FOXTROT/ALFA: Coronavirus Panic, JEDI on Hold, Russian Hackers Strike Again

Welcome to issue 80 of FOXTROT/ALFA! Today is Monday, 17 February 2020 and after a week off, I’m back. As I’m in the midst of a somewhat disjointed holiday, I will be off work again for a few more days starting on Friday, but for now, I will be compiling daily notes on tech news and policy as usual.

So here we go…

The Coronavirus Panic Takes its Toll

Well, the biggest story I missed in the previous week seems to be the ongoing fear about the coronavirus outbreak in China. It’s putting a serious dent in the tech economy, it seems. Mobile World Congress is cancelled after vendors have fled it en masse.

“The GSMA and the Host City Parties will continue to be working in unison and supporting each other for MWC Barcelona 2021 and future editions. Our sympathies at this time are with those affected in China, and all around the world.”

Additionally, Facebook has cancelled its marketing summit and IBM has pulled out of attending the RSA security conference in San Francisco.

Meanwhile, Samsung is shipping smartphone parts anywhere but China.

The coronavirus epidemic continues to disrupt China’s manufacturing and logistics sectors, forcing smartphone manufacturers to adapt. Among them this is South Korean tech giant Samsung, which has begun shipping smartphone components to Vietnam by air and sea, where two-thirds of its handsets are now being assembled.

A recent TrendForce analysis on the impact of COVID-19 on the Chinese manufacturing sector paints a concerning picture, highlighting potential logistical problems, as well as staffing shortfalls on the most labour-intensive elements of the component manufacturing process. This will be most keenly felt in areas like semiconductors and display panels.

Nvidia estimates the virus panic will cost the company $100 million in sales.

Nvidia’s coming quarter looks to be slightly less impressive than its Q4 amid the ongoing coronavirus emergency in China. The Silicon Valley giant said the effects of the Wuhan bio-nasty outbreak on manufacturing and shipping in Asia are expected to cost it around $100m in lost production and revenue.

Microsoft’s JEDI Deal with the DoD Halted in Court

The other big story from last week is that a federal court in the US has indeed put a halt to Microsoft’s JEDI contract with the DoD, as Amazon requested in a lawsuit in January.

Judge Patricia Campbell-Smith granted Amazon its requested restraining order that effectively pauses the ten-year $10bn winner-takes-all deal. The web giant applied for the order to give it time to challenge the US military’s decision to hand the agreement to Microsoft.

Amazon must cough up a $42m deposit “for the payment of such costs and damages as may be incurred or suffered in the event that future proceedings prove that this injunction was issued wrongfully,” but that’s nothing to the trillion-dollar behemoth.

WordPress Profile Builder Vulnerability

Are you running the Profile Builder plugin for WordPress? If you do, you might want to update:

Profile Builder versions up to and including 3.1.0 were affected by a critical vulnerability which could allow hackers to take over a site using the plugin. All variants of the plugin, including Free, Pro, and Hobbyist, contained the bugs responsible for this issue. These bugs were patched in version 3.1.1 of all variants, released on February 10th.

Xerox Wining & Dining HP Shareholders

Xerox is still working on that HP takeover. You know what usually works? Treating people to a free dinner!

Xerox has invited some HP shareholders to a dinner at a restaurant in the Riverside neighborhood of Greenwich, Connecticut on Feb. 18, the sources said. Xerox CEO John Visentin is expected to attend, one of the sources added.

Enough HP shareholders backing HP CEO Enrique Lores could embolden the company to remain independent or hold out for a better deal. HP did negotiate with Xerox last year at the invitation of billionaire investor Carl Icahn, a top Xerox shareholder who has since also acquired a stake in HP, according to the sources. The talks stalled after the companies failed to agree on the amount of confidential information they shared with each other, the sources said.

HoloLens For Good, Not War

Hot on the heels of GitHub employees balking over their company doing business with ICE and the Border Patrol, there’s now an even more idiotic battleground opening up for the ethics hypocrites at its parent company Microsoft. Here’s a daft piece on Forbes about some Redmond employees being upset about the US Army using the HoloLens product.

Microsoft employees today published an open letter to CEO Satya Nadella and President Brad Smith entitled “HoloLens For Good, Not War.” This comes in the wake of the United States Army awarding Microsoft a $479 million contract that includes the acquisition of 100,000 HoloLens AR headsets to be used in both training and active battlefield situations.

Of course, the author of the article doesn’t seem to have done more research than the Microsoft employees, otherwise he’d realised that all branches of the US military have used Windows for almost forty years. Microsoft technology has literally enabled the US military to blow people to bits. It runs tanks, planes, ships, submarines and nuclear silos. And by all indications, this will continue (see the above reporting on the JEDI deal with the DoD).

And these people worry about AR glasses? Give me a break.

Oracle, Trump, FFS

Oh, speaking of hypocrites. There are people within Oracle objecting to “Leisure Suit” Larry Ellison raising campaign funds for Trump. People within Oracle. Complaining about ethics problems. The fuck…?

Oracle chairman and CTO Larry Ellison is planning to hold a fundraiser at his California estate in Rancho Mirage on February 19 to help re-elect US President Donald Trump. Some of his morally outraged underlings have published an online petition to convince the billionaire to “uphold company ethics.”

Luckily, The Register (unlike Forbes) has people with a brain who don’t object to doing some actual critical thinking.

The database giant, known among other things for suing its own salespeople to limit commission payments and for suing the US government to counter claims the IT goliath underpays women and minorities, has a Code of Ethics. Enron had a Code of Ethics, too. It still ended up shredding financial documents and declaring bankruptcy.

Ellison, who in 2006 settled an insider trading case by donating $100m to his own medical foundation without admitting guilt or clarifying the tax deductibility of the unusual gift, has donated to a variety of candidates over the years, both Republicans and Democrats.

It’s not clear from the petition how many of those endorsing its message actually work for Oracle, but several employees have identified themselves in the comment section, a decision that might put them at risk if they worked for an unethical company.

Oracle did not respond to a request for comment.

Russian Hackers Attack Austria

Apparently, I also completely missed that Austria has been cybered. Their foreign ministry was under attack for a week at the beginning of January. Working theory? It was the Russians. No really… That is their working theory.

The ministry said in a statement: “According to current knowledge, this was a targeted attack against the Foreign Ministry with the intention of gathering information. However, due to the dimension and the high complexity, it cannot yet be said beyond doubt who is behind the attack.”

A local radio station, the Österreichischer Rundfunk (ORF, state broadcaster Austrian Radio), reported in mid-January that the attack bore the hallmarks of Russia’s Turla Group. ORF reported that a command-line module was used by the attackers to send a four-byte TCP request to an external server. That downloads the malware dropper, which in turn places Turla’s trojan. Deployed as a so-called fileless attack, the malware’s operators were, so ORF said, able to revisit freshly disinfected servers with subtly altered strains, reacting to countermeasures on the fly.

Turla Group, like every other malware operator out there on the internet, has about two-dozen trade names depending on which infosec company is blogging about it at a given moment. It is variously known as Venomous Bear, Group 88, Uruburos, Iron Hunter, and so on. It was last seen on El Reg when British and American spies blamed the hacking crew for masquerading as Iranians to launch attacks on Middle Eastern governments.

Local newspaper Der Standard said that despite news reports blaming usual suspects – Russia and China – local Russian ambassador Dmitri Ljubinski demanded a retraction and apology.

Those damn Russians. They are everywhere! And they’re so damn sneaky, I tell ya!

Too Private: Mail Provider Tutanota Blocked in Russia

The Russians also like to block email providers, it seems. Especially when those email providers value people’s privacy and provide journalists, like me, with handy encrypted whistleblower contact forms. The Russians don’t like that. That’s why they’ve now blocked the Hanover-based mail provider Tutanota.

Fresh from last week’s controversy with a US telco, German secure email biz Tutanota has declared today that the Russian authorities have pulled the plug on its services. Russia’s move appears to be a continuation of domestic policy aimed at shutting out foreign-owned services that it cannot control or influence.

The block comes just days after American telco AT&T was accused of blocking the email provider under murky circumstances, though an AT&T spokesman denied there was “any blocking” and put it down to a technical glitch.

Tutanota joins fellow Western email provider ProtonMail in Vladimir Putin’s internet naughty corner. Last year ProtonMail found itself inaccessible by Russians, though it took unspecified technical measures to ensure this was a short-lived block.

Since the FSB has unblocked Mailbox.org, one of my mail providers, maybe they can unblock Tutanota, too, which I use for the aforementioned whistleblower contact form? Pretty please? I’ll promise to drink more vodka, too.

Also Noteworthy

As it’s been a while since the last newsletter, I’ve accumulated quite a list of other noteworthy stories I’ve also read:

This is an archived issue of my daily newsletter FOXTROT/ALFA. You can find more information about it, including how to subscribe via email, on this page.