which you will store offline in a secure manner, right? And if you need to recover your account we’re going to key off those code words. There’s also a new numeric PIN to enable telephone authorizations.
The old, more dated “Secret question / secret answer” methodology is still supported for backward compatibility but you should really transition to the ESM.
Check your account security settings here: https://cp.easydns.com/manage/security/
I swear we once included a piece in a previous issue of #AxisOfEasy by a security researcher who posited that one could compromise a lot of machines by introducing malware into an NPM package. Actually it’s this piece, but maybe we never actually put it in here (a lot of stuff ends up on the cutting room floor sometimes)
Anyway, somebody went and did it, offering to take over maintenance of a dormant software package called “event-stream” from a beleaguered dev who maintains 422 other open source packages, and then back-dooring it to inject code, appearing to target a specific bitcoin wallet.
In 2016 Marriott hotels purchased the Starwood Alliance group for $13 billion. I’m guessing the part where hackers had penetrated the Starwood reservations system and had access to it for 2 years prior to the deal somehow got under the radar of the due diligence process. It took another 2 years for Marriott to figure it out and the disclosure was made last week: the Starwood reservation system had been penetrated since 2014 and personal contact details, including passport numbers, addresses, emails for 500 million customers were breached. It is not known yet if credit card data was also breached because CC nums were encrypted separately.
“In a new paper published in the journal Science.., researchers suggest that the best way to protect genetic information might be for all Americans to deposit their data in a universal, nationwide DNA database. “ Of course, the thesis is that having one central database administered by some central authority that knows what’s best will do better than a fragmented assortment of databases operated by, say… Equifax and Marriott and all those other experts. But still. I don’t think so.
…or Amazon, for that matter. Who is now getting into the health records data-mining business. Amazon will be selling software that enables doctors and medical facilities to data mine patient health data in order to “improve treatment and cut costs”. What could possibly go wrong?
According to The Register, a study of 43 blockchain use cases in “the international development sector” has yielded zero success stories of anything actually getting off the ground and working. Of course, this is The Register, who of late seem to specialize in hit pieces, so you have to take it with a grain of salt. Apparently creating a medium that enables one to protect their own savings from the machinations of interventionist technocrats doesn’t count for anything.
NBC Universal will be deploying a system that uses “machine learnings” to place contextually relevant commercials to better match what’s going on in the programs you are watching. The “Contextual Intelligence Platform” looks at programming scripts, closed captioning and visual description data “to find opportune moments for a given advertiser to appear as well as an emotional gauge for each scene determined by proprietary algorithms”.
What a time to be alive…
It’s only a matter of time before somebody does. Imagine the possibilities once the hackers figure out the shodan search string to find wide open unprotected mattresses with default admin passwords…..
Last week we reported how a Chinese scientist brought forth the first pair of genome edited babies (twins) who would be HIV immune (sort of). I got a very interesting reply from a reader about that which seems to imply the procedure may not be as tidy as reported and may have unintended side effects (gee, you mean if you genetically engineer babies something unexpected might happen? Who would have thunk it)
Now there’s another one on the way, the same doctor has engineered a second pregnancy but around the same time news came out that the hospital undertaking the trials had shut down or paused the project.
That’s it for this week.
(We have a nice little community starting up on our mastodon node https://nojack.easydns.ca – head on over now and create yourself an account.)
P.S Thanks to all of you who checked out my wife’s debut novel or better still bought a copy. Just a quick note that in Canada the paperbacks sold out and are currently on priority backorder. You can check her website for current status. Thanks again.