Tech Brew Ride Home - Tue. 11/09 – Robinhood Hacked By Unknown Bandits
Episode Date: November 9, 2021Robinhood has been compromised by some true brigands. If you’ve got a Robinhood account, double down on being wary of phishing attacks. Netflix takes a page out of the TikTok playbook. And whole bun...ch of announces about new DRAM chips, new AMD chips, new custom voicebot toolkits from Nvidia, and Niantic doesn’t want to get left behind in the Metaverse race it arguably helped set off. Sponsors: Enterprise.Spectrum.com/techmeme Napjitsu.com/techmeme Links: Robinhood says millions of customer names and email addresses taken in data breach (TechCrunch) US seizes $6 million in ransom payments and charges Ukrainian over major cyberattack (CNN) Netflix to Roll Out TikTok-Like Short Clip Feature Aimed at Kids (Bloomberg) Samsung’s new LPDDR5X DRAM is 1.3x faster and consumes 20% less power than LPDDR5 DRAM (XDA Developers) AMD lands Meta as customer and takes on Nvidia, sending shares up 11% (Reuters) Nvidia’s Riva Custom Voice lets companies create custom voices powered by AI (VentureBeat) Niantic launches platform to build ‘real-world metaverse’ apps (The Verge) Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
On April 4th, 2023, around 2 in the morning, a man was found stabbed multiple times on a sidewalk in downtown San Francisco.
Hey, who did this to you?
What happened next turned the story into a political firestorm.
Reports have identified the victim as Bob Lee, the founder of Cash App.
From Bloomberg Podcasts, this is Foundering, the Killing of Bob Lee, beginning April 16.
Welcome to the Tech meme right home for Tuesday, November 9th,
2021. I'm Brian McCullough today. Robin Hood has been compromised by some true Briggins.
Netflix takes a page out of the TikTok playbook and a whole bunch of announces about new DRAM chips,
new AMD chips, new custom voice spot toolkits from Nvidia.
And Niantic doesn't want to get left behind in the Metaverse race.
It arguably helped kick off.
Here's what you miss today in the world of tech.
Robin Hood says an unauthorized party obtained a list of email address.
from around 5 million Robin Hood users, also full names for another around 2 million users,
and more info, more detailed info on about 310 others, quoting TechCrunch.
The company said in a blog post that a malicious hacker had socially engineered a customer
service representative over the phone November 3rd to get access to customer support systems.
That allowed the hacker to obtain customer names and email addresses,
but also the additional full names, dates of birth, and zip codes of around 310 customers.
Robynhood said that 10 customers had, quote, more extensive account details revealed, end quote.
Robin Hood did not say what information specifically, though no social security numbers, bank account
numbers, or debit card numbers were exposed and caused no immediate financial loss to customers.
But it's precisely that kind of information that malicious hackers can use to facilitate
further attacks against victims like targeted fishing emails, since names and dates of birth can
often be used to verify a person's identity. The company said, once it secured its systems,
hacker then, quote, demanded an extortion payment, unquote. Robin Hood instead notified law enforcement
and security firm mandient to investigate the breach. It's a similar breach to how Twitter was hacked
in July 2020. A then-teenage hacker used social engineering techniques to trick some of Twitter's
employees into thinking the hacker was an employee himself, allowing the hacker access to an
internal Twitter admin tool, which is used to hijack high-profile accounts and spread a cryptocurrency
scam. The attack netted the hacker just over $100,000 in cryptocurrency, and in its aftermath,
Twitter rolled out security keys to its staff to toughen its defenses against attacks that prevent
these kinds of attacks from working in the future, end quote. So if you are or have been a
Robin Hood user, definitely be on the lookout for fishing attacks for the next few weeks or so.
Meanwhile, the law seems to be coming for some of the more high-profile hackers around.
Yeropol has arrested seven people suspected of helping R-Evil and Grand Crab with over 7,000 cyber attacks since early 2019 in a Romanian-led investigation.
And the U.S. has charged a Ukrainian suspect arrested in Poland last month, as well as a Russian citizen over R. Evil attacks and says it seized $6 million in ransom payments, quoting CNN.
Yaroslav Vesinsky, a Ukrainian national who was arrested in Poland last month, is accused of deploying ransomware known as Rerobov.
are evil, which has been used in hacks that have cost U.S. firms millions of dollars. Vesinski conducted a
ransomware attack over the 4th of July weekend on Florida-based software firm Kaseya that infected
up to 1,500 businesses around the world, according to an indictment unsealed Monday.
Vesinski and another alleged are evil operative Russian national Yvanki Polanian are charged with
conspiracy to commit fraud and conspiracy to commit money laundering, among other charges.
As part of the investigation, authorities seized at least $6 million in funds, allegedly
linked to ransom payments received by Polanyan, U.S. officials said. Attorney General Merrick Garland
said at a press conference that the U.S. and its allies would do everything in our power to track
down ransomware operatives and claw back the money, quote, they have stolen from the American people,
end quote. Vesinski, 22, is being held in Poland pending U.S. extradition proceedings, while
Palanian, 28, remains at large. CyberScoop first reported that Vesinski had been arrested.
The Treasury Department on Monday also imposed sanctions on Vosinski and Palanian, as well as
a cryptocurrency exchange that allegedly has moved money for ransomware operatives.
The State Department, meanwhile, announced a reward of up to $10 million for information
leading to the identification or location of the leadership of the R.Eval ransomware gang.
The department is also offering up to $5 million for information leading to an arrest
or conviction of anyone conspiring or attempting to participate in our evil ransomware attacks,
end quote.
Here's something I definitely did not have on my bingo card.
Netflix copying TikTok. Netflix for iOS is rolling out what it calls kids clips, a TikTok-like feature that
shows new daily short videos from its children's library of content, quoting Bloomberg.
The video streaming giant is experimenting with new features that can expose customers to more
titles in its catalog. The move is also an attempt to reach the kind of viewers who might normally
watch TikTok or short clips on YouTube. The effort which Netflix referred to as a test builds on an earlier
feature called Fast Laughs, that Spotlights Comedy Clips. It launched earlier this year. Netflix also
has created rankings of its most popular titles, giving users another way to find shows they might like.
The kids feed will resemble Fast Laughs, but the videos will be viewed horizontally as opposed to
vertically, and will take over the entire screen. Kids will only be able to watch 10 to 20 clips at a time.
The feature will begin rolling out this week in the U.S. and Spanish-speaking countries in Latin America,
as well as markets such as Canada, Australia, and Ireland.
Netflix confirmed the launch of the new feature after its presence was discovered in hidden code by iOS developer Steve Moser and shared with Bloomberg News, end quote.
By the way, what is this?
The second time our buddy Steve Moser has uncovered some news and headline-making features?
Outta boy, Steve.
Samsung has unveiled a new 14-nanometer 16-gabyte LPDDR-5X DRAM chip for mobile devices.
claiming data transfer speeds of 8.5 GPPS, which would be 1.3x faster than the LPDR5,
while at the same time consuming 20% less power, quoting XDA developers.
Talking about the new memory module, Songjun Wang, SVP and head of the DRAM design team at Samsung said,
quote, in recent years, hyperconnected market segments such as AI, augmented reality, and the Metaverse,
which rely on extremely fast, large-scale data processing have been rapidly expanding.
Our LPDR-5x will broaden the use of high-performance low-power memory beyond smartphones
and bring new capabilities to AI-based edge applications like servers and even automobiles, end quote.
It's speculated that Samsung will ship its upcoming flagship Galaxy S-22 series
with the new LPDR-5X memory module.
Recent reports suggest that Samsung is aiming for an early February launch for the devices.
We've already started seeing leaks about the Galaxy S-22 lineup,
and we recently got our first look at live images of the Galaxy S-22 Ultra.
If the recent rumors turn out to be accurate,
the Galaxy S-22 lineup will pack Samsung's X-Neos 2200 and Qualcomm Snapdragon 898 systems on a chip
and a 50-mepixel ISO cell Gn5 primary camera.
The top-specatch galaxy S-22 Ultra will be a spiritual successor to the Galaxy Note 20 Ultra,
featuring a similar design, an S-Pen slot, and a substantial battery.
Samsung is also gearing up to launch the much-awaited Galaxy S-21FE early next year,
but it might not feature the new RAM module, end quote.
Meanwhile, a bunch of news yesterday from AMD.
AMD says chips with new 3D stacked L3 cash tech,
allowing up to 768 megabytes of L3 cash per chip,
will arrive in the first quarter of 2022,
and are in preview now on Azure.
Also, AMD unveiled its Zen 4 CPU roadmap,
including a 96-core Genoa chip in 2022
and a 128-core chip in 2023,
both using a 5-nanometer TSM process
that doubles power efficiency.
AMD also took time to tout meta
as a data-center chip customer
as it targets NVIDIA with new chips like the MI-200,
a family of server accelerators to boost machine learning and other workloads, quoting Reuters.
After years of trailing the much larger Intel in the market for X86 processor chips,
AMD has steadily gained market share since 2017.
When a comeback plan spearheaded by Chief Executive Lisa Sue put the company on a course
to its present position of having faster chips than intels,
AMD now has nearly a quarter of the market for X86 chips, according to Mercury Research.
After securing meta, the company formerly known as FaceTime,
as a customer, AMD has deals in place with many of Intel's largest customers. It also has
deals with Alphabet's Google Cloud, Amazon's Amazon Web Services, and Microsoft's Azure.
Christopher Rowland, a semiconductor analyst at Susquehanna International Group, said in a note to
investors that AMD appeared to be winning a part of meta's increased spending as it ramps up
plans to build virtual online worlds. Quote, investors are now trying to identify the big
hardware beneficiaries of this CAPEX. And today's announcement,
could suggest AMD is winning a healthy portion, Roland wrote, end quote.
And meanwhile to that, Nvidia has unveiled Riva Custom Voice,
a toolkit which companies can use to create custom human-like voice assistants
with only 30 minutes of speech data, quoting Venture Beat.
According to Nvidia, businesses can use Riva Custom Voice to develop a virtual assistant
with a unique voice, while call centers and developers can leverage it to launch brand voices
and apps to support people with speech and language disabilities. Brand voices like
Progressives Flow are often tasked with recording phone trees and e-learning scripts in corporate
training video series. For companies, the cost can add up. One source pegs the average hourly rate
for voice actors at $39.63. Plus, additional fees for interactive voice response or IVR prompts.
Synthesization could boost actors' productivity by cutting down on the need for additional recordings,
potentially freeing the actors up to pursue more creative work and saving businesses money in the process.
For example, Progressive used AI to create a Facebook Messenger chatbot with the voice of Stephanie Courtney, who plays Flow.
KFC in Canada built a voice in a southern U.S. English accent for the chain's ambassador, Colonel Sanders, in the company's Amazon Alexa app.
Duolingo is employing AI to create voices for characters in its language learning apps.
And National Australia Bank has deployed an AI-powered Australian English.
English voice for the customers who call into its contact centers. Riva custom voice, which is available
in the latest version of NVIDIA's RIVA conversational AI software development kit,
leverages semi-supervised learning to create synthetic bespoke voices for software, IVRs, and other
business applications. In semi-supervised learning, one of several types of AI training techniques,
machine learning algorithms determine the correlations between data points and then use a small
amount of labeled data to mark those points. The system is then trained based on the newly
applied data labels, eliminating the need to manually label all data. Semi-supervised learning is
applicable to a range of real-world problems where a small amount of labeled data would prevent
supervised learning algorithms from functioning. Supervised learning requires all that data be
labeled in order to complete the training process. For example, it can alleviate the data prep
burden in speech analysis where labeling audio files is typically very labor intensive.
NVIDIA says that for small-scale research and development, RIVA Custom Voice will launch in open beta
at no cost on the NVIDIA NGC container registry. For customers with large-scale deployments,
there's RIVA Enterprise, a newly announced fully managed version of RIVA that's expected to become available early next year.
In addition to Riva Custom Voice, Riva will offer technical support from NVIDIA experts, the company says.
With Riva Custom Voice, NVIDIA is effectively going toe-to-to-to-to with Google, which in 2019 debuted new AI-Synthesized
wave net voices and standard voices in its cloud text-to-speech service.
NVIDIA has another rival in Amazon, which recently launched a service called Brand Voice,
that taps AI to generate custom spokespeople and offers a number of voice styles and
emotion styles through Amazon Polly.
For its part, in February, Microsoft launched a synthetic voice generation service called
Custom Neural Voices in Limited Access, end quote.
And meanwhile, in the Metaverse race, Niantic has launched Lightship,
a platform to build real-world Metaverse, AR, iOS, and Android apps,
and has committed $20 million to fund companies building AR apps.
The Antic, it could be argued, has been laying the groundwork for the Metaverse long before Mark Zuckerberg made his big pivot.
Quoting the Verge, called Lightship, the platform is, quote, built around the parts necessary to stitch together the digital and the real world.
CEO John Hanky tells me, according to Hanky, Lightship will let most.
mobile apps identify whether a user's camera is pointed at the sky or water, map the surfaces
and depth of an environment in real time, or place a virtual object behind a physical one.
Neantik is best known for creating one of the most successful mobile games ever, Pokemon Go.
And with Lightship, Hanky says the company is, quote, opening the vault of tech that we've
been using to build our products to help others build planet scale AR apps, end quote.
Lightship has been in development for quite some time, but starting Monday, it's open for
any developer to access. Most of the software toolkit is free, though Niantic will charge for a feature
that can let multiple devices access shared AR experiences simultaneously. The company is also committing
$20 million to fund new companies building AR apps. Neantick is already planning a major update to
lightship for next year, building what Hanky calls a visual positioning system for AR glasses.
By using the new system, glasses with displays in them will be able to understand exactly
where they are in the real world, which will let virtual objects such as a peekie,
stay anchored persistently to real-world locations. It's a critical component needed to make
AR glasses, such as the kind that Niantic is building with Qualcomm useful, end quote. If you ever
hear me snark about companies or websites going down for a period of time again, don't let me do it.
It's been a tough 24 hours or so for my e-commerce company over here. Something got screwed up
with our SSL certificate and DNS is all screwed up and I spent all night and all morning trying
to get it all back online. We're almost there. There's still one little snag if you go to
Resumayriders.com. Everything works fine, but if you type in www.com, you get error messages.
There's still some sort of misconfiguration of subdomains involving Cloudflare, I believe.
And of course, Cloudflare doesn't have any sort of easy customer service, do they? Oh no. No
service number to call, hidden issue ticket links, and they even say on the website, if you're
having an issue, it might take them three to five days to get back to you.
Super.
Talk to you tomorrow, unless Cloudflare customer service kills me in the meantime.
