Risky Business #742 -- China bans AMD and Intel, pivots to Linux on the desktop
Mar 26, 2024
auto_awesome
Haroon Meer, founder of Thinkst Canary, joins to discuss cybersecurity attitudes, China's shift to domestic tech, and Apple's antitrust issues. Topics include the DOJ targeting Chinese APT operators, China banning western CPUs, Nigeria's Binance stoush, Rowhammer on AMD Zen, and Ukraine's drone defense. The conversation also touches on Russia's wiper attacks, North Korea's crypto heists, and the challenges of balancing company success with product quality.
China bans Intel and AMD chips in government computers to support domestic technology.
US sanctions Russian fintech firms for evading sanctions, showcasing crypto-regulatory complexities.
Apple faces antitrust scrutiny over app store practices and iMessage encryption privacy concerns.
Social media platforms like Facebook monitoring Snapchat usage raise privacy and competition ethics debates.
Deep dives
US Charges Chinese APT Operators for Hacking
The US Justice Department has charged Chinese APT operators, focusing on groups like APT 31 for extensive hacking activities. The indictment links Chinese hacking groups to various cyber incidents, including hacks on government entities like New Zealand's Parliament House. This demonstrates the coordinated effort by the Five Eyes governments to denounce such actions.
China Blocks Intel and AMD Chips in Government Computers
China is blocking the use of Intel and AMD chips in government computers, along with shifting away from Windows OS. This decision aims to promote domestic technology by mandating the use of Chinese CPUs, OS variants, and software applications. By 2027, China aims to fully transition to homegrown tech, aligning with potential geopolitical motives.
Cryptocurrency Nexus in Russia and Ukraine Sanctions
The US Treasury Department imposes sanctions on Russian-linked fintech companies, mainly operating in cryptocurrency, for circumventing sanctions and enabling financial transactions for Russia. Additionally, Nigeria's clash with Binance executives highlights strategic tensions over cryptocurrency regulations and financial interests. These events underscore the complex intersection of crypto, geopolitics, and regulatory actions.
Apple Faces Antitrust Action Over App Store Practices
Apple is facing antitrust scrutiny over app store practices, particularly the 30% fee imposed on developers for in-app purchases. The DOJ's complaint questions Apple's app store dominance and restrictive policies, including the lack of end-to-end iMessage encryption on non-Apple platforms. The debate revolves around balancing user experience, competition, and fair business practices within the digital ecosystem.
Facebook's Monitoring of Snapchat Users
Facebook's project to monitor Snapchat usage involved installing an app that intercepted encrypted communications for research purposes. Participants agreed to use the monitoring tool for incentives, raising concerns about data privacy and competitive practices. While not a direct compromise of Snapchat's encryption, the incident highlights ethical questions around user privacy and market research tactics.
Potential Abuse of Power by Social Media Platforms
The podcast highlights the potential misuse of power by social media platforms in tracking encrypted usage on competitor apps. Mark Zuckerberg's directive to track encrypted usage on apps like Snap and YouTube raises concerns about privacy and fair competition. The discussion delves into the implications of such actions and the need for transparent and ethical practices in the tech industry.
Security Risks in the Tech Ecosystem
The episode sheds light on significant security risks within the tech ecosystem, particularly focusing on a supply chain attack in the Python ecosystem. The successful and sophisticated nature of the attack, involving malicious packages in the PIPI repository, demonstrates the growing threat landscape. The discussion emphasizes the importance of cybersecurity measures against supply chain attacks and the need for heightened vigilance in protecting software dependencies against malicious interventions.
On this week’s show Patrick and Adam discuss the week’s security news, including:
FVEY protests China’s widespread hacking of western politicians
China bans western CPUs, Windows and databases
Apple’s leaky M-chip prefetcher
Nigeria holds ex-IRS investigator hostage in Binance stoush
Researchers bring Rowhammer to AMD Zen and DDR5
And much, much more.
This week’s show is brought to you by Thinkst Canary. Its founder Haroon Meer joins this week’s show to make a passionate case that security vendors don’t all have to go for explosive growth. Slow and steady with a focus on excellent and relevant products will win the race, he says.
