FOXTROT/ALFA: LastPass Owner LogMeIn Bought By Private Equity Firm, The Term “Nerd” is Hate Speech Now and the German Government Wants Your Passwords

Good evening! This is the 50th issue of FOXTROT/ALFA, for Wednesday, 18 December 2019. Hard to believe that I’m writing this thing for the 50th time, but I’ve counted it all up and it’s true. And I must be doing something right, as quite a few of you seem to enjoy reading these.

Anyway, that’s enough self-congratulatory malarkey, let’s talk tech! I apologise in advance for how annoyed I’m getting towards the end of this newsletter. But I think you’ll understand once you read some of today’s madness for yourselves.

LetMeBuyYourPasswords

A private equity firm has just bought LogMeIn, which also owns the password manager LastPass.

LogMeIn bought LastPass, which now claims 18.6 million users, for $110m in 2015. That purchase raised concerns about exactly how LastPass’s new owner would exploit the user data it held, and today’s news is unlikely to allay any of those fears.

Might be a good time to switch to KeePass or some other open solution.

Amazon Feels AWS is Treated Unfairly in the Media

Amazon is having a public tantrum because an article in The New York Times accused its AWS business unit of “strip-mining” startups built on open source and open core software of their innovations. This sentiment, which is common in the Silicon Valley startup world, nonetheless didn’t sit well with AWS VP Andi Gutmans, as The Register reports:

“The journalist largely ignores the many positive comments he got from partners because it’s not as salacious copy for him,” Gutmans said in a blog post, as if critical reporting carried with it an obligation to publish a specific quota of marketing copy. And he insisted that Amazon “contributes mightily to open source projects,” and “AWS has not copied anybody’s software or services.”

Well, Amazon and Trump have something in common now: A shared disdain for The New York Times.

Ring, Ring, Ring… You’re Hacked!

Maybe instead of arguing with the press, Amazon should spend more time figuring out what exactly is happening at Ring. Because its smart home safety subsidiary has a huge hacking problem.

Serious security holes in the Ring smart doorbell have been uncovered, according to a new investigation. For instance, Ring owners aren’t notified of suspicious login alerts when devices are accessed on various IP addresses – and there are seemingly no limitations for incorrect login attempts.

These security findings are coming to the forefront just as a slew of attacks against Ring devices have been launched, including in just the past week. Earlier in December, a man hacked into a Mississippi family’s Ring device and talked to an 8-year-old girl. Just days earlier, a man started harassing a Florida family with racial slurs through their Ring devices. And last week, a Texas woman was awoken by hackers who had hijacked her Ring device and told her to pay them a 50 Bitcoin ransom or she would “get terminated.” Hackers have even created their own podcast, NulledCast, where they take over people’s Ring devices and harass the unsuspecting device users.

“NulledCast”… I love that. He he he…

UK Post Office Landed People in Jail Because its Software was Bad

The UK’s Post Office is under fire for negligent accounting. Apparently its IT infrastructure (nicknamed “Horizon”), which was built by Fujitsu, was quite horrible and prone to accounting mistakes.

Back in 1999 the Post Office inked a deal with Fujitsu for an IT system called Horizon for managing its sprawling network of branch offices around the country. That system was the cause of accounting irregularities, as the High Court has now found: over-the-counter payments accepted by Post Office branch managers (called subpostmasters, or SPMs) sometimes did not tally with the Horizon system’s accounting.

Over the years, millions of pounds of discrepancies racked up. The Post Office refused to accept that Horizon could have been at fault and attacked the subpostmasters. Some were prosecuted. Some were found guilty of crimes and thrown in prison. Even during the High Court trial itself, the Post Office – a public sector body – aggressively refused to accept that it could ever be held to account for its behaviour, with the postal operator having “expressly accused” some subpostmasters who gave evidence against it of having committed “criminal offences”.

In most of the detailed SPM cases studied by the court, system or power outages caused problems because transactions did not sync correctly between Horizon and the SPM’s local branch office system.

Holy crap! People went to fucking jail because their software was crap? Jesus.

The .org Sell-Off is Still .irking Many

People are still trying to roll back the takeover of the .org registry.

In a letter to ICANN on Thursday, and posted online on Tuesday, the Packet Clearing House (PCH) argues that a move away from the registry’s current non-profit status would result in significantly less money being spent on .org’s operational costs.

Good luck with that.

Fired for Writing a Chrome Extension

A security engineer claims she was fired from Google for labour organising. In this case, for writing a Chrome extension.

She says she wrote the code – which generated a notification for Googlers and is for internal use only – after hearing that the internet giant had hired a union-busting consultancy and fired four workers on November 25 who were said to be involved in labor organizing. “I created a little notification, only a few lines of code, that pops up in the corner of the browser whenever my coworkers visited the union busters' website or the community guidelines policy.” She says part of her job responsibilities included writing browser notification code so that employees receive popup messages to alert them to company guidelines and corporate policies when browsing the internet.

These people apparently have no real problems in their lives. In related news, I find it somewhat disturbing that four people of over a hundred thousand employees get fired and The Register terms this the “Thanksgiving Massacre”. How is that a massacre? Not to mention that we’re talking about a country here that has real massacres happening in its schools and cinemas and supermarkets quite often.

Calling Someone a “Nerd” is Hate Speech

Good lord, I’ve had it up to here with the safe space crowd. A senior lecturer from the University of East London, Dr. Sonja Falck, is now arguing that using terms like “nerd”, “geek” or “boffin” is hate speech. Who are these people? Where are they coming from? Why are they this dumb? Maybe I’m so perturbed by this because we actually have very strict laws about hate speech in Germany which are quite well defined . Or maybe it irks me that, if you’re sufficiently deluded – like this person probably is – you might actually argue that this insane idea of term “hate speech” would actually be covered under that definition.

These terms are “divisive and humiliating,” and the “last taboo,” the University of East London egghead said this week while promoting her new book about brainiacs. Such “anti-IQ” words set society’s Einsteins apart, she claimed, with the result that geeks end up “feeling like they’re a misfit and don’t belong.”

Calling someone a swot, whizkid, brainbox, smart-arse, or dweeb may seem “harmless banter,” but it is equivalent to hate speech, she reckons, and should be recognized as such in British law – with punishments including fines and imprisonment. “It is only with the benefit of hindsight and academic research that we realise how wrong we were,” she added

Imprisonment! Well, together with all those postmasters who are in the klink because of that shitty Fujitsu software, you’ll have to build a few new prisons, lady. Some Register writers are surely going to jail, that much is guaranteed. The most amazing thing? That woman isn’t even a millenial! She was born in 1968. She’s a borderline boomer!

The German Government Wants Your Passwords

Speaking of hate speech, you nerds… German lawmakers are currently debating legislation that would allow the government to ask services like WhatsApp and Gmail for people’s passwords to “fight right wing extremism and hate crimes”. They are, naturally, a bit short on examples what kind of constitutional crisis we’re in that would warrant such a blatant undermining of citizens' constitutional rights.

Damn it all. The more I read all this crap, the more I lose my last shreds of faith in the human race. I hope tomorrow will be a better day.

Also Noteworthy

Some other stories I came across. Maybe these will cheer you up a bit:

This is an archived issue of my daily newsletter FOXTROT/ALFA. You can find more information about it, including how to subscribe via email, on this page.