Dispatch 6: That Sound a Mac Used to Make When It Couldn’t Do the Thing You Wanted It to Do
You know—that exception chime? It was a shrill two notes on a musical keyboard or something. My brain has been doing that lately. I think it’s refusing to integrate with the timeline. Anyway, news.
📣 security news
EFF Conducts RedNote Privacy Analysis - Electronic Frontier Foundation has conducted privacy and security analysis on the RedNote Android mobile application. Research identified that the application has a vulnerability in HTTPS validation that could allow an attacker to eavesdrop on connections to RedNote’s servers. Additionally, its update mechanism bypasses the Play store, meaning updates are not scrutinized by Google before being pushed to the user's device.
All X-ed Out(age) - Twitter (aka X, "the everything app") suffered from outages on March 10 due to a distributed denial of service (DDoS) attack. Musk, who is either feigning ignorance or doesn't understand the distributed nature of the attack, claimed that it originated in Ukraine based on IP addresses. IP addresses are bad for attribution for a number of reasons, one being that anyone with an internet connection can use various methods to generate or route traffic through IPs in other regions and countries. Security researchers have identified that at the time of the attack, the company's web servers were not all located behind Cloudflare--a service that protects sites from such attacks.
To be frank, the Ukraine angle here sounds more like a political move than anything else. Even if the traffic did all originate in Ukraine, that alone would not be evidence that the attack was sanctioned by that country's government. People do crimes all the time in all the countries and our fully networked world means you have to dig deeper than an IP address to prove who did it. We'll see how this plays out.
🛟 safer tech
OpenAI 'PhD-Level Agents' Will Cost 20K/month - OpenAI plans to release several AI agent products across 3 tiers: high-income knowledge worker, software developer, and PhD-level researcher. AI agents are supposed to act autonomously and make decisions with feedback from other AI systems or humans.
Can someone please show me generative AI-based solutions that corporate users and their customers can trust to fulfill entire business functions without oversight? If the phrase "without oversight" gives you heartburn, I get it. We know that the best practice would be for humans to babysit GenAI-based tools and monitor their outputs for problems. We should also know that doing the bare minimum is a consistent human theme, especially under the growth pressures of capitalism. We have a hard enough time achieving adequate quality assurance for products that humans create. I don't know a single person who perks up when I say "so generative AI is drafting police reports from body cams now" (though not in King County, WA).
Amazon's Delivery Drones Grounded in College Station, TX - People in College Station don't seem too keen on living near drone launch facilities and I can identify with that. Some people are worried about cameras while for others the noise from drones bothers them and their pets. The camera should be a non-issue based on the reported configuration of the drones, but clearly the company isn't doing the right kind of outreach to the affected communities.
🤿 culture dive
🛰️ Let's talk space. I've always been a bit of a space nerd on the side. I'm still holding out hope for a chance to hack a real satellite. Like anything else I'm interested in, I want to take a step back and understand how our efforts can cause harm.
Launch Debris
Starship Test Flight Fails - A second failed test flight of the SpaceX Starship vehicle resulted in airspace temporarily closing and flights being rerouted due to falling launch debris. I'm relieved there were no associated aviation incidents and conscious that space launches are an additional strain on the FAA on top of routine air traffic. Debris from a Falcon 9 rocket has been found in 4 places across western Poland.
Orbital Debris
It feels like we are stuck behind the curve on practical solutions for managing the fallout of increasing space missions and thinking broadly about the sustainability of space as a resource.
As astrophysicist Aaron Boley highlighted in a November lecture (yes, I listened to the whole thing!),
- there is ever-growing orbital debris around the planet adding risk to space missions in low earth orbit and contributing to light pollution that impacts astronomical observations
- research has identified changes in the makeup of our atmosphere as a result of repeated space launches and deorbits
- certain areas, such as a large swath of Canada, are more likely to encounter falling space debris due to common orbital characteristics
Debris Tracking Satellite in Design Phase - Scientists at University of Alaska Fairbanks are working on designs for a satellite that can track orbital debris that is too small to be tracked from the ground. That sounds like a really cool idea and I look forward to following progress on their work.
Space x Infosec
Polish Space Agency Breached - The Polish Space Agency (POLSA) went entirely offline in response to a breach of its systems. Initial reporting suggests that POLSA's email system had been affected but it's not clear if other systems may have been impacted. It appears the agency's public site is now restored. Wishing them all the best in their efforts to get the attackers out of their network.