This week:
3 – How a Ticketmaster boss got a one-way ticket to court
2 – Why QR codes should really be called RQ codes
1 – AI’s plans for world domination may get delayed
3 – How a Ticketmaster boss got a one-way ticket to court
“A former boss of Ticketmaster has been sentenced after pleading guilty to illegally accessing computer servers of a rival company and stealing sensitive business information.“
Summary: An ex-employee of Crowdsurge, a Ticketmaster rival, continued to access Crowdsurge’s systems after he had joined Ticketmaster. Apparently, he encouraged colleagues ‘to screen-grab the hell out of the [Crowdsurge] system’, and even presented his illegal access on a conference room screen to at least 14 Ticketmaster employees. The illegal activity only came to light when a Ticketmaster employee joined Crowdsurge and “advised them to review their security”. Ticketmaster was fined $10 million for the illegal activity. The individual involved was arrested in Italy and extradited back to the US for his day in court. After a guilty plea, he “has now been ordered to pay $67,970 in forfeiture, and sentenced to one year’s supervised release.”
So what? Make sure you have a reliable process to remove system access from people who have left your organisation.
Source: BitDefender’s Hot For Security Blog
2 – Why QR codes should really be called RQ codes
“UK motorists [have been warned] to beware of threat actors utilising Quick Response (QR) code stickers luring them to malicious websites.”
Summary: Scammers are placing QR code stickers on parking meters to fool people who want to pay for parking into revealing their payment card details on the scammers’ websites, which are designed to look like the genuine sites. The issue in the UK follows similar scams in the USA, Canada, and Europe. Netcraft’s research suggests at least 2,000 people submitted personal information (potentially including card details) in a 2 month period over the summer.
So what? QR codes may enable Quick Response, but they should be called RQ (Really Questionable) codes, because they are a very quick way for scammers to fool us into visiting a dodgy site or downloading a dodgy file.
Source: Netcraft (via Risky Business)
1 – AI’s plans for world domination may get delayed
“A 100-word email generated by an AI chatbot using GPT-4 [..] requires 519 millilitres of water, a little more than 1 bottle [and] 0.14 kilowatt-hours (kWh) of electricity, equal to powering 14 LED light bulbs for 1 hour”
Summary: This recent article in the Washington Post attempts to explain the true energy cost (in terms of electricity and water) of using tools like ChatGPT. For example, if 10% of the US working population used ChatGPT to generate a 100-word email once per week, the power consumed over a year would be enough to power all of the homes in Washington D.C. for 3 weeks. There is an ongoing debate about data centres in Ireland (especially given their electricity demands), and it looks like similar issues are arising in the US, with communities in Northern Virginia, Iowa, and Oregon questioning their true value. Meanwhile, the growing use of AI is not helping tech firms achieve their net-zero targets. For example, when Google released its most recent environmental report, it showed “its carbon emission footprint rose by 48 percent, largely due to AI and data centers.”
So what? AI may be coming to take our jobs and destroy humanity. But until the tech gods figure out ways to power and cool these AI overlords in cyberspace, all of us mere mortals in ‘meatspace’ may be safe for now.
Source: The Washington Post (via ASPI)