Weekend Edition 43
US Gov Emails Hacked By China
Proton Cloud App Released for Windows
Windows AI: Yikes
Meta & OpenAI Sued for Copyright Infringement
SEC VS Ripple Labs
MSFT-Activision Merger News
Broadcom-VMWare Merger News
WE 1 – Ruh-roh, Raggy, Outlook Hacked By Chinese Gang
Oh boy, this is a real gem, ain’t it? Even some US Federal government (see US Mafia) accounts were accessed by a gang called Storm-0558. 25 organizations were breached through a hole discovered in the Azure cloud platform, which powers Outlook, along with the rest of Office 365 and many other things besides. We don’t know how many or which government organizations were breached, but wow. Microsoft didn’t even pick up on this. The IT goofies at the federal government did. Microsoft has patched the exploit, allegedly. The exploit had to do with forged credentials for the Microsoft account authentication system through Outlook Web Access and Outlook.com. Both the consumer and enterprise systems were affected for user authentication tokenization. After being notified, Microsoft did patch it, but the breach went as high as the US Secretary of Commerce. That’s a big deal. Microsoft shouldn’t have needed to be notified, their cybersecurity professionals should have seen it in progress if they are as good as they claim to be. Come on, this is Microsoft. Then again, this is Microsoft, the very company who popularized the notion of computer viruses with the help of people like McAfee and Peter Norton. The very company which refused to effectively make Windows and its other products more networking and multi-user friendly from the get go, nearly 40 years ago, now. Networking and multi-user features were tacked on in Windows 3.1, and through 9x, until they migrated to the NT kernel for 2k and XP. In contrast, Linux was designed from the ground up with multi-user and networking capabilities. This makes it inherently more secure than Windows and its ilk. If you want to be more resistant to most malware, check out Linux, seriously, guys. It isn’t just for nerds or hackers, regular users can benefit from it just as much. I’m not implying that there is 0 malware for Linux, but even with it basically running the internet (yes the servers that enable you to read this are running on Linux, and I am writing this on a computer which while made by Microsoft, is running Linux, and if you watched the stream above, that was produced on a Linux-based computer as well). Linux runs the internet, including much of the Google, Azure, Oracle, and AWS cloud ecosystems, so if it is stable and performant enough for mega corporations like those, then why would it not be good for you? Join the 3% of desktop users who have made the switch to greater security, performance, longevity, stability, and privacy. Ok, stepping off of my soapbox now.
https://www.pcmag.com/news/chinese-hackers-breach-us-government-email-accounts
https://techfreedom.pro/free-your-pc
WE 2 – Proton Drive Releases Windows App
Google better watch out, there is a privacy-first cloud app for windows now. If you’re not familiar with them and want greater privacy than using the Google ecosystem could ever provide, then you owe it to yourself to check this out. They have a free tier which provides 1GB of end-to-end encrypted, automatically syncing file sharing through their cloud. You may know Proton for their privacy-first email service, or their VPN, but now the Swiss-based privacy company is building out their cloud ecosystem, to eventually include most of the common pieces of Google Workspaces. For now, they have a Windows app, are working on a MacOS one, and after that is done, they’ll work on a Linux client. Good stuff. Perfect? No. Good, absolutely. As always, your best bet is to have a personal nextcloud instance/ server, whether on your own hardware, or in someone’s cloud if privacy is your #1 concern. One great place to host that, if you have about $50/ mo to throw around, and don’t mind paying $3/ month per user, is Altha Tech. I’ll drop a link below.
WE 3 – Windows AI in the Microsoft Store… Hmmmm…
Here’s what’s happening: MS is rolling out an AI Hub in the Store which is AI-curated to push AI-powered apps. Right. Not only that, but soon, they’ll be rolling out AI-summarized review snippets for the Store. I’m reminded of a scene in Star Wars: Episode 2 when C3PO and R2D2 stumble into the droid foundry on Geonosis, and 3PO comments, “Droids building droids, how perverse.” Given, we aren’t quite there, yet, but the potential is there, for a chatbot to actually generate the code to produce an app, if someone asks. It has all the information it needs from GitHub (which is owned by Microsoft, remember) in order to actually build something for you, based on the code of many other programmers and developers who submitted their codebases to the repositories there. That is weird. I don’t like that in the least. Is it all too much at once, anyway? Only time will tell if Microsoft’s zeal for using the tech that it purchased from OpenAI will be good or will ultimately backfire on them. Part of me wants it to backfire and burn windows to the ground, like in the scene in “What About Bob” where Dr. Marvin’s house gets torched, and the elderly couple whom he had snatched it out from under were sitting there saying, “Burn, baby, burn.” Sorry for the sudden burst of dated references, but oh well, here they are. If AI makes you uncomfortable, try Linux to have a computer that will do as you tell it, and nothing more, once you understand it.
WE 4 – Sarah Silverman & Others File Class Action Against OpenAI & Meta
This case is related to how LLMs (Large Language Models) are trained indiscriminately. These authors claim that their revenue streams have been adversely affected by chatGPT and LLaMa, which have been trained using their materials. This is something that I saw coming from the first time I heard about generative AI. I knew there would be intellectual property (IP) issues because if something exists online, it will be utilized by these models, whether it is behind a paywall or not. The way that these LLMs work is that they need as much content as possible in order to “learn” how language works, so that they can “generate” phrases, sentences, paragraphs, emails, and whole essays. It can also “generate” things in specific styles, such as similar to Ms. Silverman, or Steven King, or Maya Angelou. This is the capability which these plaintiffs are taking issue with. Is this Fair Use? Whose definition of Fair Use are we going by? This is where things get interesting for the AI players, OpenAI, Microsoft, Google, and others. We shall see.
https://www.bbc.com/news/technology-66164228
WE 5 – SEC vs Ripple Labs: Good News?
I usually try to hold off for 24 hours, minimum, before I hop on a story, but this JUST happened yesterday afternoon. Judge Torres gave both parties mixed news. On the positive side for us lowly retail investors, she decided that at least as of 2020, XRP was not a security for retail purchasers through exchanges. At the same time, she ruled that the SEC had grounds for believing that industry level investors (banks and the like) who had bought back then as a vehicle for cross border transfers (allegedly quicker and cheaper than SWIFT, if you recall, and this was the primary basis of the token/coin) knew what it was and that for them it is and was a security, as they netted a tangible benefit from it. It will continue to trial at some point in the medium term, and if you have it anywhere but a warm or cold storage wallet, hurry and move it if you plan to hodl for much longer. Do not take this as financial advice, I hold some XRP so am understandably excited by these developments. It is a mixed bag, on the whole, but if your exchange-held XRP has been stuck for the last couple of years, and you want to hodl some more because you believe that it is solid now that it has beaten this case, transfer it. If you want to wash your hands of it, then do so. Beware capital gains taxes, though, spendthrift old uncle Depends wants to take a chunk of your profits when you cash out. So it is up to you, but we’ll be moving ours asap. We will follow this story as it develops.
WE 6 – Microsoft/ Activision-Blizzard Merger News
The FTC lost its case to block the merger, after the EU approved it last month. Now the UK’s CMA (Competition & Market Authority) is the last body standing in the way of this merger which would reshape the video game industry. They do not like it, and it is supposed to be finalized in the next month or so. Their chief complaint is the same as it was a few months ago when they blocked the deal. The companies would have to restructure their deal in order to get another round of consideration from the CMA, which means it would not close on time. Then again, deals of this nature rarely go off without a hitch, and the partners have kind of bent over backwards with these regulators over the course of the last 9 months or so (since it was announced) in order to convince them that it wouldn’t destroy the cloud gaming market through monopoly on Microsoft’s part. Sure MSFT isn’t gunning to corner the gaming market…. Riiiight. I believe you, Brad Smith. No, no, no… I really don’t, and I was being about as sarcastic as I could just there. Just to be clear. I trust nothing that Microsoft says, in fact, I suspect them of doublespeak whenever they open their mouths. For that matter, why would Microsoft want the tainted company in the first place, when they know that they’ll need to clean it up like crazy in order to not sacrifice their ESG score? If you guys are unaware, there have been many claims of sexual harassment coming out of the cesspool at Activision-Blizzard for the last 10-15 years. Investigations have started, but either stalled out or resulted in developers and management simply getting slapped on the wrist because they were good at their job and it was bringing in mass amounts of money for the company.
https://www.bbc.com/news/entertainment-arts-66099230
WE 7 – Another Merger to Watch…
Broadcom (manufacturer of networking equipment) is looking to purchase the virtualization giant, VMWare. On the surface this expensive move doesn’t make a ton of sense to me. It would make sense, moreso, at any rate. But after thinking about it, the networking adapter maker would make a move deeper into servers with this, as most servers are virtualized. If you didn’t know, virtualization allows people to more or less create computers out of thin air. You see, with something like VirtualBox, or its bigger brothers, you can section off the resources of a single set of hardware into two or more virtual machines, each with its own resources, users, and data. This is a force multiplier, but can also lead to problems if machines are not thoughtfully provisioned. So, why would Broadcom want to branch off into virtualized hardware? They want a bigger piece of the server market pie, so to speak. The EU has approved, but with caveats: Broadcom must make the tools to insure adapter compatibility available to third parties, so that they can’t put an undue squeeze on competitors like Marvell. They also must provide the source code for drivers to insure interoperability for competitors with VMWare. This still has to clear the CMA in the UK and the FTC here in the US. Long road to travel, yet before this one can close. The CMA will probably pick it apart as they have done with the Microsoft/ Acti-Blizz deal. This would be the second or third largest similar deal in history (depending on if the gaming deal goes through or not), at an eye-watering $61 billion.