Tech Brew Ride Home - Tue. 06/11 - "Any data that is collected, WILL be breached."
Episode Date: June 11, 2019An abject example of the maxim, “any data that is collected, will be breached,” Foxconn isn’t worried about a trade war so maybe Apple doesn’t have to be, electric car charging is about to get... easier, and why it’s weird that Spotify can advertise against your moods. Sponsors: Inside the Five-Sided Box: Lessons from a Lifetime of Leadership in the Pentagon by Ash Carter PixelUnion.net Links: Don’t smile for surveillance: Why airport face scans are a privacy trap (Washington Post) The CBP Data Breach (TechCrunch) Apple’s U.S. iPhones Can All Be Made Outside of China If Needed (Bloomberg) Amazon to shut down its Amazon Restaurants business in the U.S. (GeekWire) Amazon launches Personalize, a fully managed AI-powered recommendation service (VentureBeat) Charging an electric car will get easier (TechCrunch) This is how scammers are now abusing Google Calendar to pillage your data (ZDNet) Big Mood Machine (The Baffler) Radiohead Have The Last Laugh After Hackers Hold 18 Hours Of Their Unreleased Music Ransom (HuffingtonPost UK) Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
On April 4th, 2023, around 2 in the morning, a man was found stabbed multiple times on a sidewalk in downtown San Francisco.
Hey, who did this to you?
What happened next turned the story into a political firestorm.
Reports have identified the victim as Bob Lee, the founder of Cash App.
From Bloomberg Podcasts, this is Foundering, the Killing of Bob Lee, beginning April 16.
Welcome to the TechMeme right home for Tuesday, June 11th, 2019. I'm Brian McCullough today.
An abject example of the maxim, any data that is collected will be breached.
Foxconn isn't worried about a trade war, so maybe Apple doesn't have to be.
Electric car charging is about to get easier and why it's weird that Spotify can advertise against your moods.
Here's what you missed today in the world of tech.
So yesterday, I was considering going with a story by the Washington Post Tech columnist
Jeffrey Fowler about how facial recognition technology is being rolled out to U.S. airports across the
country. Instead of presenting your passport, you can now just let your face get scanned to board
especially international flights. JetBlue, for example, has already scanned the faces of
150,000 international travelers in the last two years. So you can probably see where this is going,
right? Congratulations, by allowing your face to be scanned. The government now has you in a database, and
who knows, five, ten years down the road, maybe just walking down the street, cameras somewhere
can track your movements and match your face against some database somewhere. The practice of
facial recognition at airports is still voluntary and the airline's stress. They don't save
the photos taken at all and Customs says it deletes photos after 12 hours. But, quoting from
the Washington Post piece, people in the United States can't be served.
unless they're suspected of crimes, and anonymity is a pillar of free speech. If we give in to this,
we are allowing the government and the airlines to build up giant face recognition databases of all of us,
says Jennifer Lynch, the surveillance litigation director at the Electronic Frontier Foundation, end quote.
So this was another story about how, for every convenience tech gives us, we have to take a spoonful of Orwell or Kafka along with it, right?
and since I have made that point a couple of times recently, I ultimately passed on doing this as a segment.
But then this morning, there was a headline that rose to the top of Techmeme.
Quote, the U.S. Customs and Border Protection has confirmed that photos of travelers into and out of the country were accessed by hackers.
Quote, the photos were transferred to a subcontractor's network and later stolen through a malicious cyber attack,
a CBP spokesperson told TechCrunch in an email.
CBP's networks were unaffected by the breach.
CBP learned that a subcontractor in violation of CBP policies and without CBP's authorization or knowledge
had transferred copies of license plate images and traveler images collected by CBP to the subcontractor's company network, said an agency statement.
Initial information indicates that the subcontractor violated mandatory security and privacy protocols outlined in their contract, the statement read.
The agency first learned of a agency first learned of a contract.
the breach on May 31st. A spokesperson for the agency later said the security incident affected fewer
than 100,000 people through a few specific lanes at a single land border over a period of a month
and a half. No passport or other travel document photographs were compromised and no images of
airline passengers from the air slash entry exit process were involved, the spokesperson said.
The agency did not name the subcontractor, end quote. So obviously this is
Another concerning vector about collecting and keeping vast databases of personal data.
You might think, well, this is not a big deal.
Only 100,000 people affected, except, geez, your passport photo, if that was to get out,
that would sure make identity theft super easy.
And photos of people's faces connected to their identities, as bully Esquire tweeted,
good thing a lot of people don't use their faces as passwords to their phones and computers.
And what was I just saying in some recent segment about foreign countries hoovering up all the data they can get their hands on in hopes that they can weaponize it at some future date when technology allows them to?
As Jeffrey Vagel tweeted, data is not the new oil, it's the new plutonium.
Or, as Kate Cox tweeted, I'm pretty sure any data that is collected will be breached is the first law.
of our age, end quote.
Apparently, Apple's iPhone can be made outside of China if needed.
That's because Foxcon says it has enough capacity to make all U.S. iPhones outside of that
country if the trade war between the U.S. and China should escalate further.
Quote, 25% of our production capacity is outside of China and we can help Apple respond
to its needs in the U.S. market.
Foxconn Semiconductor Division Chief Young Liu told an investor briefing in Taipei,
on Tuesday, adding that investments are now being made in India for Apple, quote, we have enough
capacity to meet Apple's demand, end quote. Apple has not given Foxcon instructions to move production
out of China, but it is capable of moving lines elsewhere, according to customers' needs, Liu
added. The company will respond swiftly and rely on localized manufacturing in response to the
trade war, just as it foresaw the need to build a base in the U.S. state of Wisconsin two years ago,
he said. It's unclear if India will ever become a major production base for Apple's marquee device.
Foxconn is now running quality test for the iPhone 10R series there and plans to begin mass production
at a facility in the suburbs of Chennai. Older models are already assembled at a Wistron plant
in Bangalore, end quote. Well, I guess they can't do everything. Amazon is apparently
bowing out of the meal delivery wars for now.
Geekwire has learned that Amazon will shut down its Amazon restaurant's food delivery service in the U.S. on June 24th after closing a similar service in the UK late last year.
Quote, as of June 24th, we will discontinue the Amazon restaurant's business in the U.S., an Amazon spokesperson said in a statement shared with Geekwire.
Many of the small number of employees affected by this decision have already found new roles at Amazon and others will be provided,
personalized support to find a new role within or outside of the company, end quote.
Amazon will also shut down Daily Dish, a workplace lunch delivery service that launched in 2016 on June 14th.
This move comes less than a month after Amazon led a $575 million funding round for Deliveroo, a UK-based food delivery company, end quote.
And Amazon has announced the general availability of Amazon personalize its fully managed AI-powered recommendation service for AWS customers starting in select regions.
quote, personalize, which was announced last year at Amazon's ReInvent Conference,
is a fully managed service that trains, tunes, and deploys custom machine learning models
in the cloud by provisioning the necessary infrastructure and managing things like data processing,
feature extraction, algorithm training, and optimization, and hosting.
Customers provide an activity stream from their apps and websites, for example, clicks,
page views, signups, and purchases, in addition to an inventory of the items they want to
recommend, such as articles, products, videos, or music, and optional demographic information like
age or geographic location. They then receive results via API and only pay for what they use.
Amazon charges $0.5 per gigabyte of data uploaded to personalize and $0.24 per training hour
used to train a custom model. Real-time recommendation requests are priced based on how many
requests are uploaded with discounts for larger orders, end quote.
charging an electric car is going to get a little bit easier, at least in the U.S.
One of the biggest pain points for EVs has always been competing charging networks with their own individual membership systems.
Well, one small step for simplicity, quoting TechCrunch,
ChargePoint and Electrify America have reached an agreement that aims to make it easier for drivers of electric vehicles to switch between EV charging networks.
The roaming partnership announced Tuesday will allow drivers to access public.
chargers on either the charge point or Electrify America networks without having to create
new memberships, registrations, or payment configurations. The plan, which begins later this year,
will connect more than 30,000 Level 2 and DC fast chargers from Electrify America and ChargePoint
across the United States. Electrify America is the entity set up by Volkswagen as a part of its
settlement with U.S. regulators over its diesel emissions cheating scandal, has said it will
invest $2 billion over 10 years in clean energy infrastructure and education.
The VW unit expects to have 484 electric vehicle charging stations with more than 2,000 charging dispensers installed or under construction by July 1st, end quote.
Beware of scammers abusing your Google Calendar to rob you of your data.
Calendar-based attacks have been floating around the web for years.
For a brief period, Apple's own calendar app was particularly susceptible, and researchers found an exploit in Outlook that scammers were using to steal account,
credentials just a few months ago. But, quote,
Now it appears scammers are targeting Google Calendar. Kaspersky researchers said on Monday
that multiple cases of the latest invite scheme were detected throughout May in which
fraudsters sent unsolicited event invitations by abusing a free online calendar service
that adds invitations and events to users' calendars automatically. The spam message blast
exploited a smartphone-based feature for Gmail, which automatically added and notified potential victims
of the fraudulent calendar invitations.
These pop-up notifications were not as sophisticated
as the aforementioned business scam,
which pretended to be legitimate communications from a CEO.
Rather, the invitations they connected to
contained a fishing link,
which sent victims to a survey website offering money
for questionnaire completion, end quote.
So, time now to be skeptical of calendar invites, I guess,
especially if you don't recognize them.
Just a PSA, you can solve this problem
by opening up Google Calendar, clicking settings, and unchecking the box next to events from
Gmail slash ad automatically.
Here is an angle to surveillance capitalism, or at least surveillance marketing that never occurred
to me.
The Baffler has a piece up outlining how Spotify's vast access to mood-related data is
valuable to brands and advertisers, allowing them to target its listening audience by their
emotional states. Like, you know, if you've been playing blood on the tracks for the last seven days on repeat,
an advertiser might be able to intuit that you maybe recently went through a bad breakup.
As the piece says, this is unprecedented access to our interior lives.
Quote, where other platforms might need to invest more to piece together emotional user profiles,
Spotify streamlines the process by providing boxes that users click on to indicate their moods.
Happy hits, mood booster, rage beats, life sucks. Spotify's enormous access to mood-based data is a pillar of its value to brands and advertisers, allowing them to target ads on Spotify by moods and emotions.
Further, since 2016, Spotify has shared this mood data directly with the world's biggest marketing and advertising firms, end quote.
And it's not only that, this is all part and parcel of Spotify pushing to be a surveillance marketer to rival the likes of Google and Facebook.
You might think that listening to music might not throw off much identifiable data about you, but think again.
Listening to only 90s music, yeah, I bet someone can guess your age, although you probably already gave that to Spotify anyway.
Could they guess your location, your daily routine?
Yes, they can.
Even if you have location data turned off because, quote, the result is an interactive hub on the Spotify for Brand's website detailing seven distinct key audio streaming moments for marketers
to tap into, including working, chilling, cooking, chores, gaming, workout, partying, and
driving. Spotify also dutifully outlines recommendations for how to use this information to
sell stuff alongside success stories from Dunkin' Donuts, Snickers, Gatorade, Wild Turkey,
and BMW. More startlingly, for each of these moments, there is an animated trajectory of
a typical emotional journey claiming to predict the various emotional states users will
experience while listening to particular playlist.
listeners who are working, for instance, are likely to start out feeling pressured and stressed
before they become more energized and focused and end up feeling fine and accomplished at the end of the
playlist queue. If they listen while doing chores, the study claims to know that they start out
feeling stressed and lazy, then grow motivated and entertained and end by feeling similarly good
and accomplished. In Spotify's world, listening data has become the oil that fuels a monetizable
metrics machine pumping the numbers that lure advertisers to the platform. In a data-driven listening
environment, the commodity is no longer music. The commodity is listening. The commodity is users
and their moods. The commodity is listening habits as behavioral data. Indeed, what Spotify calls
streaming intelligence should be understood as surveillance of its users to fuel their own growth
and ability to sell mood and moment data to brands, end quote. How about we end today on a slightly
related note because it's also about music? The band Radiohead says they are releasing 8
hours worth of unheard music after hackers stole lead singer Tom York's files and attempted to
ransom them back to him. The hackers reportedly wanted around $150,000, but instead, for the next
18 days, fans can pay 18 pounds sterling to hear the unreleased music, which was recorded around
the time the seminal album OK Computer was being recorded. Proceeds will go to the environmental
protest group, Extinction Rebellion. In a statement, the band said,
we got hacked last week. Someone stole Tom's mini-disc archive from around the time of OK computer
and reportedly demanded $150,000 on threat of releasing it. So instead of complaining, much,
or ignoring it, we're releasing all 18 hours on band camp in aid of Extinction Rebellion.
Quoting the Huffington Post U.K., the band noted that the music in question was, quote,
never intended for public consumption and is, quote, only tangentially interesting. Tom York also
noted on Bandcamp, where the music will be available to listen to. As it's out there, it may as well
be out there until we all get bored and move on, end quote. So thank you for all the feedback on
the podcast Classified's idea. I continue to be surprised at how many of you find the idea at least
intriguing. So I'm going to think about it and when I have more to tell you, you'll hear it here
first, unless I get distracted and never come back to it. But we'll probably give it a try at some point.
In the meantime, it looks like we're going to be switching podcast hosts again soonish.
More on that when it's necessary.
Talk to y'all tomorrow.
