Exploring the intersection of security, technology, and society—and what might be coming next...
Standard Web Edition | Ep. 287 | June 27, 2021
| SECURITY NEWS MITRE has released D3FEND, a defensive counterpart to its offensive ATT&CK framework. It not only has its own separate ontology for defensive activities but also maps them to their offensive counterparts. “In other words, see what stops what.” More D3FEND The cyberinsurance market is facing major headwinds right now, largely due to a surge in ransomware payouts. The average paid loss went from $145,000 to $358,000 in the last year, and the DCC metric that looks at direct loss plus defense and cost containment jumped from 42% to 73%. This is forcing companies to raise their premiums to cover some of those costs. More Ant Group is in talks with China’s state-owned company infrastructure to use Ant’s massive datasets for credit scoring. Another example of China’s government flexing on the private sector. More Microsoft mistakenly signed a rootkit package that’s being used in gaming environments. It’s called “netfilter”, and it has been seen communicating to Chinese C2 servers. More GroupSesnse says Monero is rising in popularity with ransomware gangs due to it being harder to track. More HIPAA allows hospitals to sell patient data as long as it’s anonymized. So lots of companies are looking at how to make money off all that data. What could go wrong? Improper anonymization, for one. More The STIR/SHAKEN technology to stop robocalls is set to become enforceable on June 30th. On that date the major carriers (AT&T, Verizon, T-Mobile, Comcast) will need to start authenticating the source of calls to ensure CallerID isn’t being spoofed. More Vulnerabilities:
TECHNOLOGY NEWS Microsoft announced Windows 11, which has a clean new glassy interface, and claims to focus on freedom and choice. It will be a free upgrade. They’re building Teams into the OS, which doesn’t make sense given the fact that 1) nobody seems to like Teams, and 2) what happened to Skype that they paid like $9 billion for? More More Andreessen Horowitz has launched a new $2.2 billion crypto fund. More Microsoft has closed above a $2 trillion market cap for the first time ever. More A new study out of MIT and Boston University says that automation caused up to 70% of middle-class job loss in the US in recent decades. Hardest hit were vehicle manufacturing, printing and publishing, and the manufacture of rubber and plastic products. More Google has decided not to stop using third-party cookies until 2023. More A number of Google executives are becoming worried about the company’s future. More iTV has a story saying Amazon destroys millions of items each year rather than finding something productive to do with them. More Amazon has acquired Wikr, an end-to-end encrypted communication technology. More Companies:
HUMAN NEWS The US economy is up 6.4% in Q, and estimates are that Q2 will be even higher. More The Labor Department says a record 4 million people quit their jobs in April. More McKinsey has identified 56 foundational skills that will help citizens thrive in the future of work. They’re broken into 4 categories and 13 skill groups. More DeepMind says Reinforcement Learning is powerful enough of a technology to create AGI over time. In short, they believe that if you game smart AI against itself, in different types of scenarios, it’ll eventually learn how to do enough to be considered generally intelligent. The paper talks about “instantaneous calculation” and “perfect memory”, allowing computers to outperform humans at almost any task. This is big. More In a survey of over 200 police departments, retirements were up 45% and resignations were up 18% compared with the previous 12 months. More Nearly all US COVID deaths are now unvaccinated people. 150/18,000 of the deaths in May were vaccinated, or .008%. More Belong Gaming has opened the US’s first esports gaming center in Houston. More California is paying off all COVID-related past due rent. More A survey has found that men are losing their close friends. In 1990, 3% of men said they had no close friends, and that’s now 15% in 2021. And just 15% say they have 10 or more close friends, as opposed to 40% in 1990. More China is sending people to Mars in 2033, with plans to build a base there in a second phase. I’m happy to hear it, but I think Musk and others will be there by then. More Amazon is continuing its rollout of “grab and walk” grocery stores in London. This includes larger stores, not just the little ones. Scan your app, walk in, take what you need, and walk out. More Oakland, CA is redirecting $17 million from their police budget, which translates to around 50 police officers. I think defunding police is a horrible idea that mostly affects communities that need police the most. More CONTENT, IDEAS & ANALYSIS Summary: NOISE — My summary of Daniel Kahneman’s latest book, NOISE. It’s all about how things like medicine, hiring, and all types of judgment are plagued by inconsistency, and what you can do about it. 10/10. More NOTES We had Book Club on Sunday, and it was brilliant. Lots of great discussion about Speaker for the Dead, and we picked our next book as well. Come join us for the next one! DISCOVERY [ Sponsored Discovery ] Privacy.com — Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. This is great for paying subscriptions or one-time payments, especially if you’ve had issues with card compromises in the past. Head to privacy.com/unsupervisedlearning and get $5 when you sign up. More DJ3D Louvre — Walk around the Louvre as a 3D MMORPG. More Realtime Voice Cloning — An implementation of multiple papers that allow you to clone a voice using Pytorch. More Key Differences Between TLS 1.2 and 1.3 More How Reddit uses its millions of users to moderate content. More How to Properly Build Remote Teams More A group of academics partnered with the military to try to predict the next war using novels. More A history of all Googles’ various messaging apps. More Nightmare — A reverse engineering course based around binary exploitation, built into a CTF structure. More RECOMMENDATIONS NOISE — The latest book by Daniel Kahneman on how there’s often far more variation and error in expert judgments than we think. And how to address it. This along with Thinking Fast and Slow and Superforecasters are my new Holy Trinity of books on clear thinking. More APHORISMS “It’s simple to be happy, but hard to be simple.” ~ Rabindranath Tagore |
