Would you pay a ransom for your cup of joe?

If you’re a gadget-loving person, and you enjoy your coffee, then there is a very good chance that you have a coffee machine. However, I don’t suppose you’ve ever thought it might be a cybersecurity threat.

Davey Winder, a tech journalist, points caffeine addicts in the direction of a new report by security research firm Avasti, which as discovered, “smart coffee machines can not only be hacked but can be hacked with ransomware.”

One of Avasti’s senior researchers, Martin Hron, wrote in a recent blog, “The fresh smell of ransomed coffee”, about how he proved a myth was true when he turned a “coffee maker into a dangerous machine asking for ransom by modifying the maker’s firmware.”

Proving a myth

Hron goes on to say:”I was asked to prove a myth, call it a suspicion, that the threat to IoT devices is not just to access them via a weak router or exposure to the internet, but that an IoT device itself is vulnerable and can be easily owned without owning the network or the router.”

What Hron discovered was that the coffee machine acted as a Wi-Fi access point when switched on. This then established an unencrypted, unsecured connection to a companion app. From that point he was able to explore the machine’s firmware update mechanism, finding that because the updates were unencrypted, no authentication code was required. Hron, behaving as a hacker would, then reverse engineered the firmware stored in the machine’s Android app.

Crypto or coffee?

Perhaps you’ll smile at what Hron tried to do next. He attempted to turn the coffee machine into a cryptocurrency mining machine, something he found would be possible, although also impossibly slow due to the CPU speed. What he did instead, was perhaps more dramatic. Imagine your coffee machine starts making an ear-splitting noise and there is nothing you can do to stop it. Hron created a noise malfunction that could only be stopped by paying a ransom, or pulling the plug on your morning coffee forever.

A noisy attack

He effectively produced a ransomware attack that nobody could ignore. Winder writes, “The trigger for the attack was the command that connects the machine to the network, and the payload some malicious code that “renders the coffee maker unusable and asks for a ransom.”

Hrom also went a bit further. He inserted code that permanently turned on the hotbed and water heater as well as the coffee grinder.

If you have a coffee machine connected to the Internet, you are probably safe, but it’s useful to know that these machines can be attacked. But I do wonder, would you pay the ransom to have your smart coffee machine return to normal breakfast duties, or would you pull the plug and go back to an old skool method of brewing up a cup of joe?

The 5G Conspiracy Theorists Making Money Out of Covid-19!

If you have been following social media during this pandemic, and it’s hard to avoid it, you may have noticed that conspiracy theories about the origins of the virus are multiplying like weeds.

The general consensus is that it leapt to humans from a bat, or a pangolin, but even the leading scientists have questioned what was initially assumed about Wuhan’s wet market as being the source.

But the conspiracy theorists aren’t content with that. It’s not exciting enough for them presumably, plus was there ever a better opportunity for them to jump on all the social media channels and announce the ‘truth’!

One of the most prevalent theories is that the virus is related to the rollout of 5G Internet technology. Apparently, while we are all in lockdown, new 5G towers are being installed while we’re not looking. That’s just one aspect of it. The other is that the 5G technology is responsible for spreading the virus worldwide?

How could technology do this? Well, according to the conspiracy, there is no virus. The images you have seen of people dying in hospital beds is part of one big hoax. Instead it is 5G technology that is causing the symptoms.

Another variation of the conspiracy theory asserts that radiation from 5G can weaken your immune system to the point that you are more easily infected by COVID-19. After all, the same people have been saying for months that 5G will basically fry your brain.

It’s hard to imagine, is it not, that all the medics, nurses and scientists have been colluding in an elaborate illusion, just to ensure that we think people are ill or dying from the virus?

The conspiracy theorists work from the rather basic principle that since Covid-19 started in China, and so did the 5G rollout, which apparently means 5G is the real source of the worst pandemic any of us have seen. Some have even tried to create timelines connecting the emergence of radio waves in 1916 as the precursor of the 1918 Spanish Flu pandemic, and to connect the introduction of 3G with SARS and 4G with swine flu, before we get to 5G.

Even some news broadcasters have pandered to the idea, showing maps of %G tower installations and claiming there are more Covid cases in these areas. However, this doesn’t support 5G as being the cause. There may be many other factors in those areas contributing to the number of infections, primary among them socio-economics and population density.

And in other fake news, somebody tried to claim that the new Bank of England £20 note features a 5G tower and a symbol for Covid-19. Apart form the Queen, it features the artist J.M.W. Turner. The ‘5G tower’ is actually Margate Lighthouse, a favourite place of the artist, and the so-called Covid symbol represents a staircase at Tate Britain, which houses many of Turner’s works. Just so we’ve cleared that one up.

That hasn’t stopped people from vandalising 5G towers and attacking telecoms workers in the UK and elsewhere. As Forbes contributor Bruce Y. Lee says, “In fact, these 5G-COVID-19 conspiracy theories has gotten so rampant that U.K. government officials actually have had to take time to discredit such theories, which is a wonderful use of time during a public health emergency.”

Making money from the 5G conspiracy

Of course, somebody is benefitting from the 5G conspiracy: Ryan Broderick at Buzzfeed says people are paying $350 for a USB stick that is a ‘bioshield’ against 5G. The vendor, Jacques Bauer, “falsely claims protects people from 5G radiation by converting it into beneficial radiation.” And there are others who have jumped on the same bandwagon, as Broderick rightly names and shames them.

It’s consumer abuse at any time, but while people are dying in the hundreds of thousands worldwide, it is utterly disgraceful to capitalise on people’s fear in this way. In the months to come, people will want answers about how this pandemic truly unfolded, and I’m willing to bet that the experts won’t say, “It was 5G.” However, like the anti-vaxxers (a lot of the 5G conspiracists belong in that camp as well), those who are convinced 5G caused Covid-19 will probably not go away. The best thing we can do is to ignore them.

Amazon and Google are spoilt brats

Amazon has in recent months been named as the ‘monster’ responsible for killing off high street retail businesses. It’s so convenient, especially if you use the Prime service, and if you have Alexa as well, you barely need to stir from your armchair. The firm is so invaluable to our daily lives that it has become the most valuable public company worldwide, and that makes it very powerful.

The battle over streaming services

Then there is Google, another giant company. Amazon is already in a war with Google over streaming services. Some time ago, Amazon banned any streaming service from its Amazon store, because they competed with Amazon’s own streaming hardware. The reason it gave was this; it was to avoid “customer confusion.”

In an email, Amazon said: “Over the last three years, Prime Video has become an important part of Prim. It’s important that the streaming media players we sell interact well with Prime Video in order to avoid customer confusion.”

A game of tit-for-tat

Of course this led to a tit-for-tat response that escalated in 2017. For example, YouTube blocked the availability of its videos on Amazon’s Echo Show hardware, saying that this move was purely due to a “broken user experience.”

Amazon’s response was to ban more Google products from its site, by adding the Google Nest hardware to its blacklisted products.

Amazon also managed to find a workaround for its Echo Show users ho wanted to use YouTube, but Google managed to block that. YouTube then informed owners of Amazon’s Fire TV products that YouTube would no longer work on that hardware either. Basically, the feud hit rock bottom, because now customers experienced a broken experience on whichever platform they tried to use.

Google issued this statement: “”​We’ve been trying to reach agreement with Amazon to give consumers access to each other’s products and services. But Amazon doesn’t carry Google products like Chromecast and Google Home, doesn’t make Prime Video available for Google Cast users, and last month stopped selling some of Nest’s latest products. Given this lack of reciprocity, we are no longer supporting YouTube on Echo Show and FireTV. We hope we can reach an agreement to resolve these issues soon.”

A playground tiff

Doesn’t it remind you of a playground tiff at a kindergarten? Rather than setlle the issue like two professional companies, they have indulged in a massive spat that leaves customers — the very people that are most important to them –wondering where else they can get a similar service from. They also showed that companies as powerful as they are can simply “eliminate integral functionality” when they feel like it, which demonstrates to consumers that they don’t really own what they have purchased. And how has the consumer responded? By continuing to use both these services and pushing them towards even greater domination, all for the sake of convenience. Surely there is a lesson to be learnt here?

We are all victims of Facebook manipulation

Facebook has taken a battering recently, and what many users have spotted is that there is a massive gap between how the company operates and the PR messages it sends to the world.

Look at some of the messages that Mark Zuckerberg sent out in 2012, the year it acquired Instagram and brought Sheryl Sandberg to its boardroom table:

“Helping a billion people connect is amazing, humbling and by far the thing I am most proud of in my life.”

“I am committed to working every day to make Facebook better for you, and hopefully together we will be able to connect the rest of the world too.”

“At Facebook we believe that the need to open up and connect is what makes us human. It’s what brings us together. It’s what brings meaning to our lives.”

It all sounds very warm and worthy. Yet there were other things going on behind the scenes that were not so ethical, as revealed in a collection of internal Facebook emails published online by Damian Collins, a UK Member of Parliament. As Motherboard points out, the content includes exchanges between Zuckerberg and Sandberg discussing the company’s business model and how it leverages our data to make money.

Collins wrote in his summary of the documents, “Facebook knew that the changes to its policies on the Android mobile phone system, which enabled the Facebook app to collect a record of calls and texts sent by the user would be controversial,” adding, “To mitigate any bad PR, Facebook planned to make it as hard of possible for users to know that this was one of the underlying features of the upgrade of their app.”

He then tweeted: “I believe there is considerable public interest in releasing these documents. They raise important questions about how Facebook treats users data, their policies for working with app developers, and how they exercise their dominant position in the social media market.”

Essentially, the internal emails include details on the distribution of Facebook’s various apps. They reveal how the company worked very closely with some app developers to give them access to user data, and how the company specifically incentivizes sharing on the platform in order to feed that data back to advertisers. The emails also include information about how the company tried to hide and downplay the amount of data that it collected from the Android version of the Facebook app.

Needless to say, Facebook has responded by saying that the emails “are only part of the story and are presented in a way that is very misleading without additional context.”

Of course, we can’t blame Facebook for wanting to make a profit, but as Colin Horgan writes, “These emails, however, reveal a core dissonance between the idea Facebook sought to market to its billion-plus users for years, and how those users were leveraged in a business sense.”

Facebook users thought they were part of an idealistic project, when in fact they were being used for much darker purposes, as the Cambridge Analytica scandal exposed. The fact that the UK’s parliament is exposing the media giant on its website indicates the extent of the distaste for how Facebook conducts its affairs.

One thing is for sure, as Facebook users we do not have an equal relationship with the company, as it has promoted; instead it is entirely based on inequality, because, ultimately, Facebook has benefited a lot more than its users have.