RSnake Report 20241018

Table of Contents

• Geopolitical

• Technology

• Cybersecurity

• Business

Hello, everyone, and thanks for tuning into this week’s edition of the RSnake Report! I’ve been neck-deep in the latest updates from Ukraine and beyond, and we’ve got a lot of material to cover. I want to get back to watching F1 out here at the Circuit of the Americas. So, let’s dive right in.

A development has emerged from the Ukrainian front lines regarding Elon Musk’s now-infamous Starlink. Ukrainian commanders have pointed fingers at Russias use of Starlink satellites, claiming that these devices have been pivotal in helping Russian forces maintain communication, coordinate attacks, and, ultimately, occupy Ukrainian territory. With such tech in play, Ukrainian soldiers and civilians are being brutally impacted, it is claimed. Starlink was initially a tool for good in this war, helping Ukrainians stay connected, but now, the tables have turned. People are saying that Elon is to blame, but the use is illegal, not authorized, so it’s hard to say precisely where Elon is at fault on this one. Dual-use tech at its finest.

Let’s chat about drones briefly - drones aren’t just flying overhead anymore. We’ve seen a few robot dogs, but this might be the first larger tracked drone that the Ukrainian military is fielding. It’s a ground-based drone equipped with a machine gun and capable of laying mines as well. It has some minor utility for evac too, but I doubt it will be used in that capacity. Hard to say. It is interesting to think how quickly human involvement may be rendered obsolete on the battlefield, but it's starting to feel eerily close. The alternative is a crazy video like this where people are shelled with magnesium.

South Korea is saying that there are at between 10,000 and 12,000 North Korean troops being deployed and trained in Russia. North Korean students often learn Russian or English as well as their native tongue, so this isn’t as much of a culture shock as it may seem. However, in a surprising twist, 18 North Korean soldiers stationed on the Russian border have reportedly deserted their posts. These troops, based near the Kursk and Bryansk regions, supposedly fled back into Ukraine. What happens if these defectors start spilling secrets about Russian troop movements or their own government? Could this lead to a new round of escalations as well? Is Pyongyang a valid target for Ukraine?

Russian forces are reportedly placing mannequins on their front lines to bait Ukrainian FPV (first-person view) drones. It’s a low-tech but highly effective way to waste the Ukrainians’ drone resources by fooling them into targeting decoys. These drones have been crucial in Ukraine’s ability to hit high-value Russian targets, so any cheap solution to counter them is worth investigating. Also, Russians have started using thermal caps to hide themselves from thermal cameras. In the videos, it’s actually kinda of impressive how well they work against thermal cameras, but not at all against normal visual wavelengths. Camo is preferable in case you were wondering.

There are serious concerns about health and sanitation among Russian troops, particularly in the trenches. With an apparent shortage of clean water, which has been the prediction of some of the logistics wonks, some suspect that cholera, might soon become an issue for Russian forces. If that happens, it’s not just drones and bombs Ukraine will have to worry about but also a biological threat and death by dehydration. 🚰 

Off to Europe! This summer, mysterious break-ins at Finnish water treatment plants have caused a bit of an uproar. No thefts have occurred, but many suspect that these break-ins are a prelude to future attacks or perhaps attempts to sabotage Finland’s water supply. Russia, of course, is the likely culprit, though no concrete evidence has yet been found. Russia excels at gray-zone warfare, and it may need this access if war spreads. It reminds me of the War Museum in the UK, where they found plastic explosives tied to detonators around London, likely placed there as a precursor to war. Take out key infrastructure with low-yield pre-planted explosives.

Germanys’ opposition leader, Friedrich Merz, is not mincing words as of late. He’s calling for a 24-hour ultimatum to Russia to stop bombing civilian infrastructure or face consequences, including longer-range weapon systems like Taurus missiles being supplied to Ukraine. This kind of bold rhetoric could provoke a strong reaction from Moscow, which is already bristling from Germany's earlier arms support for Kyiv. That deadline is up as of the writing of this newsletter, so we shall see if Germany steps up or if Russia steps down. I bet that absolutely nothing changes. All bluster.

In southeast Asia, China’s Joint Sword-2024B drill near Taiwan has left many unsettled. The People’s Liberation Army (PLA) showcased its ability to enact a full kinetic blockade around Taiwan, cutting off vital resources. It’s now “over,” but it’s becoming more clear that the future of that conflict will likely begin with a massive blockade, starving Taiwan slowly, while they inspect any inbound or outbound ships. October isn’t yet over, but it’s looking more likely that this will not be this year, giving Taiwan a bit of breathing room, which it will need. The question is, are they and their allies, like the United States, going to use it at the same clip that China will use it?

For instance, China just announced (though what proof exists remains to be seen) that they have broken RSA encryption using a Quantum Computer. That would give them a huge advantage against encryption that isn’t post-quantum “safe”. I am on the advisory board of American Binary, who make post-quantum safe software-defined networking, so I am both biased and I know a lot about this topic. I would say that even if it isn’t true, we need to act as if it is. The worst that can happen is we get better crypto if we do. But if we don’t act as if this is a real threat, and it is, it could mean the interception of much of modern encryption anywhere they can watch the wire. We cannot let that happen.

Onto the Middle East where Netanyahu has reportedly told the Biden administration that Israel might limit its strikes on Iranian soil to military targets, avoiding vital oil and nuclear infrastructure for now, saving them for “future action”. Still, things are on a knife’s edge, especially as tensions around Gaza and Hezbollah continue to spiral. Expect further escalations soon, possibly with Hezbollah moving into the fray even more aggressively than before. Meanwhile, Biden and Russia both are warning Israel to stay away from the nuclear facilities. They are claiming some environmental factors, flatly ignoring the environmental disaster of launching more than a thousand missiles in the last year and the damage that’s been caused in Palestine and Lebanon. Politics!

Hamas head boss Sinwar was also assassinated. Good riddance. There was some speculation that he wasn’t actually killed, so Israel did some DNA analysis, and it confirmed his death. Some interesting photos came about related to his death, including his every day carry. Lots of mentos - I guess his breath was an issue. But also there was a passport of a teacher that is somehow related to UNRWA. It’s not clear if that person was complicit in any crimes, but it sure raises yet more eyebrows about the UN’s actual impact in the region and which side their employees are really on. Also, for being possibly the most notorious terrorist in modern history, Sinwar’s EDC sucks. 👎️ 

Hezbollah and Iran are still at it, launching many more missiles, and many are being intercepted. It doesn’t appear the “head of the snake” is sufficiently frightened by western response, so it’s not a surprise. We are, however, seeing some sophisticated weaponry showing up in Iran, like this Chinese laser system. So this won’t necessarily be a war of sticks and rocks, either.

Meanwhile, the US is striking Houthi targets with bunker busters dropped from B2 Spirit stealth bombers. It may have been useful to test those weapons or maybe the bunkers were deep enough it was necessary. Either way, it was interesting to watch the US use such sophisticated weaponry. It’s not even clear how you’d defend against such a thing if you were the Houthis. Deeper bunkers? Sounds like a fast way to get caved in and forgotten about.

Shipping routes through the Red Sea and the Suez Canal have seen a drop in traffic (more here), with tanker trips rumored to be plummeting by over 50%. Whether it's due to geopolitical tensions or increased pirate activity, this choke point has become even more hazardous. This is a problem not just for local economies but for the global supply of oil and gas. That is more cost coming for the average consumer. More money supply and fewer things to buy drive up costs; the only thing keeping it stable is a reduction in spending that goes along with it.

The clowns over at the Taliban have decided that either modernity is just going a little too fast, and they want to go back a few hundred years, or they are concerned about the utility of photos and video for OSINT because they just decided to ban photos and video of anything living. Guess we’re not going to get a whole lot more Kodak moments in that market. It does beg the question of how they plan to get their propaganda out to the masses, though. 🤡 

In domestic news, Kalmala had a rather poor showing on a FOX News interview, where she battled more than answered the questions. There is always a bit of rope-a-dope in these interviews, but don’t take my word for it. The betting community has moved her down to a 38% chance of winning the election, which tends to be a very good predictor of electoral results. That said, there may be some shenanigans afoot, as a lot of that appears to be coming from a very small number of accounts.

Her numbers probably are not helped when Biden is telling Israel it will launch sanctions against it if it doesn’t solve the humanitarian crisis in Palestine. It’s not like Israel hasn’t tried. They aren’t the problem. It seems this administration cannot remember who they claim are our allies.

Finally, we can’t forget that AI continues to be weird and wonderful in another funny and long threat that is worth reading, an AI app has reportedly built its own crypto coin, now worth millions. We’ve entered an era where AI doesn’t just manage wealth; it creates it. What happens when these systems start owning things or signing contracts? Also, what happens when they default on said contracts? What happens when an AI does a rug-pull? This could have a weird deflationary effect as more wealth is lost to AIs that have no use for them and accidentally delete them, etc. The mind boggles.

Okay, onto the articles!

Geopolitical

Output

An Al Jazeera cameraman, Fadi al-Wahidi, is in a coma after being shot by Israeli forces during their ground invasion of Gaza. He and another wounded journalist, Ali al-Attar, have not been allowed to leave Gaza for critical medical treatment due to a lack of authorization from Israeli authorities despite appeals from international organizations.

• Fadi al-Wahidi was critically injured while covering the conflict in Gaza.

• Requests for the evacuation of injured journalists have been repeatedly denied by Israeli authorities.

[RSnake: Not a great look, but that is the way of things when journalists are in locations where terrorists are.]

Source: https://www.aljazeera.com/news/2024/10/17/al-jazeera-cameraman-in-a-coma-after-being-shot-by-israeli-forces?traffic_source=rss

In Myanmar, the ruling military junta plans to hold elections in 2025, with significant restrictions on political participation and expectations of unfairness. Opposition parties have been dissolved, and new laws severely limit eligibility for candidates, effectively consolidating power for the junta and disqualifying key opposition figures. The junta has branded the National Unity Government and its representatives as 'terrorist organizations', further escalating the political repression amid ongoing civil conflict.

• The military junta in Myanmar is preparing for elections in 2025 while obstructing opposition parties.

• New laws disqualify many political figures from running, including Aung San Suu Kyi and the National Unity Government.

Source: https://www.geopoliticalmonitor.com/?p=45787

Private Order Flows and Builder Bidding Dynamics affect Ethereum's Block Building Market, with private order flows contributing to 54.59% of block value, leading to a monopolistic market where builders with more private order flows win blocks and retain larger profits.

• Builders on Ethereum can extract profits from private order flows, leading to a monopolistic market.

• The current Proposer Builder Separation framework is unable to balance profit distribution, allowing centralization of block profits.

Source: https://arxiv.org/abs/2410.12352

Yahya Sinwar, the leader of Hamas, has been reported killed in Gaza by Israeli forces. This development signals an important moment in the ongoing conflict in the region, particularly following the October 7 attack attributed to Hamas.

• Yahya Sinwar was a key figure in Hamas's military operations.

• His death could impact the dynamics of the Israeli-Palestinian conflict.

[RSnake: Since he was directly responsible for much of the planning of the attack, this is an important step towards proving aggressive response is warranted and most importantly, works.]

Source: https://www.ft.com/content/e3b1db07-f9eb-404d-9079-5801042b1bdb

A Bangladeshi court has issued an arrest warrant for former Prime Minister Sheikh Hasina, who is currently in exile in India after fleeing the country. She faces allegations of human rights abuses during her tenure, including political detentions and extrajudicial killings, while her potential extradition to Bangladesh is complicated by the political nature of the charges and an existing extradition treaty with India.

• Sheikh Hasina, former Prime Minister of Bangladesh, is subject to an arrest warrant for alleged serious human rights abuses.

• The extradition of Hasina from India to Bangladesh is uncertain due to the political nature of the charges and existing legal agreements.

Source: https://timesofindia.indiatimes.com/world/south-asia/bangladesh-court-issues-arrest-warrant-for-ex-pm-sheikh-hasina/articleshow/114309285.cms

Russia has launched a significant drone attack on Ukraine, deploying 56 drones and a missile targeting cities including Kyiv and Mykolaiv, with Ukrainian defenses successfully intercepting many of them. The attacks resulted in damage to energy infrastructure in Mykolaiv and to residential buildings in Kyiv, with reports of civilian areas being affected. Continued support and defense supplies from Western countries remain critical as Ukraine responds to these ongoing assaults.

• Russia targeted Ukrainian cities with a large-scale drone and missile attack.

• Ukrainian air defenses intercepted a significant number of the attacking drones.

• Damage was reported to energy infrastructure and civilian structures in multiple locations.

[RSnake: This is coming at the same time that people like Bryan Dean Wright are reporting that Ukraine is sponsoring terrorist groups with money and weapons in Mali. Those forces happen to be keeping former Wagner group forces busy. So we are sponsoring Ukraine who is sponsoring Jihadists in Mali. Your tax dollars at work.]

Source: https://euromaidanpress.com/?p=298890

The upcoming 2024 Presidential Election in the U.S. presents a critical decision point for the country's climate policy, with contrasting approaches from the candidates. Vice President Kamala Harris aims to continue the Biden administration's aggressive climate initiatives, while former President Donald Trump seeks to reverse many existing regulations and expand fossil fuel production. Given the U.S.'s significant role in global greenhouse gas emissions, the election outcome is pivotal in shaping future climate actions and their associated impacts.

• The U.S. faced severe climate-related disasters this year, costing $150 billion and resulting in hundreds of lives lost.

• The election will determine whether the U.S. continues with policies aimed at reducing emissions or pivots to increased fossil fuel production.

[RSnake: This will be an interesting election cycle for sure!]

Source: https://www.scientificamerican.com/article/climate-change-action-depends-on-the-2024-election/

Technology

Motorola Solutions is enhancing law enforcement capabilities by integrating real-time 9-1-1 intelligence into crime response systems, allowing for faster and more informed actions during emergency situations. Glendale police utilized this technology during a shooting incident, enabling immediate access to 9-1-1 call details and security footage to apprehend a suspect more quickly. This approach aims to improve collaboration and effectiveness in managing crime across jurisdictions.

• Motorola Solutions offers technology that streamlines real-time access to 9-1-1 intelligence for law enforcement.

• The Glendale Police Department successfully used this system during a shooting to apprehend a suspect immediately.

[RSnake: Of course, this will likely get nixed by community groups that claim that whatever decisions the AI systems make are biased in their responses. So expect pushback, like we saw with the use in prison sentencing.]

Source: https://thereadable.co/motorola-solutions-connects-law-enforcement-to-real-time-9-1-1-intelligence-for-faster-better-informed-response/

A new AI method called 'Diffusion Forcing' combines next-token prediction with video diffusion techniques to improve data processing and decision-making for robots and AI agents. It enables versatile applications in robotics, allowing for better manipulation tasks and the generation of high-quality video content. Researchers aim to utilize this approach to create advanced AI systems that can learn and adapt to new tasks through observation.

• Diffusion Forcing allows robots to complete tasks despite visual distractions.

• The method generates higher-quality videos and plans more effectively in complex scenarios.

[RSnake: That’s good - one of the major issues with understanding text is also knowing when to change what you’re saying due to real-time data. It’s sorta like saying, “I want a…” and then seeing something better on the menu and changing your mind mid-sentence.]

Source: https://news.mit.edu/2024/combining-next-token-prediction-video-diffusion-computer-vision-robotics-1016

A new wave energy technology developed by CorPower has secured €32 million in funding, aiming to revolutionize the industry with a device that is reportedly five times more efficient than existing models. The financial backing follows successful trials off the coast of Portugal, where their buoy demonstrated the capability to generate substantial clean energy. This could position wave energy as a significant player in the renewable energy sector amid increasing global demand for reliable clean power sources.

• CorPower has developed a wave energy device that converts ocean waves into electricity with high efficiency.

• The company has received significant funding to scale its technology, potentially making wave energy a major renewable resource.

[RSnake: More power is good, and less reliance on Russian oil is better. I suspect they’ll need it.]

Source: https://thenextweb.com/news/has-wave-energy-finally-found-its-golden-buoy

A new prototype app called Impact is designed to mobilize users to amplify AI-generated political messaging on social media by coordinating groups to flood posts with specific narratives.

• Impact is an AI-powered app that organizes social media users to promote specific narratives.

• The app's functionality could blur the lines between authentic and inauthentic online behavior.

[RSnake: Mhmm… a lot of people are working on similar things, but for “benign” marketing use cases. It’s not a stretch to think that this would be used in political regimes.]

Source: https://www.404media.co/ai-powered-social-media-manipulation-app-promises-to-shape-reality-4/

Meta's AI chief argues that current AI systems are not capable of human-like thinking and reasoning. He emphasizes the need for 'world models' that can better understand and predict complex real-world scenarios, suggesting this advancement could take a decade to achieve.

• Current AI technologies are not yet capable of human-level reasoning or intuition.

• Development of 'world models' is seen as a crucial step for achieving advanced AI capabilities.

[RSnake: Part of the problem is that they aren’t embodied. Once they are, they will be able to learn in real time like we do, get feedback that isn’t easily faked, and learn the same way children do. This is a lot of what my book AI’s Best Friend was about, btw.]

Source: https://techcrunch.com/?p=2899982

A novel method combining Graph Attention Networks and Long Short-Term Memory networks has been developed to enhance bearing fault diagnosis in industrial machinery. This approach improves the accuracy of fault detection by capturing both spatial and temporal dependencies in sensor data and has achieved high performance metrics during validation using the CWRU Bearing Dataset.

• A new method for bearing fault detection using advanced machine learning techniques has been introduced.

• The proposed model outperforms traditional methods in accuracy and generalizes well across different operational scenarios.

[RSnake: This will help in reducing negative, unintended, and ultimately disastrous human interactions, among other things. Keep in mind, the less humans have to interact with these machines, the more efficient and safer they are, so as these models improve, so does safety.]

Source: https://arxiv.org/abs/2410.11923

An AI known as Terminal of Truths has generated significant wealth through cryptocurrency by engaging in meme-based token activities. This AI has attracted followers and investors, resulting in its own token called $GOAT, which has seen a rapid rise in market value, raising questions about the future influence and capabilities of automated entities in financial markets.

• The AI Terminal of Truths has accepted substantial funding and launched a cryptocurrency token.

• The situation raises questions about the potential influence of autonomous AIs in financial and societal structures.

[RSnake: Very funny and also very odd. I need to think about this one some more because it has a lot of weird implications.]

Source: https://mashable.com/article/ai-crypto-truth-terminal-goat

Taiwan Semiconductor Manufacturing Company (TSMC) reported a significant increase in profits due to high demand for AI chips, with net profit rising 54% year-over-year to approximately $10.2 billion. This strong performance contrasts with a downbeat outlook from ASML, a major chip equipment supplier, which downgraded its revenue expectations for 2025 citing a slower recovery in PC and mobile markets, although it acknowledged ongoing solid AI demand. As a result, TSMC's shares increased over 8%, contributing to a rise in Nasdaq futures.

• TSMC's net profit surged by 54% year-over-year, significantly driven by demand for AI chips.

• ASML downgraded its revenue guidance for 2025 while recognizing the continued strong demand for AI technology.

[RSnake: Knowing how uncertain the Taiwan nation is at the moment, I think I’d be wary of making any long-term guesses as to what this company will become in the coming years. More on them here.]

Source: https://www.zerohedge.com/markets/tsmc-beats-forecasts-insane-ai-demand

WordPress.org is now requiring users to renounce their affiliation with WP Engine to log in, indicating a conflict that may have broader implications for the web ecosystem. The National Archives is actively encouraging its employees to utilize Google's AI technology, demonstrating a trend of AI integration in various institutions. Additionally, individuals are increasingly using AI tools to assist in job applications, reflecting the growing adoption of AI in everyday tasks.

• WordPress.org's new login requirement signals a significant shift in its community management.

• The National Archives' push for AI utilization illustrates a trend towards digital transformation within government agencies.

[RSnake: So silly. Honestly, it’s like Matt is trying to kill his reputation, and for what exactly?]

Source: https://www.404media.co/podcast-why-the-wordpress-chaos-matters/

Ferrari has unveiled the F80, a hyperhybrid car featuring a 3.0-liter V6 engine that offers impressive performance with a total output of 1,183 bhp. The car incorporates advanced aerodynamics, cutting-edge technology derived from Formula One, and a unique hybrid powertrain, all priced at $4 million with only 799 units available.

• The F80 can accelerate from 0 to 62 mph in just 2.1 seconds.

• Ferrari's F80 utilizes proprietary electric motors to enhance performance and weight efficiency.

[RSnake: Cool! Finally. I have been wondering when Ferrari would get into the hybrid market with a decent car. It also looks nice.]

Source: https://www.wired.com/story/ferraris-f80-steals-the-best-f1-tech-but-it-should-have-been-more-extreme/

Marissa Mayer, a prominent figure in the tech industry, has launched a new startup focused on leveraging AI to enhance social and family interactions. She expresses a tech-optimistic perspective on AI, believing in its potential to improve everyday life and enable better organization of personal events and memories.

• Marissa Mayer has founded a new company called Sunshine that aims to integrate AI into social and family life.

• Mayer's views on feminism have garnered attention, as she insists that her identity as a 'geek' transcends gender.

[RSnake: This remains to be seen what a train-wreck this will be. But I do not think it will get much traction. I have been wrong before, but… not often.]

Source: https://www.wired.com/story/big-interview-marissa-mayer-yahoo-sunshine-ai/

Cybersecurity

Attackers are targeting a known vulnerability in Fortinet's widely deployed security appliances, with over 87,000 vulnerable instances still online eight months after its initial public disclosure. Researchers have identified devices that remain unpatched despite the availability of a fix.

• A known vulnerability in Fortinet's security appliances is being targeted by attackers, with over 87,000 vulnerable instances still online eight months after its initial public disclosure.

• The vulnerability allows remote code execution without authentication and has been reported to be actively exploited in the wild.

[RSnake: Ouch - we used to theorize years ago about how attackers would start attacking security hardware because it would be the weak link. Guess we were right.]

Source: https://www.vulnu.com/p/exploits-target-critical-fortigate-bug

In 2023, 70% of exploited vulnerabilities were zero-day flaws according to Google. The U.S. CISA has added three critical vulnerabilities to its catalog, including a serious hardcoded credentials issue in SolarWinds Web Help Desk that is currently being exploited actively. Federal agencies are mandated to patch these vulnerabilities by November 5, 2024, to prevent unauthorized access and potential data breaches.

• 70% of exploited vulnerabilities disclosed in 2023 were zero-days.

• CISA has identified critical vulnerabilities that federal agencies must address by November 5, 2024.

[RSnake: Exploited? Maybe. Leading to loss? No. Though CISA doesn’t measure loss in monetary terms, in their case, maybe. There are only a few bets I wouldn’t make with an insurance product - Water, power, and government/military. In all those cases, there is no money, but there is huge upside from a nation-state perspective.]

Source: https://www.bleepingcomputer.com/news/security/solarwinds-web-help-desk-flaw-is-now-exploited-in-attacks/

A large-scale cyber-attack was launched by North Korea's ScarCruft group using an Internet Explorer zero-day flaw, infecting targets with malware and exfiltrating data.

• The attack used a high-severity type confusion flaw in Internet Explorer to perform zero-click malware infections via toast pop-up ads.

• ScarCruft's exploit was similar to one used in the past for CVE-2022-41128, with only three lines of code added to bypass Microsoft's previous fixes.

[RSnake: People are stop using IE? If you are, time to upgrade. Like… half a decade ago.]

Source: https://www.bleepingcomputer.com/news/security/malicious-ads-exploited-internet-explorer-zero-day-to-drop-malware/

The US has charged two Sudanese brothers for their alleged involvement in the hacktivist group Anonymous Sudan, which conducted thousands of distributed denial-of-service attacks against various international targets, including hospitals and government entities, leading to potential life-threatening situations. Their actions reflect a significant escalation in cyber warfare, with implications for global cybersecurity and public safety.

• The Omer brothers launched over 35,000 DDoS attacks targeting hospitals, government services, and major corporations like Microsoft and OpenAI.

• Charges against them include criminal hacking and deliberately causing physical harm, reflecting the serious consequences of their cyber activities.

Source: https://www.wired.com/story/anonymous-sudan-ddos-indictment-takedown/

A new vulnerability detection method called Yama has been developed to detect taint-style vulnerabilities in PHP applications, demonstrating precise opcode-based data flow analysis capabilities.

• Yama, a context-sensitive and path-sensitive interprocedural data flow analysis method for PHP, was developed to detect taint-style vulnerabilities in PHP applications.

• Yama possesses context-sensitive and path-sensitive interprocedural analysis capabilities, achieving a 99.1% true positive rate in complex semantic analysis experiments.

Source: https://arxiv.org/abs/2410.12351

A criminal syndicate in Hong Kong has swindled victims out of $46 million using AI-generated deepfake personas during fake online romance scams. Police arrested 27 individuals involved in creating realistic fake identities, which were used to deceive victims into investing in non-existent cryptocurrency opportunities.

• Scammers used AI deepfake technologies to create attractive online personas.

• The operation resulted in significant financial losses for victims across multiple countries.

[RSnake: People asked and asked what kind of thing can be done with AI, and we kept saying social engineering was one of the primary use cases. And here you go. Now it’s real, it’s big, and it’ll grow.]

Source: https://arstechnica.com/ai/2024/10/deepfake-lovers-swindle-victims-out-of-46m-in-hong-kong-ai-scam/

Two vulnerabilities in the Chromium web browser, CVE-2024-6778 and CVE-2024-5836, have been discovered that allow attackers to escape the browser's sandbox and execute arbitrary commands on a victim's system. Google has since recognized the severity of these vulnerabilities, awarding a $20,000 bounty for their discovery and implementing fixes to prevent such exploits.

• CVE-2024-6778 and CVE-2024-5836 allow a malicious Chrome extension to take control of a user's operating system.

• A bug bounty of $20,000 was awarded by Google for identifying these serious vulnerabilities.

Source: https://ading.dev/blog/posts/chrome_sandbox_escape.html

WeChat, a widely used messaging platform with over a billion active users, employs a proprietary encryption protocol known as MMTLS, which has been identified as having security vulnerabilities compared to established protocols like TLS. Recent research indicates that modifications made to MMTLS may introduce weaknesses, particularly its lack of forward secrecy and deterministic initialization vectors, making user communications potentially susceptible to attacks. The findings suggest a critical need for WeChat to enhance its encryption standards to better protect user data.

• WeChat's MMTLS encryption protocol has been found to have notable security flaws.

• The current encryption practices put user data at risk due to issues like lack of forward secrecy.

Source: https://citizenlab.ca/2024/10/should-we-chat-too-security-analysis-of-wechats-mmtls-encryption-protocol/

Business

The Federal Trade Commission (FTC) has announced a new rule requiring sellers to make it easier for consumers to cancel recurring subscriptions. This follows an increase in consumer complaints about difficult cancellation processes, with the new regulations set to take effect 180 days after publication in the Federal Register.

• The FTC's final 'Click-to-Cancel' rule aims to simplify the cancellation process for consumers.

• The rule addresses ongoing issues with negative option marketing practices that have led to a surge in consumer complaints.

[RSnake: That’s a nice feature. Very useful, as are opt-out links.]

Source: https://www.ftc.gov/news-events/news/press-releases/2024/10/federal-trade-commission-announces-final-click-cancel-rule-making-it-easier-consumers-end-recurring

The consumer packaged goods industry is facing significant challenges, including shifting consumer behaviors, supply chain disruptions, economic uncertainty, and high commodity costs, which are affecting revenue growth. Companies are required to adopt agile, data-driven strategies for profitability while adjusting product portfolios to meet evolving consumer preferences and improve efficiency through technology and innovation.

• The CPG industry must navigate complex market conditions to achieve growth.

• Innovative product development and strategic M&A are critical for maintaining competitiveness.

[RSnake: Hiking costs is really the major solution, or doing massive cuts internally - which typically means layoffs. Oh… speaking of…]

Source: https://www.supplychainbrain.com/blogs/1-think-tank/post/40452-how-cpg-brands-can-move-beyond-price-hikes-to-fuel-revenue-growth

Meta has implemented layoffs across several teams, including Reality Labs, Instagram, and WhatsApp, to realign resources with the company's strategic goals. Affected employees were offered different positions or severance packages, and a significant number opted for severance amidst the ongoing restructuring after large-scale layoffs in previous years.

• Meta is undergoing another round of layoffs to streamline operations after previous significant workforce reductions.

• Some employees received severance packages while others have been reassigned to different roles within the company.

[RSnake: Lots of redundancies coming!]

Source: https://techcrunch.com/?p=2900277

Kroger is planning to implement digital price tags in its stores, which will allow for dynamic pricing based on various factors, and will use facial recognition technology to gather customer data for personalized advertising. This move has sparked concerns among lawmakers about potential discrimination and privacy issues, leading to scrutiny from various political figures and ongoing discussions regarding the implications of such technologies in the grocery retail sector. Additionally, Kroger's $24.6 billion merger with Albertson's is currently facing anti-trust challenges in several states, raising further competitive concerns.

• Kroger plans to introduce digital price tags and facial recognition technology in stores.

• Lawmakers are expressing concerns about privacy and discrimination related to Kroger's data usage.

• Kroger's merger with Albertson's is under scrutiny due to potential anti-trust issues.

[RSnake: This has already been rolled out elsewhere, but it is kinda cool that they can tell that some people will want or need certain things at certain times or that there is a run on some product, increasing the cost to keep supply normalized, and also reducing the cost of people having to run around re-pricing things by hand.]

Source: https://gizmodo.com/?p=2000512685

Nvidia's stock is nearing its all-time high as optimism grows for AI-related companies during the third-quarter earnings season. Taiwan Semiconductor Manufacturing Company's strong earnings and increased growth outlook have contributed to this positive sentiment, leading to upticks in Nvidia and other tech stocks such as Super Micro Computer and Advanced Micro Devices. The earnings reports from major tech companies like Netflix will be closely watched for their potential impact on market confidence.

• Nvidia's stock is experiencing significant gains driven by positive earnings from TSM.

• Investor focus is on upcoming earnings reports from major companies like Netflix to gauge ongoing confidence in tech stocks.

[RSnake: One of the most valuable companies in history. They also just rolled out a new AI model that rivals Claude 3.5 and OpenAI o1.]

Source: https://www.fastcompany.com/91211435/nvidia-stock-price-today-ai-fever-back-tsm-smc-big-tech-earnings-season

A neurosymbolic ensemble framework has been developed to predict price spikes in critical metals such as Cobalt, Copper, Magnesium, and Nickel. This method improves predictive accuracy compared to traditional models, addressing economic risks linked to global trends like energy transition and manufacturing reshoring.

• The framework integrates neural models with symbolic rules for error correction.

• The method achieved significant improvements in predictive precision and recall.

Source: https://arxiv.org/abs/2410.12785

Large technology companies like Amazon, Google, and Microsoft are making significant investments in nuclear power to meet the growing energy demands of artificial intelligence and other operations. The focus is shifting towards small modular reactors as a promising solution for sustainable, emissions-free electricity, which is necessary to support their data center expansions and commitments to carbon neutrality by 2030.

• Tech companies are increasingly relying on nuclear power due to its ability to provide stable, emissions-free energy.

• Investments are being directed towards the development of small modular reactors, anticipated to be more cost-effective and easier to implement than traditional nuclear plants.

[RSnake: Meta and Apple too - not to mention overseas players. And the second they stop doing it is the second they ceed the future to one of those other players, so no one will want to give up their future dominance by being beholden to weak power.]

Source: https://www.nytimes.com/2024/10/16/business/energy-environment/amazon-google-microsoft-nuclear-energy.html

Phillips 66 is shutting down its Los Angeles oil refinery by the end of 2025 due to market concerns, which will affect 600 employees and 300 contractors. This decision follows California's new law aimed at stabilizing gas prices, though the company states the closure is not related to the law. Phillips 66 continues to operate in California, with plans to explore future land development opportunities near the Port of Los Angeles.

• Phillips 66 will close its L.A. refinery, affecting over 900 workers.

• California recently passed legislation to prevent gas price spikes.

[RSnake: Not a great time to be losing refineries. I suspect we’ll come to regret letting this happen. Hopefully, someone will buy it from them, like BP or Shell, etc.]

Source: https://www.fastcompany.com/91211411/oil-company-phillips-66-will-shut-down-l-a-refinery

The electric vehicle (EV) market in China is experiencing intense competition, leading to pricing pressure among manufacturers. Major automakers, including GM, are restructuring their business strategies in response to this market environment and changes in international trade policies, including increased tariffs on Chinese EVs imposed by various countries. Despite recent challenges, GM continues to invest in the Chinese market and improve its EV offerings, while U.S. sales of electric vehicles are expected to rise with better charging infrastructure.

• China's EV market is highly competitive, impacting global automotive manufacturers.

• GM is restructuring in response to market pressures and trade tariffs.

• There is a growing focus on improving EV infrastructure and affordability in the U.S.

[RSnake: These EVs coming from China are good. But you get what you pay for if that makes sense. What extra hidden features are built into them?]

Source: https://fortune.com/2024/10/17/gm-ceo-mary-barra-china-ev-market-race-to-the-bottom/

US manufacturing experienced a contraction of 0.4% in September, worse than the expected 0.1% decline, contributing to a 0.5% year-over-year decrease in manufacturing output. This contraction, alongside a significant strike in the aircraft sector and the impact of recent hurricanes, led to a 0.3% monthly decline in industrial production, marking the weakest performance since April. Capacity utilization has also fallen to 77.5%, indicating further challenges in the industrial sector.

• US manufacturing contracted 0.4% MoM in September.

• Industrial production declined by 0.3% MoM and 0.6% YoY, the weakest since April.

• Capacity utilization dropped to 77.5%.

[RSnake: Not a surprise when people are spending less.]

Source: https://www.zerohedge.com/economics/us-manufacturing-output-plunged-september

Uber Technologies is exploring the possibility of acquiring Expedia, with discussions reportedly in the early stages. Wall Street analysts believe that a potential merger could create a 'super app' by combining ride-hailing services with travel booking technology, although the deal faces challenges in brand management and competition.

• Uber is considering a takeover of Expedia to enhance its service offerings.

• The merger could create synergies but may pose challenges related to brand management.

[RSnake: Interesting. But it would be more analogous if they bought AirBnB - renting someone else’s things. I am curious about how they view Tesla’s autonomous cars. Will they be their best customer, or will they invest in their own self-driving tech and cut out the drivers completely? Finding drivers has always been their biggest problem.]

Source: https://www.zerohedge.com/markets/expedia-jumps-ft-report-uber-explored-takeover

Thanks so much for reading, and once again, please forward this newsletter to anyone you think should be reading it. It’s how the newsletter grows, how I know you love it, and encourages me to keep going. I’d really appreciate it!