
Exploring the intersection of security, technology, and society—and what might be coming next...
Standard Web Edition | Ep. 315 | January 24, 2022
SECURITY NEWS A mandatory-use mobile application for all athletes, journalists, and other Chinese Olympic attendees has serious security flaws, including a lack of certificate validation for encrypted communications. Citizen Lab told the organizing committee about the problems a long time ago but got no response. US athletes have been told to use burner phones. More Twitter’s new CEO fired Mudge and Rinki Sethi as part of major changes to the Twitter security team. This in the same week that Twitter launched NFT profile pictures. More McAfee and FireEye have combined to become ‘Trellix’. Is it just me or does McAfee have naming issues? Like what are the odds this will still be named the same in 5 years? More The UK, backed by the US, said publicly that Russia plans to install a pro-Russian leader in Ukraine. And they named him. More Vulnerabilities:
TECHNOLOGY NEWS Spotify has shut down its internal podcast studio. This comes as the momentum behind Spotify’s podcast play seems to be slowing. People are upset that Spotify podcasts aren’t fully on YouTube and other channels, and many people are pushing Spotify to take action on Rogan promoting vaccine misinformation. They’re still doing well, but seem to be facing some headwinds. More Google is building an AR headset, called Project Iris, to go up against Meta and Apple. More Streaming Music Marketshare Stats More
HUMAN NEWS In the US you can now order free at-home COVID-19 test kits, which are delivered through the post office. More CONTENT, IDEAS & ANALYSIS Consciousness is a Movie Screen Without an Audience, Theater, or Universe — My attempt to provide an accessible introduction to consciousness, meditation, and mindfulness. It uses a model of a Movie Screen to describe one’s consciousness, and explains how to use that model practically in daily life. More NOTES It’s been years since we’ve done a survey on the audience here. If you can spare 11 seconds I’d appreciate some help quenching my curiosity. Plus it’ll help the show because potential sponsors like to know something about us. With me being me, however, I won’t be capturing name or any other personally identifiable information! It’s just two questions: industry and position. Really appreciate the help! Answer The Two Questions I’ve finally finished Super Saiyan mode of my home audio setup, which I spent MONTHS researching starting when the pandemic happened. Won’t fully detail it here, but if anyone is curious, hit me up. I’ll give you three hints though: Genelec, NAD, and DIRAC Live. I’ve been having so much fun listening to both my favorites and tons of new music as well. I honestly think audio gear is some of the best money you can spend if you’re into music. Some of the other best money? Bidet toilet seats and a top-end mattress. A joke I thought of related to the Chinese Olympic “COVID” App: “This app’s killer feature is actually detecting exposure to Democracy.” DISCOVERY Wholesome Memes on Twitter — I recommend creating a Twitter list and putting a bunch of good news and kindness-based accounts in it. Use it for eye and soul bleach. More | Example Is the Tech Bubble Crashing? More Information Security Skillsets More Red Team, Go! — A look at Jupiter One’s Red Team approach. More The Cyber Plumber’s Handbook — SSH Tunneling, Port Redirection, and Traffic Bending, Oh My. More The most brilliant explanation of GPS I’ve ever seen. More Everything Must be Paid For Twice More skybot.cam — Someone built a system that takes a picture of every plane that flies over their house, and it identifies the plane. More Reverse Engineering 101 — An introductory course for reverse engineering, by Malware Unicorn. More Awesome List of Secrets in Environment Variables — Lists of secrets, passwords, API keys, and tokens stored in system environment variables. More ripgen — A Rust-based implementation of the dnsgen Python utility. 17x faster with 75% less memory. My guy Nate is seriously making me want to learn Rust. More | by d0nutptr (follow him) RECOMMENDATION The next time you interview for a job, ask your potential new manager these five questions:
APHORISM “I select a very small number of things to be skeptical about, such as markets, and on these I am hyper-skeptical. But I want to be fooled by randomness in art. I want the ceremony of religion. We are made for it.” — Nassim Taleb |