Welcome back to Codebook. This is the final edition of the newsletter I'll be hosting for you. It's been a great pleasure to bring you this coverage over the past several weeks.
Situational awareness: A new season of “Axios on HBO” starts this Sunday at 6 pm ET/PT!
This week's Codebook is 1,321 words, a 5-minute read.
Illustration: Aïda Amer/Axios
As the tech industry weaves its products into the fabric of the physical world, it's also extending the insecurities and dangers of digital systems in perilous new ways.
Why it matters: Just as we're finally getting used to the idea of protecting our online accounts and data, we have to start thinking about the vulnerability of the spaces and objects around us to small acts of trickery and sabotage that mess with computers' heads.
In the most dramatic recent demonstration of this technique, artist Simon Weckert "created" a faux traffic jam on Google Maps by filling a little red toy cart with 99 smartphones running the Maps app and rolling it down the sidewalk past Google's Berlin office.
The big picture: Cybersecurity experts have long been sounding an alarm over the industry's failure to build proper security into "internet of things" products. But physical-world hacks won't only happen through the digital lock-picking of internet-connected devices. They will also increasingly take the form of people tampering with the physical world in order to trick, defeat or bypass machines.
Recently, researchers at McAfee tricked a Tesla into accelerating 50 mph by adding a small piece of black tape to a speed limit sign.
Clothing and makeup to defeat facial recognition tech and other surveillance systems may sound like a joke or a gimmick, but "adversarial fashion" is real.
We're beginning to turn surveillance technology on one another — with, for instance, parents and school systems wiring up kids in parole-style location trackers.
Between the lines: Science fiction author William Gibson, who introduced the term "cyberspace" to the world back in 1981, defined it as "a consensual hallucination," an alternate reality composed of data "where the bank keeps your money."
Illustration: Aïda Amer/Axios
Two top Huawei U.S. executives are at the RSA event this week, hoping the crowd of security experts will be more receptive to its position than the increasingly hostile reception the Chinese giant has been getting in Washington, Axios' Ina Fried reports.
The big picture: Huawei's business has been under all manner of attack from the U.S. government, from trade sanctions to criminal charges to efforts to persuade allies not to buy its gear.
What they're saying: Huawei argues that it is being unfairly targeted because it is a Chinese company.
Some of those suppliers are U.S. companies, Huawei notes.
Yes, but: U.S. officials and many in the security community have argued that there are specific concerns with Huawei beyond its nationality. The company faces criminal charges in the U.S. over trade secret theft and violation of U.S. sanctions.
Go deeper: The new tech cold war between China and U.S.
A National Security Agency surveillance program of Americans' phone calls and text messages that lasted four years and cost $100 million yielded only one significant investigation, according to a newly declassified study reported by the New York Times Tuesday.
Context: From the 2003 "Total Information Awareness" program to the present, the post-9/11 U.S. law enforcement and intelligence communities have pursued one mass data-monitoring scheme after another in the name of tracking terrorists.
Be smart: These efforts involve needle-in-a-haystack sifting of massive amounts of everyday communication, making them fundamentally different from targeted, warrant-driven evidence gathering.
What to watch: An extension of the 2015 law sought by Attorney General William Barr and other Trump administration officials is in jeopardy thanks to bipartisan discontent with the FISA warrant process.
The annual RSA conference in San Francisco is the cybersecurity industry's biggest conclave. But this year participation has been decidedly dampened by concern over the coronavirus epidemic, and several major companies decided to pull out of the event.
But there are still plenty of announcements! Here's a few of the most interesting:
Controversial facial recognition startup Clearview AI told its customers that its complete list of clients was stolen in a data breach, The Daily Beast reported Wednesday. The clients include law enforcement agencies all over the country, Axios' Margaret Harding McGill reports.
Why it matters: An intruder gaining access to Clearview's client list will likely trigger alarm bells for both would-be customers and privacy advocates, who have already denounced the company following a New York Times report on Clearview culling more than 3 billion images from websites like Facebook to create its database.
Details: The Daily Beast obtained a notice Clearview sent to customers reporting that an intruder gained access to its list of customers, the number of user accounts and the number of searches the customers conducted, according to the report.
Thanks for reading Codebook!