Lock Up Your Data, Before Someone Else Does


The NewCo Daily: Today’s Top Stories

Andy Wright | Flickr

On Friday the world was engulfed by the malware attack known as the WannaCry virus, which encrypts Windows users’ data and demands $300 in Bitcoin to free the hostage info (The New York Times). By Monday, the blame-throwing fingers were pointing in every direction.

Security experts reminded all of us to keep our systems up to date, back up our data, and avoid clicking suspicious links. Thanks, guys! But surely it’s clear by now that earnest reminders are not going to save us. Anyway, the organizations most heavily hit by WannaCry, like Britain’s National Health Service, Germany’s rail system, and Federal Express in the U.S., are institutions whose systems are managed by pros.

Microsoft complained that the U.S. government keeps stockpiling software vulnerabilities so its spy agencies can use them to track criminals instead of telling the companies to fix their code. Then the security holes get leaked. (That’s what happened in the WannaCry case: Info about the vulnerability it exploits first became public as the result of an NSA document dump.)

Critics (like Zeynep Tufekci) charged that if Microsoft didn’t ask for extra money to keep older operating-system installations current (WannaCry only works on old code that hasn’t been updated), more businesses and organizations would have been protected from the attack.

The system, clearly, is a mess in many ways. Maybe the most ludicrous aspect of the WannaCry story is its financial asymmetry. The virus, which spread rapidly through thousands of organizations’ networks, cost hundreds of millions of dollars in lost data and lost work time. But experts say that the revenue the malware masterminds collected in their Bitcoin accounts to date might be all of $30,000 or so.

Meanwhile, in stealing your files and then asking you to buy them back, WannaCry works as a kind of dark-side parody of a sales hustle. There’s an insidious pricing logic to the $300 ransom: It’s low enough that people will seriously contemplate paying, even though they know it’s wrong, just to make the problem go away.

But the price is going up. “You have not so enough time,” warns the nag screen’s lousy English. Act now, prices will never be this low again! A clock ticks on the edge of the screen. This offer will expire soon. It’s getting harder and harder to tell the difference between outlaw hackers and plain old bad marketers.

Trump’s War on Public Data

Among many scientists, engineers, and businesspeople, open data has become a powerful belief system, and with good reason: By letting us check one another’s work, compare the present with the past, and run new kinds of analyses, shared public data builds a solid foundation for science. It makes the world better.

Now the Trump administration is doing its best to reverse recent government efforts to make public data accessible (Juliet Eilperin in The Washington Post). Maybe that’s because the Obama administration put so much energy into this work. Maybe it’s because team Trump would just as soon not have its policies cross-checked against the numbers.

Whatever the reason, the Trump administration has already shut down public access to databases that tracked energy efficiency, workplace safety violations, and animal abuse. It’s almost as if this executive branch wants to make it harder to enforce laws and regulations that hold businesses’ feet to the fire, protect the public from bad actors, and help outside monitors keep track of problems. From ethics to the environment to education, anyone who hopes to study whether government is doing its job and whether businesses are following the law is going to have a tougher time of it.

Some businesses welcome this cutback on what they call “shaming,” but critics fairly cite the old “sunshine is the best disinfectant” principle. Things do seem to be getting a lot smellier in Washington. That has begun to inspire more news organizations (like Politico and ProPublica) to collaborate on building their own alternative public information pools. Bravo — but this is rightly the government’s job.

Not Every Startup Is Making Overpriced Juicers

Everyone had a good time making fun of a startup named Juicero recently, once people discovered that you could make juice from its packets by disintermediating the company’s overpriced, internet-connected juicing machine and just squeezing them with your hand.

Juicero made it easy to laugh, but Scott Alexander of Slate Star Codex argues that before we set up Juicero as a punching bag for all of startup culture’s excesses and sins, we consider the other side of the ledger. For every Juicero that’s burning through investor money making products that launch a thousand snarky headlines, there are other companies doing hard technical work trying to solve real human problems. Silicon Valley isn’t all one or the other. But we give a lot more attention to the Juiceros of the industry.

Alexander’s theory: “If you’re an average well-off person, leading your average well-off life, consuming average well-off media and seeing ads targeted at the average well-off demographic, and going over to your average well-off friends’ houses and seeing their average well-off products, which are you more likely to hear about? A structured-light optical engine for cytological research? Or a juicer?”


Leave a Reply