Tech Brew Ride Home - Mon. 05/05 – Why Clone A Messaging App?
Episode Date: May 5, 2025The whole Telegram use by government officials story gets weirder as a Telegram clone has been hacked. Apple is thinking about REALLY shaking up its iPhone release schedule. Who put AI in my crypto? D...eepfakes are being chased from the Internet. And the maker of Cursor closes its big round. Sponsors: Take control of your cellular health today. Go to qualialife.com/ride and save 15% to experience the science of feeling younger. Links: TeleMessage, a modified Signal clone used by US govt. officials, has been hacked (TechCrunch) Apple Plans iPhone Release Schedule Shakeup, New Styles (The Information) Tether CEO says the firm's AI product will enable peer-to-peer network of AI agents (The Block) Senate Democrats' reversal on US stablecoin bill throws future of legislation into doubt (The Block) Leading deepfake porn site is shut down for good (Engadget) Maker of AI ‘vibe coding’ app Cursor hits $9bn valuation (Financial Times) Reports: US losing edge in AI talent pool (Semafor) Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
On April 4th, 2023, around 2 in the morning, a man was found stabbed multiple times on a sidewalk in downtown San Francisco.
Hey, who did this to you?
What happened next turned the story into a political firestorm.
Reports have identified the victim as Bob Lee, the founder of Cash App.
From Bloomberg Podcasts, this is Foundering, the Killing of Bob Lee, beginning April 16.
Welcome to the Tech meme right home for Cinco de Mayo 2025. I'm Brian McCullough today. The whole
telegram use by government officials story gets weirder as a telegram clone has been hacked. Apple is
thinking about really shaking things up with its iPhone release schedule. Who put AI in my crypto? Deepfakes
are being chased from the internet and the maker of cursor closes its big round. Here's what you miss today in
the world of tech. TeleMessage. A maker of modified versions of Apple.
like Signal, Telegram, and WhatsApp, has apparently been hacked, leaking some user messages,
contact info, and more.
Now, until recently, I'm not sure this would have been a story we would have done, as I'd never
heard of TeleMessage, except that now, quoting TechCrunch, telemessage came into the spotlight
last week after it was reported that former U.S. National Security Advisor Mike Walts was
using TeleMessage's modified version of Signal.
Israel-based telemessage, owned by Smarsh, offers its
clients away to archive messages, including voice notes from encrypted apps.
The messages of cabinet members and waltz were not compromised.
404 media said, but the hacked data contained contents of messages.
Contact information of government officials, backend login credentials for telemessage, and more.
Data pertaining to the U.S. customs and border protection, crypto exchange,
Coinbase, and financial service providers like Scotia Bank were extracted by the hacker,
the report said.
The hack revealed that the archived chat log,
are not end-to-end encrypted between the modded version of signal that telemessage offers
and the ultimate location where it stores the messages 404 media reported.
Smarsh, Signal, U.S. Customs, and Border Protection, Coinbase, and Scotia Bank,
did not immediately return requests for comment, end quote.
And quoting 404 media, the hack shows that an app gathering messages of the highest-ranking
officials in the government, Waltz's chats on the app include recipients that appear to be
Marco Rubio, Tulsi Gabbard, and J.D. Vance, contained serious vulnerabilities that allowed a hacker to
trivially access the archive chats of some people who use the same tool. The hacker has not obtained
the messages of cabinet members, waltz, and people he spoke to, but the hack showed that the archived
chat logs are not end-to-end encrypted between the modified version of the messaging app and the
ultimate archive destination controlled by the telemessage customer, end quote.
Now wait, why is there a market for clones of free messaging apps?
Quoting Cyber Insider.
The compromise tool is a modified signal client developed by telemessage in Israeli firm
that sells tailored versions of encrypted messaging apps to government and corporate clients.
These custom versions allow institutions to comply with legal archiving requirements
by silently capturing message contents normally protected by end-to-end encryption and routing them to external storage systems.
While the original Signal app is widely lauded for its robust security model,
TeleMessage's version introduces a silent third-party participant to message threads for archiving purposes.
In theory, this allows institutions to retain full chat histories without undermining the app's encryption.
However, 404 Media's investigation reveals that in practice, the implementation leaves a major gap.
The communication path from the modified app to the storage endpoint is not fully end-to-end encrypted.
This vulnerability allowed an unnamed hacker to extract significant trove,
of archive chat data with little effort. The attacker told 404 media that he breached telemessages
system within 15 to 20 minutes of becoming curious about the product following earlier media reports.
He claimed that the vulnerable archive endpoints were hosted on AWS in Northern Virginia
and were trivially accessible. Source code from the modified app obtained and reviewed
by security professionals confirmed the AWS infrastructure and revealed no significant
hardening or isolation to prevent unauthorized access. The hacker did not notify telemessage
prior to publication, citing concerns the company would attempt a cover-up. TeleMessage, which maintains
contracts with several U.S. agencies, including the State Department and the Centers for Disease Control
and Prevention, has declined to comment on the breach. The company markets its services as a compliant
way for government and enterprise clients to log encrypted communications from platforms like
Signal, WhatsApp, Telegram, and WeChat. However, this breach challenges the firm's security claims
and raises broader concerns about the risks introduced by compliant surveillance tooling, end quote.
It's Monday. I've got an Apple scoop for you, but it's not from Mark Gurman this time.
The information is reporting that Apple is planning to really shake things up in terms of iPhone release cadence.
The plans are apparently to launch two iPhone 18 pro models next year in the fall of 2026,
a thin iPhone 18 and a foldable iPhone, but the standard iPhone 18 will only come a year later in the spring of 2027.
Quote, while Apple hasn't confirmed plans for the new thin model, it is expected to be around 5.5 millimeters in thickness,
which would be the thinest phone the company has ever released, and one of the thinest smartphones currently on the market.
Apple's hope is likely that the new model will prompt people to upgrade faster,
overcoming the problem that users are holding onto their smartphones for much longer nowadays than they
used to, largely because most annual upgrades bring only minor changes. However, the smaller size of the
new thin model will require compromises to its capabilities. The device will contain only a single
speaker instead of the two speakers that Apple's other phones usually have, one rear camera lens
instead of the three in Apple's flagship phones, and reduced battery life. Internal testing shows
that battery life for the thin model will fall short of that,
of previous iPhones. The percentage of users who can go a single day without recharging the thin
phone will be between 60 and 70%. For other models, that metric is between 80 and 90%, one of the people
said. To solve this, Apple is developing an optional accessory, a phone case meant for the thin model
that also contains a battery pack, according to three people familiar with the matter. One of the
people said that until pre-orders start in September, it's impossible to predict whether the manufacturing
lines the manufacturers are setting up will be enough, or even over capacity for the thin iPhone,
given that it's an entirely new product with no historical demand to reference.
For all these reasons, manufacturers reserving production capacity for the phone are looking
at how quickly they can convert their manufacturing lines to other models if the thin model
doesn't sell well to people said.
Release of the thin iPhone will mark the start of a bigger shift in Apple's iPhone planning.
Next year, Apple plans to release its first foldable iPhone, the information previously reported,
The book-style foldable device will have an inner display measuring just under 8 inches diagonally when unfolded,
and an outer display of just under 5.7 inches diagonally when shut, according to a person involved in its manufacturing.
Also next year, Apple plans to stagger the release of its iPhone by only releasing the premium, more expensive pro models in the fall,
and delaying the standard iPhone model, in this case the iPhone 18, until the following spring,
according to three people involved in the iPhone supply chain.
The iPhone 18 series will include updated versions of Apple's thin iPhone, Pro, and Pro Max, along with the new foldable device.
In spring 2027, Apple plans to release the standard iPhone 18 and a successor to the more budget-friendly iPhone 16E, the people said.
Both of those models, which are based on older and less complicated designs will undergo manufacturing trials first in India as part of Apple's efforts to reduce its manufacturing risks in China.
Two of the people said, the change to the iPhone's release window could make it easier for Apple to
ramp-up production of an increasing number of different phones. By staggering the launch, Apple can reduce
the need to deploy large numbers of manufacturing workers and equipment simultaneously, end quote.
Tether CEO, Paulo Arderino, has announced Tether AI, an open-source AI runtime that supports
USDT and Bitcoin payments without a central point of failure. Quoting the block,
Ardoino said the firm is working on an open-source AI runtime that aims to operate on any hardware or device
and integrate with crypto payments via Tether's wallet development kit or WDK.
Tether is the issuer of the largest stable coin by market capitalization, currently around $149 billion.
In a post on X, Arduino detailed the vision for Tether AI, which he said was coming soon.
A fully open-source AI runtime capable of adapting and evolving on any hardware and device.
No API keys, no central point of failure, fully modular and composable.
WDK infused to enable USDT and Bitcoin payments, Arduino said,
Tether AI tech will enable an unstoppable peer-to-peer network of billions of AI agents, end quote.
This comes as AI-related discussions dominate the crypto sector.
AI agents powered by LLMs are increasingly used to enable crypto payments
and leverage natural language processing to analyze market trends and real-time data.
Tether's AI project has its own website, Tether.A.I, which states that its product will also
potentially integrate its peer-to-peer communication app, Keat, as well as other data tools.
Tether has been expanding its reach into the world of artificial intelligence over the past few years.
In previous efforts to bolster its AI operations, Tether invested an undisclosed amount in the German
data center operator Northern Data in September 2023. Two months later, Tether increased Northern
Norton's debt financing to $610 million, among other endeavors, the block previously reported, end quote.
Several Senate Democrats key to the passage of a forthcoming landmark stablecoin bill have withdrawn support for the bill, quote, as it currently stands.
Quoting the block again, days before the Bipartisan Genius Act, guiding and establishing national innovation for U.S. Stable Coins, was set to hit the floor of the Senate.
The future of the legislation has been thrown into question after nine Senate Democrats came out against the legislation in its current form.
The group includes four senators who voted to advance the bill out of the Senate Banking Committee in March, according to Politico.
A statement released by the group said,
The current version of the bill has, quote, numerous issues that must be addressed, namely adding stronger provisions on anti-money laundering, foreign issuers, national security, preserving the safety and soundness of our financial system and accountability for those who don't meet the acts requirements, end quote.
Republican Senator Ben Hagerty, one of the bill's authors, emphasized the need for the legislation in response to the statement on X,
We have a choice here, Haggerty wrote, move forward and make any remaining changes needed in a bipartisan way,
or show that digital asset and crypto legislation remains a solely Republican issue, end quote.
The bill would require stable coins to have 100% reserve backing with U.S. dollars and short-term treasuries or other similarly liquid assets,
also monthly public disclosure of reserves and annual audits for issuers with more than $50 billion in market capitalization.
The bill also lays out strict marketing standards, guidelines on,
insolvency proceedings and other provisions. The bill will require 60 votes to pass the Senate.
With Republicans controlling only 43 seats, a bipartisan deal is a must. We're going to continue to
work to improve the bill, Haggerty said, when it advanced out of committee. Axios previously reported
that Senate Democrats wanted more provisions around national security and law enforcement to be
added to the bill. The territorial battle over stablecoin legislation, both in the halls of Congress
and between lobbyists for various firms, has escalated in recent weeks as two bills. The Genius Act in the
Senate and the Stable Act in the House have begun advancing towards a floor vote. Yet Democrats have
raised concerns over how the legislation will govern President Trump and his family's crypto business
dealings, end quote. The biggest deep fake porn site on the internet, Mr. Deepfakes, says it is
shutting down permanently. Quoting in Gadget, a critical service provider has terminated service
permanently. Data loss has made it impossible to continue operation. A note on the site reads,
We will not be relaunching. Any website claiming this is fake. This domain will eventually expire,
and we are not responsible for future use. This message will be removed around one week, end quote.
As sites continued to crack down on non-consensual deepfake porn, Mr. Deepfakes became an open space for it.
Users could upload videos and connect with creators to commission videos. People also used that as a way to collaborate on new techniques,
share their methods, and provide datasets. All of that was with the goal of creating this non-consensual media,
sometimes with a strong likeness to real people. The creator of Mr. Deepfakes is still technically
anonymous, however, German newspaper Der Spiegel reportedly tracked down one of the individuals behind it,
a 36-year-old in Toronto. Governments across the world have been taking steps to make sexually
explicit deepfakes illegal. Last week, the U.S. Congress passed a bill criminalizing the, quote,
publication of non-consensual sexually exploitative images, including deepfakes. The UK has made
multiple attempts in recent years to make it illegal to create sexually explicit deepfakes.
currently it's illegal to share this content but not to produce it. In early 2024, the European
Commission proposed new rules to criminalize sharing non-consensual intimate images, including deep
fakes, end quote. Sources at the FTs say that any sphere, maker of that AI coding tool cursor,
raised $900 million at a $9 billion valuation up from $2.5 billion in valuation just back in
January. This was led by Thrive with A16Z and a cell participating. Quote,
Annesphere was founded in 2022 by a quartet of 20-somethings who met studying maths and computer science
at the Massachusetts Institute of Technology. It was previously valued at $2.5 billion in January
when it raised $105 million, also from Thrive and Andreessen Horowitz. The huge jump in Annesphere's
price tag comes after annual recurring revenues grew quickly since its last funding round,
rising to about $200 million in April to make it one of the fastest growing software companies
ever. Curser has won millions of fans among computer programmers for its AI-powered software
development kit, which its creators say writes almost one billion lines of working code every day.
By using natural language to tell the AI what to make instead of writing code by hand and
auto-completing updates, it accelerates productivity for programmers one of the most in-demand
skills in the tech industry. Despite competing with tools such as Microsoft's GitHub co-pilot,
Curser has customers at tech companies including Stripe, OpenAI, and Spotify, according to its website,
as well as prominent AI researchers such as Andre Carpathie. The former Tesla and OpenAI engineer
coined the phrase vibe coding in February to describe an almost trans-like state of talking to cursor's
AI to create software, quote, where you fully give in to the vibes, embrace exponentials, and
forget that the code even exists, end quote. Finally today from my fear of Silicon Valley losing its
global dominance file. Remember, one of the things that I pointed out in my essay is that AI is
already maybe showing us a world of post-Silicon Valley dominance. Well, according to Zeki,
the 12-month rolling average of AI talent entering the U.S. in 2025 equals the number
leaving the U.S. quoting semaphore, China's ascendancy has played a role. A recent paper from
the Hoover Institution, A Policy Think Tank Flaggues.
that some of the industry's most exciting recent advancements, namely Deepseek, were built by Chinese
researchers who stayed put. In fact, more than half of the researchers listed on Deepseek's papers
never left China for school or work. Evidence that the country doesn't need Western influence to
develop some of the smartest AI minds, the report says. Meanwhile, London is becoming an epicenter
for AI safety boosted by the presence of Google Deep Mind. Europe and the Gulf states are doubling
down on their talent retention efforts as countries like the UAE and Saudi Arabia build
out their AI infrastructure and energy sector to support AI, according to Zeki, which provides
data on AI talent. India, traditionally, an exporter of top tech talent, is gradually becoming
a consumer of it as the country bolsters its national tech sector and immigration to the U.S.
becomes more difficult, end quote. Nothing more for you today. Hope you had a great weekend. Talk to you
tomorrow.