hatemail tech newsletter, 2023-04-03

President Joe Biden issues executive order against spyware

Last week, the White House issued an executive order prohibiting commercial spyware. [White House] Additionally, the governments of Australia, Canada, Costa Rica, Denmark, France, New Zealand, Norway, Sweden, Switzerland, the United Kingdom, and the United States issued a joint statement on their efforts to counter the proliferation of commercial spyware. [White House]

At least 50 U.S. government personnel targeted with phone spyware overseas

The revelation comes as the White House bans federal agencies from using spyware that poses national security and human rights risks. [Washington Post]

Spyware vendors use 0-days and n-days against popular platforms

Google’s Threat Analysis Group (TAG) tracks more than 30 vendors with varying levels of sophistication and public exposure selling exploits or surveillance capabilities to government backed actors. [Google]

New industry principles to curb cyber mercenaries

The Cybersecurity Tech Accord, with support from other industry players, released a new set of principles to guide the technology industry to help curb the dangerous and rapidly growing market of “cyber mercenaries.” [Cybersecurity Tech Accord]

Amnesty International uncovers new hacking campaign linked to mercenary spyware company

The attack targeted Android operating system. As a result of the discovery, Google were able to release security updates protecting billions of Android, Chrome and Linux users from the exploit. [Amnesty International]

Thanks for reading hatemail! Subscribe for free to receive new posts on tech ethics and more.

North Korean group uses cybercrime to fund espionage operations

APT43 is a prolific threat actor operating on behalf of the North Korean regime. [Mandiant]

A Q&A with the hacktivists rocking Latin America: Guacamaya

Recorded Future News spoke to hacktivist collective Guacamaya to better understand what it hopes to accomplish and the role they see for themselves going forward. [The Record]

Android app from China executed 0-day exploit on millions of devices

Fast-growing e-commerce app Pinduoduo had an EvilParcel stow-away. [ArsTechnica]

Secret trove offers rare look into Russian cyberwar ambitions

More than 5,000 pages of documents from a Moscow-based contractor offer a glimpse into planning and training that would allow Russia’s intelligence agencies and hacking groups to find vulnerabilities, coordinate attacks and control online activity. [Washington Post]

Attackers have better things to do than corrupt your builds

This posts clarifies the clucking and clamoring over attackers exploiting vulns or corrupting build pipelines (spoiler alert: it isn’t worth their time and effort to). [Kelly Shortridge]

Pro-Russian hackers target elected U.S. officials supporting Ukraine

Group tracked since 2021 exploits unpatched Zimbra servers to hack email accounts. [ArsTechnica]

Ukraine war shows difficulty of large-scale cyberattacks, NSA director says

Gen. Paul Nakasone, in an interview, says U.S. rivals are trying to penetrate America’s networks, data and weapons systems. [Wall Street Journal]

Twitter says parts of its source code were leaked online

The leak adds to the challenges facing the Elon Musk-owned company, which is trying to unmask the person responsible and any other people who downloaded the code. [New York Times]

The case to pause giant AI experiments

Future of Life Institute has released an open letter arguing for all AI labs to immediately pause the training of AI systems more powerful than GPT-4 for the duration of at least six months. [Future of Life Institute]

What we still don’t know about how AI is trained

GPT-4 is a powerful, seismic technology that has the capacity both to enhance our lives and diminish them. [New Yorker]

The prospect of an AI winter

Arguments that AI that systems (1) are too unreliable and too inscrutable, (2) won’t get that much better (mostly due to hardware limitations) and/or (3) won’t be that profitable. [Erich Grunewald]

Apple illegally fired five labor activists, union says

The workers, who were disciplined and fired for attendance-related issues, believe they were let go because of their union organizing. [Washington Post]

The open letter on AI doesn't go far enough

One of the earliest researchers to analyze the prospect of powerful Artificial Intelligence warns of a bleak scenario. [Time]

OpenAI faces complaint to FTC that seeks investigation and suspension of ChatGPT releases

The Center for AI and Digital Policy accuses OpenAI of violating a part of the FTC Act that prohibits unfair and deceptive business practices. [CNBC]

A conversation on AI trust and safety

From an event held by Aspen Institute. [Benjamin Wittes]

Search has its Goliath. Could Richard Socher be its David?

Richard Socher, 38-year-old co-founder and CEO of search engine You.com, talks about the AI-powered search app. [The Information]

Twitter open sources their recommendation algorithm

Twitter aims to offer users greater transparency into the process through which the platform selects and organizes content for display on their timelines. [Shaped]

Afraid of AI? The startups selling it want you to be

ChatGPT and other new AI services benefit from a science fiction-infused marketing frenzy unlike anything in recent memory. There's more to fear here than killer robots. [LA Times]

Loudmouth DJI drones tell everyone where you are

Back when commercial quadcopters started appearing in the news on the regular, public safety was a talking point. How, for example, do we keep them away from airports? [Hackaday]

NYPD is refusing to comply with NYC's new surveillance tech laws

NYPD filed vague reports about surveillance tech and rejected recommendations on how to better comply with the law, according to a report. [Daily Dot]

The dirty secrets of a smear campaign

Rumors destroyed Hazim Nada’s company. Then hackers handed him terabytes of files exposing a covert campaign against him—and the culprit wasn’t a rival but an entire country. [New Yorker]

Some thoughts on the current state of AI from a disinformation research perspective

What I am concerned about in the present and near future regarding technologies like ChatGPT and Stable Diffusion. [Conspirator0]

Anti-Taiwan influence operation shows shift in tactics

Inauthentic assets amplified content to more than 1,300 Facebook groups, with the apparent goal of dividing Taiwanese society and undermining its democracy. [DFR Lab]

A 4chan anti-trans hoax about "Trans Day of Vengeance" spread from Twitter to various right-wing figures, including Tucker Carlson

Carlson reiterated the hoax for his audience as evidence that trans people are becoming “more aggressive.” [Media Matters]

How a major toy company kept 4chan online

Documents obtained by WIRED confirm that Good Smile, which licenses toy production for Disney, was an investor in the controversial image board. [Wired]

What’s more provocative than sincerity?

Ryder Ripps built a career as a digital art troll, and now he’s calling out his former boss Kanye West and Bored Ape Yacht Club for bigotry. Is his crusade real? [New York Times]

$335,000 pay for ‘AI whisperer’ jobs appears in red-hot market

The fast-growing apps have created a seller’s market for anyone —even liberal arts grads — capable of manipulating its output. [Bloomberg]

Jack Ma’s retreat undercuts China’s pitch to private business

Even as leaders voiced “unwavering support” for the private sector, one of the country’s best-known entrepreneurs chose to spend months overseas. [Bloomberg]

Five arrested in migration center fire that left 39 dead in Mexico

The authorities said arrest warrants had been obtained for three government migration officials, two private security workers and a migrant accused of starting the blaze. [New York Times]

ChatGPT chatbot banned in Italy

The country's data-protection regulator has serious privacy concerns over the technology. [BBC]

Wall Street Journal reporter arrested in Russia on spying charges

Russian authorities have detained an American reporter for the Wall Street Journal and accused him of spying. [CNN]

Thanks for reading hatemail! Subscribe for free to receive new posts on tech ethics and more.