Tech News of the Week for 9/28/2023 [MTG011]

Posted on Thursday, Sep 28, 2023 | Series: Moar Tech Garbage
Microsoft loses 38TB on Azure, Sony is hacked (again), and NFTs continue to be worth less and worthless.

Transcript

[00:00:00.410] Announcer: Welcome to Tech News of the Week with your host, a reasonable facsimile of mirth in this godless world, Joe Pantiliano.

[00:00:09.130] Ned: Welcome to technically not Wednesday. Yeah, that makes sense, right? It’s not Wednesday, is it? I’m not sure.

[00:00:19.830] Chris: You got a one out of seven chance, I suppose.

[00:00:24.030] Ned: How’s leap year? Well, I guess leap year doesn’t impact that. Anyway, so this is our Tech News podcast we release on Thursdays where we run through four interesting stories that caught our eye over the last week. Chris, why don’t you kick us off?

[00:00:40.030] Chris: In good news, the writers strike in Hollywood might be over. Oh, so it’s been something like 146 days since the Hollywood writers strike began. The strike itself was based, among other less technically inclined things around writers’fears that studios were trying to replace them with AI. The fact that this strike lasted as long as it did, according to many people, shows that this is, in fact, exactly the case. Now, the actual contract that has been agreed upon has not been shared as of the time of this recording. But a lot of people in the industry have said that the AI issue is settled, at least for now. Now, AI output, as you well remember, is not copyrightable. So that alone is probably a bit of a sticking point for studios that made it worthwhile to just kick the can down the road for another three years until the contract comes up once more. One thing that’s interesting and will bear attention going forward is that this is only the writers. The actors SAG still don’t have a contract, are still not at the table. And for them as well, AI is a significant issue. Buying somebody’s likeness, using it in perpetuity and replacing them with an AI actor.

[00:02:09.920] Chris: You’ve seen the horror stories I have. And I assume you’ve also seen Polar Express. One comment on the issue I read stated something like ironically, all the botox in Hollywood has made actors look so plastic that their AI doppelgangers look much more believable. Which zing ouch.

[00:02:28.680] Ned: Like, not wrong in some cases, but ouch. Microsoft Earns the S three bucket of shame on Azure now look, I don’t care. Azure doesn’t technically have S three. This is an S three bucket of shame in spirit. Researchers at Wiz found 38 terabytes of data exposed on a Microsoft AI GitHub repo linked to an Azure storage account. The AI team at Microsoft had intended to share a subset of open source training data housed in the storage account, but they accidentally set the wrong scope for the SAS tokens granting access. And instead of just that subset, the token gave full access and full permissions to the entirety of the storage account. Included in the storage account were internal teams, messages, secrets, private keys, passwords and even disk backups of two employees’workstations. Compounding the issue is the fact that SAS tokens are not easily revoked as they are signed using the storage account. Key and require a rotation of that key to invalidate, which will impact all tokens. There are several other ways to share information with external parties that don’t involve using the account level SAS tokens. And you would think maybe someone working at Microsoft would know this.

[00:03:58.810] Ned: What’s the over under that they had an AI set all of this up and thought, well, looks good enough. This is another in a series of embarrassing security incidents at Microsoft that are starting to make me wonder how seriously they are taking security these days versus pouring all of their money into the AI apocalypse.

[00:04:19.090] Chris: I had no idea that the AI apocalypse was going to be such a growth market.

[00:04:24.450] Ned: Best now, callers are standing by.

[00:04:29.510] Chris: Sony hacked again. And that makes this massive embarrassing hack lucky number seven since 2008. If you’re keeping score at home, which just on its face is bad. Those are last pass numbers, guys.

[00:04:49.090] Ned: Ouch.

[00:04:49.930] Chris: Get a hold of yourselves. Now, on the bright side, Sony hasn’t had an issue since 2017. On the less bright side, it’s today. Now, and a ransomware group called Ransom VC claims that they have accessed at least 6000 files from Sony as of September 25. Quote we have successfully compromised all of Sony’s systems due to Sony not wanting to pay data is for sale. Unquote. Now, the group did post a small proof of hack and the files listed. They appear to be build logs, Java resources, and HTML. There is also a number of internal PowerPoints describing various testing and benchmarking efforts, which I’m sure we’re absolutely all on pins and needles to get our hands on. Amusingly, the proof of hack also includes an executive summary that describes Sony. Just in case we didn’t know which Sony the ransomware attack meant. Obviously, it’s too early to tell how bad things actually are. Sony is definitely not talking. But if nobody buys the data, Ransomware VC or Ransom VC announced that they would be releasing all the data at the end of this week. I for one, cannot wait to mock Sony’s poor color matching and criticizing the bloat in that PowerPoint deck.

[00:06:25.810] Chris: You used papyrus in there, didn’t you, Sony? I know that you did.

[00:06:31.150] Ned: It’s kind of weird. Kind of weird that their slidemaster has six different masters inside of it, each with identical layouts.

[00:06:43.170] Chris: Why is this 90 megabytes?

[00:06:44.940] Ned: I can’t figure it out. Well, we had to embed a picture in every layout. Naturally, NFTs are even more worthless. What’s less than zero? There are many, many manias that have gripped the American populace in my lifetime. There was Beanie Babies, baseball cards, even pogs for a very short window. But by far the dumbest and most environmentally destructive has been NFTs. Here at Chaos Lever, we have always considered them a deeply stupid idea with essentially zero merit. And I think we’re just going to take a little victory lap here. According to a report we did it. We were right about awful things. According to a report from the crypto gambling site DAP Gamble, which I would wager you wouldn’t be able to spell correctly given infinite time and infinite monkeys, the vast majority of NFTs are effectively worthless. Kind of felt like they were always worthless. But they scanned 73,000 NFT collections, of which 95% have a market cap of zero ether. That means they’re worth nothing. Not only that, but only 21% of the collections had full ownership, meaning the other 79% had unsold inventory in the collection. But wait. It gets so much worse.

[00:08:19.710] Ned: DAP Gamble also identified almost 200,000 collections that were minted with no apparent owner or market share. So they’re worthless and unsold. And yet those NFTs had to be minted, which adds up to an equivalent of the yearly CO2 emissions for 2048 homes. NFTs are worse than useless, overhyped garbage like Tickle Me Elmo. At the end of the day, you have nothing to show for it, nothing to play with and no one to blame but yourself.

[00:08:56.890] Chris: Feel shame.

[00:08:58.350] Ned: Shame. All right, that’s it. Go away now. Bye.

Show Notes

Moar Tech Garbage

Episode: 011 Published: 9/28/2023

Tech News for the Week of 9/28/2023

Intro and outro music by Ned Bellavance copyright 2022

Hosts

Chris Hayner

Chris Hayner (He/Him)

Our story starts with a young Chris growing up in the agrarian community of Central New Jersey. Son of an eccentric sheep herder, Chris’ early life was that of toil and misery. When he wasn’t pressing cheese for his father’s failing upscale Fromage emporium, he languished on a meager diet of Dinty Moore and boiled socks. His teenage years introduced new wrinkles in an already beleaguered existence with the arrival of an Atari 2600. While at first it seemed a blessed distraction from milking ornery sheep, Chris fell victim to an obsession with achieving the perfect Pitfall game. Hours spent in the grips of Indiana Jones-esque adventure warped poor Chris’ mind and brought him to the maw of madness. It was at that moment he met our hero, Ned Bellavance, who shepherded him along a path of freedom out of his feverish, vine-filled hellscape. To this day Chris is haunted by visions of alligator jaws snapping shut, but with the help of Ned, he freed himself from the confines of Atari obsession to become a somewhat productive member of society. You can find Chris at coin operated laundromats, lecturing ironing boards for being itinerant. And as the cohost on the Chaos Lever podcast.

Ned Bellavance

Ned Bellavance (He/Him)

Ned is an industry veteran with piercing blue eyes, an indomitable spirit, and the thick hair of someone half his age. He is the founder and sole employee of the ludicrously successful Ned in the Cloud LLC, which has rocked the tech world with its meteoric rise in power and prestige. You can find Ned and his company at the most lavish and exclusive tech events, or at least in theory you could, since you wouldn’t actually be allowed into such hallowed circles. When Ned isn’t sailing on his 500 ft. yacht with Sir Richard Branson or volunteering at a local youth steeplechase charity, you can find him doing charity work of another kind, cohosting the Chaos Lever podcast with Chris Hayner. Really, he’s doing Chris a huge favor by even showing up. You should feel grateful Chris. Oaths of fealty, acts of contrition, and tokens of appreciation may be sent via carrier pigeon to his palatial estate on the Isle of Man.