- RSnake Report
- Posts
- RSnake Report 20240822
RSnake Report 20240822
Kursk, Energy and new Chinese sub
Table of Contents
Hello, and thanks for reading! First, you may have noticed some broken links in the last email—it was a technical glitch on the mail provider’s side. I wrote a separate system I use to aggregate news, and apparently, the mail provider has a bug when pasting in HTML, leading to broken links. It should be fixed now and should stay that way, but my apologies. From now on, there will be spot-checks before the emails send. Okay… on with it…
There are lots afoot on the Ukraine front. First, there have been massive social media outages in Russia. That will likely have to do with trying to prevent operational security leaks now that Ukrainians are on the move throughout the Kursk region and likely in small groups far beyond the front lines. Not everything is down, which would be seen if physical cables were compromised/damaged—this is different.
Widespread outages in Russia
One of my good friends expressed this nugget after saying that he believes we/NATO is the aggressor, “…this is reminiscent of the sword fight in the movie The Princess Bride. Russia has been fighting Ukraine left-handed. What will happen when they change to their dominant hand? Why are we forcing them to?” That is in reference to nuclear, biological, and chemical weapons which Russia hasn’t chosen to use. To which I agree, and yet, here we are - I don’t like what’s happening, but it appears to be happening regardless. Keep those comments coming!
There are even more attacks cutting off the Kursk region while Russia continues to try to build temporary bridges. To add fuel to my friend’s concern are images of Belarusian military flags on tanks on Russian soil. There are also a lot of reports of a second oblast being attacked by Ukraine - Bryansk.
“attempted to cross the border in Bryansk oblast”
There have also been attacks far north - 2000km away from Ukraine. The question here is, have they greatly extended the range of their drones? Were they fired from a NATO country, or were they smuggled into and fired from within Russia itself to hit that far away? If it were fired from a NATO country, that would be very unnerving to Russia, I’d think.
“2000 kilometers away from Ukraine”
Aside from the attacks on clear military targets like airports and airfields and bridges, attacks on power continue, and some of the footage on the Russian side is pretty spectacular. However, Ukraine has not gone untouched, with a recent hit against a fuel depot in that country as well. The destruction of power generation is becoming of greater interest to me. Fuel is typically a slow-moving or fully static target.
Proletarsk Öldepot Region Rostow
Speaking of power, it is worth noting that we are seeing a lot of fuel movement around the Middle East, likely in preparation for severe power shortages. Missiles are being fired by Hezbollah into the Golan Heights, and Israel continues to strike Hamas in Palestine and Hezbollah in Jordan, but so far, it has been very strategic on both sides and not the clear escalation Iran promised. Jordan has had widespread power outages already, though, so preparations make sense. The Houthis, not to be outdone, attacked and knocked out a merchant tanker.
Shipping, in general, is at increasing peril in the Baltic and Red Seas and will likely be a target of opportunity in any large regional clash, like between China and Taiwan. That is likely why China is investing in a new class of submarines as well. Subs are harder to find and kill, and they deliver first-strike capabilities. The X-fin design is probably the most notable thing about the new missile sub.
New Chinese submarine
In the world of drones, I spotted this in a chat room, and I had to include it. These kids downloaded some Google Maps, used a cheap camera, and used a little onboard AI to figure out where the drone was after launching it. Clever, stupid, and probably doesn’t work well in weather, but wow, it's very cool for such a dirty, cheap solution, and it cannot be jammed through traditional means.
“<$500 drone”
All this innovation proves drones pose a greater threat, especially for commercial flights, because the ability to hit slow-moving targets with drones or MANPADS is likely still too great. Since we talked about it last time, we have seen the West continue pulling back on flights into the Middle East. Delta joined American Airlines and is no longer flying to Israel as well.
Delta pulling back from Israel
The DNC continues to be a bit of a cluster with the pro-Palestinian protesters, but fewer than I thought there would be. The Chicago police have been doing an excellent job of cracking down and not letting the protesters run amok. Nothing noteworthy, other than some general shoving, vandalism, and obvious Hamas flags and patches being waved around. It seems clear that the police have fairly good legal air cover in arresting self-admitting members of terrorist groups that insight violence, attack police, and destroy property. Hamas has been listed as a terrorist organization since the late 90s, so the charges might be a lot more harsh than anything that happened during the George Floyd riots, despite looking similar, assuming the DAs even prosecute.
Lastly, before we look at the articles, I’m trying something new and starting to collect feedback from our readers.
Please do me a solid and vote on our poll, if you would be so kind. I’d love to hear your thoughts!
What do you personally think will be the most influential factor shaping our world in the coming years?
Thanks for your feedback! Okay, onto the articles!
The U.S. Army intelligence report highlights the intensified military threat posed by China, particularly regarding its expanding arsenal of ultra-long-range missiles capable of reaching the U.S. homeland. This includes new submarine-launched nuclear missiles and the potential for long-range conventional strikes that could threaten key infrastructure in the United States as well as allies in the region. The report indicates a shift in security dynamics, with adversaries like China increasingly capable of conducting attacks within U.S. territory.
China is rapidly modernizing and expanding its military capabilities, including its nuclear and conventional missile arsenals.
The JL-3 missile can target U.S. cities from the Pacific, indicating a direct threat to U.S. homeland security.
The U.S. is responding by strengthening military alliances and expanding military presence in the Pacific region.
This is far more likely to target strategic positions around the Pacific in particular than here at home, but the threat is no less important. If a real conflict begins, that capability to hit targets on the East Coast, like in Washington, Maryland, and so on, might be very useful to the Chinese.
Russia is transferring conscripted soldiers from Siberia to Kursk Oblast as the Ukrainian military advances in the region. The transfer involves several brigade-sized units with at least one thousand people each. Russian mothers of soldiers confirmed that new conscripts are being transferred to the region.
Russia is transferring conscript soldiers from Siberia to Kursk Oblast as Ukrainian military advances in the region.
The transfer involves several brigade-sized units with at least one thousand people each.
Russian mothers of soldiers confirmed that new conscripts are being transferred to the region.
Conscripted forces tend to be the worst possible forces. They aren’t just untrained, but they often have to buy their own armor, and they don’t have any interest in being there. So they will, as we have seen, very quickly surrender under any meaningful threat. Volunteer and professional forces are always better.
A commercial ship in the Red Sea was left ablaze and drifting after being attacked by suspected Houthi rebels from Yemen. The incident is part of a series of assaults on more than 80 vessels since the beginning of the Israel-Hamas conflict in October, with the Houthis claiming these attacks are aimed at vessels linked to Israel or its allies.
A commercial ship was attacked in the Red Sea, resulting in it being adrift and on fire.
The suspected attackers are the Houthi rebels, who have intensified their assaults during the ongoing Israel-Hamas conflict.
The Houthis have been targeting various vessels, leading to a significant military response from the United States.
I have heard rumblings that Israel is really trying to beef up the rhetoric around Iron dome and it’s ability to protect the ports, so that shipping will continue. The insurers aren’t so sure.
The U.S. Army has developed a new targeting system called the Maven Smart System, which utilizes artificial intelligence and machine learning to enhance combat efficiency, allowing small teams to strike multiple targets rapidly. Ongoing experiments have demonstrated improvements in targeting times, significantly reducing the window required to engage targets compared to previous methods. This system is being integrated into broader logistics operations as well.
The Maven Smart System allows small Army teams to hit up to 1,000 targets per hour.
Experiments with the system have shifted targeting time from over 12 hours to under one minute.
The system is being developed for use in logistics and operational scenarios within U.S. Central Command.
This is likely an adaptation and improvement on the software called “GIS Art for Artillery,” which has got to be the worst-named software ever. The Ukrainians use it for targeting and can put rounds from different sources onto a target very quickly. Think of it as Uber for explosions - who has bombs - I need a bomb - put a bomb here.
The Pentagon is developing the next iteration of the Joint Warfighting Cloud Capability (JWCC), aiming for a faster contracting process and a wider range of vendor options. This forms part of a broader initiative to enhance military capabilities, including a secure network for defense agencies. To date, the Pentagon has made significant financial commitments to this effort, with plans for continued expansion and efficiency improvements.
The Defense Information Systems Agency is prioritizing speed and a broader vendor pool for JWCC.
The Pentagon has awarded contracts totaling nearly $1 billion for cloud services.
A new secure network, DODNET, is being implemented to modernize communication capabilities across various defense agencies.
The memes about this are scathing. I don’t think there is much hope that this will actually streamline anything, but only time will tell.
The UK plans to build a large hangar-sized isolated chamber to test its military assets against GPS jamming and other types of electronic warfare. The facility will be big enough to fit equipment like F-35 jets and Chinook transport helicopters, and is expected to open in 2026. This comes as electronic warfare has become increasingly common in conflicts such as the war in Ukraine.
The UK will build a hangar-sized isolated chamber to test its military assets against GPS jamming and other types of electronic warfare.
The facility will be big enough to fit equipment like F-35 jets and Chinook transport helicopters, and is expected to open in 2026.
Electronic warfare has become increasingly common in conflicts such as the war in Ukraine, where Russia jams GPS frequencies to disrupt the accuracy of Western-supplied guided missiles.
The pictures look very cool - like a sci-fi novel. The idea is that they can test how the vehicles behave when they are in hostile areas and jammed or otherwise out of comms.
The Pentagon and Congress are currently debating the future funding and priorities associated with the Defense Production Act, a law designed to rapidly enhance U.S. defense capabilities. Tensions have arisen over differing views on budget allocations, particularly regarding investments in biomanufacturing versus traditional defense sectors, as the U.S. continues to support allies in wartime situations. The outcome of these negotiations will impact how effectively the U.S. can respond to ongoing and future national security challenges.
The Defense Production Act is seen as essential for revitalizing the U.S. defense industrial base.
Congress is proposing to significantly increase funding for the Act, focusing on urgent defense industry needs.
There is a conflict between the Pentagon and Congress regarding funding priorities, especially around biomanufacturing versus immediate defense production.
The more, the better, as far as I can see on our horizon. It’s politics today, but in the future, this will be a bipartisan issue when we are running low on munitions. Keep in mind that, as an example, it wouldn’t take much to eliminate all US howitzer shell manufacturing—there are only two factories in the US.
Russian President Vladimir Putin has praised Chechen fighters preparing to support Ukraine's full-scale invasion, citing their bravery and patriotism.
Chechen leader Ramzan Kadyrov has sent more than 47,000 troops to Ukraine since the start of the war, including about 19,000 volunteers.
Kadyrov has been a key ally of Putin and has used Moscow's funding to rebuild Chechnya after a brutal conflict in the late 1990s
Putin's visit to the North Caucasus region marks his first trip since 2011
In a stunning and somewhat hilarious moment, Putin, or potentially a body double of him, kissed a Koran for the press. The Christians who have previously defended him as a holy man will likely raise an eyebrow at that.
A former mayor in the Philippines is accused of spying for China and having ties with criminal syndicates, fleeing the country undetected after a Senate panel investigating her alleged links ordered her arrest.
The former mayor, Alice Guo, is accused of allowing human trafficking syndicates and scam centers to operate in her town by masquerading as online casinos.
Guo has fled the Philippines illegally and skipped border checks, despite officials admitting she had left the country undetected one month ago and traveled to Malaysia, Singapore, and Indonesia.
The Philippine government has canceled Guo's passport and filed criminal complaints against her, with President Ferdinand Marcos Jr promising 'heads will roll' after officials admitted their failure to detect her departure.
The US Air Force has introduced the ULTRA drone, which can remain airborne for up to three days, significantly enhancing aerial surveillance capabilities. This advanced drone, developed by Dzyne Technologies, has been budgeted for integration into military operations, particularly from bases in the Middle East. Its ability to carry substantial payloads over long distances is set to impact international reconnaissance efforts across multiple regions.
The ULTRA drone can fly for 80 hours without refueling.
It has a wingspan of over 80 feet and can carry a payload of 400 pounds.
The drone is designed for critical intelligence, surveillance, and reconnaissance operations across Africa, Asia, and Europe.
This is going to be very useful. There is an existing program called Gorgon Stare that uses these or something similar to watch the ground. If a bad thing happens, they rewind the tape to see where the attackers staged from or fast-forward to see where they fled to. This is extremely useful in wartime and over cities.
The World Health Organization (WHO) has declared Mpox, previously known as Monkeypox, a Public Health Emergency of International Concern (PHEIC) amid ongoing outbreaks primarily in the Democratic Republic of Congo (DRC). The declaration highlights a broader public health crisis, as the DRC grapples with high mortality rates from preventable diseases like malaria and tuberculosis. The region faces significant instability and socio-economic challenges, impacting responses to health emergencies.
Mpox has been declared a PHEIC due to outbreaks mainly in the Democratic Republic of Congo.
The DRC faces a stark contrast between the mortality rates of Mpox and more lethal diseases like malaria and tuberculosis.
Local resource allocation is compromised by a focus on global health initiatives that do not address the urgent needs of affected populations.
We will hear a lot about this, but so far, it still seems to mostly be only transmitted to people and animals through sexual contact. One dog got it so it is transmissible across species, but apparently it is mostly prevalent in homosexual relationships at the moment.
The U.S. Navy faced significant issues with the user interface design of their destroyer, which contributed to a severe accident resulting in damage and loss of life. Following the investigation, it was revealed that poor design choices, particularly regarding touchscreen controls, exacerbated the confusion among the crew during the incident. In response, the Navy has decided to revert to physical controls, though the fundamental problems with the design process remain inadequately addressed.
A Navy destroyer collision was caused by inadequate user interface design that led to crew confusion.
The National Transportation Safety Board found that the touchscreen controls increased the likelihood of operator error.
The Navy is reverting to physical controls as a response to the identified UI issues, despite ongoing design weaknesses.
Basically, two sliders become one, but not visually when a button is checked. It’s a terrible user experience and easily fixed, but analog controls are particularly good at this kind of thing over digital controls. Ultimately, this will get fixed, I have no doubt if it hasn’t already. But there are many very serious flaws in UIs, like the one that caused that erroneous missile launch alert in Hawaii.
Germany is continuing its military support for Ukraine amid internal discussions about future funding and budget constraints. The German government reaffirmed its commitment to delivering significant military equipment and training to Ukraine, while also navigating concerns over maintaining this support in the coming years.
Germany plans to deliver dozens of armored vehicles, weapons systems, and ammunition to Ukraine by the end of the year.
Internal discussions about new budget measures and funding for military support could impact future aid levels to Ukraine.
Germany's military backing for Ukraine has exceeded €14 billion since the start of the Russian invasion.
The U.S. Army has activated the Arctic Aviation Command, consolidating its aviation units in Alaska under local leadership to enhance their operational capabilities in Arctic conditions. This restructuring aims to improve training, mitigate risks, and enable quicker responses to emerging challenges in the region, particularly in light of increasing military activities from rivals like Russia and China in the Arctic.
The Arctic Aviation Command was established to provide dedicated support for aviation operations in cold-weather environments.
Local command will facilitate faster decision-making for aviation units, which previously reported to commanders in Washington and Hawaii.
The restructuring is part of a broader U.S. strategic initiative to strengthen military capabilities and respond to growing threats in the Arctic region.
We have every reason to think that they will attack there early if a ground invasion were ever to take place. I wouldn’t recommend that for China and Russia btw - we are a heavily armed society. “A gun behind every blade of grass” is the quote attributed to Japanese Emperor Yamamoto when they considered invading the continental United States.
The Czech Republic plans to utilize profits from seized Russian assets to acquire ammunition for Ukraine, with a focus on supporting its defense against the ongoing Russian invasion. Additionally, EU members have agreed to allocate about 1.4 billion euros generated from these assets towards Ukraine's military needs.
The Czech government intends to buy ammunition for Ukraine using profits from frozen Russian assets.
EU member states are collectively using interest from seized Russian assets to support Ukraine's defense.
We need to be very careful about doing this in the United States and in most western countries. If foreigners believe their money is at risk in US or Western banks, we will no longer be the reserve currency in short order. And if you think being the reserve currency is a bad idea, then at minimum think about the sanctions and leverage and monetary insights we will lose. The Czech Republic is in a different boat though.
Source: https://geopoliticalfutures.com/daily-memo-more-ammunition-for-ukraine-abbas-asks-for-gaza-trip/
Microsoft issued an update that failed to properly detect dual-boot systems, causing them to become unusable after applying the patch. This resulted in a large number of Linux devices being unable to boot due to Secure Boot violations. Microsoft has yet to acknowledge the error publicly or provide technical guidance to those affected.
Microsoft's update for CVE-2022-2601 failed to properly detect dual-boot systems, causing them to become unusable after applying the patch.
A large number of Linux devices were unable to boot due to Secure Boot violations following the Microsoft update.
Microsoft has yet to acknowledge the error publicly or provide technical guidance to those affected.
This mostly effects nerds, and many who have dual boot rarely use it, so I suspect this is a small issue in the grand scheme of things.
The manufacturing sector is undergoing a significant transformation driven by artificial intelligence and recent legislative acts aimed at enhancing productivity, workforce development, and clean energy initiatives. Companies like Ford and Siemens are leading the way by implementing AI-driven systems to improve efficiency, quality control, and workplace safety, fundamentally changing production processes.
AI is increasingly integrated into manufacturing processes to enhance productivity and efficiency.
Recent legislative measures are supporting the development of workforce skills and semiconductor technology.
Examples from companies like Ford and Siemens illustrate the practical benefits of AI in reducing downtime and improving quality control.
The real metric we will need to start using is how many man-hours will be replaced by whatever new AI tech we build. Does it remove 50% of their workload? 80%? That would mean you have made them 5x more efficient. When we start seeing 20x (95% reduction in workload), we will get the real power of AI. As it stands, I use AI for many tasks, including curating the news, and it has made me at least 8x-10x faster. If I had to read the ~1000 articles I want to per day, I wouldn’t get anything done.
Fabric, a startup founded by MIT and Stanford graduates, is advancing cryptographic technologies like zero-knowledge proofs and fully homomorphic encryption through a custom RISC-V-based chip. The company has secured significant funding and aims to address the growing need for secure data processing in enterprises and the blockchain sector.
Fabric has developed a custom chip optimized for advanced cryptographic algorithms.
The company has raised $33 million in funding to enhance its technology.
Fabric's solutions target enterprises and the blockchain industry to improve data privacy and security.
This is not to be confused with Daniel Miessler’s Fabric.
Source: https://techcrunch.com/2024/08/20/how-fabric-plans-to-make-advanced-cryptography-ubiquitous/
The EU is enforcing its Digital Services Act (DSA) and Digital Markets Act (DMA), imposing regulations on tech companies such as Apple, X (formerly Twitter), and others, with potential fines or bans if they fail to comply. The EU's goal is to cut short the length of competition investigations, which can last years, to a maximum of 12 months under the DMA. Big tech companies are resisting these new rules, with some claiming they put users' security at risk.
The EU is enforcing its Digital Services Act (DSA) and Digital Markets Act (DMA), imposing regulations on tech companies such as Apple, X (formerly Twitter), and others.
Tech companies are resisting these new rules, with some claiming they put users' security at risk.
The EU's goal is to cut short the length of competition investigations, which can last years, to a maximum of 12 months under the DMA.
This will effect Google, btw. They have previously been okay eating the fines, but this will speed up the process and cause them more pain faster. It might actually make them get into line - though I am not holding my breath. So far it has seemed that Google has been happy to break the law and eat the fine as a cost of doing business.
The US government is launching a series of contests to identify flaws in generative AI systems, with the goal of making these systems more transparent and accountable.
The US government is partnering with Humane Intelligence and NIST to launch a series of contests to identify flaws in generative AI systems.
The goal of these contests is to make generative AI systems more transparent and accountable by allowing anyone to participate in evaluating their security, resilience, and ethics.
The contests will involve a red team trying to attack the AI systems and a blue team working on defense, with participants using a rubric to measure whether the red team is able to produce outcomes that violate the systems' expected behavior.
The AI village at DefCon is a good example of this if you haven’t gone. There were similar areas around Blackhat as well.
Mozilla has acquired Anonym and is working on a privacy-preserving attribution system for advertising, allowing users to opt out of tracking.
Mozilla has acquired Anonym, a company that specializes in anonymous betting and privacy.
Mozilla is developing a privacy-preserving attribution system for advertising, allowing users to opt out of tracking.
Users can disable the new feature by setting dom.private-attribution.submission.enabled to false in their Firefox user.js file or using the make-firefox-private-again.com script.
I’m going to keep my eye on this. This shows some promise. I think the real solution is something my buddy came up with years ago - allow me to charge you for my data, and then you can have it at whatever cost we mutually agree to. If my data is too expensive for you, then I keep it. That becomes a well-lit marketplace.
Microsoft has announced that its controversial 'Recall' feature will become available for testing by Windows Insiders in October 2024, after a delay from mid-June. This feature captures and stores screenshots of user activity on a compatible PC, raising significant cybersecurity concerns, prompting an investigation into its implications.
Microsoft's 'Recall' feature will be available for Windows Insiders in October 2024.
The feature captures screenshots of user activities, leading to cybersecurity concerns.
Users must opt-in to use 'Recall', which has faced scrutiny from investigators.
Malware is just going to love mining this data. Be very careful with the use of this product. Though I suspect by the time they launch it, they may attempt to programmatically identify PII and neuter it. That’s relatively easy to do because things are named “password” and “creditcard” in form fields in large part. We shall see.
A security vulnerability known as CVE-2024-38206 was discovered in Microsoft's Copilot Studio, which allowed authenticated attackers to exploit server-side request forgery (SSRF) to access sensitive cloud-based information across multiple tenants. Microsoft has since mitigated the flaw, ensuring that no immediate action is required from users of Copilot Studio. The impact of this vulnerability highlights the risks associated with shared cloud infrastructure, emphasizing the importance of robust security measures.
A server-side request forgery (SSRF) vulnerability in Microsoft Copilot Studio allowed potential access to sensitive information within cloud environments.
The flaw was quickly mitigated by Microsoft with no action needed from Copilot Studio users.
Researchers highlighted the risks of shared infrastructure among multiple tenants in cloud services.
Color me shocked. The first thing we do when we build LLMs is ask them to do tasks, not just chat with us. I see this as being unworkable tech the way people are building it in large part. It’s not like it’s impossible, but they aren’t seriously considering that banning “ideas” isn’t a solution. It has to be programmatic, rote, codified, etc.
Microsoft addressed a critical privilege escalation vulnerability in its managed Azure Kubernetes Service (AKS) that allowed attackers to gain access to credentials for various services used by the cluster. Attackers could have exploited the issue to access sensitive information, steal data, and execute other malicious actions in an affected AKS cluster. The vulnerability was identified as stemming from the ability for an attacker with command execution privileges on an AKS pod to access an undocumented Azure component called WireServer.
Attackers could have exploited a critical privilege escalation vulnerability in Microsoft's managed Azure Kubernetes Service (AKS) to gain access to credentials for various services used by the cluster.
The vulnerability allowed attackers to access sensitive information, steal data, and execute other malicious actions in an affected AKS cluster.
The vulnerability was identified as stemming from the ability for an attacker with command execution privileges on an AKS pod to access an undocumented Azure component called WireServer.
Source: https://www.darkreading.com/application-security/azure-kubernetes-bug-lays-open-cluster-secrets
US Congressmen are requesting an investigation into Chinese Wi-Fi router vendor TP-Link due to potential national security risks. TP-Link's routers may be compromised by state-sponsored hackers and the company is subject to PRC national security laws, which require sensitive data submission to Chinese intelligence officials.
TP-Link is a Chinese Wi-Fi router vendor that is also the world's largest provider of Wi-Fi products and leading Wi-Fi router provider in the US.
TP-Link routers are made in China, where state-sponsored hackers may compromise them to infiltrate US systems.
TP-Link is subject to PRC national security laws requiring submission of sensitive data to Chinese intelligence officials.
This kind of behavior is only going to lead to more balkanization. Btw, we aren’t any better than China is in this regard. We’re all hacking one another.
Source: https://www.darkreading.com/cyber-risk/chinese-wifi-router-vendor-draws-us-congressional-ire
Iran has been confirmed as responsible for a cyberattack aimed at disrupting the 2024 US presidential campaigns, targeting both Donald Trump and Joe Biden's teams. Multiple federal intelligence agencies have reported increasing Iranian cyber activities as part of their strategy to influence the upcoming elections, echoing past foreign interference concerns in U.S. politics.
Iran is behind cyberattacks on U.S. presidential campaigns.
Multiple federal agencies attribute these activities to Iranian government efforts to influence the elections.
Iran's cyber tactics resemble past foreign interference in U.S. elections.
Buckle up; this is only going to ramp up.
Toyota has confirmed a data breach involving the theft of approximately 240GB of data related to its customers and employees by a third-party group known as ZeroSevenGroup. Toyota asserts that its own systems were not compromised.
A third-party group has breached sensitive data of Toyota's customers and employees.
Toyota claims its own systems were not directly compromised in the breach.
The incident emphasizes the risks associated with third-party access to data.
McAfee has launched an AI-powered deepfake detection tool that works exclusively on select Lenovo AI PCs, aiming to help users identify AI-generated content in videos. This tool alerts users within seconds if it detects altered audio, leveraging advanced machine learning technology while ensuring user privacy. The rise of deepfake technology has prompted concerns over misinformation and scams, underscoring the need for effective detection solutions.
McAfee's Deepfake Detector has a 96% accuracy rate in identifying AI-generated audio.
The tool operates on-device without collecting user data, enhancing privacy.
Research indicates a significant increase in public concern about deepfakes, with 64% of people more worried than a year ago.
This will work for a while, but as soon as people reverse engineer how it detects the deep fakes, they will work around it through synthetic training data. I don’t have a lot of hope in deep fake identification tooling to survive over the long term. Short term, sure.
A significant vulnerability has been discovered in Slack's AI features, allowing attackers to exfiltrate data from private channels using language model manipulations. Recent changes to Slack AI on August 14 have increased the risk surface by allowing the ingestion of more types of data, including documents, which can be exploited for malicious purposes. This issue raises serious concerns about data security in widely used applications like Slack.
Attackers can steal data from private Slack channels via manipulated language model instructions.
The vulnerability was enhanced by a recent update allowing Slack AI to ingest various document types.
Prompt injection can exfiltrate sensitive information without direct access to the private channels.
This is both clever and horrifying. Incidentally, this is one of the reasons I do not trust cloud-based chatting software, like Slack, to be secure. For that you need to go to ephemeral messaging. Wickr Pro for enterprises or Signal for individuals now that Wickr Me is off the market. Just make sure ephemeral messaging is enabled.
A potential rail strike in Canada is imminent as negotiations between major rail companies and a workers' union reach a critical point, with lockout and strike notices issued. A work stoppage could disrupt the transportation of a significant portion of Canada's goods, including exports and agricultural products, leading to major economic implications across North America.
A rail strike could severely impact more than half of Canada's exports and major agricultural sectors.
The lack of viable alternatives for transporting goods, especially hazardous materials, heightens the risks posed by a work stoppage.
A strike is expected to significantly disrupt supply chains, with implications for global food security and economic stability.
I think this is fairly likely to end in a strike from what I have seen thus far, but things aren’t entirely bleak. As the memes say, “Soorry.”
The U.S. Bureau of Labor Statistics significantly revised down its employment numbers, reporting a decrease of 818,000 jobs, marking the second largest downward revision in U.S. history. This revision indicates that the labor market may be weaker than initially reported, with implications for economic policy and public perception of the job market.
The BLS's revision reveals that U.S. job growth has been overstated.
The significant downward revision may affect perceptions of the economy and influence monetary policy.
The report raises questions about the accuracy and integrity of official labor statistics.
It isn’t unusual for the White House to revise numbers and they are almost always down. But this is a huge decrease. The problem is we are losing jobs and we are gaining people via the southern border. That will lead to increasing poverty in the United States. With poverty comes crime, disease and suffering.
Amazon Web Services (AWS) has launched a new Asia Pacific region in Malaysia, investing over $6.2 billion and creating more than 3,500 jobs annually through 2038. This initiative aims to enhance Malaysia's digital economy and support various sectors, including government, education, and enterprises, by providing local access to advanced cloud computing resources and technologies.
AWS setup in Malaysia will help local businesses and government agencies leverage advanced cloud technologies.
The investment is projected to contribute approximately $12.1 billion to Malaysia's GDP.
AWS aims to enhance Malaysia's role as a regional hub for digital innovation and AI.
If your business needs speed in the Pacific market, this might be an option, but instability in that region also makes me a bit wary of putting anything meaningful there. As a proxy, or caching, or edge compute, sure.
A luxury yacht named Bayesian sank off the coast of Sicily during a waterspout, resulting in six people, including notable figures like British tech magnate Mike Lynch and Morgan Stanley chair Jonathan Bloomer, going missing. Rescue efforts are ongoing to locate the missing individuals trapped inside the partially submerged vessel, which poses challenges due to its depth and tight spaces.
Six people are missing after the luxury yacht Bayesian sank in a tornado off Sicily.
Rescue efforts involve divers and an underwater drone, but challenges arise due to the yacht's position on the seabed.
The yacht was reportedly hosting passengers to celebrate the acquittal of Mike Lynch in a major fraud case.
This is a super weird case, and I have no doubt there will be a lot more out of this. He also helped build DarkTrace, so this hits close to home. We’ll likely know a lot more in a few days.
A US federal judge has ruled that the Federal Trade Commission's (FTC) ban on non-compete agreements is unlawful, granting a motion filed by the U.S. Chamber of Commerce and other plaintiffs.
The FTC's ban on non-compete agreements has been deemed unlawful by a US federal judge.
The court ruled that the FTC exceeded its statutory authority in making the rule, calling it 'arbitrary and capricious'.
As a result of the court's decision, the FTC will not be able to enforce its ban on non-compete agreements.j
This might affect you and tech workers, you know. Just an FYI.
Source: https://fortune.com/2024/08/20/federal-judge-derails-ftc-sweeping-ban-on-non-compete-agreements/
Gold has reached a new record high amid a decline in stock market performance, largely influenced by proposed corporate tax increases and ongoing economic concerns. Treasury yields have dropped while oil prices continue to fall, indicating a broader apprehension in global markets regarding economic growth.
Gold hit a new record high.
The stock market faced challenges due to proposed tax increases.
Treasury yields fell, reflecting concerns about economic growth.
That means that the market expects or fears increased instability. I am sure this is related to Iran and Israel. War in the Middle East, with how many assets we have there, means that the likelihood that the US is at war soon is dramatically higher. And it’s not like the Houthis or Hezbollah or Hamas are particularly concerned about striking US assets, which could easily lead to provocation. The closer the proximity of our assets to the region, the more likely it is that something bad will happen. War triggering bad.
Source: https://www.zerohedge.com/markets/gold-hits-new-record-high-growth-scare-spoils-stocks-party
Thanks so much for reading and once again, please forward this newsletter to anyone you think should be reading it. It’s how the newsletter grows, how I know you love it, and encourages me to keep going. I’d really appreciate it!