Huawei USB LTE Dongles Vulnerable to Privilege Escalation Attacks

Recently, it was discovered that Huawei's USB LTE dongles are vulnerable to privilege escalation attacks. This means that if an attacker can gain access to one of these devices, they can potentially run arbitrary commands with full permissions. The vulnerability is caused by a file running with 777 permissions, which allows the attacker to replace it with a malicious file that will also run with full permissions.

This raises serious concerns about the security of Huawei's products and their potential use by nation-states. Since these devices are connected to 5G networks, they could be used as a vector for attacks. The vulnerability is not limited to just the device itself but also extends to the network it connects to. This makes it a serious concern for organizations that rely on these devices.

A similar story emerged with Google's browser, which was found to be harvesting private web activity of millions of Android and iPhone users. When users use the Alibaba browser, it sends their IP address and the websites they visit to a server in China every time. This is similar to Google Analytics but without explicit consent from users. The browser is widely used, including on sites that may not expect this level of tracking.

This raises concerns about data privacy and security. It highlights the need for transparency and consent in data collection practices. Users should be aware of what data is being collected and how it is being used. In this case, the lack of explicit consent is a significant concern.

Another recent development in the realm of cybersecurity is the discovery of "poison installers" in SolarWinds' hacking toolkit. These are not malicious files themselves but defects that have been introduced into the installer to leave backdoors or vulnerabilities. This means that if an organization installs software from SolarWinds, there is a risk that it could be used as a vector for more serious attacks.

The discovery of these vulnerabilities and the introduction of "poison installers" highlights the ongoing threat of cyberattacks and the need for organizations to stay vigilant. It also underscores the importance of cybersecurity in today's digital age. As technology advances, new threats emerge, and it is crucial that we prioritize cybersecurity measures to protect ourselves from these risks.

Meanwhile, another significant incident has occurred at Cox Media Group. A ransomware attack brought down several radio and TV stations, including a local news station that had not missed an episode in decades. The attack was caused by an employee clicking on pirated software, which triggered the ransomware attack. This highlights the importance of cybersecurity awareness and the need for employees to be cautious when using software.

The incident also raises questions about data storage and backup practices. If the local news station had properly backed up its content, it would not have been affected by the attack. This underscores the importance of having robust backup systems in place to prevent such incidents from occurring. It is a reminder that cybersecurity is not just about protecting against attacks but also about ensuring business continuity.

In addition to these incidents, there are concerns about the impact on businesses and organizations. The constant threat of cyberattacks can have significant consequences, including financial losses, reputational damage, and disruption to operations. It is essential for organizations to prioritize cybersecurity measures and invest in robust security systems to protect themselves from these risks.

"WEBVTTKind: captionsLanguage: enhello everybody welcome to the level one news today is june 8th and today we're doing government and security the first part of this uh whole section is basically oops all ransomware stories so you have that to look forward to but before that wendell has some new sodas to try this week well it was in the box from last week thank you random citizen uh yeah so uh this one it claims it's a little citrusy and then this one is sour me unicorn farts let's see what's the first one called uh sun lab young souls i don't know they really need to work on that krista they need some some design love here i mean i don't have the webcam up today i can't see the can i can see women like being into that vibe in that can like you're on the beach yeah it says hazy india pale ale with citra you cannot and sriracha rice sriracha wow they do i think the copywriters work harder than anybody in the liquor business oh speaking of my my favorite new word from this week's news is uh the word for amazon's uh workers the warehouse workers we'll try the unicorn farts next this is not technically in the running for an orange soda review it's not an orange soda well it does have a it does have a you want a citrusy uh uh uh this is it's it's it's it's citrus pomegranate it's the beer it's still got hops in it though yeah it tastes mostly like that yeah i don't like beer normally but like with citrus i feel like that would be strange i don't really care for beer but it is it's pretty drinkable it's uh it's weird because like the beer and the hoppiness is kind of a brown flavor in my mind and the citrusy stuff is kind of an orange flavor so it is kind of like a brown and orange mix which doesn't really work out in the color spectrum either are they they might be brown after they roast them but they roast them right it's not bad now we do it for those of you who enjoy the soda reviews i did pick up some san pellegrino oh and then we still have two or one left well on the on the weekly office reorder thing i think there's i think there's one left uh one yes and uh on the weekly office reorder thing i added the orange cream soda but twice in a week twice in a row now they have not they're like we don't have that is that because the health department took all over is that full sugar no the health department took orange crush that's what actually happened so yeah it's still pretty uh pretty low out there but we'll see all right well that was uh sun life nope uh sun lab oh sun lab of course i have a weird name if i was going to create a space lab i would position it on the sign this is a 1.7 alcohol by volume that's pretty good that's that's that seems fairly alcoholic for down me chug it i was looking for ingredients but i don't see that this is definitely really good you know a hand you know this is basically a peel and stick label so this is not you know a high production value you might get some hate for that that's what they want though it's like yeah artisan yeah this is definitely an artist's product i mean that in and i mean no disrespect it's uh it's an artisan product it's probably bottled in the same plant as everything else all right well let's get to it and as christa uh warned you a lot of ransomware the big one of course was the meat plant attack and uh we were all worried there for a minute we might not get our delicious meats seems like it's okay now but it does show how vulnerable we are with the stupid supply chain a russian cyber criminal group was behind the meat plant attack the fbi says meat processing plants operated by jbs which handles a fifth of the cattle and hog slaughter in the u.s coming back online wednesday the group was called revel they've done stuff before ransomware evil yeah that's what that stands for yeah and uh so they're gonna go after them but what are you gonna do and they weren't the only one this one a much bigger name that we've all probably heard of fujifilm becomes the latest victim of a network crippling ransomware attack we should probably spin off and do some uh some cyber security videos because there's a lot of people that could probably change professions because there's a lot of need for cyber security professionals and they point that out and not only is there a great need for it but there's now competition between the government space and the business space because everybody's realizing all at once that they're deficient if you've been watching the level one news for years we've been telling you for years that you're deficient everyone is deficient and that's really frustrating if you're like the the security guy at one of these companies and it's like you've probably been begging for the funds to upgrade stuff for years and no one's done it there's always people in our comments that are like look i've been digging or begging for money to upgrade our windows xp machines for three years now and they won't give it in our last ransomware story you might be thinking well you know what i don't use fuji products although i think they make a lot of stuff maybe not they get sold here and uh i don't eat meat so i'm i'm immune to this but what do you commute because the rats where people can get you everywhere eat land sea and air i didn't eat anything and i said nothing ransomware attack disrupts massachusetts fairies and then they came for the fairy operators and there was no one left to speak up for them the fairies yeah getting you from point a to point b because there's not a road or a bridge now you might be thinking what kind of software is on these ferries the ferries themselves were fine it was the ticketing system that was down at least it wasn't flash like the uh the train that was shut down in china because of the flash end of life whoops yeah oh oops yeah well we already talked about this one tommy is the victim of a cyber attack this one's from axios it actually does have some information in it that the other article did not have um namely that they actually had some reasonable uh a reasonable uh incident response i guess you would call it i think they some of them were back on by wednesday and this happened when friday was it last week yeah yeah so i got it back together i imagine we there was plenty of meat at the supermarket but those beef prices are they high i don't know if that's a direct result but i want memes of uh guys with tarps in the back of their truck just loading up on meat you mean like just throwing raw meat into the tarp yeah not bothering coolers like how people did with the gas yeah when they were just filling in bags or like they did at the wet markets what could possibly go wrong nothing went wrong there so what do you do about all this i mean you got to feel pretty helpless right because it's not like we can do anything about the security personally and we can't necessarily say i'm not going to use these products because my favorite lead into that is the krebs story where it was like just add a russian keyboard and most ransomware will just stop running because what i'm saying is i didn't get ransomware my meat did yeah what can i do about that not a thing and so the government wants to get involved this sounds good but there's some language in here yeah that's really scary reuters reports that exclusive a us to give ransomware hacks a similar priority as terrorism officials say the justice department is going to treat this as basically economic terrorism and especially if it's the same criminal groups and criminal gangs over and over again we will respond with lethal lethal force so that sounds good right just ransomware well no obviously when the government does something the scope is always a little too much and here i would argue that it is a lot too much uh elicit online forums or marketplaces cryptocurrency exchanges what bulletproof hosting services botnets and online money laundering services now remember mount gox was an online money laundering service that sounds like just everything the government doesn't like so you must notify if anything happens and you operate one of those things i mean if you operate a coin mixing service you're not talking to the government ever so now you will be in violation if something happens to your users i was thinking more about it from like the krebs on security angle because what world does it make sense that like if you're a cyber criminal and your your malware gets deployed on a machine that has a russian keyboard that it's like oh crap the russian authorities they're really something to be feared and i was like oh yeah american businesses they're ripe no nothing bad will ever happen there yeah but by doing that they're moving more toward the russian model is that what we want probably not ransomware people are not the only ones getting ground under that boot yeah when it happens so yeah it's a tough just tough question speaking of being ground under the boot yeah i don't know if tyranny is uh the answer yeah this one i mean i guess it's kind of nice that you are less likely to get caught up in these laws but this guy should not get away with what he did yeah it's like this headline is amazing and then you read the story and it's just like good lord the supreme court narrows the scope of the computer fraud and abuse act which is a computer hacking law that has been abused by prosecutors forever anybody remember aaron schwartz you know pour one out for aaron schwartz he was the the guy that uh was hounded into suicide by a an overzealous prosecutor because he had the gall to post academic journals online without permission of course we have the sahab thing playing out exactly the same way so the the the case here was a cop or was it an fbi agent it was a cop it was just a regular old like sergeant-type cop a cop was bribed to run a license plate so he had no investigation related to this license plate he had a side gig as like a private eye or uh something like that right someone was like hey i need this information and he bribed they bribed him he bribed the person at the the check and it was discovered and the argument is he did have access to that system so we did not force access thus he is not a foul of that law now he still lost his job but he should be prosecuted for that that's color of authority yeah he should get like 10 times the sentence yeah that's what the uh the uh the ruling said that the language in the cfaa is way too broad because it makes literally everybody a criminal it makes somebody who does online shopping with their work computer a criminal it makes somebody who listens to music on the work computer if that's not allowed a criminal it's like oh the language there is too broad how fast would amazon prosecute if you were using a break your room computer to do something personal to check your facebook they don't let you listen to music or anything even when you're out on the floor i say that knowing there's no such thing as a break room computer at amazon but i'm just saying like they would definitely abuse that if there were a break room computer it would be facial recognizing you and giving you stats on how long it took you to pee so uh yeah that's a that's a weird one i guess it's good that you know like it creates more freedom although that cop got away with it which is yeah worst case why did this one why was this one the one to go to the supreme court i mean and why did they choose that one yeah you know why so uh subscriptions now remember a while back we talked about like the dark patterns and the hard to unsubscribe things this article doesn't mention that that law that makes it is it's supposed to be you make the unsubscribe as easy as the subscribe but a lot of people in the comments at that point pointed out some of the difficulties that they had and i think i mentioned luna plus and somebody was like oh i can't get away from lunaplus i did it yesterday it's literally one click like you go to your subscription page you cancel they fixed it it gives you the rest of the month i don't know if they fixed it or if that was just bad info but uh they aren't as bad as some but there are definitely some that are absolutely terrible some of these apps yeah oh it's disgusting federal officials are going to clamp down on deceptive subscription marketing and a broad range of firms so finally there might be some federal law that makes it easier to unsubscribe the article does cover things like a european people have an easier time with some of this uh the article strangely it mentions some laws that were enacted in the past to try to deal with aspects of this but strangely and it talks about laws specifically in california but it doesn't really talk about a couple of the laws that have passed one of which was in california which is basically that if it's one click to subscribe it also has to be one click to unsubscribe or if you have to fill out seven forms to subscribe then it's okay to make somebody fill out seven forms to unsubscribe that's fine i gotta think this is gonna be the same kind of situation with a lot of the ransomware stuff the biggest offenders here might not be in the us yeah so what are you gonna do about it yeah i guess it's easier to just turn off that payment and not face consequences yeah if they're in the apple app store you just ask apple to turn their app off that's one way to do it yeah you're gonna just call apple up get him on the phone is that what you're gonna do well i think that the the federal government will have no problem convincing apple to do that thing is how they now what i'm saying is an individual oh yeah if you stab somebody at the apple store you might get their attention and amazon warehouse workers i feel for you because i imagine this uh this unseasonable heat is no fun in an amazon warehouse they don't cool those things other than big fans yeah because it would probably be too expensive and not only that but also because of your healthcare bills amazon warehouse injury is 80 higher than competitors a report claims this report breaks down the number of injuries per 100 full-time equivalent across warehouse businesses and all employers in general and yeah it is significantly higher uh one question that i had was you know i don't think that the warehouse jobs are necessarily apples to apples um so non-amazon warehouses like what does that look like are they as high volume as amazon are they as as much traffic as amazon probably are because if they're not then they probably schedule the work so that it's there's always enough to do yeah this is also maybe a little misleading even doing it as per 100 full-time equivalent employees because we know that amazon warehouses are among the most automated warehouses there are are the injuries related to that automation or because people are being asked to keep up with machines and so they're injuring themselves now this is this data came from a uh labor group that is all about unions now we know that that's a contentious relationship but i think it was just they were just analyzing data that was given by amazon themselves yeah so it wasn't like they did the uh you know they didn't talk to these people themselves they didn't do the polling they just analyzed the data and i think one newspaper double-checked them and they said yep it's really that bad you think that amazon warehouse workers get health insurance um probably not they probably don't give them enough hours for that right yeah probably but uh i don't know i'm not injured on the job you also can't afford to go to the doctor to fix it this is the uh i cut out the the actual story about it because they're the same thing but here's what you alluded to earlier they have some new training material at amazon to talk to you about how difficult your job is one of the crazy statistics here is that cumulatively through a four-hour shift i think or maybe it's an eight-hour shift you lift 20 000 pounds so you need to prepare for that yeah that's actually in the training material it's like oh you need to be prepared for you know expending 400 calories an hour and uh doing all of the weight lifting and exercise outside of regular business hours so that your body is ready for this and no lunch breaks though and if you can get that far you can call yourself this coveted title do you think they'll have like is this a flag on your work account it's like the stars at a cracker barrel you have it like put on your apron we should put this on a t-shirt right industrial athletes whoever came up with that name is brilliant but also a monster yeah do you think there's one amazon worker who is just so proud of being an industrial you think so yeah yeah the whole uh uh you know the what was the there was the really famous um song about the railroad when they were automating laying down the railroad is it casey casey jones yeah yeah it's like there are people like that working for amazon that are like casey jones and if amazon paid well and didn't work you to death that would probably be an immensely satisfying job it's like i'm gonna go i'm gonna put in six hard hours and you know casey jones it up that could be a good living i don't think so after a month or two the repetition and like chris has said you can't lose can't even listen to music uh yeah i guess it's mind-numbing casey jones got to enjoy the great outdoors got to take breaks you know didn't have to pee in a bottle no he didn't get to take breaks chris did chris the spoiler alert he died he died doing what he loved oh and amazon outside the warehouse has some other controversy to deal with and it seems like they have gotten enough pushback on this one that they're finally going to make a little bit of a change no change at all no this is this is a pr move is there's functionally no change here well but the you know the the nosy homeowners say association women can now keep track of everything yeah that happens that's the addition here yeah amazon's ring will ask police to publicly disclose when they request video but your homeowners association will also have access to your ring video it's that neighbors thing that they have so if a cop previously if a cop wanted your footage they would approach you directly they would message you through ring i guess right the the ui but now they got to go through that neighbors thing and everybody can see that request or at least the people on your list i guess i don't know how neighbors works exactly can i go and just look at the neighbors of any geographic location or do i have to have a ring there i'm pretty sure you'd have to have something there amazon has to like seems like have we delivered a package to this person in that area get four more prime deliveries to unlock neighbors that's weird it says that my neighbor xi jinping just got some seeds i don't i don't understand oh they're requesting access to my cameras uh sure i guess that's fine and we have talked a lot about these uh these wide-net searches that go on just because you happen to be in the vicinity of a place during a committed crime now that we're all connected all the time they can easily know that you were out of place and they can begin using all sorts of terrible searches against you and you would never have a clue about it a couple of states have done the minimum i guess to try and fix that two new laws restrict police use of dna search methods maryland and montana have passed the nation's first laws limiting forensic genealogy method found the golden state killer so basically it's like we're just going to look at all the dna that we can possibly find now the mayor i think i might have this backward it's maryland montana one of them you just have to have a warrant so they can convince a judge they can still do this but the other one had a lot of limitations on like you can only use uh like 23 and me and what's the other big one ones that are that have an existing relationship with law enforcement and people get notified if all of a sudden you're just looking into their dna well if pcr gets cheap enough they're just going to install equipment in the sewer system and be like yeah we keep getting dna hits for some of the you know familial dna you know at the uh at the corner of las cruces and and you know e street or whatever and it's like okay somebody in that area has the dna that we're looking for so what we do then is we start a crowdsourcing initiative at every major concert and venue or whatever that people would travel to there's a bucket a big bucket and then you collect all that and then you drive to various locations and you unload a little bit of bucket what what would be the name of the group that ensures that our personal freedom by taking random dumps all over the us the yellow lanterns by taking dumps i was just talking about urine i guess we could do both i'd be much more discussing the brown lanterns there's the title and in florida they have completely florida and texas have taken a completely different path with the crisis that we're in right now and a lot of people are championing that but in the beginning they might have fudged some numbers and when i say might have it seems overwhelmingly obvious that they did they made some other really bad mistakes in terms of freedom that maybe finally are getting unraveled a little bit former health department employee rebecca jones remember her granted official whistleblower status now if you if you haven't been keeping up at home this is the lady who was you know reporting that she was asked to you know fudge the numbers on the florida dashboard and she didn't want to and eventually she was fired for quote unquote for insubordination and then police raided her house and confiscated all of her computers and accidentally looked at privileged client attorney stuff and they also filed a police report that was like no we totally didn't brandish firearms and then video came out where they actually were brandishing firearms at her children no less to collect data and because she was accused of sending an email was it is the timeline that they she was not part of that program anymore right when she blew the whistle yes i wonder how much that entered into the supreme court ruling because if they didn't add that caveat this would have invalidated her arrest yeah that's interesting yeah so this does not uh absolve her she's not gonna get out of her court case but it does give her whistleblower status which is supposed to protect her identity but that cat's out of the bag isn't it yeah we all know who she she might be entitled to back pay like they may have they may not have been permitted to fire her for the concerns that she raised it's like we're asking you to do this if the insubordination is determined to have been that specifically she might be getting quite a payday and rightfully so i really do think that florida i mean even if she's the type of person to like obsessively be like no i'm not wrong and not let anything go i really do think that florida has screwed up big time here so uh if you love the heat if you can't wait to get out and enjoy that hot summer weather i know a place you can go will your experience a beach scene like you've never seen before and uh fortunately there is a you can catch a ride in the next few years you can go there it's gonna be fantastic getting back might be a little tricky venus can't wait nasa plans a blockbuster return to the hot house neighbor they're they're planning a mission to look to see if venus once had a lot of water like earth it's a little closer to the sun a little hotter a little bit more co2 as it turns out let's look it's two missions and uh we're gonna send some robots we're gonna get a venus robot just like we got all those mars robots and it's got some funny names veritas and what's the other one oh davinci plus oh deep atmosphere venus investigation of noble gases chemistry and imaging plus because it's got to have a plus right the noble gases have an isotope somehow some reason on venus which we got to figure out why i think i once watched an adult video that had a similar title so we're going to do that get excited about that they interviewed like uh a venus guy like a hardcore venus astronomer and he was almost in tears i've waited so long don't doesn't venus pretty much burn up anything that gets into its atmosphere though it will have to be a robust problem yeah sure yeah none of this mars nonsense none of these helicopters can't we do it in venus although if they do they'd be very impressive we've done this story twice before was it or was it more than twice one okay uk tried it australia australia you tried it was there one more there was uh i think it was one of the indonesian countries and none of them even got to like even got past the planning phase yeah when when it came time for the rubber to meet the road here there was no rubber and there never will be because this is ridiculous where the rubber meets the road is an rfid implant with your your citizen id and seeing what canada has done during the pandemic i would not discount that my god they are insane requiring proof of age to look at online porn raises privacy issues the senate committee hears this is the national post which they're talking about canada oh canada yeah they're they're going even more off the deep end than we are that's really saying something but it's it's the same story as the uk and australia they don't have a plan on how to do it just to do it they are so desperate to be rid of the bathwater they have not only ejected the baby they have burned the house down so ah good luck with that they are the the potential ways of doing it are just like the ones that have failed everywhere else so i don't know oh yeah in utah we have this in utah oh right yeah and uh when you talk about that microchip we're certainly baby stepping toward that aren't we we really are and the eu is definitely at the forefront they love that kind of thing ah after joint debt eu seeks more integration with digital id card so the eu envisions this universal digital id card which will be used as an id or reference to a central online database that contains your identity your credentials your education your health status prescriptions that you are entitled to so you can go to any corner walgreens you know whether you're in amsterdam or new york or wherever and just you know get your stuff i imagine my vaccination status will be in there too oh that's that wasn't that's don't even worry about that it's fine it's just a little minor note it's not even anything to worry about they do there is like a little sentence right at the end there it's like oh this is not obligatory but it's gonna get to the point where businesses just don't take other kinds of payments so what are you going to do you just get a little bit different than like your license here in like the u.s for example it's not linked with everything else yeah right that's true your license is uh well i mean you know it's somewhat but also if i guess you you have to have an idea no matter what pretty much yeah like if you want to yeah if you want to get a drink if you want to but this thing is this is tied to payment krista that's that's the big difference yeah well i mean here even though it's like linked to id it will exacerbate the issue that is prevalent it's like you know when you get pulled over for a speeding ticket and you're in a really horrible car it is a completely different experience than when you're in a really nice car well the us and the eu like to share data i like to share their citizens data with each other the governments i mean not you know citizens actually sharing information with each other and the u.s in the past has been known to maybe do a little spying just a little and the eu is saying i don't know if we trust you anymore europe to us pass new laws if you want data transfer deal the new rules are needed to limit the bulk collection of europeans data i i don't know about you but my takeaway from this article was basically it's okay if you collect all this data but we want it locked so far away that we will never have another snowden not we want to control what we actually collect well the reason for this press release is pretty obvious when it's in context nsa spied on european politicians through danish telecommunications hub this is explosive and the crazy thing from this is from 2015. so the us spied on the dutch not just any dutch either the politicians the really important politicians and also angela merkel and this report from 2015 pretty damning and uh the journalists got a hold of it and so now that the journalists have gotten a hold of it something from you know seven years ago is finally like oh maybe we should do something about that oh maybe we should now that it's in the public eye and so um it's definitely a situation of well you know if you can't keep your house in order we're not gonna allow you to spy which is again different than you can keep spying if you could control the data now they're saying why were you doing that in the first place and snowden did tell us about this he did and he's been confirming it and giving more details which actually fit the puzzle perfectly yeah so i don't think there's much denial that can come out of this we just wanted to make sure that uh angela merkel was not a you know secret lizard person i wonder if they got any data there it's it's perfectly innocent i promise no it's totally fine and uh the eu you know it seems like all of a sudden they're not playing around with spies they're like hey we got to do something about this data we're getting pushed around by these you know like it's like uh it's like that picture where uh batman and iron man are fighting and the little spider-man's down there and it's like they're throwing money at each other so it's china on one side the u.s on the other and they like to spy in europe huawei x director on trial in poland on china's spying charge yeah this is gonna this this this trial is gonna yield all sorts of really interesting nuggets well so he was arrested now this is uh when you say huawei x director here they're talking about the x director in poland this was huawei poland and so he had a guy on the inside and they were getting contracts and they were giving them really nice prices and probably good service but the secret was they wanted to know what was inside those networks and now that they have their stuff in there poland claims at least that that's why they did it in the first place yeah so he's been locked up for six months or maybe it was more than that it's pretty brilliant really i wonder if cisco gave him that idea at some other country working with cisco to get cisco gear everywhere surely that wouldn't happen surely they wouldn't backdoor the entire encryption algorithms for money this is may 27th i shouldn't remember i remember we talked about something like this i don't know if this is exactly no this is the new one yeah so it's not the first time they've done this but what they do is they kind of honeypot these freedom fighters by pretending to be freedom fighters themselves and if you can't trust that then i don't know what you do chinese hackers posing on the as the u.n human rights council are attacking uyghurs in the china region chinese speaking hackers are targeting weaker muslims with fake united nations reports and phony support organizations according to a new report so this is the third instance of this i think initially it was the apps that were they were using to communicate with one another i remember there was a phishing one too yes but this is uh word docs yeah and it's like we're you know we're here to support you and it's like none of this is real i think the docs are like actually pro wigger stuff and you can read them and you can feel good about it but in the meantime it just back towards you yeah so could you ever be paranoid enough to be a uyghur in china no i mean there's no level of paranoia that's enough i guarantee they're all over your stuff yeah well the crypto markets i think they were down again today yeah yeah it's not a good time to be in the crypto market and it seems like oh but amc's up yeah one government after the other they're just lining up and they're saying oh someone else did this first let me be the next domino iran bans crypto mining after months of blackouts gpu prices will return to normal soon china's been doing this too but this is a little bit lip service and there's probably a little bit of reality to it as well because you know they've got all the sanctions this is one of a relatively easy way for normal normal-ish people to bypass the sanctions and get a gpu can generate some some income and some currency with it well they have a licensing system this is only for people who are not licensed so because of the tax revenue and everything else i guess um but also you know like power usage and crap like that but also their infrastructure has problems anyway so i mean this is probably not as much of a problem as they make it out to be but there's a couple of asics in the revolutionary guard building still yeah and i guess i bet those are perfectly fine yeah so i don't know maybe you get some uh some used equipment we'll see and uh this one is kind of similar to the subscription thing when it comes to the app store you have to worry about those advertising ids and everything else now apple obviously took their big step and android was like well i guess we have to right i mean what choice we have we can't be seen as the ones that still spy google is making it harder for android apps to track you once you've opted out advertising ids will be disabled for users who opt out of tracking you can't do it yet at the time of uh you watching this you might be able to yeah but there's going to be other ways to track you that don't involve your advertising id as we've seen there are so many ways so many metrics where they can build an id for you it's disgusting really but you might as well turn that off yeah it's not going to hurt oh no no has your auto warranty doing something restricted i bet it is that's your auto warranty but make sure mine's on silent as well this one was crazy and when i saw the headline i was like ugh is are they just doing this to try and it's like oh you're too stupid to do this let us do it for you and i was like that would be a little bit insulting that's exactly what it is they're telling you you cannot be trusted to do this on your own just shut up and we'll do it norton 360 antivirus now let you mine ethereum cryptocurrency just in time to switch to proof of stake from proof of work now they weren't sure at bleeping computer whether this was a pool or whether you were literally just on your own here they assumed it was a pool and that would help you get more out of this but yeah your latest norton you can just go in here to this ui turn it on you got 12. i'm pretty sure that this the proliferation of things like this is going to lead toward a browser plug-in for like you know all the paywall sites stuff like that if it was i could just give them you know fractions of a cryptocurrency as i browse and like i had to pay to do that i would totally do that yeah but they would never that's too small an amount for them is it yeah they want way more than that but most people wouldn't opt into that if i left my computer on mining all the time you know would it outpace the rate at which i browse if everybody did that how would that affect the grid well i mean for proof of work it'd probably be okay but proof of stake not so much yeah that's the the adoption level even at this mania the adoption level for crypto is vanishingly low still so so i think people say we always get comments i think the brave browser does something like that yeah it does yeah and firefox here's something that i guess it seems it'll probably be positive for most people but i find it disgusting i i remember reading years ago a really long thread on the ethics of this because both chrome and internet explorer preload into memory as soon as you boot so when you launch chrome it's just unhiding it basically and firefox was like yeah we need to do that too because people don't want to wait on firefox to launch and there was this big it's like what are the ethics of that or is that an okay thing to do and for like normie computer users it was like yeah they don't care but a lot of the hardcore like open source and like is it ethical to do that we're like no we are not doing that also what if you're doing what if you're doing something with your internet connection like streaming or whatever and all of a sudden you're like oh what's going on yeah i'm losing i'm dropping frames what's happening you don't know because this nonsense firefox now auto updates on windows even when not running well to be fair i mean windows will do that to your stream a lot more consistently as will chrome yeah but everyone hates it it's not something to emulate i'm just saying they do it so it's okay but it is a misnomer when they say not running because obviously something else is running yeah like everything yeah oh you can't toggle metered connections on sometime for giggles toggle your not metered connection on to be metered and then enjoy the that's weird my connection doesn't mysteriously get slow anymore now this looks to me like the work of he sung it is because we know that he's sung he'll cut some corners he'll do things just because they work and not think about the ramifications that come later that's certainly what has happened here huawei usb lte dongles are vulnerable to privilege escalation attacks uh oh so one of the files runs as 777 and if you were to replace it whatever you replace it with will run with full permissions yikes now was that done on purpose or because they're terrible programmers that was he signed for sure and the only thing that has to happen for this to uh to trigger is that lte has to wake up and try to go somewhere that would be terribly convenient for a nation state to exploit though terribly convenient a nation state that funds huawei a nation state that has 5g equipment to which this connects that they're currently installing africa and india now we've seen this headline before google did it pretty much everybody i think is doing it yes it's not anything new forbes reports that this exclusive alibaba's huge browser business is harvesting the private web activity of millions of android and iphone users so anytime you use the alibaba browser what's the name of it you see browser it will hit a server in china every time with your ip address and what site you visit that sounds like google analytics yeah except no one explicitly set it up to do that except for them so uh if you don't like that idea is that popular in the u.s or anywhere else other than china it is surprisingly popular it's popped up a lot in analytics on on sites that i would not expect so watch out for that and if you're thinking well what do i care they don't know who i am are you sure listen they can run arbitrary commands in your 5g modem are you really sure about that all right remember solar winds oh that was so many crises ago but we're still learning about it they're still kind of it's still smoldering yeah and then trying to figure out what exactly happened and of course you know the more layers you pull back the worse it gets uh security week reports that poison installers have been found in solarwinds hackers toolkit and so what this is is these are installers that are not it's not correct to say that they're infected with malware but defects have been introduced into the installer so that when the installer installs the thing there are holes that are left like that 777 file like something was very changed in a very subtle way uh to sort of leave a way in potentially that was not there originally so if you've got one of these installers and you install it that may be a vector for something worse to happen to you later that otherwise you would not be vulnerable to yikes and our final story is another ransomware attack i did leave it till the end though because uh this one affects us probably more directly than the others if you were one of these people and it'd probably make people more angry than the others although i got to think that only it's this is traditional tv and radio so mostly old people getting angry at this live streams go down across cox radio and tv stations and apparent ransomware attack so cox media group was like oops we got ransomware an employee clicked on something they were trying to run pirated software and you didn't have to be a subscriber because uh you know their media as well as isp and tv and stuff so they actually were sending streams to other networks and other kinds of services all of that went down lost everything oops some there was a tweet here it was a local news station oh take a look the local news station had not missed an episode in something like a decade and they had to because of this oh the first time in a bunch of decades wsb tv is unable to be on the air there's probably some old person who was furious about that too and like their grandkid was there trying to explain what was going on they were just turning over tables but yeah they should have done something creative like uh had an old-timey radio hour or had somebody like you know that announcer describing memes or something i think it's probably they probably have an agreement not to broadcast their own stuff right it's got to be cox's stuff is it like the uh the sinclair broadcasting thing where all of the announcers said the same thing with the same intonation probably yeah they said they own like 57 tv stations and radio stations and they just changed that law remember that's horrifying you can buy more now yeah well what's the how far do you get on that brew about halfway what do you think definitely verdict it definitely quenches the thirst is it taking the existential dread away a little bit it is yeah a bit i think you're not pounding it hard enough all right tomorrow is uh business and i don't remember but it's exciting long section right it's a long wednesday yeah get hot for it all right you\n"