Tech Brew Ride Home - Thu. 11/07 - Alleged Spies Inside Twitter
Episode Date: November 7, 2019Twitter employees charged with spying for Saudi Arabia, those weird text messages a whole bunch of people received overnight, the most powerful desktop CPUs in the world, Ghost Locomotion wants to tur...n existing cars into autonomous vehicles, Wrench will repair your car on demand, and what smart speaker seems to be unhackable? Sponsors: Metalab.co SVB.com/next Links: Former Twitter employees charged with spying for Saudi Arabia by digging into the accounts of kingdom critics (Washington Post) Alphabet’s board of directors is investigating executives over inappropriate relationships (CNBC) A ton of people received text messages overnight that were originally sent on Valentine’s Day (The Verge) AMD unveils world's most powerful desktop CPUs (ZDNet) Uber faces costly choices after expert finds it uses Waymo self-driving tech (Reuters) Ghost raises $63.7 million to develop an aftermarket kit that gives cars self-driving capabilities (VentureBeat) Wrench's on-demand vehicle repair and maintenance service picks up $20 million (TechCrunch) Facebook Portal survives Pwn2Own hacking contest, Amazon Echo got hacked (ZDNet) Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
On April 4th, 2023, around 2 in the morning, a man was found stabbed multiple times on a sidewalk in downtown San Francisco.
Hey, who did this to you?
What happened next turned the story into a political firestorm.
Reports have identified the victim as Bob Lee, the founder of Cash App.
From Bloomberg Podcasts, this is Foundering, the Killing of Bob Lee, beginning April 16.
Welcome to the TechMeme ride home for Thursday, November 7th, 2019.
I'm Brian McCullough today.
Twitter employees charged with spying for Saudi Arabia.
Those weird text messages, a whole bunch of people received overnight.
The most powerful desktop CPU in the world.
Ghost Locomotion wants to turn existing cars into autonomous vehicles.
Wrench will repair your car on demand.
And what smart speaker seems to be unhackable?
Here's what you missed today in the world of tech.
The Department of Justice,
has charged two ex-Twitter employees and arrested one of them, alleging they spied for Saudi Arabia
by snooping on the accounts of people critical of that kingdom. One of the individuals allegedly
accessed 6,000 accounts in 2015. Prosecutors also say a third individual acted as an intermediary
between the Twitter employees and Saudi officials, quoting the Wall Street Journal.
The criminal complaint unsealed today alleges that Saudi agents mined Twitter
internal systems for personal information about known Saudi critics and thousands of other Twitter users,
said U.S. Attorney General David L. Anderson. We will not allow U.S. companies or U.S.
technology to become tools of foreign repression in violation of U.S. law, end quote.
Twitter restricts access to sensitive account information, quote, to a limited group of trained
and vetted employees, said a spokesman who spoke on the condition of anonymity,
quote, to protect the safety of Twitter personnel.
quote, we understand the incredible risks faced by many who use Twitter to share their
perspectives with the world and hold those in power accountable.
We have tools in place to protect their privacy and their ability to do their vital work,
end quote.
I've said before relating to industrial espionage that you've got to figure foreign governments
have agents working inside every major tech company, right?
How much this is an open secret inside the valley or else a secret secret, because no one
wants to talk about what they know or don't know. I'm not entirely sure. But here's Alex
Stamos, who I've got to figure knows this stuff as well as anyone. Quote, number one, this is a
huge deal. Number two, lots of tech employees have access to data and families back home.
Number three, all big tech companies need internal monitoring and hunting teams. Four, the kingdom of
Saudi Arabia wouldn't be at the top of my list of high-risk countries with lots of citizens
in Silicon Valley. There will be more. Something I've said to security audiences. We are all pretty good at
technical infosec defense. The big tech companies are at least in the same league as state attackers.
We are children when it comes to human intelligence, end quote. Speaking of open secrets,
it's long been alleged, or at least long been whispered about, that alphabet was a company with
shall we say a human resources problem, a human resources problem of a sexual misconduct nature.
Some of the evidence of that has come out in the form of high-profile scandals involving big-name Alphabet
executives, and sources are now telling CNBC that Alphabet's board of directors has hired an outside law firm to look into inappropriate relationships by Google executives, including Alphabet's own chief legal officer David Drummond.
The reason for the scrutiny? The board is trying to get ahead.
of shareholder lawsuits, quoting CNBC. An alphabet spokesperson said, quote, as has already been
confirmed in public court filings in early 2019, Alphabet's board of directors formed a special
litigation committee to consider claims made by shareholders in various lawsuits relating to past
workplace conduct, end quote. Alphabet shareholders sued the board in January for allegedly
covering up sexual misconduct from executives, including former Android co-founder Andy Rubin
The company let go of Rubin and paid him $90 million after an internal investigation found sexual assault claims credible, according to a report in the New York Times.
Rubin denied any wrongdoing in statements at the time of the report.
The report of Rubin's payout set off a company-wide walkout by employees last November.
In August, former Google legal employee, Jennifer Blakely, wrote a lengthy medium post that said she and Drummond started dating in 2004 and later had a son together.
Drummond was married to somebody else at the time.
Blakely said Drummond later refused to discuss child support calling his behavior, quote,
nothing short of abuse, end quote.
She also claimed he had affairs with other people at the company.
The company has been silent on the issue, only pointing to a short statement Drummond made,
which denied the claims, quote, other than Jennifer, I never started a relationship with anyone else
who was working at Google or Alphabet, any suggestion.
Otherwise is simply untrue, end quote.
The NBC previously reported that Drummond dated a 36-year-old Google employee,
Corinne Dixon, whom he then married over Labor Day weekend.
Dixon was not in Drummond's chain of command, end quote.
Did you get a weird text message overnight?
Apparently a ton of people did.
A whole bunch of folks have been reporting on Twitter that they received text messages
that apparently were originally sent on Valentine's Day.
And this seems to be affecting users across all major U.S.
carriers. Apparently the messages were never received by the recipients as intended on Valentine's Day.
The people who sent the messages had no idea that the messages never got to their intended recipients.
And as far as we know, it's not like everybody just decided to collectively resend all of those
messages overnight. It's unclear where the bug lies at the moment because no one can determine
if it is the sending or receiving carriers that have the bug, quoting the verge.
dozens of people have tweeted about receiving messages overnight.
Most expressed confusion or spoke to the awkwardness of the situation, having been told by friends that they sent a mysterious early morning text message.
A few spoke to much more distressing repercussions of this error.
One person said they received a message from an ex-boyfriend who had died.
Another received messages from a best friend who is now dead.
It was a punch in the gut.
Honestly, I thought I was dreaming.
And for a second, I thought she was still here, said one person who goes by
curibho on Twitter who received the message from their best friend who had died.
Quote, the last few months haven't been easy, and just when I thought I was getting some
type of closure, this just ripped open a new hole, end quote.
AMD has unveiled two new chips that ZDNet is calling the world's most powerful desktop
CPUs.
Say hello to the 24-core and 32-core Risen ThreadRipper processors.
They are built using AMD's 7-nanometer Zen 2 architecture, and they're available on November 19th for $1,39 and $1,99 respectively, quoting ZDNet.
On the performance front, AMD claims that the new 32-core Risen Threadripper 3970X offers up to 90% faster performance over the competition, up to 90% faster performance in Cinebench R20NT, up to 46,000.
7% more performance in Adobe Premiere, up to 49% more performance in V-ray, up to 43% more performance in Chromium Release 78, compile, and up to 36% more performance in Unreal Engine.
This performance doesn't mean the chips are power hungry either, with AMD claiming they deliver up to 66% better power efficiency compared to previous generation processors.
The new chips do, however, need a new socket.
The new socket is called STRX4, which offers expansion for serious multi-GPU and
NVME arrays, quad-channel DDR4, ECC support, and unlocked overclocking, end quote.
In a quarterly filing this past Tuesday, Uber revealed it will, quote, likely need to change its
autonomous driving software or sign a licensing deal with Waymo because an expert found that
Waymo tech and software is still a substantial part of Uber's self-driving tech and software.
Quoting Reuters, the expert review of Uber's software was part of a legal settlement reached in
February 2018 that brought to an abrupt halt, a federal jury trial over whether the company
unfairly benefited from confidential ideas allegedly secured by making former Waymo engineers
key members of its self-driving car team. Waymo began as a project within sister company Google
a decade ago, while Uber launched its effort four years ago. Uber declined to give details
beyond its filing. Waymo told Reuters in a statement that the independent software experts' findings
quote, further confirm Waymo's allegations that Uber misappropriated our software intellectual
property. We will continue to take the necessary steps to ensure our confidential information
is not being used by Uber, end quote. Interesting, Ray's Thursday time.
In the whole self-driving race, there has been this side tangent of startups that claim that they can make self-driving car kits that you would be able to install in your existing car that would transform them into some sort of autonomous driving vehicle.
Well, one of those startups, Ghost Locomotion, came out of stealth today, announcing it had raised $63.7 million in capital from Founders Fund, Kosovo Ventures, and So,
Sutter Hill Ventures. Ghost locomotion says its autonomous vehicle kits will be available sometime in
2020, and they will work with some car models from 2012 onward. And they're focused on something
that I've wondered about before. So, all right, city streets, self-driving tech isn't ready for that
yet. But if someone can already give me self-driving tech for highways, why not just give it to me?
I'm happy to take control once I hit an off ramp, but if I could, you know, read a book while tooling down the interstate or something, that would be awesome.
P.S., highway driving represents about two-thirds of all miles driven in the U.S., quote,
many self-driving companies are attempting to solve the driving experience from end to end and have not yet perfected any element of that as a result, wrote the company in a press release.
Ghost is simplifying the problem by focusing on exit-to-exit driving to start.
As complexity of city driving pushes self-driving timelines further and further into the future,
Ghost is laser-focused on building real self-driving for highways and providing a huge benefit
to people sooner and expanding from there, end quote.
Ghost's locomotion's first principles are different from some of the other self-driving projects
as well, quoting Venture Beat.
Ghost's differentiation lies in its approach to automation, which incorporates imitation learning.
The company is careful to draw,
a distinction between Ghost's technology and advanced driver assistance systems like Nissan's
ProPilot, assist, and Tesla's current implementation of autopilot. Unlike those systems, which rely
heavily on rule sets, Ghost begins with human observation, recording what real-world drivers
see and how they react to create a ground truth. The company's AI uses this model to correct
driving behaviors, creating a capable, dynamic autonomous control policy that can scale to almost
any modern car. Ghost holds onto a set of real-world data samples that aren't used to train the model,
which it uses for testing. It also says it constantly adds more scenarios and retrains its model,
quote, in pursuit of perfection. The forthcoming kits will include a small computer,
eight low-profile cameras that affixed to the windshield, side windows, and the rear window.
No word on pricing, though, or the models of cars.
that this will work with.
And another one.
Rensh is a startup that does on-demand vehicle repair and maintenance service.
Wrench just raised a $20 million round led by Vulcan Capital,
with participation from Madrona Venture Group, among others.
This is actually a version of the on-demand economy that makes a ton of sense to me.
Mechanics come to your driveway to fix your car there.
And because it seems like such a good idea, I did not know this,
but this is actually a crowded space, quoting TechCrunch.
Wrench is one of a growing number of companies that are using technology to adapt
what had previously been infrastructure-heavy services closer to a more consumer-friendly, convenient business model.
Other companies operating in the similar vein and in automotive include the refueling and car wash-on-demand startups,
filled Yoshi and booster fuels for gassing up, and spiffy, wipe, washoos, and wash-A for washing,
for washing equipped with diagnostic software that can assess problems with vehicles based on their
owner's descriptions and service trucks that can handle most maintenance and repair work.
Wrench meets fleet operators and consumers at their vehicles to provide servicing and repairs.
It's a model that's attracted some competitors with big backing. Repair Smith, which operates a similar
service out of Los Angeles in San Francisco, is backed by Daimler to provide much the same on-demand
repair services, end quote. Apparently, Wrench has already serviced 100,000 vehicles, and all of the
company's repair and servicing house calls come with a 12,000 mile warranty. Finally, today, we've been
talking a lot about the security or lack thereof of smart speakers recently, so this story caught my eye.
You know those pown-to-own hacking contests? Well, they're holding one right now in Tokyo, and so far,
Amazon's Echo got hacked, but some surprising competing devices have survived, quoting ZDNet.
Amazon Echo speakers, Samsung and Sony Smart TVs, the Xiaomi Mi-9 phone and Netgear and TPLink routers
were hacked on the first day of the Pone to Own hacking contest.
The second and final day will soon be underway, and it appears that Google Nest cameras and
Facebook portal hubs will survive this year's competition unscanes.
as no security researchers announced plans to attempt an exploit later today. Last year, during
the first Pone to Own edition that allowed smart home devices, organizers let security
researchers go after Apple Watch, Amazon Echo, Google Home, Amazon CloudCam, and Nescams. This
year, the Apple of Everybody's Eye was undoubtedly Facebook's portal home automation system.
Launched in November 2018, just days after Pone to Own Tokyo 2018 concluded, the Infoset
community has been waiting to see how the device would fare in the face of today's top hackers.
The answer arrived today when contest organizers published the first day's results and the second
day's upcoming hacking sessions. The results? Nobody wanted a piece of the Facebook portal,
and nor did they want to hack Google's home assistant. Security researchers chose to go after
the easier targets like routers and smart TVs known for running weaker firmware than what
you'd usually find on a smart hub speaker or home automation hub, end quote.
So this is a small sample set, of course, but the way the contest works is organizers publish a list of targets ahead of time and then some of the best hacking mines around have months to come up with an exploit, which they would then deploy in the contest.
Prize money is at stake for those who can demonstrate the most exploits over the course of the contest.
Since all of the exploits are turned over to companies who have their products targeted, companies often sponsor these contests.
So interesting that the hackers saw the echo as the low-hanging fruit here,
while no one has come forward with anything that can compromise the portal, as of yet.
FYI iOS and iPadOS 13.2.2 just came out with a fix for that whole background app refresh bug.
So get on that. That is all for today. Talk to you tomorrow.