1. How the Internet was accidentally spared from its worst ever cyberattack
I’m 99 percent certain that “The sinkhole that saved the Internet” will be turned into a Hollywood film at some point. Or at the very least, a Netflix/Hulu/Apple TV+ release.
This is the title of a new long read on TechCrunch, which focuses on the two British researchers that legitimately saved the internet from the global ‘WannaCry’ cyberattack in 2017.
- The story has been known for some time – there’s a typically dry Wikipedia article about the attack being repelled by some swift thinking and infosec skills, and The Guardian reported on it at the time.
- The story involves Marcus Hutchins, known as @MalwareTech, Jamie Hankins, known as @2sec4u, co-workers at cybersecurity company Kryptos Logic, both based in the UK.
- As WannaCry unfolded on unpatched Windows machines, Hutchins quickly registered a domain name spotted in the WannaCry malware code.
- For a horrifying few minutes, it was unclear if that domain was prompting further attacks, or was acting as a stop – or “sinkhole”.
- Together, the pair realized the domain – registered on a whim – was largely protecting an enormous web attack from running riot.
- The TechCrunch piece has the story direct from both security researchers, who discussed the enormous stress and pressure they felt protecting the internet, as botnets and attacks tried to take the domain down.
- It’s a rather thrilling read, and you get the feeling the story is begging to be made into a full production, as a documentary, or something starring Rami Malek.
Today, WannaCry is still rampant:
- TechCrunch’s security editor, Zach Whittaker, who wrote the piece, noted that in the four weeks it took to write the piece, the kill switch prevented about 60 million ransomware detonations.
- Two years after it was first put-up, the kill switch has not gone down once.
- The kill switch is the only thing* preventing another major WannaCry outbreak.
- (*There is one more thing too. If everyone just patched their Windows box with the original 2017 patch, released two months before the outbreak, that would eliminate the need for the kill switch in the first place, but that’s not exactly likely.)
2. Update Zoom right now, if you’re on a Mac: Serious Zoom security flaw could let websites hijack Mac cameras, and it’s still active right now (The Verge).
3. Google updates Stadia FAQ to address local multiplayer, VR support (Android Authority). (Also, games will remain playable even if a publisher leaves the platform.)
4. More than 1,000 Android apps harvest data even after you explicitly deny permission. Google says a fix won’t come until Android Q (XDA).
5. Two deals in one: Deals: Get up to 35% off a Samsung Galaxy S10 or $200 off a Pixel 3 (AA).
6. Congrats to Gary Sims at Gary Explains who hit 100,000 YouTube subscribers! (YouTube).
7. Instagram now preemptively shames people before they post sh-tty comments (Gizmodo).
8. Sigh – all that Windows 1.0 stuff was a “Stranger Things 3” promotion. Microsoft has now launched Windows 1.11, “a special edition Windows 1.0-inspired PC app that has been taken over by the Upside Down from Stranger Things” (microsoft.com).
9. Also: watch Netflix at work by making it appear as though you’re on a group conference call via netflixhangouts.com, a Google Chrome extension.
10. Investigation: Toxic culture and sleaze at the HQ of Bumble’s owner (Forbes).
11. How much carbon does our lumber sequester? (Ars Technica).
12. “Have you ever been scammed? What happened?” (r/askreddit).
DGiT Daily: Your Tech Resource
In case you don’t know, the DGiT Daily delivers a daily email that keeps you ahead of the curve for all tech news, opinions, and links to what’s going down in the planet’s most important field. You get all the context and insight you need, and all with a touch of fun, and the daily fun element that you otherwise miss.