Weekly Axis Of Easy #86
This week’s quote: “all modern trends point to the spectre of a terrifying, bigger, and more pitiless conformity” by ?????
Last Week’s Quote was ““In such experience as I have had with taxation, there is only one tax that is popular, and that is the tax that is on the other fellow” by Sir Thomas White, won by Matt.
THE RULES: No searching up the answer, must be posted in the comments below:
The Prize: First person to post, gets their next domain or hosting renewal on us.
In this Issue:
EU Article 13 copyright rule finalized
The International Grand Committee of Fake News
Russia making preparations to decouple from larger internet
AI “Deep fakes” text generator too dangerous to release
Deep Dive on Recent DNS hijacking attacks
Amazon caught selling counterfeit tech books
Target app hikes prices as prospects near the physical store
Apple dumps “do-not-track” from Safari browsers
India’s Aadhaar – like Sesame Credit only hackable
On the evening of February 13, European Union legislators finalized the text of Articles 11 & 13 of the forthcoming EU Copyright Rules. If adopted, these new rules promise to do for the internet at large, what the GDPR did for whois, which was totally mangle it and render it unusable. Article 11 specifies the so-called “link tax” wherein reproducing more than single words or very short extracts of websites will require a license – I wonder what that will do for Google, specifically the very first issue of this newsletter where we commented on how Google pilfers content from websites to display within their search results.
Meanwhile Article 13 requires ISPs maintain upload filters, and make “best effort” to acquire licenses for anything users may possibly upload.
No, I’m not riffing on Orwell’s 1984. This is actually a hearing which will take place in Ottawa, Canada on May 28, when members of parliament from numerous countries will convene to grill the heads of Facebook, Google, WhatsApp, and Amazon about misinformation. (Not being grilled: CNN, Washington Post, New York Times, Fox, CNBC or any other mainstream media outlet that routinely and repeatedly get’s it wrong, either willfully or cluelessly……)
Another one from the “we told you so” files, as Russian tech providers, led by Kaspersky Labs co-founder Natalya Kaspersky are preparing a test-run of a plan mandated by Russia’s “sovereign internet” legislation. Under the new laws, Russian internet providers must be prepared and able to run all internet traffic through routing points controlled by the Russian state – ostensibly to “protect Russia from cyber-attack”. The “we told you so” part is that a couple years back when we blogged that various foreign policies were driving the world toward an eventual global network split. And I’m telling you now – when similar laws come to North America, making state surveillance effectively mandatory, they’ll sell it to you as a defense from cyberattack.
OpenAI, a non-profit artificial intelligence firm backed by Elon Musk and LinkedIn founder Reid Hoffman, has taken an unusual step in refusing to release their AI powered GPT2 text generator, for fear it is “too good” at generating believable, authentic sounding text. Their claim is that the software, dubbed “deep fakes of text” may be abused, although I personally don’t understand how an AI powered text generator could output anything more dangerous than something any conventional humanoid could. I’m going to call “b/s” on this one and if it comes back on me I’m totally blaming the intelligent agent I programmed to write #AxisOfEasy for me while I drink coffee and read Snowcrash.
We touched on this briefly in #AxisOfEasy number 81 where FireEye security released a report detailing how hackers were taking over domains by compromising their domain registrar or DNS provider control panels. This week Brian Krebs did a major deep dive into this phenomenon looking at how Iranian hackers targeted various middle-east targets and attacking them via their vendors.
DNSSEC per se, not a big help since they can control the DNSSEC once they get into the control panel, so as we always say, make sure you have event notifications enabled, multi-factor authentication, and an Access Control List setup for your account, all available via your security settings in the control panel.
No Starch Publishing founder Bill Pollock revealed on Twitter this month that he’s found yet another counterfeit version of one of his tech books available for sale via Amazon, using the Amazon Createspace self-publishing platform. Thieves targeted No Starch with knock-offs already in 2017 and it reportedly took over 4 weeks to get Amazon to action the problem.
Target has made changes to its mobile app after an investigative piece by a local TV station found them playing fast-and-loose with product pricing. KARE11 out of Minneapolis found that products searched up on Target’s shopping app would start low, presumably to lure potential shoppers to the physical stores. However, as prospects got closer to the location, the prices would move higher.
The W3C “do-not-track” initiative looks to be defunct, the project was closed down on Jan 17, 2019. Apple is dropping DNT in September, most of the other browsers still have the setting, but it turns out on reading the Gizmodo coverage, that they don’t actually do anything. In that sense Apple is at least removing the illusion of privacy that having a DNT button (that does nothing) fosters.
I first learned of India’s Aadhaar listening to Let’s Talk Bitcoin #386, on Decentralized Identity and Pairwise Identifiers. It’s the world’s largest biometric system, using facial recognition and it assigns a number to each citizen. It’s in the same ballpark as China’s Sesame Credit, although, unlike China’s system it doesn’t seem to reward or punish citizens according to their obedience to the State. Not yet anyway.
While the Indian government asserts the Aadhaar database is behind top flight security systems, they can’t speak for all other repositories of this data. For example, 6.7 million Aadhaar numbers are visible via the state-owned LPG gas company, Indane.