Surveilled – Issue 67: GFC flashbacks, Chinese ad tracking, SMS hacking
Surveilled
Issue 67
A weekly summary of what I’ve found interesting at the intersection of economics, finance and technology.
One Big Story
The last couple of weeks have brought flashbacks to the global financial crisis of 2008, with a company engaging in “clever” financial engineering filing for administration, bringing a few real-world companies down with it, and creating collateral damage in the industry.
The company in question is Greensill Capital (FT $), who provide supply-chain finance. Essentially, a supplier can opt to get paid by a company like Greensill straight away, instead of waiting for the customary 60 or 90 days for payment from their customer.
In doing so, Greensill in effect lent money to that customer. It made money by getting the full amount of the invoice from the customer but paying a slightly smaller amount to the supplier. In order to scale its business, it also packaged and sold off the loans it made, in other words, securitised them. Lastly, in order to make the securitised loans more attractive to investors, it insured them through a few insurance companies. Does this sound familiar?
The whole construction came tumbling down earlier in the month, when one of the insurance companies indicated they won’t renew coverage of the securitised loans, forcing investors such as Credit Suisse and GAM to sell off their holdings and reimburse their customers. For Greensill itself that means funding dried up, which made it impossible to carry out its business model and forced it to file for administration.
Puzzlingly, one of the big investors in Greensill Capital is a familiar name: the Softbank Vision Fund. In fact, after its investment, Vision Fund portfolio companies started using Greensill to pay their suppliers, and the fund itself invested in the securitised loans through the aforementioned Credit Suisse funds, which is an interesting form of circular financing.
It’s not clear why Softbank invested in Greensill, since the company doesn’t appear to be a tech company at first sight, but it is in character with other Vision Fund investments like WeWork, which actually relied on very similar concepts as Greensill. Either way, it looks like the fund may have to take another loss here. And in the bigger scheme of things, it’s somewhat depressing to conclude that very few lessons have been learned since the GFC…
Six Links
The big Chinese platform apps are developing their own universal tracker for advertising–This follows Apple’s stated intention to force apps to ask for users’ permission before being tracked, which relies on device information. The big Chinese players (Tencent and Alibaba, among others) are now developing an alternative that would still allow users to be identified uniquely across platforms, without relying on the users’ consent. This puts Apple in a bind, because its new App Store rules expressly prohibit this behaviour. It now faces the choice of either allowing the apps to proceed, rendering its privacy push moot, or to block the apps from the store, practically rendering iPhones useless in China, a huge market. I think Apple’s move to get users’ opt-in for tracking them is great, but I wouldn’t want to be Tim Cook in this situation. Read (FT $)
Some trivial social engineering allows hackers to redirect all texts (SMS) to another number–The companies that provide these services help businesses do SMS marketing and mass messaging, but used in this way the hacker obviously gets access to a trove of useful info, including One-Time Passwords (OTP) sent over SMS. A timely reminder to treat SMS as a supremely insecure channel, and move to apps for things like two-factor authentication codes. Read (Vice)
The UK is starting to use its ability to log and store all your internet activity–There was a stir when this law was passed, and it’s bad news that it’s now also effectively being used, even if it is still very sparsely. Read (Wired)
In India, you can buy a smartphone on an instalment plan, but the lender can shut down your phone if you don’t pay–Other tricks, depending on the company lending you the money, is to change your wallpaper, selectively block apps etc., all with the intention to “nudge” you into paying what you owe. Of course on top of that, all the data on your phone is mined to establish your credit score. Read (Rest of World)
Researchers find Apple’s Find My feature effective and generally respectful of privacy–The feature also allows tracking of devices that are offline, through the use of Bluetooth. The whole feature is a delicate balancing act between effectiveness and privacy, but it seems the design succeeds on the whole. The researchers identified a few vulnerabilities which Apple has fixed. In other words, there is no reason not to use the feature, it certainly has saved me on more than one occasion. Read (ArXiv)
The common thread across Israel’s uncommonly successful cybersecurity industry is the IDF’s intelligence service– Alumni of Unit 8200 go on to find employment in Israel’s state-of-the-art surveillance industry, and they form a network stronger than that of any MBA programme. At the same time, some Israelis are organising a resistance. Fascinating long read. Read (Rest of World)
Wide Angle
The lightning speed development of Covid-19 vaccines is one of the biggest successes of innovation in years, but also stokes vaccine hesitancy through the assumption that corners were cut. Professional blogger Jason Kottke summarised the main reasons why the development was so fast, in what is a reassuring read. It also serves as a good reminder that innovation never happens in a vacuum: key building blocks for today’s Covid vaccines were already in place before the pandemic. Read (Kottke)
That’s it for this week’s edition. As always, thanks for reading and please forward this to anyone who you think might be interested, it would be much appreciated.