Learning by Proxy | Hacking Goliath
Large organisations are supposed to be sophisticated and capable of affording incredible security. Time and again they fall to the most unsophisticated attacks.
Most of the world has been disproportionately focused on COVID this year and for good reason. This has also meant that we have not focused our attention on many of the other equally important things. There have been several critical hacks that have not received as much attention as they should have.
Hacking Goliath
When computers were introduced in 1960 to the colleges, students were given the lowest priority. They needed to make the most of the little time that they were provided on the systems. This implied that they were required to invent shortcuts that would get what they wanted, done, with as little run time as possible. These shortcuts were called Hacks. By extension, hackers were far more well versed with code than the actual programmers. They know nuances far better to be able to extract the most out of code.
Many of the early hacks were an act of protest rather than arson. But as the internet expanded in the 1990s; more and more of the commerce and business came online. This drove hacks with a mala fide intent of acquiring information, financial or otherwise to gain financially. The trend has accelerated over the past 15 years.
Over the past 5 years, a lot of governmental activities have moved online. In addition to that, there has also been an acceleration in the utilisation of online platforms to undertake financial transactions.
So - It is okay to transact trillions each day online but voting - that we cannot do. I digress.
Online services are built on a system of backbone services that none of us is aware of. Most consumers are not aware of what these systems do and may not have even heard of these companies. Solarwinds is one such company. The company provides products that provide network management, systems management and IT Security among other things.
Russia's hack of IT management company SolarWinds began as far back as March, and it only came to light when the perpetrators used that access to break into the cybersecurity firm FireEye, which first disclosed a breach on December 9. Since then, a cascading number of victims have been identified, including the US Departments of State, Homeland Security, Commerce, and the Treasury, as well as the National Institutes of Health. The nature of the attack—and the tremendous care taken by the hackers—means it could be months or longer before the extent of the damage is known. The impact is already devastating, though, and it underscores just how ill-prepared the US was to defend against a known threat—and to respond. It's also ongoing.
Source: Wired
When services that serve as the backbone are hacked into, the effects of it can ripple throughout. Part of the push back on the Huawei infrastructure is because it is assumed that the Chinese government asks the company to build backdoors in the system. If the system falls, potentially everything can fall!
Over the past several years, the US has invested billions of dollars in Einstein, a system designed to detect digital intrusions. But because the SolarWinds hack was what's known as a "supply chain" attack, in which Russia compromised a trusted tool rather than using known malware to break in, Einstein failed spectacularly. The government can't say it wasn't warned; a 2018 report from the Government Accountability Office recommended that agencies—and federal defence systems more broadly—take the supply chain threat more seriously.
Source: Wired
This is a devastating attack that has gone right up to the Treasury Department and at the moment nobody knows what or how much the hackers have made away with. It is even more surprising that the President of the country has not even breathed a word and spent the entire time hatching plots to subvert democracy.
This for a country that asked Apple to build a privacy backdoor that only the government would have access to, ostensible to catch criminals!
While all of us have been mighty distracted with COVID this year, there has been a long list of attacks across the world! Twitter was hacked and accounts including that of Barack Obama and Elon Musk were used to solicit donations. The hackers made away with a few hundred thousand dollars before being caught.
Marriott had over 5 million customer data leaked through its loyalty app. Zoom had the password to over 500,000 accounts leaked. MGM Resorts had a massive leak that resulted in the exposure of over 140 million customers. The only thing surprising was that they had 140 million customers!
One of the biggest and most damaging trends, though, has been the uptick in ransomware attacks from cybercriminals and nation-state hacking groups. Ransomware attacks have been used to target companies large and small, with high-profile attempts on companies like Tesla, Toyota, Garmin, and more recently, Kmart. And these attacks aren’t just limited to businesses – some of the most widespread have been used to target local government agencies, school systems and healthcare providers.
Source: Security Boulevard
Our data is critical and that same data is used to authenticate a whole host of things including and especially our credit. Today, that data includes all of our biometric details as well. With the advent of IoT, it may be possible to get into your house with some of these details. By stealing your data it is possible to fake your identity and seek credit, commit a crime and engage in various illegal activities. Not to mention secure incredibly personal information and blackmail someone. At corporations and governments, it is possible to use data stolen from them to compete against them and even mislead them.
Tesla
One of the most important reasons that had been given by Elon Musk for pursuing Tesla was climate change. He claims that electric cars would reduce our carbon footprint and bring down pollution. Let alone the fact that the battery technology today is unsustainable and we will run out of Lithium on this planet in the next decade. Now, this…
A temporary halt in the clearing had been in force while a regional court studied the matter.
In Friday's ruling, the Berlin-Brandenburg Higher Administrative Court said it would ban clearing by Tesla in peripheral areas of the site, ruling in favour of environmentalists.
But the court said the stoppage for the rest of the area could not be justified.
Source: LiveMint
They are cutting down forests in Germany to build factories - for Tesla. For me it was already hard to see Tesla as a company that does any good to the environment, this just makes it even harder.
COVID Reloaded
Our friendly neighbourhood coronavirus mutated. Scientists from the UK claim that it is far more transmissible. 70% more transmissible.
On Friday (Dec. 18), scientists presented the UK government with stark data on a new, even more contagious variant of the coronavirus that had earlier been discovered in London and surrounding areas in England’s south-east. It’s 70% more transmissible than earlier variants, the experts say, and responsible for most new cases of Covid-19 in the region. It’s not yet thought to be more deadly or resistant to vaccines, but it’s “out of control,” according to the UK health secretary Matt Hancock. The variant has already been identified in other countries, including Denmark and Australia.
Source: Quartz
The UK went into stringent lockdown. Most European countries immediately shut down all flights from the UK. There were thousands lined up in the UK trying to get on the last train to Paris. This, while the European Union begged countries not to shut down their borders.
That announcement resonated worldwide: Shortly afterwards, a number of countries, including the Netherlands and Germany, banned travel from Britain. The new variant represents a rare event; it carries more than a dozen unique mutations, many more than its predecessors, and its swift emergence is not likely to be a matter of luck alone. It has displaced competing variants that have been circulating for months in southern parts of the country — a crowded field, unlike early in the pandemic.
Source: New York Times
Thousands of trucks waited to cross the channel. It gave UK a taste of the kind of horrors that awaited if they did not reach a deal with the EU. And almost immediately, a deal was reached.
At a Downing Street press conference, Boris Johnson said: "We have taken back control of our laws and our destiny."
The prime minister added that although arguments had been "fierce" it was a "good deal for the whole of Europe", driving jobs and prosperity.
EU chief Ursula von der Leyen said it was a "fair and balanced" deal.
Source: BBC
The deadline that both sides are faced with is the 1st of January. There are not too many days left to haggle. The British Parliament and the EU will have to pass the bill by the 31st of December. The politicians are not going to have a relaxed year-end.
In the meantime, vaccine manufacturers have said that the vaccine should be effective against this new strain. Nobody knows, but let us just hope that it is true.
Powerless China
China has spent the entire year rubbing everyone the wrong way. They have won no friends at all. Australia and China have in the past had very strong trade relationships. Those have been tested and have frayed quite a lot. China imports a lot of Coal from Australia. To punish Australia, China decided not to buy coal from them. It is beginning to look like the Chinese poked themselves in the eye to hurt Australia.
In the city of Yiwu in eastern China, the authorities turned off streetlights for several days and ordered factories to open only part-time. In coastal Wenzhou, the government ordered some companies not to heat their offices unless temperatures are close to freezing. In southern Hunan Province, workers have reported climbing dozens of flights of stairs after elevators were shut down.
Large swaths of China are scrambling to restrict electricity use this winter, as the country’s rapid economic recovery from the coronavirus pandemic and unexpectedly frigid temperatures have sent the demand for power surging. Officials in at least three provinces — where a total of more than 150 million people live — have issued orders limiting energy use, warning of potential coal shortages.
Demand for coal is so high in the mining hub of Henan Province that buyers have been lining up in trucks at the gates of coal mines, jostling for access, according to a recent report in the state-run news media.
Source: New York Times
China lies in a very cold part of the world and not having access to power will make life difficult, especially in winter. This also illustrates how delicate the supply chain is. The slightest imbalance, which I am sure China must have taken into account when deciding to take these steps, plunged them into the dark. They are certainly not doing this to meet climate goals. They made a stand for the sake of their ego, it is hard to go back on it now.
Gambling Away
It is one thing to go play poker on your phone and another to trade in the markets. Robinhood, an app used by many in the US to trade, has been gamifying the app. Prompting users to trade when a share goes up, nudging them about a possible opportunity, etc. Doing that when you develop a game does not have real-world consequences, that is not the case when it comes to Robinhood.
Massachusetts securities regulators filed a complaint against Robinhood Financial LLC, alleging the popular online brokerage aggressively marketed to novice investors and failed to put controls in place to protect them.
Robinhood exposed Massachusetts investors to “unnecessary trading risks” by “falling far short of the fiduciary standard” that requires broker-dealers to act in their clients’ best interests, according to a 23-page administrative complaint from the office of Secretary of the Commonwealth William Galvin.
Source: Yahoo Finance
There are first time traders who have made over 12000 trades in 6 months! This is wrong for those who do not understand the risks that they are taking. Trading on the markets is not game and should not be turned into one.
2020
And since this is the last edition of the year, a brief recap of what this year has been…
China introduced the world to a variant of the Corona Virus Disease
The House of Representatives Impeached Donald Trump.
Indian was consumed by protests against the CAA and the NRC.
Half the world went into lockdown to reduce the spread of COVID and discovered ‘Work from Home’.
Nearly every industry in the world had to take a long hard look at their business model.
And since they did that, the stock markets just went crazy and touched never before seen heights.
Sushant Singh Rajput died and whether he got justice or not, injustice was delivered to Rhea Chakraborty.
In the name of Stimulus, America conducted the largest know experiment in Universal Basic Income. They gave away 1200 dollar cheques to support the poor, in turn, Amazon’s growth skyrocketed. People slightly less rich than Jeff Bezos, but infinitely more than those who needed the 1200 dollars, were upset.
Beirut saw an explosion that left the entire harbour devastated.
India in the meantime passed a stimulus that tranquillised the economy.
George Floyd died in America and the Black Lived Matter protests.
One-third of America went up in flames and the state of Louisiana was turned into a swimming pool.
Armenia and Azerbaijan went to war with one another. Russia decided that Azerbaijan lost.
The most controversial US elections ever took place and the loser continues to claim he won.
China flirted the boundaries of several nations including India; while Russia went straight through the digital boundaries.
The stock markets were so exuberant, there has never been a better time to IPO.
India changed a whole host of laws and the ONE reform that was passed resulted in more protests at the gates of Delhi.
A Brexit deal finally came through and so did a vaccine.
Artificial Intelligence
Google of the 'don’t be evil' fame, recently fired a prominent ethics researcher. She had been working on a paper which criticised the high cost of energy and the carbon footprint that the type of artificial intelligence that Google uses has.
This training is very inefficient compared to how people learn. Modern AI uses artificial neural networks, which are mathematical computations that mimic neurons in the human brain. The strength of the connection of each neuron to its neighbour is a parameter of the network called weight. To learn how to understand language, the network starts with random weights and adjusts them until the output agrees with the correct answer.
A common way of training a language network is by feeding it lots of text from websites like Wikipedia and news outlets with some of the words masked out, and asking it to guess the masked-out words. An example is “my dog is cute,” with the word “cute” masked out. Initially, the model gets them all wrong, but, after many rounds of adjustment, the connection weights start to change and pick up patterns in the data. The network eventually becomes accurate.
Source: Quartz
The challenge is in the models that we use. Certain models prioritise accuracy while others speed. In the field of AI, accuracy has become everything and researchers are willing to take any route to achieve even a 1% improvement. AI is an attempt to create a computerised model of how a human brain works. Also, we have not even started to understand how the human brain works, so all attempts at AI are ham-fisted at best. The poorer the model, the more compute cycles needed, increasing energy requirement and therefore the carbon footprint.
Imagine a Billion people running a billion translation requests. How much more energy you end up wasting?
Just for your reference, the human brain uses only about 20 Watts of power to run. That is how far we are from real AI.
—
I was talking earlier in the year with someone familiar with AI algorithms. I asked, how on earth is Amazon so much better than Apple at AI. He told me a lot of what Amazon does is not even AI, it is just hardcoded in there. Daljit Dosanjh illustrated this incredibly by asking Alexa to play his Punjabi songs. Could not even get one! But Alexa works.
A few years ago talking at an event I was asked what I thought about AI. I said -
In the 1960s if you read science fiction or even watched videos on what the future was meant to be, it was filled with hope. Arthur C Clark did not think up a dystopian future but a hopeful one. And much of the reality that we experience today is a product of the imagination of that era. We are living the future that they imagined.
If you were to pick up a science fiction book today, there are a few prominent themes
- Man kills man
- AI kills man
- Alien kills man
- Planet kills man
And increasingly if you see, this is the future we are working hard to invent. Why the hell are we investing so much into AI? Is it not meant to ease the burden rather than replace? If we are not even capable of imagining a better future for ourselves; then what are we even doing?
This is the last post for the year and this seems like a good place to close.
Also
The most-read articles on Wikipedia on each day of 2020 - https://qz.com/1946765/the-most-read-wikipedia-page-on-each-day-of-2020/
We beat COVID-19 this year. But…
And a 95-year-old German lady made me feel like shit
You have come this far, so I assume you enjoyed reading this. Please do subscribe!
If you are not subscribing but still want to know when Learning by Proxy drops; follow me on Twitter @viveksrn
It takes me time to write this and if more people read it and comment on it, it encourages me, so please do share this post with anyone who might like to read it.
What we think, we become ~ Buddha