Weekly Axis Of Easy #153
This Week’s Quote: “The most basic question is not what is best, but who shall decide what is best” …by ???
The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.
In this issue:
- Underworld in panic as cops penetrate secret criminal chat app
- New EvilQuest ransomware targets Mac OSX users
- BMW to make built-in car features into paid subscriptions
- Aussie gov retreats from mandatory contact tracing app
- iOS clipboard snooping more widespread than TikTok
- Reddit bans /r/The_Donald and about a million other subreddit’s (Forbes thing?)
- Tim O’Reilly – Venture capital doing more harm than good
- Case study shows removing third-party tracking actually increased revenues
- Behave! Browser plug-in protects you from web based scans, attacks
- Update on the easyDNS fold@home team
- AxisOfEasy Salon 11: Revolutions, Power Plays and Authoritative Reality
Underworld in panic as cops penetrate secret criminal chat app
I have mused privately in the past that there would be an incentive for criminals to create entire TLDs that were not visible to the world at large by design. I don’t know if that’s ever happened, but there are cases of criminal networks creating their own chat networks. The incentives are there, so it would be more surprising if they didn’t. In one case however, cops managed to penetrate such a chat network and it’s sent shockwaves throughout the criminal underworld as police infiltrated “Encrochat” as it led to hundreds of arrests.
It appears as though French police figured out that some of Encrochat’s servers were located in France, and they deployed a “technical device” to crack the system. From there, they and numerous other European police agencies began monitoring the communications of myriad criminals for months while they coordinated and planned crimes ranging from drug trafficking, money laundering and even murder.
Over the past few months, numerous crooks were arrested by various agencies, amounting to over 700 cases in the UK alone. According to Dutch law enforcement, the operation has
“given insight in an unprecedented large number of serious crimes, including large, international drug shipments and drug labs, murders, thrashing robberies, extortions, robberies, grave assaults and hostage takings. International drug and money laundering corridors have become crystal clear,”
The communications network looks to have been a combination of the chat system, hardware phones (including a “panic wipe” feature) and a proprietary operating system Encrochat OS, there was even a website advertising a showroom in Amsterdam.
Jesse also wrote about this in Metaviews.
New EvilQuest ransomware targets Mac OSX users
Security researchers have found a new type of ransomware targeting Mac OSX users called EvilQuest, or alternatively, OSX.ThiefQuest. In addition to encrypting your files and extorting a ransom from you, it also installs a keylogger and a reverse shell, giving the attackers full control over your machine even after you pay up the ransom.
It also scours your device for any cryptocurrency wallets and steals that too. EvilQuest looks to be distributed via bootleg software forums in programs such as Little Snitch, Ableton and cracked copies of Mac OS itself.
BMW to make built-in car features into paid subscriptions
In Philip K Dick’s Ubik, we see our characters in a near-future cyberpunk setting where every innocuous activity requires the user to pay a small fee, from opening your own apartment door to get in or out, to turning on your morning coffee maker in the kitchen.
That’s what I thought of when I read this article on how BMW wants to start making features we ordinarily associate as coming with a car (heated seats, cruise control, built-in massagers), available on a subscription basis.
It’s not entirely worked out how this will be structured, but suffice it to say that,
“the automaker would offer select driver-assistance and comfort features in exchange for a reoccurring fee. All of the features the automaker wants to monetize would already be built into the car when you buy it, and you would pay for them through the company’s ConnectedDrive Store.”
BMW says this gives their customers financial flexibility. I think it gives them a new revenue stream.
The reason I’m posting this here is because I think this is part of the new trend away from ownership and toward subscription, I first came across this idea reading Amory Lovins’ Natural Capitalism and liked the idea at first, and still do in some contexts. It seemed to align interests of creating products that stood the test of time. However, I’m also wary. This idea, taken to extremes, could lead to excessive financialization and the erosion of property rights, especially given the nature of “take it or leave it” EULAs that typify our super-connected world.
Aussie gov retreats from mandatory contact tracing app
Over the last couple issues we covered the state of government contact tracing initiatives around the world. I’ve repeated on multiple occasions that in Australia’s case, installing the government app would be voluntary unless less than 40% of the population volunteered, in which case it would become mandatory.
A reader in Australia emailed me last week to point out that while it is true that this was originally floated, the Australian government had backed away from the “mandatory” part fairly quickly after the initial announcement. In fact PM Scott Morrison came out and said it wouldn’t happen the very next day after that country’s Deputy Medical Officer floated the idea of compelling Aussie’s to install it.
iOS clipboard snooping more widespread than TikTok
Last week we reported on how TikTok was grabbing data from the iOS clipboard, which the company said was some kind of “antispam” measure and that they would cease the activity (they were also caught doing this last year and said they would stop doing it then too).
A report in Ars Technica found that the practice is not limited to TikTok. They found 36 other apps that all do it too, meaning everything from passwords, personal data, bitcoin addresses, in short, anything you copy and paste between any apps (not just the ones that engage in this practice), is vulnerable.
All of this is coming to light because of early access to iOS 14, which contains an additional transparency feature that alerts the user when an app is attempting to access your device clipboard, similar to how you are currently warned when an app wants to access your microphone or photos.
Reddit bans /r/The_Donald, /r/ChapoTrapHouse and 2000 other subreddit’s
As part of the protests around the murder of George Floyd, many Reddit’s voluntarily went dark for a day to protest the platform’s inaction around hate speech. As a response the company committed to update their policies and act on them.
Which they have now done. In a post to the company blog, Reddit CEO Steve Huffman announced new rules that explicitly ban subreddits that promote hate content based on identity or vulnerability and tightened up rules around subreddits that interfere with other communities (read: incessantly sh*tpost to).
They then banned approximately 2000 subreddits, “the vast majority of which are inactive”, but approximately 10% of them had activity and two of them were quite large: /r/The_Donald, which is the absolutely yuge pro-Trump MAGA reddit and the far-left /r/ChapoTrapHouse, while not as big as The_Donald, was also pretty large from the sounds of it.
Obviously, neither community’s mods have read my book counselling those who wish to protect their audiences and content from the moral judgements of others to use social media platforms primarily to build up their own membership bases within their own infrastructure under their own domains. The ebook version of my book is now available for free, btw.
Fortunately my favourite reddit, /r/QualitySocialism, “It’s like /r/Socialism but better, because we don’t have any socialists”, survived the purge.
Tim O’Reilly – Venture capital doing more harm than good
Anybody who’s been following my writing over the years knows my thinking around venture capital, how it incentivizes financialization over sustainability and that the ripple effects of that go beyond cool kid start-ups and adversely impact Main Street and everybody else who isn’t a hedge fund, private equity fund or an investment banker.
In an interview last week, Tim O’Reilly made the case venture capital is starting to do more harm than good, outlining
“why venture capital, in its current iteration, has begun to make less sense for more founders who genuinely want to build sustainable businesses. The way he sees it, the venture industry is no longer as focused on finding small companies that might one day change the world but more on creating financial instruments for the wealthy — and that shift has real consequences.”
If I were to take issue with anything it would be the “starting” part. It’s been this way since the Dotcom bubble and became markedly so in the aftermath of the Global Financial Crisis. You would think policy makers would have learned their lesson by now, but given the response to the Coronavirus financial panic it is clear that they are just doubling down on these same perverse incentives.
I write about this a lot on Out Of The Cave, including my blueprint for how to build sustainable companies, and Charles Hugh Smith writes about it every single day on Of Two Minds (the latter of which is also syndicated via AxisOfEasy). There’s a reason I call it “venture crapital” this is nothing new. Glad luminaries like Tim O’Reilly are finally speaking up about it. “What took you so long?”
Case study shows removing third-party tracking actually increased revenues
Johnny Ryan over at Brave, the folks behind the Brave browser, put out a note last week looking at the case of Dutch National Broadcaster, NPO. Since they were a state owned enterprise they were facing additional constraints around data tracking pursuant to Dutch privacy regulators (and GDPR, I presume).
So they removed all third-party trackers from their website, and a strange thing happened: their website revenues increased. January and February saw significant bumps of 61% and 76% respectively, and then once all the pandemic stuff hit, the numbers still went up over same month previous year: +18% (March), +8% (April) and +19% (May).
In this case Ryan speculates the revenue lift comes from: “from the reduced adtech tax, and prevention of commodification and arbitrage of NPO’s audience.”
The latter case is something he’s also written about which I’ll link to below.Read: https://brave.com/npo/
Behave! Browser plug-in protects you from web based scans, attacks
I came across this browser extension called Behave! Which warns you if a website is using embedded scripts to portscan you or try to access an internal or private IP within your network it will detect that and warn you. This may not be the result of an unscrupulous website operator (although it very well could be), but it may also indicate that the site has been hacked and hostile scripts inserted into its source code.
As it stands now you can download the source from GitHub and there are installable plugins available for Firefox and Chrome. I’ve installed them both, so far no alerts.
The GitHub is here: https://github.com/mindedsecurity/behave
Update on the easyDNS fold@home team
It’s been a few weeks since I checked in on the easyDNS team Fold@Home stats. That’s a distributed computing project that harnesses the power of spare CPU cycles to conduct molecular folding calculations for use in genome and disease research such as cancer, and of course, coronavirus.
I was pleasantly surprised to see that Team EasyDNS has cracked the Top 500 out of roughly a quarter million teams, with 14 contributors clocking up more than 1 million work units, and 34 total contributors.
Here are our contributors bringing in over 1M work units
Thanks to you, and thanks to everybody on the easyDNS team and contributing to the Fold@Home project.
You can learn more about Fold@Home, and download clients for all kinds of architectures at the main website:
Team easyDNS: https://stats.foldingathome.org/team/248458
AxisOfEasy Salon 11: Revolutions, Power Plays and Authoritative Reality
On this week’s AxisOfEasy Salon #11, Jesse Hirsh, Charles Hugh Smith and myself kept coming back over the show on three recurring themes:
- Have we entered a climate where a French Revolution style megapolitical shift is looming?
- The pesky phenomenon of the ole coup-within-a-coup, a.k.a the “Power Play” as per the 1978 Peter O’Toole political thriller of that name.
- The difference between “objective reality” that everybody thinks exists and “authoritative reality”, which for all intents and purposes, is what actually matters.
It was another interesting show, check it out here:
Leave a Reply