July 07, 2022
I'm struck by how many GoFundMe campaigns are testaments to our society's failure to take care of our own.
Today's newsletter is 1,177 words, a 4-minute read.
1 big thing: The price of Apple's lockdown mode
In announcing a new "lockdown mode" for iPhones, iPads and Macs, Apple has proved that it's possible to protect devices against even the most sophisticated attacks — but at a high cost in ease of use.
Why it matters: Product design is all about tradeoffs, and tech companies are always trying to navigate them amid a cacophony of voices demanding they prioritize privacy, or security, or simplicity, or other concerns.
Driving the news: Apple is adding a special "lockdown" mode across its product line designed for people such as dissidents, journalists or human rights workers who could become the targets of high-end spyware, such as NSO Group’s Pegasus.
- The new option, coming to Macs, iPads and iPhones with this year's fall software update, could make it much harder for attackers to access such phones, but also significantly complicates everyday tasks from messaging to web browsing to video chat.
The big picture: The debut of lockdown mode comes amid a larger conversation about the need for better protection of user data, not just from malicious attacks, but also from overzealous governments or data-gobbling companies.
- Apple has made privacy a key focus of its marketing efforts and focused on minimizing the amount of data it can access. It has done so by storing data on device and encrypting sensitive information, such as health data.
- Even Google, which relies extensively on user data to serve up ads, has added more user controls and, in recent days, announced plans to proactively delete certain location data.
How it works: Apple's feature can be turned on with a single change to user settings, but there's a big impact on how the phone works.
- Most message attachment types other than images are blocked. Some features, like link previews, are disabled.
- Some more advanced web technologies that enable sites to provide more services are disabled unless and until the owner marks the site as trusted.
- Requests for FaceTime calls or other invitations are blocked unless the phone owner has previously interacted with the person.
- Wired connections to other computers or accessories are blocked when an iPhone is locked.
Yes, but: This isn't intended for average users who just prefer to be on the safe side.
- Apple says "Lockdown Mode" is an "extreme, optional" protection to be used only by those with reason to suspect they might be personally targeted for a highly sophisticated attack. "Most people are never targeted by attacks of this nature," reads a warning shown before a user turns on the feature.
What they're saying:
- Apple head of security engineering Ivan Krstić: "While the vast majority of users will never be the victims of highly targeted cyberattacks, we will work tirelessly to protect the small number of users who are."
- Citizen Lab's John Scott-Railton: "Lockdown Mode is radical reduction of the threat surface of an iPhone. Cannot overstate how big a change this is for Apple."
Our thought bubble: Apple deserves the plaudits for its effort to help users who fear high-end attacks. But it's also very much in the company's interest to protect its devices and be known as the "safer" choice in the smartphone market.
What's next: In a post-Roe world where every piece of personal data devices record could become a prosecutor's target, users will clamor for increasingly sweeping, effective and convenient tools to protect their data — and companies will continue to struggle with the tradeoffs.
2. Recruiters flock to layoff-tracker site
One sign of the economic times: A website that tracks startup layoffs is serving as a powerful recruiting tool, particularly for still-scarce tech talent, Axios' Emily Peck reports.
Why it matters: Despite what you're hearing about a recession, the job market is still chugging along.
State of play: While layoffs started to pick up this spring, they've so far been contained mostly to fintech, crypto and real estate, says Roger Lee, who founded the layoffs.fyi website, in March 2020.
- "Recruiters and companies are emailing me," Lee tells Axios. They're sending thank you notes because they've used the site — which features spreadsheets with contact information of laid off workers — to hire.
Backstory: Lee started his website when he was home with his infant daughter on leave. Unemployment was skyrocketing at the time, but the company he worked for was still hiring, and he figured the site could be useful as a way to find people.
- "I was updating the site constantly," he says.
Things cooled off quickly in layoff land as the Fed stepped in to put an end to the cratering. Then around March this year, a new wave of layoffs in the startup world accelerated.
Flashback: In 2000, as the dotcom bubble burst, a website called F'd Company tracked tech layoffs with a level of snark that Lee, who was in high school back then, intentionally avoids.
- "Layoffs are not fun for anybody," he says. "These are real people."
3. FBI, MI5 jointly warn of Chinese espionage
Domestic U.S. and British security heads warned business leaders Wednesday about Chinese government spying aimed at stealing intellectual property from Western tech companies, Axios' Ashley Gold reports.
Driving the news: FBI director Christopher Wray and MI5 director-general Ken McCallum appeared together at MI5 headquarters in the U.K. to warn of espionage campaigns from Beijing.
- Per a transcript of McCallum's speech from MI5, the event marked the first time that FBI and MI5 leaders have "shared a public platform."
What they're saying: "The Chinese government is set on stealing your technology—whatever it is that makes your industry tick — and using it to undercut your business and dominate your market," Wray said, according to the Wall Street Journal.
- Wray and McCallum said state-sponsored hacking is carried out to gain access to technology Beijing has rendered important, and a new counterintelligence investigation into the Chinese government is opened "roughly every 12 hours."
- McCallum said Chinese officials are operating a "coordinated campaign on a grand scale... a strategic contest across decades," according to the transcript.
Flashback: Last December, Microsoft seized 42 websites from a Chinese hacking group carrying out attacks in 29 countries, including the U.S.
Meanwhile: State-sponsored hackers from North Korea have been targeting health care organizations, a group of federal agencies warned on Wednesday.
4. Take note
- Tom Keane, a 21-year Microsoft veteran, is leaving his post as a VP in the Azure cloud unit. His departure follows a May Insider report that colleagues said he was verbally abusive. That same report also called out HoloLens creator Alex Kipman, who has also since announced his departure.
- Stack Overflow named Jody Bailey, formerly of AWS and Pluralsight, as chief technology officer.
- Amazon's deal with Grubhub parent Just Eat Takeaway shows how the retail giant remains interested in the restaurant delivery space even after it gave up its own service there. (Axios)
- Cryptocurrency brokerage Voyager Digital filed for Chapter 11 bankruptcy protection. (Axios)
- Russia's invasion of Ukraine has taken a massive toll on Yandex, the Russian equivalent to Google. (The New York Times)
5. After you Login
Underwater dog photos are pretty cool.