Issue 66–NFT’s, Microsoft Exchange hack, deepfake Tom Cruise
Issue 61
A weekly summary of what I've found interesting at the intersection of economics, finance and technology.
Hey friends, after a couple of months hiatus, I think I’ve found a rhythm–aided in no small part by the kids returning to school after a protracted lockdown–that would allow me to write Surveilled on a regular basis again. I never quite stopped following the news of course, and it’s also a case of feeling a stronger urge to write about some of them again that brought us here. So let’s see how it goes, and thank you very much for sticking around all this time.
One Big Story
A new three-letter acronym burst on the scene over the last couple of weeks: NFT, or Non-Fungible Token. This encapsulates the distinguishing feature, each token is basically unique, as opposed to Bitcoin, which is fungible, like money. NFT’s are meant to represent unique works of art, that can then be bought and sold on, you guessed it, a blockchain. This makes it easy to determine who is the current owner and who were the past owners, the sort of transparency that you want for a work of art.
Intuitively, I think this use case aligns better with the surface level understanding of blockchain most people have, and hence interest in NFT’s has been intense. Artists can attach a work to a token, which can then in turn be auctioned. The 800-pound gorilla in the sector, Christie’s, just completed an NFT auction, and one rather mundane piece/token by an artist called Beeple sold for $69m USD, which is a staggering amount of money.
Are NFT’s here to stay? I think there certainly is a use case for a transparent and traceable registry of digital art. More and more legitimate works of art are digital, and it stands to reason that some will stand the test of time and become valuable. By extension, there’s value in being the certified owner of a unique digital art piece, and having a registry that can confirm this ownership. A second question is whether this needs to be on the blockchain, with all its risks (forgotten passwords) and externalities (energy use), and that’s far less clear to me. It seems all of the above can be done at lower cost without a blockchain, but that will obviously reduce the hype factor, which right now seems to be the point for NFT’s.
Six Links
Tens of thousands of Microsoft Exchange servers hacked–Security researcher Brian Krebs revealed the wide-ranging hack, noting that each “hacked server has been retrofitted with a [...] backdoor that gives the bad guys total, remote control, the ability to read all email, and easy access to the victim’s other computers.” Hard to overstate how bad this is, especially considering how many organisations use Microsoft Exchange (and its Outlook Web Access module) for their email. Read (Krebs on Security)
Relatedly, security researcher Bruce Schneier highlights that 26% of companies still show vulnerabilities exploited four years ago, meaning their infrastructure has not been patched with the latest security updates. With what I’ve seen of corporate IT I am less shocked by this figure than Schneier, but it does illustrate what an uphill battle cyber security is. Read (Schneier on Security)
Glimpses of the “deepfake infodemic”–Deepfakes are AI-generated fake videos indistinguishable from reality, where a real subject (say, a US president) can be made to say anything. This obviously points to a scary future where it will no longer be possible to tell lie from truth, obliterating whatever is left of factual common ground in society. Last week, these fears accelerated after the release of a stunningly good series of skits showing a fake Tom Cruise. But as it turns out, making something this good still requires a level of skill and equipment out of reach for most people. Hopefully we have a couple of years left to come up with an adequate response at a society level. Read (FT $)
Asia-based instant messaging app Line shows the way on fact-checking–The app set up a service where users can send messages for verification and will receive an answer in real time. Importantly, it does this for text, images and videos, without breaking end-to-end encryption, which is always a concern with this type of service. Line seems to have achieved a measure of success with this system, so I hope WhatsApp and others will come knocking to learn more and implement this more widely. Read (Rest of World)
Belgian police broke into encrypted communications network Similar to the Encrochat investigation from a few months ago, Belgian and Dutch police intercepted encrypted communications from the SkyECC network, used by criminals for drug trafficking. The feat seems to have provided tons of evidence and ended in dozens of raids and arrests. No details on the approach of course, but it’s unlikely to be a brute force attack, rather relying on one or more compromised devices. Read (Computer Weekly)
US mobile carrier T-Mobile plans to start spying on its users for advertising–Your mobile carrier knows every single webpage you visit, so it’s fairly trivial for them to take the next step and start analysing this data to target ads, but so far no one had done it yet. The best way to protect yourself against this is by using a VPN, so that your traffic appears encrypted to the telco. Puts into context some of the appeals to Apple to provide a VPN service as part of the iPhone, given their focus on privacy and against this sort of tracking, but perhaps this should also be regulated. Read (WSJ $)
Popular YouTubers are building their own platforms–YouTube translates to seriously big bucks for a handful of creators. They are more than justified to try and decrease their dependence on a private business, so for the most successful to set up their own platforms is an interesting evolution. On the other hand it obviously raises questions as to discoverability and reach, which gave rise to social networks such as YouTube in the first place. Everything old becomes new again. Read (BBC)
That's it for this week's edition. As always, thanks for reading and please forward this to anyone who you think might be interested, it would be much appreciated.