SubscribeArrow

I'm sure you are all tired of hearing me talk about hoity-toity Davos. Well, fear not. Today I write to you from Klosters, the so-not-exclusive ski town a few kilometers away. It's where Prince Charles has been coming for the last 40 years.

Today's Login is 1,386 words, a 5-minute read.

1 big thing: The Bezos hack's shockwaves

Illustration: Eniola Odetunde/Axios

If Jeff Bezos' phone can be hacked, anyone's can, Axios' Scott Rosenberg reports.

Driving the news: Reports emerged this week alleging that Jeff Bezos's iPhone was compromised in 2018 after the Amazon founder and Washington Post owner received a video file in a WhatsApp message sent by Saudi crown prince Mohammed bin Salam (MBS). The news sent tremors through Washington and Silicon Valley.

What happened: According to a forensic report, Bezos commissioned and that informed a statement from U.N. human rights officials, soon after Bezos received the message from MBS his phone began transmitting large quantities of data.

  • Months later, the billionaire's private messages and photos turned up in the hands of the National Enquirer, which then, according to a statement Bezos published, tried to blackmail him.
  • Saudi Arabia has denied any role in hacking Bezos' phone and disputes any involvement by MBS.

Of note: The hack came just months before the killing of journalist Jamal Khashoggi, whose sharp criticisms of the Saudi government ran in Bezos' Washington Post. The CIA concluded that MBS ordered Khashoggi's death.

  • Some security experts are questioning the thoroughness of the forensic report's work and its attribution of the attack to MBS, per CyberScoop.

Our thought bubble: Bezos isn't a clueless newbie — he's been online since Amazon opened its website 25 years ago.

  • It's not even clear from the forensic report whether he ever clicked on the video.

Background:

  • The 2014 Sony Pictures hack exposed the vulnerability of companies to having all their emails and files dumped on the open internet.
  • The 2016 hacks of the DNC and the Clinton campaign exposed the similar vulnerability of political organizations.
  • Now, it's dawning on executives, managers, and everyday people, that if the richest person on the planet — who is also a veteran technologist — can't protect himself and his data, everyone is vulnerable.

Between the lines: It's one thing to think of cyber-attacks as devious operations against factories and power plants or spammy barrages of suspicious come-ons. In the world the Bezos/MBS caper shows us, the most commonplace and mundane communications are becoming weaponized.

Yes, but: Most of us aren't billionaires and aren't receiving texts from Saudi princes. If we're not as important as Bezos, maybe we won't be targeted.

  • That thinking represents one version of what experts call "security through obscurity" — and it makes sense, up to a point.
  • The comfort it offers, though, is hardly reliable, and only applies while the tools for targeting individuals remain costly. Most software gets cheaper over time.

Winners: Nobody.

Losers:

  • WhatsApp, the service owned by Facebook. WhatsApp originated as a privacy-oriented, fully encrypted messaging channel, and it was initially embraced by activists and dissidents. But it's not looking very secure right now.
  • NSO Group, the Israel-based security firm whose Pegasus tool the forensic report cites as the most likely culprit in the Bezos hacking. NSO “unequivocally” denies its software played any role.
  • The Saudis, who may find a lot of their messages sitting unread in recipients' inboxes.
  • Friends of the Saudis, including Jared Kushner, who is widely reported to be WhatsApp pals with MBS, and President Trump, whose casual approach to smartphone security has troubled security experts going back to the administration's early days.

Go deeper: The hack heard round the world (Pro Rata podcast)

2. Government agencies collide over airwaves for road safety tech

Illustration: Aïda Amer/Axios

Two arms of the Trump administration are facing off over airwaves long set aside so cars can eventually communicate with each other, Axios' Margaret Harding McGill and Joann Muller report.

What's happening: The Transportation Department is pouring money into what it says will be life-saving connected-car tech that would ride on these mostly unused airwaves. Meanwhile, the Federal Communications Commission is moving to reallocate most of the same spectrum to expand WiFi service.

Why it matters: DOT argues that if the FCC prevails — and it's currently in the driver's seat — lives will be lost and America will fall behind in the development of self-driving cars.

  • The FCC says automakers squandered a chance to use the dedicated spectrum, and now it should be shared to support exploding demand for mobile services and smartphones.
  • The FCC proposes repurposing some 45 of the 75 MHz frequencies total of so-called "safety spectrum" for WiFi, leaving 30 MHz for connected cars.
  • Safety advocates and DOT say that's not enough, and worry that commercial WiFi will interfere with vehicle-to-vehicle communications in an emergency, rendering the technology unworkable even with some spectrum left intact for it.

The big picture: The dispute pits two Washington power brokers against one another.

  • Ajit Pai is the Trump-appointed chairman of the FCC, an independent agency overseen by Congress.
  • Elaine Chao is Transportation secretary and also married to Senate Majority Leader Mitch McConnell.

What they're saying: The standoff is growing increasingly hostile.

  • Chao has urged Pai to call off his plan, taking to several January speeches to press DOT's view that all the spectrum should remain dedicated to auto safety. "DOT has significant concerns with the Commission's proposal," she wrote Pai in a November letter, saying it "jeopardizes the significant transportation safety benefits that the allocation of this band was meant to foster."
  • An FCC spokesperson tells Axios the proposal offers a balanced approach by providing spectrum for both transportation safety and WiFi. "We would encourage the Department of Transportation to contribute productively to this important discussion rather than devoting its efforts to defending the failed status quo."

What to watch: The FCC is an independent agency and its bipartisan members voted 5-0 to proceed with the reallocation — a reality not lost on DOT officials, they admit privately.

  • But DOT seems to be counting on a groundswell of opposition from first responders and advocacy groups like Mothers Against Drunk Driving and the National Foundation for the Blind to convince FCC to rethink its plan.
  • If there's enough of an uproar, Congress could get involved too. The leaders of the House Transportation & Infrastructure Committee sent a letter to the FCC on Wednesday expressing "substantial concerns" over the proposal.
  • A comment period on FCC's proposal is expected to begin soon.

The bottom line: Chao will have to hope for a public uproar against the FCC's plan, or else expend some of her substantial political capital, to keep road safety tech from losing out to the push for faster internet speeds.

3. Broadcom expects $15 billion from Apple deals

Broadcom on Thursday disclosed two deals with Apple that will see the company getting roughly $15 billion in revenue from the iPhone maker through 2023.

Why it matters: While Apple gets the lion's share of revenue from the iPhone, there are many suppliers and component makers who make a fortune from the device; they just usually have to be cagey about offering details for fear of irking Apple. It's hard to stay silent, though, when Apple accounts for such material revenue.

Broadcom specializes in communications chips, like those that add Bluetooth and WiFi capabilities, and also makes radio chips that do a portion of the phone's cellular communications work.

  • The company has previously said it was looking to sell that unit, per Bloomberg.
4. Palantir CEO defends government work

Palantir CEO Alex Karp defended his company's government work, including working for Immigration and Customs Enforcement (ICE), in a CNBC interview on Thursday.

Why it matters: The Peter Thiel-backed company is often criticized both for the secrecy and nature of its work with government and law enforcement.

"​The core mission of our company always was to make the West, especially America, the strongest in the world, the strongest it's ever been, for the sake of global peace and prosperity, and we feel like this year we really showed what that would mean," Karp said in an interview with "Squawk Box" co-host Andrew Ross Sorkin from the World Economic Forum in Davos, Switzerland.

Palantir is said to have more than $15 billion in government contracts, CNBC reported.

As for the ICE work specifically, Karp noted the relationship started under President Obama.

"Obviously there's a lot of legitimate concern about what happens on our border, how it happens, and what does the enforcement look like? It's a legitimate, complex issue. My personal position is we acknowledge the complexity. The people protesting, whom I respect, should also acknowledge that complexity."
— Palantir CEO Alex Karp, to CNBC
5. Take Note

On Tap

  • The World Economic Forum wraps up in Davos. (Darn it, there I go talking again about Davos.)

Trading Places

  • TikTok has hired Erich Andersen, a 20-year veteran of Microsoft's legal department, as its global general counsel.
  • Entertainment platform Roblox has hired former Cloudera executive Dan Sturman as CTO.

ICYMI

6. After you Login

Watching water boil is not fun. Watching pasta being shaped is very fun.