Posted on

Tidbits #66 – Data Security, Elon, More Elon, TikTok on SNL, Log4j…+ Even More Elon

Hello, hello! đŸ‘‹đŸ»đŸ‘‹đŸ»

Welcome back to another edition of Tidbits covering all the recent things worth talking about in business, media, and technology.

Hope you had / are having an enjoyable holiday break! 🎄🎄🎄

Although we spend most of our waking moments thinking mostly about what’s going on in our world and our work, what matters most is almost always our family, friends, and loved ones. Hope you are able to spend some time with those you care about and focus on what truly matters!

đŸ—ș Geopolitics

This first piece feels very important to me because of its negative implications for where the world is heading, especially a world where everything will eventually have embedded software.

#1 Chinese Spies Accused of Using Huawei in Secret Australia Telecom Hack

The U.S. government has warned for years that products from China’s Huawei Technologies Co., the world’s biggest maker of telecommunications equipment, pose a national security risk for any countries that use them. As Washington has waged a global campaign to block the company from supplying state-of-the-art 5G wireless networks, Huawei and its supporters have dismissed the claims as lacking evidence.

Now a Bloomberg News investigation has found a key piece of evidence underpinning the U.S. efforts — a previously unreported breach that occurred halfway around the world nearly a decade ago.

In 2012, Australian intelligence officials informed their U.S. counterparts that they had detected a sophisticated intrusion into the country’s telecommunications systems. It began, they said, with a software update from Huawei that was loaded with malicious code.

Source: Bloomberg

Huawei has been a major geopolitical flashpoint between the US and China over the last 3 years. The interesting part is that up until now, there was no reported evidence implicating Huawei gear. Bloomberg has now uncovered the first (and only?) incident in which Huawei gear is implicated.

What’s even more fascinating is that the article goes on to say that there is no evidence that Huawei management even knew of the incident. The technique only requires a low-level employee to update the gear with malicious software.

It’s becoming clearer that what the US (and allies) fear is not that the gear is necessarily compromised at the start, but that it can be easily updated with malicious code / backdoors. Unfortunately, this is not likely to be a problem isolated to Huawei gear…everything is becoming digital and everything will eventually have self-updating software. How can two countries that lack mutual trust manage this problem? It seems like the path of least resistance is for the two countries to never use products from each other that have embedded software.

This bit was also interesting:

Starting around 2010, officials in Australia and the U.S. had grown alarmed by two trends: the rising number of hacking attacks from China and Huawei’s expanding role in their countries’ telecommunications systems…

The countries began investigating whether any of those hacks traced back to Huawei equipment, he said.

“If there’s a locksmith who’s installing more and more locks on the doors in a community and suddenly there’s a rash of silent robberies, at some point the locksmith becomes a person of interest,” Wessel said. “Huawei around that time became a significant entity of interest.” 

By that point, the NSA had already penetrated Huawei’s corporate networks in China, looking for evidence of any links between the company and China’s military, according to documents leaked by former NSA contractor Edward Snowden and published in news articles in 2014. 

Source: Bloomberg

As much as the US fears being compromised, China also fears the same. It’s ironic that the US’ response to this incident was to infiltrate Huawei’s networks.

All strong long-term relationships rest on a bed of trust. I think countries can tolerate being infiltrated if they understand that there are guardrails as to what is okay and what is not (for example, US’ allies know they are being infiltrated by the US and vice versa, but they never have to fear that the US is out to “get them”). Unfortunately, there isn’t much trust at the moment between US and China, and trust takes a very long time to build / rebuild.

#2 Drones Take Center Stage in U.S.-China War on Data Harvesting

In video reviews of the latest drone models to his 80,000 YouTube subscribers, Indiana college student Carson Miller doesn’t seem like an unwitting tool of Chinese spies. 

Yet that’s how the U.S. is increasingly viewing him and thousands of other Americans who purchase drones built by Shenzhen-based SZ DJI Technology Co., the world’s top producer of unmanned aerial vehicles.

Critics of DJI warn the dronemaker may be channeling reams of sensitive data to Chinese intelligence agencies on everything from critical infrastructure like bridges and dams to personal information such as heart rates and facial recognition. But to Miller, consumers face plenty of bigger threats to the privacy of their data. “There are apps that track you on your smartphone 24/7,” he said.

The data battle strikes at the heart of the U.S.-China strategic competition, and has the potential to reshape the world economy over the coming decades — particularly as everything from cars to yoga mats to toilets are now transmitting data. Harnessing that information is both key to dominating technologies like artificial intelligence that will drive the modern economy, and crucial for exploiting weaknesses in strategic foes. 

Source: Bloomberg

Ditto. Same as Huawei incident above.

What do you do about flying cameras that can be updated with software at any time that could be used to infiltrate / spy on your country? Software is very hard to control and audit…

Even more problematic when your own citizens do not think there is a difference between domestic companies vacuuming data for advertising purposes vs foreign nations vacuuming up data for potentially adversarial use cases.

#3 Elon Musk Needs China. China Needs Him. The Relationship Is Complicated.

With the U.S. tightening technology exports to China in 2018, President Xi Jinping defiantly pledged to make China the world’s future innovation and industrial center. Key to his plan was Elon Musk.

Mr. Xi viewed the South African-born entrepreneur as a technology utopian with no political allegiance to any country, according to officials involved in policy-making, and saw his Tesla Inc. as a spearhead that could make China a power in new-energy cars.

Today Tesla likely makes more than half its vehicles in China, suggest calculations based on the company’s third-quarter production and delivery figures and China Passenger Car Association data. Chinese sales helped propel Tesla to its first full year of profitability in 2020 and provided roughly a fourth of Tesla’s revenue in the first nine months of 2021. Mr. Musk, meanwhile, has cemented his place as the world’s wealthiest person.

But Tesla is facing an increasingly difficult business environment in China now.

China is pressing foreign companies to meet an ever-more-stringent policy on data security. Tesla now must retain inside the country all digital records gathered from local customers, and it must ask authorities for approval before updating certain software on cars in China.

Source: WSJ

Ditto. Same as the above articles on Huawei and drones.

Most of this article is actually about how China uses its economy in order to gain access to strategic tech. In this case, Tesla / EVs and Elon. Sounds like Elon has a lot of reasons to be nice to China at the moment…and has lots of favors that can be called.

But what I found most interesting is China’s sensitivity to over-the-air software updates for Tesla cars. China does not want the software to update unless the government approves it first, which ties in really well with the software issues we have discussed above with Huawei and drones.

This is a general problem, though. Unless trust is restored, will it be possible for China to be comfortable allowing any American products that have embedded software? Same for the US – will the US ever become comfortable allowing Chinese cars (with cameras!), Chinese drones (with cameras!), Chinese appliances (with sensors…and maybe cameras!), Chinese security cameras, Chinese smartphones (with cameras!)…all products that have embedded software that can update on their own…to be used in the US?

Seems to me like we are in a race against the clock – how to establish cyber and software security in a way that can satisfy both sides of the Pacific before mutual fear forces the tech (and don’t forget – everything is becoming tech) supply chain apart?

[The] China Space Station had to conduct two separate evasive maneuvers on July 1 and Oct. 21 respectively – in both instances with astronaunts on board – to avoid collisions with Elon Musk’s Starlink satellites.

The Chinese mission also mentioned that Article VI of the Outer Space Treaty, to which the United States is a Party, says “States Parties to the Treaty shall bear international responsibility for national activities in outer space, including the moon and other celestial bodies, whether such activities are carried on by governmental agencies or by non-governmental entities
”

Source: Pekingnology

Changing topics slightly – Yikes. Elon almost hit the Chinese space station. Elon might be able to get away with problems in the US by making a joke or a meme out of it, but I’m not so sure the Chinese government likes to joke around.

China has pointed out that, in space, responsibilities lie with the government (e.g. US), even if the activity is conducted by a non-government entity (e.g. Elon Musk / Tesla / SpaceX).

I don’t think it would be that funny if Elon caused a major geopolitical incident between the US and China, especially given how weak the relationship is. Even worse, Chinese netizens are having a field day over this…inter-government relationships can always change on a dime (for better or worse), but opinions of the common people are hard to change / reverse.

#5 Inside Tim Cook’s Secret $275 Billion Deal with Chinese Authorities

Apple’s iPhone recently became the top-selling smartphone in China, its second-biggest market after the U.S., for the first time in six years. But the company owes much of that success to CEO Tim Cook, who laid the foundation years ago by secretly signing an agreement, estimated to be worth more than $275 billion, with Chinese officials promising Apple would do its part to develop China’s economy and technological prowess through investments, business deals and worker training.

Cook forged the five-year agreement, which hasn’t been previously reported, during the first of a series of in-person visits he made to the country in 2016 to quash a sudden burst of regulatory actions against Apple’s business, according to internal Apple documents viewed by The Information. Before the meetings, Apple executives were scrambling to salvage the company’s relationship with Chinese officials, who believed the company wasn’t contributing enough to the local economy, the documents show. Amid the government crackdown and the bad publicity that accompanied it, iPhone sales plummeted.

Apple’s reliance on Cook’s charm, however, caused concern among some Apple executives in China. While his visits helped prevent serious damage to Apple’s business and elicited positive public statements from Chinese officials about Apple’s commitment to the country, they believed the company could be vulnerable if other senior executives or local China managers didn’t also forge such relationships for moments when Cook wasn’t available, one internal document said.

Source: The Information

Incredible reporting by The Information, covering Apple’s issues in China since 2014. This is mostly a tech story, but there’s a lot of interesting color on how large of a role the Chinese government has played in influencing Apple’s activities in the country and possibly abroad.

This is not a blog about politics though it is obviously important to be politically aware…I have no view on whether this approach is good or bad. But it is interesting to consider how much power China has over the largest and most successful American company at the moment (as well as the 5th largest – Tesla).

đŸ‘» Cryptocurrencies + NFTs

#6 GigLabs’ App Enables Shopify Merchants to Mint and Sell NFTs

GigLabs, a blockchain company that empowers brands to bring their IP to life through non-fungible tokens (NFTs), announced its GigLabs NFT App for the Shopify App Store will be made available for eligible Shopify Plus merchants to create and sell NFTs on their Shopify storefront in minutes without any prior development or blockchain experience. 

GigLabs enables eligible Shopify Plus merchants to mint and sell NFTs on the Flow Blockchain. Flow is the world’s fastest growing blockchain with over 2 million accounts, over 17 million individual NFTs minted and more than 10 million secondary market NFT sale transactions. Flow leverages an environment-friendly design via Proof-of-Stake that consumes thousands of times less energy than Proof-of-Work blockchains.

Source: Businesswire

Shopify truly is making it easy to sell anything, anywhere.

I wonder how the selling of NFTs will shift between exchanges (like OpenSea) vs standalone websites (built on Shopify).

OpenSea is kind of like Amazon / marketplaces in the e-commerce world. It’s centralized (Did I just say that? Don’t burn me at the stake!) and is primarily focused on the product. But Shopify has shown there is very large and growing interest in controlling the consumer relationship and story. When it comes to e-commerce, merchants want to tell their story directly to consumers and circumvent middlemen like Amazon. This is what makes Shopify special since it allows you to easily set up a website and do just that. Will that also become the model for NFTs? Stories (and community) are currently the key driver for NFT success. Might this mean selling NFTs through a Shopify website where you can control the marketing and messaging is the preferred model?

#7 Melania Trump Is Releasing an NFT That Will Cost 1 SOL Each

Melania Trump has become the latest celebrity to try to cash in on the craze for non-fungible tokens. 

The former first lady’s first NFT, called Melania’s Vision, will include watercolor art that “embodies Mrs. Trump’s cobalt blue eyes, providing the collector with an amulet to inspire,” according to an emailed statement. It will be available from Dec. 16 to Dec. 31 for one SOL, a cryptocurrency that runs on the Solana blockchain, currently priced at $187.

Sales from Trump’s collection will benefit her Be Best initiative, according to the statement. She will help foster children acquire “computer science skills, including programming and software development, to thrive after they age out of the foster community.”

Source: Bloomberg

#8 NIKE, Inc. Acquires RTFKT

NIKE, Inc. today announced the acquisition of RTFKT, a leading brand that leverages cutting edge innovation to deliver next generation collectibles that merge culture and gaming.

Founded in 2020, by Benoit Pagotto, Chris Le and Steven Vasilev, RTFKT is a pioneering and innovative brand that redefines the boundaries of physical and digital value to serve their broad community of creators. This dedicated team leverages the latest in game engines, NFTs, blockchain authentication and augmented reality to create one of a kind virtual products and experiences.

Source: Nike

RTFKT (pronounced as Artifact) makes digital shoes.

#9 Adidas Originals Launches Nfts And Buys A Plot In The Sandbox Metaverse

The Adidas Originals collection is inspired by and presented in partnership with NFT leaders such as Bored Ape Yacht Club, Gmoney, and the team behind the Punks Comic.

The NFTs are on sale today, and buyers will receive exclusive access to Adidas Originals experiences and products.

Access will include virtual wearables for blockchain-based gaming world The Sandbox and other platforms, plus physical products to match. The brand has also purchased a Bored Ape Yacht Club NFT, named Indigo Herz, to join one of the most active communities in the NFT space.

Adidas has acquired a plot of virtual land inside The Sandbox, which it is working to fill with exclusive content and experiences. The brand’s digital assets will be secured in partnership with Coinbase, a leading crypto-exchange.

Source: Venturebeat

Not to be left out, Adidas also making a splash. Seems like it was very well received and sold out quickly.

#10 Steph Curry Sells $333 NFT Sneakers You Can ‘Wear’ in Different Metaverses

National Basketball Association player and recent crypto convert Stephen Curry released a collection of 2,974 non-fungible tokens featuring digital replicas of the shoes he wore when he broke the 3-point scoring record this month, allowing owners to show them off across three different metaverses.

Priced at $333 and already sold out, the NFT drop entitles buyers to sport the shoes across a trio of Ethereum-based metaverse platforms: Eric Schiermeyer’s Gala GamesAnimoca Brands’ The Sandbox and Decentraland.

Source: Bloomberg

Curry also getting in on the action.

Also note that these NFTs will work across 3 major games / platforms (Gala Games, Sandbox, and Decentraland). One of the advertised dreams for NFTs by maximalists is that you truly own it and can use it wherever you want. This is very different from how games work right now. If you buy an in-game item in a game like Fortnite, you can’t use that somewhere else, e.g. in Roblox or World of Warcraft. NFTs could make it more consumer-friendly so that you truly own what you buy and use it where you want.

BUT these Curry shoe NFTs are an excellent illustration of why that dream is so hard to achieve. Take a look at how these shoes will look in each game:

Source: Curry

Hopefully you’ll agree that the shoes don’t look alike in each game…this is because when you own an NFT, you don’t really own the picture. What you own is a token that says you own the picture. When it comes to being able to use that picture in a 3rd party game, you still need the game to allow it / support it and implement it. You need the game developer to create that picture in the game (and you have to go through a gatekeeper, i.e. the game developer).

The dream about NFTs being usable anywhere is just a dream at the moment…I’m not really sure the incentives are all there to get game developers to truly spend the effort to allow you to use your NFTs purchased somewhere else (unless the NFT creator explicitly goes through the effort of making that happen before it is sold). Otherwise, why would the game developers spend effort to do that after the fact? In a normal game, game developers spend effort making things so that you will spend money in the game. But if you aren’t going to spend money and just want to bring NFTs that you’ve purchased somewhere else, what is the incentive to do the work and make it happen? The developer will still have to go through the effort of creating your digital item in the game, but then you will simply claim you already own it because of this NFT from somewhere else?

Seems a little suss…

#11 Bored Ape Yacht Club to Launch Play-to-Earn NFT Game

A Bored Apes game is coming. Image: Bored Ape Yacht Club

Today, Bored Ape Yacht Club creator Yuga Labs announced that it will develop a play-to-earn game in partnership with Animoca Brands.

The Bored Ape Yacht Club game is planned to launch in Q2 2022, but no other specific details were announced, aside from the play-to-earn focus and the fact that it will utilize Bored Ape NFTs. The teaser image shows a robotic hand clutching an electrified banana with the Bored Ape Yacht Club logo on it.

Source: Decrypt.co

Bingo.

So maybe you own a Bored Ape NFT. And maybe the creators could have made these NFTs work in other crypto games out there (the creators or users would have to figure out how to incentivize the game developers to spend the effort to support Bored Apes)…

BUT, maybe the logical and profit maximizing move is just to launch your own game that uses your highly popular NFTs!

Bored Ape is doing just that.

#12 HermĂšs Clashes With Artist Who Created Metabirkins NFT

Birkin bags

The artist behind a colourful collection of fluffy non-fungible tokens based on the well-known Birkin bag, who claimed that scammers were profiteering from his idea, has been hit with a similar accusation from fashion house HermĂšs.

Mason Rothschild, the artist who created NFTs of the bags which have traded for 200 ethereum (around $790,000) in sales as of Friday, estimated that scammers have made $35,000 from selling fake versions of his creations, called MetaBirkins. Rothschild said he saw “more and more fake MetaBirkins sold every hour” through online marketplace OpenSea the day before his collection launched on the same website.

“The people who bought those [NFTs], they can’t get that money back,” Rothschild said. “The blockchain is pretty relentless — you can’t call your credit card company and get it returned, once a transaction goes through, it’s a done deal.”

But Hermùs, whose original physical Birkin bags range from $9,000 to $500,000, said Rothschild was ripping off its designs and had infringed the company’s trademark.

Source: FT

So a guy (Mason Rothschild) rips off Hermes by making NFTs of Hermes’ coveted Birkin bags without the company’s approval. And now other people are ripping off Rothschild by making new NFTs based on his rip-off without his permission. And he’s not happy about being ripped off. And Hermes is also not happy about being ripped off.

Fun! What a world we live in!

Do you actually own a Birkin with any of these NFTs? That’s what I really want to know since it would definitely be more convenient than waiting 2 years on Hermes’ waitlist to actually buy a physical bag! Would someone’s wife prefer the NFT over the actual Birkin like how some people have argued diamond ring NFTs should be the same as real diamond rings?

Here’s another question – Is the supply of Hermes’ Birkin bag bigger or smaller than the supply of MetaBirkin NFTs + the knockoffs? Are NFTs more scarce or are Birkins more scarce?

🎭 Society

#13 Biden Will Sign An Executive Order To Move Government Services Online

The White House is hoping to spur a major technological overhaul of government services with a new executive order President Biden will sign Monday. The order directs 17 government agencies to modernize the way they deliver critical services to Americans, including by bringing more of those services online.

“We looked at the points of greatest friction for people with their government — filing taxes, applying for social security benefits, waiting in TSA lines — and focused on ways to reduce that friction,” Neera Tanden, senior adviser to the president, said on a call with reporters Monday. Tanden said the administration is focused on reducing the “time tax” on Americans.

The executive order focuses on agencies that have the most interactions with individuals and lays out more than 30 specific updates they need to make, from allowing Americans to renew their passports online to allowing disaster victims to submit photos of damage via their mobile phones. “All of these actions are near term in nature, meaning that they will generally be completed in the coming months, within one year,” said Jason Miller, deputy director of management at the Office of Management and Budget.

Source: Protocol

Big if true. This could boost American productivity like nothing else (I’m saying this in only a mildly sarcastic manner).

Every American loses at least 6 hours trying to get into DMV (though, sadly, DMV is not a Federal service and hence not covered under this Executive Order).

In any case, this is important for society. Much of society interacts with the government only through local services and elections…there are very few touchpoints that inform citizens about whether government runs well or not. I think it’s important that the US improve these touchpoints because our experiences at DMV, TSA, etc have largely left most people with a poor perception of government. And it erodes public trust.

💬 Media + Games

#14 Cloudflare: Google dethroned by the young ‘padawan’ TikTok

Let’s start with our Top Domains Ranking and 2021 brought us a very interesting duel for the Number 1 spot in our global ranking. Google.com (which includes Maps, Translate, Photos, Flights, Books, and News, among others) ended 2020 as the undefeated leader in our ranking — from September to December of last year it was always on top. Back then TikTok.com was only ranked #7 or #8.

2021 told a different story. It was on February 17, 2021, that TikTok got the top spot for a day. Back in March, TikTok got a few more days and also in May, but it was after August 10, 2021, that TikTok took the lead on most days. There were some days when Google was #1, but October and November were mostly TikTok’s days, including on Thanksgiving (November 25) and Black Friday (November 26).

Source: Cloudflare

Impressive! TikTok has overtaken the whole Google domain. Not just Google Search.

I also really enjoyed this SNL skit on TikTok:

#15 Instagram Surpasses 2 Billion Monthly Users While Powering Through A Year Of Turmoil

Instagram reached a new milestone of 2 billion monthly active users this fall, according to sources familiar with the situation.

Heger said the speed of expansion to 2 billion users is particularly important given the hefty competition that’s emerged from TikTok, which has surged in popularity by making it simple for people to create and share short, funny videos.

According to findings of a survey published last month by Forrester, 63% of Americans between the ages of 12 and 17 used TikTok on a weekly basis this year, compared with 57% for Instagram. In terms of downloads, TikTok was installed 596.1 million times globally this year across Apple and Google devices, topping 570.7 million installations for Instagram, according to SensorTower.

Source: CNBC

This is impressive, too! Instagram (and Facebook) still have higher user numbers than TikTok, but TikTok users are way more engaged.

🛍 Commerce

#16 How Shopify Outfoxed Amazon to Become the Everywhere Store

Its technology now undergirds the websites of giant retail chains such as Staples Inc. and Chipotle Mexican Grill Inc.; recently ordained public companies that grew up on the platform, including shoemaker Allbirds Inc. and medical scrubs maker Figs; and the retail side-hustles of Kylie Jenner, Taylor Swift, Lady Gaga, and other celebrities. But the company’s biggest impact has been at the smaller end of the scale, in the vast constellation of mom and pops, venture-capital-backed startups, influencer mini-moguls, twee entrepreneurs, merch heads, and more obscure outfits, like Offlimits—a two-person New York City startup trying to reinvent, of all things, breakfast cereal.

In late 2015, in one of Bezos’ periodic purges of underachieving businesses, he agreed to close Webstore. Then, in a rare strategic mistake that’s likely to go down in the annals of corporate blunders, Amazon sent its customers to Shopify and proclaimed publicly that the Canadian company was its preferred partner for the Webstore diaspora. In exchange, Shopify agreed to offer Amazon Pay to its merchants and let them easily list their products on Amazon’s marketplace. Shopify also paid Amazon $1 million—a financial arrangement that’s never been previously reported.

Bezos and his colleagues believed that supporting small retailers and their online shops was never going to be a large, profitable business. They were wrong—small online retailers generated about $153 billion in sales in 2020, according to AMI Partners. “Shopify made us look like fools,” says the former Amazon executive.

With supply chain problems plaguing the global economy, even the largest retailers are having trouble getting merchandise from manufacturers to customers’ homes in anything resembling a timely manner. Amazon, of course, has an advantage here: a well-honed logistics network devoted to ferrying products across oceans and among about 930 warehouses around the world, then delivering packages right to people’s doorsteps. Shopify sellers sound desperate for this kind of support.

Source: Bloomberg

Wonderful look into Shopify’s history, management culture, and how it’s evolving. Also does a great job highlighting how the dynamics between Amazon and Shopify are evolving, especially during the pandemic. Shopify has been serving merchant needs well, but unfortunately lacks the logistics that have become increasingly important during the pandemic. This is pushing the pendulum back in Amazon’s favor.

From the same journalist that brought us the definitive book about Amazon, The Everything Store.

#17 Alibaba To Test Gaming Potential Of Metaverse As Big Tech Firms Stampede Into Virtual World

Alibaba Group Holding has registered a new company in Beijing named Yuanjing Shengsheng to test the gaming potential of the metaverse, in the latest sign that China’s Big Tech firms are doubling down on what many see as the future of the internet.

The establishment of the new unit underlines Alibaba’s interest in the metaverse, a shared, immersive 3D virtual space where people can interact and trade, and the move comes despite Beijing’s tighter scrutiny of the gaming sector in the past year. It also comes hot on the heels of similar forays into the metaverse by other Chinese tech giants, including Tencent Holdings, NetEase and Baidu.

Source: SCMP

This is nominally a story about gaming and metaverse, but it’s actually a story about advertising and commerce.

It’s becoming increasingly clear that gaming, commerce, and advertising is on a collision course. This is about BABA trying to remain relevant as commerce and ads migrate into games. BABA is a commerce and advertising company. But it needs to become a gaming company before gaming companies like Tencent figure out how to be commerce companies.

đŸ‘šâ€đŸ’» Technology

#18 Software Flaw Sparks Global Race to Patch Bug

Companies and governments around the world rushed over the weekend to fend off cyberattacks looking to exploit a serious flaw in a widely used piece of Internet software that security experts warn could give hackers sweeping access to networks.

Cybersecurity researchers said the bug, hidden in an obscure piece of server software called Log4j, represents one of the biggest risks seen in recent years because the code is so widely used on corporate networks.

“It’s a very critical issue,” Mr. Goers said. “People need to upgrade to get the fix,” he said. Log4j is used on servers to keep records of users’ activities so they can be reviewed later on by security or software development teams.

Because all sorts of data are logged by servers, everything from email addresses to web navigation requests, these attempts could give attackers a foothold on a vulnerable server deep in corporate networks, said Ryan McGeehan, an independent security consultant who was formerly a director of security at Facebook. “A successful attack is like creating a wormhole,” he said. “The attacker can’t be sure where they’ll end up.”

Source: WSJ

I unfortunately missed the beat recently as holiday plans started getting under way, so this is slightly old news. But given the severity of the situation, it’s still worth talking about.

This is probably the biggest security hole the Internet has ever seen, especially since the world has been rapidly forced to digitize over the last two years. It will take a while to address and fully understand the scope of data and economic leakage.

Here’s a great infographic of the log4j issue and ways to address:

The log4j JNDI attack

Source: Swiss Government Computer Emergency Response Team

From an investment perspective, cybersecurity continues to become more and more important.

A couple of other interesting things:

1/ When the flaw was first discovered, the Apache Software Foundation (entity that manages the open-source software) said it was notified by a 3rd party regarding the flaw. The identity of the 3rd party was not revealed at the time. It turns out the 3rd party is actually Alibaba, and Alibaba has been subsequently punished by the Chinese regulator for not notifying them as well. The Chinese regulator claims it was not aware of the issue until 15 days later.

2/ It’s understandable that the Chinese regulator would be very angry about not being notified since this is a major security issue that could have left many servers highly vulnerable in China. However, there’s also a lot of debate and distrust about the specifics in western society at the moment – Is the issue that the regulator wanted to be notified first or notified at the same time? And if it was notified first, would it have tried to take advantage of the security holes before notifying the Apache Software Foundation? The reason there is debate is because security providers like Microsoft were already detecting Chinese-linked hackers taking advantage of the security holes despite the Chinese regulator claiming it was not aware until later.

#19 Nvidia: What Is a Digital Twin?

A digital twin is a virtual representation — a true-to-reality simulation of physics and materials — of a real-world physical asset or system, which is continuously updated.

Digital twins aren’t just for inanimate objects and people. They can be a virtual representation of computer networking architecture used as a sandbox for cyberattack simulations. They can replicate a fulfillment center process to test out human-robot interactions before activating certain robot functions in live environments. The applications are as wide as the imagination.

Source: Nvidia

Very good deep-dive into digital twins.

đŸȘ Semiconductors + Chips

#20 EUV: The Most Precise, Complex Machine at Intel

In Intel’s second “Behind this Door” video, take a sneak peek into fab D1X in Oregon to see what is likely the most complicated machine humans have built.

Delivering just one of these tools to D1X takes three Boeing 747 cargo planes, 40 freight containers and 20 trucks. The school bus-sized machine comprises 100,000 parts and weighs nearly 200 tons.

Source: Intel

While not exactly “news” (and Intel is a few years behind TSMC and Samsung in adopting ASML’s EUV machines), Intel is giving a concise peak into their adoption and operation of EUV machines. ASML’s EUV machines is one of the most important and complex technology in the world right now.

Probably worth spending the 4 mins to watch it.

đŸš˜đŸŒœ “Nuts and Bolts” Tech

#21 TikTok Is Getting Into the Restaurant Business

At TikTok Kitchen, menu items are based on viral videos. Projected opening dishes include pasta chips with dip, corn ribs,  and a smash burger.

On Dec. 17, the video-sharing platform announced a partnership with Virtual Dining Concepts to launch delivery-only TikTok Kitchen locations across the country, starting in March. Food and recipe videos have become a key part of the site’s programming, with clips racking up millions of views. The company recently reported that more than 1 billion people worldwide use the platform monthly.

The TikTok Kitchen menu will be based on the app’s most viral food trends, including baked feta pasta, which was ranked the most-searched dish of 2021 by Google. Also planned for the opening menu are pasta chips—cooked pasta shapes that are cheese coated and air-fried—as well as a smash burger and corn ribs made from peeling off sections of corn and coating them with spices and Parmesan. Earl says prices will be “comparable to other Virtual Dining Concept brands.” A MrBeast burger starts at $6.99.

The menu will change quarterly to start. If a dish starts going viral, says Earl, there will probably be opportunities to add it to menus. Whether such dishes as the baked feta pasta remain constant offerings remains to be seen.

Source: Bloomberg

#22 Shopee Rolls Out Taxi-Hailing Service In Indonesia In Partnership With Blue Bird

Shopee Indonesia is introducing a new feature, Taksi, in partnership with the country’s leading taxi operator, Blue Bird. Taksi allows users to book a Blue Bird ride through the Shopee app and settle the fare with ShopeePay. The new function doesn’t have a dedicated page yet, and it is available in limited areas for now. Shopee is currently offering several discounts and promotions for the service.

For now, Shopee’s marketplace will likely remain its core service. It is unclear whether Shopee will launch a motorbike-hailing service in the future. However, since the firm already has a fleet of drivers and couriers for ShopeeFood and ShopeeExpress, motorbike-hailing seems like a viable option.

Source: KrAsia

Testing the water for ride-hailing services?

đŸ€” Hmm… / 😼 Much Wow

#23 Time 2021 Person of the Year – Elon Musk

The richest man in the world does not own a house and has recently been selling off his fortune. He tosses satellites into orbit and harnesses the sun; he drives a car he created that uses no gas and barely needs a driver. With a flick of his finger, the stock market soars or swoons. An army of devotees hangs on his every utterance. He dreams of Mars as he bestrides Earth, square-jawed and indomitable. Lately, Elon Musk also likes to live-tweet his poops.

“Just dropping some friends off at the pool,” the 50-year-old zillionaire informed his 66 million Twitter followers on the evening of Nov. 29, having previously advised that at least half his tweets were “made on a porcelain throne.” After an interval—21 minutes, if you must know—an update: “Splish splash.”

This is the man who aspires to save our planet and get us a new one to inhabit: clown, genius, edgelord, visionary, industrialist, showman, cad; a madcap hybrid of Thomas Edison, P.T. Barnum, Andrew Carnegie and Watchmen’s Doctor Manhattan, the brooding, blue-skinned man-god who invents electric cars and moves to Mars. His startup rocket company, SpaceX, has leapfrogged Boeing and others to own America’s spacefaring future. His car company, Tesla, controls two-thirds of the multibillion-dollar electric-vehicle market it pioneered and is valued at a cool $1 trillion. That has made Musk, with a net worth of more than $250 billion, the richest private citizen in history, at least on paper. He’s a player in robots and solar, cryptocurrency and climate, brain-computer implants to stave off the menace of artificial intelligence and underground tunnels to move people and freight at super speeds. He dominates Wall Street: “The way finance works now is that things are valuable not based on their cash flows but on their proximity to Elon Musk,” Bloomberg columnist Matt Levine wrote in February, after Musk’s “Gamestonk!!” tweet vaulted the meme-stock craze into the stratosphere.

Source: Time

Elon is polarizing, but there’s no one that deserves the title of Person of the Year more than him. Excellent read on why he matters, both good and bad.