One of cybersecurity’s major challenges is cyberstupidity. So the internet security firm SolarWinds’s decision to use “solarwinds123” as the password for its software updates server was rather inept. Unsurprisingly, hackers guessed the password and were able to upload files to the server, which were then distributed to SolarWinds clients. Similarly, after the Missouri Department of Elementary and Secondary Education failed to check a Web application for a software vulnerability that has been known for at least a decade, its incompetence exposed the Social Security numbers of at least 100,000 teachers. Missouri Governor Mike Parson expanded the bungling by threatening to prosecute the journalist who discovered the flaw rather than focusing on the department’s utterly inadequate security. And when Wyndham Hotels used weak passwords, stored guests’ credit card data unencrypted, and did not bother to use firewalls to protect its network, it invited disaster. Hackers accessed information on more than 600,000 customers in total on at least three occasions; in at least two of those attacks, Wyndham did not even detect the intrusion for months.
Nominally, cybersecurity has been a top policy priority for presidential administrations of both parties since 1997. But even within the federal government “little progress has been made,” according to an April 2021 report by the Government Accountability Office. The private sector is not in much better shape. At least part of the problem lies with shortcomings in the legal regulation (and the lack thereof) for cybersecurity. Regulators tend to focus on process over substance, are overly timid about regulating technology, defer too readily to judgments by regulated entities, and opt for politically safe but largely ineffective measures such as information sharing. Even the Federal Trade Commission (FTC), which has emerged as the de facto national cybersecurity regulator in the United States, employs mostly holistic-style, amorphous assessments of firms’ systems, rather than (as an attacker would) looking for weak points. Read More
Paper
Daily Archives: December 6, 2021
Is web3 bulls**t?
Is web3 bullshit? The hazy vision of new decentralized internet, built on the blockchain, to succeed the “Web 2.0” of Google and Facebook seems to be reaching a threshold of ambient cultural awareness such that non-tech pundits, news-engaged normies, magazine editors, uncles, online attention-seekers etc., feel the need to weigh in on the question.
Here, for example, is Adam Davidson, former host of Planet Money, sometime New Yorker writer, and recent web3 convert, detailing his journey “From contemptuous to indifferent to curious to pretty damn excited” about web3, and then, in response to unnamed “haters,” making a list of “Real world problems that web3 could solve—at least for me.”
…Trying to keep track of this argument — understanding the positions, remembering the people, and zeroing in on the Savvy Take — can be frustrating, especially because if you dip your toe in on Twitter there’s a decent chance you will end up reading, I don’t know, a thread claiming that web3 is the future of the labor movement. Luckily for you if you’re receiving this email, at some point soon I’m going to write an Official Read Max Syllabus and Opinionated Guide to Web3 and Associated Technologies and Personalities for subscribers, since this is a newsletter about the future and web3 appears to be, at the very least, “the short-term future of arguments about tech,” if not the long-term future architecture of the entire internet.
For now, though, for my benefit as much as readers’, I want to see if I can articulate my general understanding of the discourse around web3 and sketch out what I think is going on. I am not going to answer the question “is web3 bullshit?” definitively here, though I am going to try to ask it in a more productive way. Read More
Web3 is Bulls**t
If you read tech journalism you’ll probably hear the fuzzy term web3 bandied about in the press. Sprinkled around all these articles are all manner of idealistic and utopian ideas about how we can rebuild the internet to reflect our aspirations of a more humane and egalitarian society. However the journalists never quite drill down into the details on the mechanisms of how the internet will be remade. Because after all tech writers are in the storytelling business and a myth about the rebirth of cyberspace makes for a ripping yarn far more than mundane skepticism of a hyped technology.
Yet when those of us who are in the chips, bits and packets business look into alleged engineering details they’re always either complete hand wavy woo woo or dreams overleveraged on perpetually-over-the-horizon blockchain tech searching for tomorrow’s problem to justify an investment today. Just buy my token today to secure your stake in a better tomorrow. It’s the age-old pitch of charlatans and snake oil salesmen, except this time around it’s being pushed by world’s largest investors who have deep bags of tokens to dump.
At its core web3 is a vapid marketing campaign that attempts to reframe the public’s negative associations of crypto assets into a false narrative about disruption of legacy tech company hegemony. It is a distraction in the pursuit of selling more coins and continuing the gravy train of evading securities regulation. We see this manifest in the circularity in which the crypto and web3 movement talks about itself. It’s not about solving real consumer problems. The only problem to be solved by web3 is how to post-hoc rationalize its own existence. Read More
The internet’s third chapter is coming—prepare to rethink everything
Over the past few years, our industry has endured a remarkable amount of change. IMHO, compared to what the next five years will bring, 2021 is going to seem calm.
That’s because we are on the verge of a tectonic shift in how the fundamentals of our business operate.
This shift toward “Web 3.0” promises to be as profound a change as we saw more than 20 years ago, when the consumer internet exploded and the digital marketing and media businesses were born. Read More
The Internet Was Once Flat. No Longer.
“The internet is a big newspaper that everyone reads.” When I worked at Advertising Age, an ad industry trade publication, we’d use that line whenever a source didn’t want to share news with us. We were a small, narrowly-focused magazine, yes. But once we broke a story, it would travel around the web. So why not get an in-depth, thoughtful article from us and let it rip?
The line worked often, and likely because the internet was indeed kinda flat when we used it in the early 2010s. Paywalls were rare. The “content” boom was just underway. And though concerns of “filter bubbles” percolated, social media algorithms were either rudimentary or still on the roadmap. So news from any single entity could travel just about everywhere.
Today, however, we’ve moved into a siloed web — and the line no longer applies. Information on one part of the internet is likely to stay there, and only a tiny percent of stories break through. Rather than one big community, the web is a community of communities. And often, they don’t overlap at all. Read More
The Metaverse Is Coming, and the World Is Not Ready for It
The metaverse is coming. It was once a science-fiction fantasy, most notably in Neal Stephenson’s novel “Snow Crash,” of an all-encompassing virtual universe that would exist alongside the physical one. But technological advances have brought this transformation of human society close enough to reality to demand that we consider its consequences.
In the metaverse, a user might curate a digital avatar, like a character in a video game. Through the eyes of their avatar, they would experience a digital reality as active and engaging as the physical one. Some futurists believe that soon we might attend doctor’s appointments or class there.
But while the metaverse could revolutionize work and play, it is essential to remain wary of the dangers that will emerge if it subsumes daily life. Read More
Rick's Cafe AI 