September 09, 2019

It could be the Super Big Gulp I just downed, but I'm excited for the week. Yeah, I'm pretty sure it's the caffeine talking.

Situational awareness: Activist investment firm Elliott Management has taken a $3.2 billion stake in AT&T, with the move seen as a challenge to AT&T's leadership and its acquisition of Time Warner.

Meanwhile, today's Login is 1,424 words, a 5 minute read (time may vary based on amount of caffeine consumed).

1 big thing: Tech's moral compass remains glitchy

Illustration: Sarah Grillo/Axios

More than 2 years after Susan Fowler's account of sexual harassment at Uber kicked off a wave of reckoning inside tech companies, the industry is still more reactive than forward-looking in handling the ethical issues raised by sexual misconduct.

Why it matters: By waiting for media exposure before taking principled action against sexual harassment and related misdeeds, some tech leaders are still sending a message of "get away with it as long as you can" rather than "do what's right." 

Driving the news: Over the weekend, MIT Media Lab head Joi Ito resigned after revelations that he and others allowed convicted sex offender Jeffrey Epstein to play a prominent role in donating and soliciting donations for the institution.

  • A wave of news coverage this summer chronicled Epstein's role as a funder of research scientists and the Media Lab — long after his conviction for soliciting prostitution from a minor in 2008. That prompted a public apology from Ito, but also a letter in his defense from dozens of his associates and friends.
  • Women inside the institution raised questions to Ito about the issue at the time that he did not pursue.
  • It took a Ronan Farrow exposé in the New Yorker, detailing that Ito and the Media Lab knew there was a problem and took pains to try to keep Epstein's donations anonymous.
  • And as recently as this past week, according to reports, the lab's founder Nicholas Negroponte was arguing that it was fine to take the money and he'd advise doing it again.

The big picture: It's clear that there has been progress over the last 30 months, with some changes in both personnel and policy at a number of major tech companies.

  • Uber has replaced its CEO, ousted some others and revised some policies, including an end to confidentiality agreements and forced arbitration for those making sexual misconduct allegations.
  • Under pressure, Google agreed to stop forcing arbitration on those alleging sexual harassment.
  • A number of tech venture capital firms, including 500 Startups and Binary Capital, have made leadership changes amid sexual misconduct allegations.

Yes, but: Too often, companies are still either covering up problems that are likely to become public knowledge eventually, or responding only after the press turns a spotlight on a problem that they've long known about.

What they're saying: Kara Swisher in the New York Times: "Corner-cutting ethics have too often become part and parcel to the way business is done in the top echelons of tech, allowing those who violate clear rules and flout decent behavior to thrive and those who object to such behavior to endure exhausting pushback."

What's next: Look for more fallout from Epstein's tech connections, as well as closer scrutiny of contributions and investments from other potentially tainted sources, like Saudi money tied to the murder of journalist Jamal Khashoggi.

2. Growing list of government tech probes

Illustration: Sarah Grillo/Axios

A group of state attorneys general led by Texas' Ken Paxton is expected to announce today a new antitrust probe into Google, adding to the lengthening list of U.S. investigations into the big internet companies.

Why it matters: Big Tech companies like Google, Facebook, and Amazon are now facing numerous state and federal probes into their practices.

  • These companies have historically enjoyed wide regulatory freedom in the U.S., but lawmakers and regulators want to change that — and antitrust law gives the government its most powerful tools to penalize, regulate or even break up American corporations.

The big picture: Axios' Kia Kokalitcheva put together this overview of the many government inquiries the companies face, from antitrust to privacy and other concerns...





3. Netflix bug lets attackers crash your television

Photo: Jaap Arriens/NurPhoto via Getty Images

Glitches in software designed by Netflix in 2013 could allow an attacker to crash a TV, according to new research from security firm ForAllSecure, Axios' Joe Uchill reports. The software, known as DIAL, was used in early versions of Google Chromecast and installed in several TVs and other devices from the the middle of the decade.

The big picture: Netflix's software allowed people to broadcast video from a phone or computer onto their television and was an early component of Chromecast until Google moved that software in a different direction. Though the software is now obsolete, many TVs came preinstalled with DIAL.

The discovery was made by 2 interns at ForAllSecure completing an assignment to use the company's Mayhem automated security analysis software to analyze open source software.

  • The interns turned the glitches over to Netflix through a "bug bounty" program, where Netflix offers cash rewards to researchers who uncover security flaws in its products. Netflix has now patched the bug.
  • The interns will get to keep the bounty, co-founder and CEO David Brumley told Axios. "You've got to motivate interns to stay in security somehow," he said.

4. U.S. seems to troll North Korea

A military parade marking the 70th anniversary of the foundation of North Korea in 2018. Photo: Alexander Demianchuk/TASS via Getty Images

U.S. Cyber Command released samples of North Korea's government-funded malware to researchers during the early hours of North Korea's Day of the Foundation of the Republic — a move seemingly timed to unnerve the hermit nation during a national holiday, Joe reports.

The big picture: Cyber Command periodically releases malware to the research community to bolster private sector defenses against foreign threats.

  • But while previous releases received praise from the researchers for providing new details about threat groups, the North Korean samples that were released on a Sunday in the U.S. don't immediately appear to be as fruitful.

What they're saying: "It's old [samples]," tweeted Sergio Caltagirone, VP of threat intelligence for Dragos.

  • The link between the Sunday release date and the North Korean holiday was first noticed by Andrew Thompson of Mandiant.

Cyber Command released the samples between midnight and 1am, North Korea time, on Sept. 9.

  • The release contains samples of malware from the hacker group Hidden Cobra, which the U.S. government has attributed to North Korea.
  • Cyber Command would not say if the timing of the release was intentional. "We do not discuss details about the malware samples the CNMF team posts," a spokesperson told Axios.

5. Take Note

On Tap

  • IFA is wrapping up this week in Berlin, while Apple's iPhone event on Tuesday will be the week's focal point.
  • Vox Media's Code Commerce conference takes place today and Tuesday in New York.
  • The White House is holding a summit on government use of AI.

Trading Places

  • Glossier hired 19-year Amazon veteran longtime Melissa Eamer as COO.
  • Former CBS News head David Rhodes is consulting for Spotify as the streaming audio firm works on its news strategy, The Information reports.


6. After you Login

Check out Microsoft, the Musical, a project of some of the software maker's summer interns.