Spillikins # 629. The Yandex administrator traded user mail

Hey.

Moscow was covered with snow, equipment was cleaning the streets day and night, and traffic jams even at six in the morning reached 9 points. I returned from a meeting at night from Friday to Saturday and enjoyed the snowdrifts, the fact that everything was covered with snow, and the cars along the side of the road were buried under the snow. Nice and very few people on the streets. There were not many cars on the roads, but everyone was driving extremely carefully, they were periodically skidded, and the drivers tried to keep their distance. The climate is changing, and the evidence of this is the weather that we see all over the planet. We have record snowfalls that paralyze the city, forcing us to spend a lot more money on everyday things. For a couple of days on social networks, groans about why all the delivery began to cost so much do not stop. Someone gives screenshots of the delivery cost of 600-700 rubles, while the restaurant is only ten minutes away. Someone complains about the increased demand for taxis. I had many questions about the taxi, the cost of the trip almost doubled! Thirty minutes of the trip cost about 1 rubles and suddenly turned into 000 rubles. The driver complained that there was not enough work, people at such prices do not want to go and choose public transport. There was a usual full house in the metro.

Spillikins # 629. The Yandex administrator traded user mail

You read the news, and involuntarily it becomes sad. Shaking Armenia, an earthquake near the coast of Japan, not far from the very same nuclear power plant “Fukushima”. Bad thoughts creep in, especially looking at the weather in Europe. And we are definitely not ready for this, and we cannot be, since we lived in a familiar, comfortable environment. I described this idea in a piece about freezing Britain and how this country is trying to solve the problem with heating, I learned a lot about where the “orders” for such materials come from. It’s nice that there are always those who know everything for sure and stand with a candle. I like to understand how the world works, how technologies work, and why in the XNUMXst century people cannot always receive basic benefits.

I planned to write in Spillikins about Clubhouse, a new social network for conversations, but in the end I ended up with a large separate material, read on.

But enough of discussing the materials that came out, let’s start our release. Go!

Content

  1. Bloomberg attacks China, the next “chips” in the servers
  2. Yandex employee who traded user data
  3. CD Project Red – the company’s problems are only growing
  4. Clever things that turned out to be unnecessary
  5. America is stepping on sacred, Apple’s App Store commission
  6. Give a complaint book, a letter from our reader about the service from Sony

Bloomberg attacks China, the next “chips” in the servers

A lie repeated a thousand times becomes true. Chateaubriand’s phrase perfectly describes the strategy that Bloomberg Businessweek adheres to. In 2018, an article appeared where secret sources shared with reporters the details of how the Chinese intelligence services are placing small chips in electronics that monitor American companies and transmit all the information they collect directly to China.

Spillikins # 629. The Yandex administrator traded user mail

Bloomberg did not provide any confirmation of their words, which, however, does not look surprising at all, this is a common technique in American politics in recent years. Thousands of accusations fall on the opponent, he is literally overwhelmed with them and does not even have the opportunity to answer them, they sound so absurd. The set of cliches in the “investigation” is chosen so as to impress the layman, to create the feeling that the other party is to blame. In 2018, the Bloomberg “investigation” had a huge impact, as it achieved the desired goals, many Americans were convinced that China was watching them. As a result, attacks on Huawei and other companies have met with little domestic resistance. Note that the post appeared a few weeks before America announced another round of sanctions against Chinese tech companies, that is, the country’s tech sector. It is interesting that the first publication was followed by a harsh response from all the mentioned American corporations, in whose equipment there were supposedly “bugs”. Everyone unanimously accused Bloomberg of fiction, nothing of the kind happened in practice.

In 2021, history repeats itself, and this is the second approach to this topic. The new text can be found here.

Spillikins # 629. The Yandex administrator traded user mail

In the center of the “investigation” – again the company SuperMicro, which is introducing bugs into its products, and they are already sending data to China. The company’s servers are used by various American departments, including the Pentagon. The article is heavily implicated in fiction, individual facts that have taken place with the hacking of corporate systems, and all this is served with exactly the same sauce. Three years later, Bloomberg has become smarter, learned from their mistakes and do not mention American corporations in order not to receive a public rebuke. Now only government departments are mentioned, and they, as you know, never publicly comment on anything.

To explain why America knew about bugs in equipment for a decade, but did nothing with them, some sources say that it was such a game – they did not want to frighten the Chinese, they followed their capabilities. But they kept their ears open and did not give access to the most secret secrets. The explanation is from the Losers, and it is calculated that someone will believe in it. Moreover, it is interesting that the equipment of the mentioned Chinese companies, the same SuperMicro, continues to be supplied to the Pentagon, other departments of America, and the company is not on any list of exceptions. Have you imagined it?

This publication has every chance to attract the attention of the US Congress, and hearings may be held there (most likely, behind closed doors). Although, perhaps, the senators will want to put on a show, and then we will see on the air how they tell us about the aspirations of the Chinese and their hacking of the Pentagon and other departments. It all depends on the political moment and the need for such a setting. The bottom line is that we have no real evidence that there was any surveillance. A bunch of secret sources and logical inconsistencies in the text itself. An excellent example of propaganda that sets the stage for the next round of sanctions against the Chinese tech sector, so that it can’t even raise its head. The material can only be considered in this quality, nothing else could be found inside.

Yandex employee who traded user data

Another scandal happened at Yandex, but this time, for a change, I will try to protect the company, since no one is immune from the human factor, especially in large corporations. The story itself sounds very simple, one of the three system administrators who have access to mail traded passwords from user boxes. Why someone in Yandex can see user passwords is not entirely clear to me, since there is no need for this to ensure that mail works. And the problem itself is solved on the shore, it is impossible to sell what you do not know. Access to the boxes located in the service can be carried out through the rights of those very administrators, the very fact of access in the system can be recorded, and the security service will check who did what, and most importantly, why. There was none of this inside Yandex, and three administrators could get full access and do whatever.

Spillikins # 629. The Yandex administrator traded user mail

Yandex publicly reported the leak and appealed to law enforcement agencies. A leak was discovered during a regular check, the person sold 4887 user boxes to the side. And here I have a question, how regular are the checks by the security service and how prolific this administrator was. Let’s ask a different question: how many passwords from user boxes should be sold per day? Ten? Hundred? A thousand? At best, the administrator has been selling for several months, at worst for several years. The number of compromised boxes is too high for a short period of time.

No one is safe from an unscrupulous employee who may decide to earn some money on the side. Usually the insurance against such actions is the structure of the company, as well as the fear of people that the consequences will outweigh any potential benefits. In this case, this did not happen. In my opinion, both Yandex and other companies are interested in that this story received maximum coverage, in the end we learned about how long a person got for his crime, and this made everyone think a hundred times before do something like that. Such things are often released on the brakes, and it is important that Yandex has made the decision to publicly declare this. Yes, this is a difficult situation, it proves once again that everything is lax inside Yandex and the employees live their own lives. But it is important that we, at least, see a clear attempt to fix something, before they have not even been undertaken. Let’s be optimists and believe that Yandex is trying to fix itself and clean up at home, to make sure that data does not leak out.

CD Project Red – the company’s problems are only growing

Misfortune never comes alone. The truth of this proverb has been tested by CD Project Red. The Polish studio that created CyberPunk, The Witcher and other games is constantly in the focus of attention of both the press and the players plus investors. The studio’s latest game became a bestseller, millions wanted to play in Cyberpunk 2077, not everyone succeeded, and a flurry of accusations of the studio’s management of hiding important facts rained down. Some investors considered themselves cheated and went to court. External pressure, the need to release patches in scalded cat mode – we can safely say that the company has lived all these months under an enormous load.

Spillikins # 629. The Yandex administrator traded user mail

When it seemed that everything was over, there was a new attack. The company’s servers were infiltrated by attackers, they issued an ultimatum – either you pay a ransom, or we destroy all data on your servers, and publish the game code plus compromising evidence that will highlight the problems during development and the decisions made. The threat is not empty at all, since such documents can be considered as circumstantial evidence in court, investors will be happy to see the inner workings of the company. Of course, in court proceedings, the documents that will be published will not appear directly, but they will create a mood, as well as allow you to ask all questions to the point, pulling answers from the representatives of CD Project Red.

Spillikins # 629. The Yandex administrator traded user mail

This is not the first and far from the last story in which we see blackmail from unknown persons who break into the corporate network and encrypt all data. Previous stories were also significant and should have taught companies that they need to be protected from this, at least constantly create copies of data, divide internal networks into segments, and so on. But the peasant will not cross himself until the thunder breaks out, and, apparently, here, for other things, his hands did not reach this point.

The company did not pay the ransom; the burglars arranged an auction. The initial rate was from a million dollars, for seven million it was proposed to buy the archive with the source codes of games, including the unreleased game “The Witcher 3”, immediately. The trades did not last long, someone bought these files.

The head of the studio, Adam Kichinsky, could not give detailed comments on the nature of the attack or give specific facts, but from the interesting point I note that he said that the speed of development of new games would slow down. New troubles have been added to CD Project Red’s list of troubles, it is completely incomprehensible how the studio will get out of this blockage. I searched various gaming forums to understand the reaction of the players who love the games of this studio. It is somehow difficult to notice massive support, everyone, by and large, does not care, the approach to the company’s products is purely consumer-oriented. In Europe, the tonality is somewhat different, there are more words of support and sympathy that this trouble happened. There is a share of CD Project Red’s blame for the lack of proper protection measures, but today no one is immune from this. After all, there can always be a person inside the company, from whom there is no way to protect yourself (recall the story of the Yandex hacking, which was just discussed).

In general, I am embarrassed by the fact that many people have forgotten how to empathize and put themselves in the shoes of the victim, show empathy and support those who are feeling bad at the moment. As for me, this is a very important skill that makes us human.

Clever things that turned out to be unnecessary

He was on the jury of the competition, which evaluated ideas, designs, and concepts of various things, which, with some stretch, can be called smart. The organizers presented the jury with all sorts of trinkets, for example, a smart umbrella, I hope I will tell you about it this week. But then I caught myself thinking that from the unrestrained integration of “smart” functions, we imperceptibly moved to the moment when the charm of such things disappeared and people do not have the desire to buy a kettle with Wi-Fi or Bluetooth on board. Perhaps the reason is that it was initially unclear how to use it and what for. In my life, there are simply no scenarios for such a kettle, and I don’t consider the situation when you are lying on the couch and need to boil the kettle remotely (is there water?). And in the end, pouring tea into a mug and drinking it will take a trip to the kitchen.

I was visiting a friend the other day, he bought himself a refrigerator in which you can make a transparent glass wall and see what is inside. Go to the refrigerator, knock, and you are shown its contents. The owners proudly demonstrated this toy to me, you knock – transparently, then it is darkened. But this is precisely a toy, since inquiries showed that they had never done this in ordinary life. They go to the refrigerator, open the door, take out something, or learn about the need to buy milk, sour cream, and so on. They don’t look through the door, it’s inconvenient.

And I perfectly understand the feelings of my friend, who is coveted by the chip. This is unusual, you convince yourself that you will come up with a way to use this opportunity in life. Then you postpone the idea until later, they say, I’ll do it tomorrow. And a bright tomorrow still does not come. I had a refrigerator with Internet access and a small screen (small by the standards of that time) idle. Cool refrigerator, only the screen in it was completely redundant.

It is normal and correct that manufacturers are trying to combine different technologies, experimenting – but what will happen if we add a screen and voice control here? But very often experiments are set up for the sake of experiment and without regard to what to do with it later, how living, ordinary people will use it. As a rule, the answer is the same – no way. Excessive opportunities that cost a lot of money and are not at all needed in life. I wonder how much my friend gave for a transparent refrigerator door, a third of its real value, or less?

At exhibitions, meaningless things that large and small companies showcase make you smile. I’ll never forget the little Bluetooth sensor that counts how many times you’ve sat down on a chair or sofa. You place the sensor, it responds to pressing, collects data and then sends it to you. The plans of these guys were to synchronize the data with the number of steps that you go through in a day. To my question, why is this necessary, I received a lengthy answer that this way you will get to know yourself better. But, of course, no one can surpass a startup that suggested counting the number of trips to the toilet and released a nozzle for panties (male and female versions!). I originally thought it was a medical device for those who suffer from incontinence, that it somehow helps sick people. But no, it turns out, for the healthy, just to digitize this area of ​​life. For especially scrupulous people who want to remember everything about themselves, there is an option to photograph the consequences and save in the database. And yes, they did it for healthy people! What was in the head of these guys? How did they explain to themselves the need for such a service? The fact that no one has done this before them and the niche is free? I don’t know, but the result stunned me.

Communicating with such an audience is a journey through the looking glass, in which common sense is absent. The market is big, but what if it shoots? Suddenly there will be people who will make your superfood a bestseller. And the worst thing is that these people learned from the same patterns, make websites for such products, beautiful presentations – in a word, everything is grown-up.

I looked around my workplace, I have a smart mug on my desk. She knows how to measure the temperature of the drink, she can transfer this information to the phone. Over the years, I don’t remember whether it made it to the market or not, and I don’t have an application either. This mug serves as a stand for pencils, the hand did not rise, and there was no other need for it. She did not know how to heat or cool drinks, so there is zero usefulness in it. What did the Chinese think about when they created their immortal? What will it be important for a person to know to the nearest degree, what is the temperature in his mug? What for?

Huge resources are spent on creating completely useless things, pieces that duplicate some existing items. Moreover, their creators think that by adding the word “smart”, they double the cost, as well as the demand for this item. And if the price is really exorbitant, then questions about applicability in practice arise. This does not mean that all smart things are pointless, on the contrary, many sensors and tools are useful, they make everyday life easier. But all the more absurd are attempts to stick a wireless sensor into an ordinary object and call it smart. It is necessary to make life easier for people, make it easier and more understandable. And not make you wonder why and how to use this or that subject. And the good news is that during the crisis this holiday of life ended and only more or less living ideas get to the stage of prototypes and the launch of fundraising on crowdfunding platforms (we do not take scammers into account).

America is stepping on sacred, Apple’s App Store commission

Still, Epic Games has stirred up the hive, since now Apple must defend itself against claims on their policy on iOS, the prohibition of other companies and developers on this platform, full and strict control over it. In North Dakota, a bill has been proposed that looks like a time bomb. Senator Kyle Davison believes that forcing a 30% commission from app developers, preventing alternative app stores on iOS violates buyers’ rights. Less choice, higher prices.

A bill in one of the American states does not play any role for the whole country, so it can be safely ignored, even if this law is passed. In this case, Apple can safely not sell its devices in the state, and buyers will be forced to go to neighboring settlements. But the undermining of the foundations is very typical, and this is a rare case when representatives of Apple commented on the situation. The motivation is simple: the bill is harmful, as it will allow “bad” applications to get on the iPhone, and they will already destroy it as we know it. It is Apple in this paradigm that acts as the gatekeeper who lets or does not let applications on its system.

This story is much broader than the lawmaking of a particular state, because it raises a fundamental question of whether Apple should open its system to third-party app stores, or they have the right not to. Following the logic of the market and what we see on Android, this can and should be done. But then Apple’s profits would plummet, the cost of iOS apps would drop, and both systems would level off. For users, this is definitely good, for Apple it means a loss of money, which is vital for the company to set records in revenue and profits. To repeat a simple thought, Apple will fight for every cent and for every penny to achieve revenue growth. And all such initiatives look extremely bad for them, their task is to resist them as long as possible. In my opinion, Apple can only postpone the inevitable, but this struggle will not be won. Too many people in different countries want prices to be fair and lower (exactly the same claim against Google, just less heat, since there are alternative app stores). This music will be eternal, but it seems that we are observing a change in the approach on the part of officials, they are increasingly trying to bite Apple, piety has disappeared somewhere.

Give a complaint book, a letter from our reader about the service from Sony

There are many different stories in the mail, some with happy ending, some sad. This story belongs to the second type, our reader told about his love affair with a Sony smartphone. The letter is very large, so I will shorten the part about the previous smartphones, but leave the main one. We read the letter:

Hello Eldar.

I would like to express my gratitude for the interesting materials that I have been reading for over 15 years, and especially the podcasts on mr and in the blog (it’s a pity that they don’t come out anymore).

According to your advice, I try to always do the right thing.

I would like to share the story of what happened to me last year with you and, at your discretion, the readers of mr.

By the spring of 2020, there was no trace of LG’s former agility, and the battery capacity dropped by 30% – from 3300 to 2200MAh. All this made me think about replacement more often. The market was rife with fresh and underwhelming models, most of which were models with curved screens, holes or cutouts. The only current model that could meet all the requirements was the Xperia 1 mk2 from Sony.

Pros:

  • Comfortable grip
  • Flat screen
  • No cutouts and holes for the camera
  • Mini-Jack 3.5
  • Stereodynamics
  • Image quality from all 3 cameras
  • Performance platform
  • Almost pure Android

Cons:

  • Modest by modern standards, image resolution (especially when compared with Samsung s20 ultra)
  • Not the fastest fingerprint sensor
  • Cost
  • Accessory problems

Despite not the most flattering reviews, there were no alternatives, so a pre-order was made in the company store, which relied on WF-XB700 wireless headphones (by the way, in other countries they gave a better WF-1000XM3) and an additional year of warranty.

On June 19th the order was paid and on Sunday 21st it was delivered by courier. Having not experienced any special problems with data transfer before, I suddenly ran into them this time. The proprietary transfer application did not want to transfer data in any other way except through Google Drive, and since excellent technical support from Sony on the territory of the Russian Federation works, during the launch of the flagship product, exclusively on weekdays from 9 to 18, I had to purchase an additional 100 GB for a month. Why the rest of the transfer methods do not work, the support line staff could not explain on Monday.

The above problem with the original cases was temporarily solved by purchasing an analogue on the British E-Bay. When trying to order the 2nd case, a couple of months later, it turned out that the seller had stopped sending them, and exclusively to the Russian Federation. I could not give an answer to the question why, citing difficulties with delivery.

On October 26, after walking through the parks of Peterhof, taking out a smartphone from his pocket on a railway platform, he could not hold it in his hands. The result was the first drop on the screen and cracked glass in 14 years of using mobile communications. The overlay did not protect the corner. This did not affect the operation of the screen, but given the planned long term of use, I decided to replace the display module.

Having carefully studied the list of authorized Sony service centers for the repair of smartphones, I was surprised to find one RSS in the 7 millionth city, located on the subway line, but an hour away.

Sony support staff could not even name the approximate cost of replacing the display module.

  • On October 27, after a 40-minute waiting in line, the smartphone was handed over to St. Petersburg for a paid replacement of the display module (order 1020/6025) RSS Ivanovskaya 20 (receiving engineer I.B. Gorokhov).
  • On November 9, having called, I received confirmation of the completion of the “diagnostics” in Moscow.
  • On November 10, I received and paid the bill for materials and work (almost 35% of the cost of a new smartphone).
  • On November 19, having called, I received information that the smartphone was repaired and will be sent to St. Petersburg before the end of the week.
  • On November 30, I called and found out that the smartphone is ready for delivery to St. Petersburg.
  • On December 1, after a 60-minute waiting in line, the smartphone was received with a replaced display module, but in a torn box!
  • On December 9, when trying to pay through Google Pay, NFC was found to be inoperable, also confirmed when trying to pair with an SBH-52 headset.
  • On December 10, after a 30-minute waiting in line, the smartphone was submitted again to RSS (order-order 1020/6126, receiving engineer Alekseev D.M.)
  • On December 22, I called and found out that the smartphone is ready for delivery to St. Petersburg
  • On December 23, upon receipt, I found huge scratches on the screen, the absence of which during acceptance and the presence during issuance was confirmed by engineer Alekseev D.M. A claim has been written. Delivered by order-alongside 1020/6165 (acceptance engineer Alekseev D.M.). Also duplicated the whole situation on the Sony support e-mail.
  • On December 30, I received a response from Sony support that the display module had been replaced again.
  • On January 13, I finally got through and found out that the smartphone was ready for delivery.
  • On January 14, after spending more than an hour on the road with a one-way transfer (the service center changed its location at the end of December), he took a whole refurbished smartphone, checking the main functionality. It is not known what can be broken while still in the service.

In total, out of 6.5 months of ownership of the flagship Sony smartphone, he spent more than 2.5 repairs, bravo to Sony and RSS!

Spillikins # 629. The Yandex administrator traded user mailSpillikins # 629. The Yandex administrator traded user mailSpillikins # 629. The Yandex administrator traded user mailSpillikins # 629. The Yandex administrator traded user mail

What can I say here? I think this particular story demonstrates how people don’t give a damn about what they do. It’s just a job, just to make money. And what customers think is the tenth thing. This approach is not close to me.

PS The number of subscribers in our Telegram channel somehow imperceptibly exceeded 8000 people, which is not much, but nice, since this is a way to share certain news and events on the go, quickly and very quickly. Get feedback immediately. So I invite you to visit, if you are not with us yet, there is a feeling that we will quickly get to 9000 people in the channel. Come visit here.

And on my own behalf, I want to wish you a good working week, so that everything works out for you, and your mood is at its best. Do not be discouraged by trifles, because soon the long holidays, when you can catch your breath. Good luck in good deeds!

Back to content >>>

Related Links

Share




we are in social networks:

Anything to add ?! Write … eldar@mobile-review.com

 

Related Posts

Leave a Reply

Your email address will not be published.