Google, Alphabet employees unionize

Dubbed the Alphabet Workers Union, it will be open to employees and contractors. Although its current membership, at 227 people, is less than one-thousandth of Alphabet’s working population, its press release points out that more than half of the people who work at Alphabet companies are contract workers and therefore lack many benefits. Additionally, workers take issue with hefty payout packages to executives accused of harassment, as well as with some of the company’s government contracts, such as the one around military drone targeting. 

(TechCrunch)

NYSE no longer plans to de-list Chinese firms

Defying a U.S. executive order that we reported on Monday, that would have suspended trading action for China Mobile, China Telecom, and China Unicom, NYSE spokesperson Farrell Kramer declined to comment on what had changed in relation to compliance with the executive order. It is worthy of note that on Saturday, the Chinese Ministry of Commerce reacted to the NYSE’s original announcement by saying it would take “necessary measures” to protect China’s companies.

(Axios)

Amazon banned from using AWS trademark in China

Amazon has learned it cannot use its AWS logo in China, following a ruling from a Beijing court that found that the trademark for the term “AWS” belonged to ActionSoft Science & Technology Development Co., a Chinese software and data services company. The court ordered Amazon to stop using the term AWS in China and pay compensation of $11.8 million, to ActionSoft. In the first half of 2020, AWS was the fifth-biggest cloud provider in China with a market share of 7.2%, according to research firm IDC.

(Wall Street Journal)

Google’s iOS apps haven’t been updated recently. Is Apple the reason?

Not a single one of Google’s iOS apps have been updated in almost a month, leading to speculation that this is related to Apple’s new App Store privacy labels. The last Google iOS app updates happened on December 7, and on December 8, Apple mandated that any new apps or app updates submitted to the App Store would require the developer to provide privacy label information for each app. This privacy label reveals exactly what data the app is collecting about the user and how that user data is being used, and can then be viewed on an app’s App Store listing page.

(Fast Company)

Thanks to our episode sponsor, Omada

Upon launching a project map your business priorities to best-practice identity processes. Then, perform a fit-gap analysis between functional areas in the process to the ideal goal. Where are key data and systems going? Where are there gaps? Are there deviations from best practices? You now have a blueprint of business processes and gaps. Knowing is half the battle. Let Omada help by visiting them at omada.net.

Hacker posts data of 10,000 American Express accounts for free

The accounts, posted on a hacker forum, belonged to Amex customers in Mexico, and include full credit card numbers and customers’ names, addresses, and date of birth, but not expiration dates, passwords, or financial data. According to Bleeping Computer, the actor behind the forum post intends to expose this data mainly for marketing spam purposes, and does not intend to sell the password information. 

(Bleeping Computer)

Google speech-to-text API can bypass audio reCAPTCHA

A three-year-old attack technique to bypass Google’s audio reCAPTCHA by using its own Speech-to-Text API has been found to still work with 97% accuracy. Researcher Nikolai Tschacher disclosed his findings in a proof-of-concept (PoC) of the attack on January 2. The technique involves grabbing the MP3 file of the audio reCAPTCHA and submitting it to Google’s own speech-to-text API. Although Google sought to fix this weakness in 2018 following its initial disclosure, Tschacher’s efforts show that its refinements have retained parts of the reCAPTCHA’s initial weaknesses.

(The Hacker News

Hackers target cryptocurrency users with new ElectroRAT malware

Security firm Intezer Labs said it discovered a covert year-long malware operation where cybercriminals created fake cryptocurrency apps in order to trick users into installing a new strain of malware on their systems, with the obvious end goal of stealing victims’ funds. The campaign was discovered last month in December 2020, but researchers said they believe the group began spreading their malware as early as January 8, 2020. The new malware strain, called ElectroRAT is described as being extremely intrusive, and is also capable of keylogging, taking screenshots, uploading and downloading files, and executing commands on the victim’s console.

(ZDNet)

Conspiracy theorists’ 5G COVID vaccine chip turns out to be a guitar pedal

A schematic diagram recently distributed on Italian social media as proof of a 5G chip being inserted into COVID-19 vaccines actually belongs to the BOSS MT-2, a distortion pedal popular with heavy metal musicians. Some of the more obvious terms on the diagram, such as Bass and Treble were explained as controls that adjust the instructions that can be heard in the head depending on your gender.As tech correspondent and part time musician Benjamin Deery put it, such a vaccine “isn’t curing anybody of anything, except maybe good tone.”

(The Register)