FOXTROT/ALFA: Software AG Shut Down by Ransomware, Apple’s App Store Practices under Fire, Derek Smart was Right

FOXTROT/ALFA — Your Daily Tech and Policy Newsletter, Issue 147
Monday, 12 October 2020

As you undoubtedly noticed, I once again got sidetracked from doing this newsletter for a while, which means I have to catch up on several days of tech news today. One of these days, I will manage to get through a whole week of these again, I promise.

Things I have been busy with include a podcast episode I had to record twice because of a hardware fault and lots of streaming. Anyway, here’s what’s been happening in tech lately…

Software AG Shut Down by Ransomware Attack

Software AG, Germany’s second biggest software vendor after SAP, has been crippled by a debilitating ransomware attack. The company fessed up to it late last week.

“Data from Software AG servers and employees' notebooks were downloaded. While services to its customers, including its cloud-based services, remain unaffected, as a result, Software AG has shut down the internal systems in a controlled manner in accordance with the company’s internal security regulations,” the firm’s note to the stock market continued.

“The company is in the process of restoring its systems and data in order to resume orderly operation. However, helpdesk services and internal communication at Software AG are currently still being affected.” It added: “Software AG is not aware of any customer information being accessed by the malware attack.”

Screenshots of the attackers’ ransom webpage, seen by El Reg, show scans of staffers’ passports, internal billing notes, and what appears to be internal directories on a Windows-based system. Folder names suggest the contents could relate to Software AG customers in the US and Canada.

Brett Callow, a threat analyst with ransomware specialist firm Emsisoft, told The Register that the Clop ransomware variant, thought to have been used in this attack, is relatively new. “Clop is a variant of CryptoMix and may be used by the group behind the Dridex banking trojan. Like REvil and NetWalker, it is primarily used to target enterprise networks, with known past victims including Prominent and ExecuPharm. Clop’s demands can run to the millions.”

We understand the ransom demand against Software AG runs into millions of dollars and will update this article if the company gives any more details.

Apparently they demanded more than 20 million dollars. We don’t know if any money was paid.

Mexican Standoff in Apple v. Epic

Looks like we are set for a truly epic court battle in the fight between Apple and Epic Games over Fortnite, the Unreal Engine and Apple’s App Store. Going into the court proceedings, we have a real Mexican standoff between the two companies.

Fortnite won’t be coming back to the App Store any time soon. On Friday, Judge Yvonne Gonzales Rogers refused to grant Epic Games a preliminary injunction against Apple that would force the game developer to reinstate Fortnite on the App Store, while simultaneously granting an injunction that keeps Apple from retaliating against the Unreal Engine, which Epic also owns. In other words, we now have a permanent version of the temporary restraining order ruling from last month.

That means the state of affairs, in which Epic is banned from publishing new games on iOS and cannot distribute Fortnite on the App Store in its current form, will remain in place for the length of the trial – unless Epic decides to remove its own in-app payment mechanism that initiated the bitter legal feud in August. Rogers had previously suggested a jury trial might be appropriate as soon as next July, but ahead of today’s ruling, both parties said they would rather have the case decided by a judge.

Today’s decision still prevents Apple from revoking Epic’s developer tools in a way that could have harmed its broader business.

Epic Games and Apple are at liberty to litigate this action for the future of the digital frontier, but their dispute should not create havoc to bystanders. Thus, the public interest weighs overwhelmingly in favor of Unreal Engine and the Epic Affiliates,” said the judge, keeping Epic’s Unreal Engine business from being harmed.

This could be another Oracle v. Google and will probably be pretty interesting to watch. And probably drag on for a long time, through many appeals.

ProtonMail Says Apple Extorted Them and Forced the Adoption of In-App Purchases

Speaking of Apple and the App Store:

Encrypted email provider ProtonMail says that Apple forced it to monetize its app, which was on the App Store for more than two years without in-app purchases. It also claims that when it tried to inform its customers of the sudden change, Apple blocked it from posting app updates and threatened to remove it from the store.

Apple has been facing a lot of heat lately regarding its walled garden policies. This week the stove got turned up another notch. Not only did a former App Store exec accuse the company of using its rules as “weapons” against competitors, but a developer also claims that it was forced to add in-app purchases to its app when it had been free for years. ProtonMail’s CEO Andy Yen says that his company is not the only one to suffer Apple’s “strong-armed” tactics, but others have been afraid to speak out about it.

“There’s a lot of fear in the space right now; people are completely petrified to say anything,” Yen told The Verge on Thursday. “For the first two years we were in the App Store, that was fine, no issues there. But a common practice we see … as you start getting significant uptake in uploads and downloads … then as any good Mafia extortion goes, they come to shake you down for some money.” That shakedown came in 2018, according to Yen. Up until that point, the app was completely free. It wasn’t a situation like what is going on between Apple and Epic right now, he insists. Unlike Fortnite, the app never had any in-app purchase whatsoever.

“Out of the blue, one day they said you have to add in-app purchase to stay in the App Store. They stumbled upon something in the app that mentioned there were paid plans, they went to the website and saw there was a subscription you could purchase, and then turned around and demanded we add IAP. There’s nothing you can say to that. They are judge, jury, and executioner on their platform, and you can take it or leave it. You can’t get any sort of fair hearing to determine whether it’s justifiable or not justifiable, anything they say goes. We simply complied in order to save our business.” Yen says the company was forced to raise its prices since the 30-percent commission that Apple takes completely ate away ProtonMail’s profit margins.

It is worth mentioning that ProtonMail is one of the founding members of the Coalition for App Fairness. It, along with various partners, including Microsoft, Epic Games, Spotify, and others, are looking to level the competitive playing field regarding in-app purchases, fees, and anti-competitive policies. Apple has been the Coalition’s primary target, but it has criticized Google as well.

Now you read that and you think to yourself: It’s pretty far-fetched what he is saying there. But then Apple’s response kinda tells me the guy is probably saying the truth.

Apple responded, saying that free companion apps to paid online services are no longer required to have in-app purchases as of September 11, 2020. As long as paid upgrades are not offered through the app and it has no notifications to customers about an external subscription service, everything is fine.

Musk’s Satellites Are Messing with Radio Telescopes, Too

More astronomers are worried about Elon Musk’s Starlink satellites.

The rocket company SpaceX has already launched hundreds of Starlink satellites, the first “megaconstellation” intended to provide internet service to remote areas. The satellites have aroused the ire of optical astronomers because of the bright streaks they leave across telescopes’ fields of view. Now, radio astronomers are worried, too. This week, the Square Kilometre Array (SKA) in South Africa released an analysis of the impact that Starlink and other constellations would have on the array. It finds they would interfere with one of the radio channels SKA plans to use, hampering searches for organic molecules in space as well as water molecules used as a key marker in cosmology.

SpaceX is promising to address the concern. But radio astronomers are also seeking regulations. The United Nations Office for Outer Space Affairs (UNOOSA), which discussed the SKA analysis at a workshop this week, is considering ways to keep satellites from polluting the night sky with light and radio signals, not just for astronomy, but also for wildlife and the public. Astronomers also hope the International Telecommunication Union (ITU), a U.N. organization, will step in. “The radio spectrum is a resource that is being consumed by private companies that typically have no regard for science,” says radio astronomer Michael Garrett, director of the Jodrell Bank Centre for Astrophysics in the United Kingdom. “It’s only government intervention that can stop this state of affairs in my view.”

Since 1959, ITU has protected a number of narrow frequency bands for astronomy. But in recent decades, digital receivers have allowed telescopes to “operate over the whole spectrum,” Diamond says. “We’ve learned to coexist with transmitters,” typically by excluding them from a radio quiet zone or siting telescopes in remote areas. But they have no control over transmitters flying overhead.

So far, SpaceX has launched more than 700 Starlinks out of an initial goal of 1440, and it has won approval for 12,000. Other operators, such as OneWeb and Amazon’s Project Kuiper, have similar ambitions. Studies suggest wide-field optical surveys will be worst affected, with satellite tracks marring most images.

The analysis from SKA, which when complete will be the world’s largest radio observatory, highlights the new concern. The band that Starlink uses to beam down internet signals takes up a sizable chunk of frequencies from 10.7 to 12.7 gigahertz, within a range known as band 5b that is one of seven bands SKA’s South African dishes will target. The SKA analysis calculated the impact of 6400 satellites, taking into account both direct signals and leakage called “side lobes.”

Boeing Loses its Top Astronaut Ahead of First Manned Mission

Boeing’s Starliner has had a lot of issues. I’ve covered many of them on this newsletter. Now, the mission commander is stepping down from the first crewed mission for “personal reasons”.

Former NASA ‘naut Christopher Ferguson has withdrawn as commander from the first crewed mission of Boeing’s calamity capsule, the CST-100 Starliner.

Three-time Space Shuttle flyer Ferguson joined the Boeing Starliner programme in 2011. He was assigned to the first crewed test flight of the CST-100 Starliner in 2018, only to watch the uncrewed demonstration mission almost end in disaster (delicately referred to by NASA as a “close call”). Ferguson said on Twitter that he was stepping down for personal reasons and that next year – when the first crewed mission is scheduled to take place – was “very important for my family.”

Usually, “he wants to spend more time with his family” is code for “we can’t really tell you the real reason”. I wonder if he simply lost confidence in Boeing’s ability to return him back to earth alive? With the company’s recent track record – both in and out of the planet’s atmosphere – who could blame him?

Ferguson will remain on the Starliner programme, but without a definitive launch date or mission duration, planning will be a challenge. He will be replaced by fellow NASA veteran Barry “Butch” Wilmore, who will join astronauts Mike Fincke and Nicole Mann. Wilmore has flown aboard both Space Shuttle and Soyuz, and has accumulated 178 days in space.

Had things gone to plan, Ferguson would have already gone to the International Space Station (ISS) aboard Starliner. However, the first uncrewed and truncated mission suffered near-catastrophic problems on its flight in December 2019. Such were the software snafus that the words “spacecraft loss” were heard around the halls of NASA. Boeing therefore bit the bullet and agreed to fly the mission again once minor stuff, like a lack of end-to-end testing, had been addressed. A no-earlier-than-December date for the reflight (assuming all “mandatory” fixes have been made) has been mooted, with the first crewed demo pushed back to no earlier than June.

Star Citizen Turns Eight

Oh, this is pretty hilarious. Ever since having backed Star Citizen in 2012, it hasn’t failed to entertain me. Those $60 didn’t get me a space game, but they sure gave me years of entertainment – eight years of entertainment, this coming Sunday, to be precise. And they’re still not done!

How do you celebrate the eighth birthday of an MMO that technically still hasn’t been fully released? Why, you hold a Q&A to let fans know that its singleplayer spin-off is nowhere near coming out either, of course. Over the weekend, the Star Citizen devs, Cloud Imperium, held a Q&A over on their forums as part of its birthday celebrations. Despite rules on the thread saying fans weren’t allowed to ask about “timelines or schedules”, that is exactly what they did. As it turns out, the story game set in its universe, Squadron 42, is still a long ways off.

“Squadron 42 will be done when it is done, and will not be released just to make a date but instead once all the tech and content is finished, polished and it plays great,” says director Chris Roberts.

Which obviously means it’s never going to be released. Derek Smart was right. Clearly.

Squadron 42 has been kicking about for a long time. It was supposed to come out in 2016 before being delayed indefinitely, and years later there still isn’t a playable build of it. It seems only fair that backers are disgruntled at the lack of info about it all, and Roberts admits the devs do need to do better.

“We haven’t been happy with how effectively we’ve been showing progress on Squadron 42, as we felt the previous format didn’t do a good job of all in communicating just how much work is going on,” he says. “Squadron 42 is a tricky project to communicate on as we really don’t want to give the experience and story away which can make updating on certain content or features challenging.”

ROFL. What a bunch of idiots! “Tricky project to communicate” …my ass. It’s a single player space game. Kinda like, let’s say, Star Wars: Squadrons. Except that game was probably developed in half the time. And is finished. But then, Chris never liked finishing games. I mean, I loved Freelancer, but Microsoft did have to kick him off the project to get it released…

Just last month he reassured fans that Star Citizen wasn’t “a pipe dream”, too, but it’s a little hard to believe those comments when both games seem nowhere near completion. So, uh, happy birthday Star Citizen, I guess? It wasn’t really its birthday so much as it was the eighth anniversary of the game being announced, but it was a nice sentiment, I suppose.

At least the spineless mainstream gaming press is finally waking up and smelling the coffee on this scam as well. Took them only about half a decade.

Also Noteworthy

Other stories I’ve been reading:

This is an archived issue of my daily newsletter FOXTROT/ALFA. You can find more information about it, including how to subscribe via email, on this page.