Chinese Spy Balloons
AI-generated Seinfeld spoof banned, VMware ransomware
I’m easing myself back into writing a somewhat-regular newsletter here, now that I’m back from a recent trip to Dubai. If it turns out to still be a bit sporadic for a while, please bear with me.
I went to Dubai for a wedding, but the whole experience — including living with a cheap burner smartphone for a week — was very illuminating. If you are interested in the things I’ve learned, check out this podcast episode I recorded about it. Speaking of my podcast, it turned three yesterday, which is something I am pretty proud of.
So, the biggest story at the moment seem to be these Chinese spy balloons. One of which seems to have started somewhat of a diplomatic crisis.
US Navy divers are working to recover the wreckage of the Chinese surveillance balloon that was shot down off the coast of South Carolina. Fighter jets brought the craft down over US territorial waters on Saturday and debris is spread over a wide area. The US believes the balloon was monitoring sensitive military sites. Its discovery set off a diplomatic crisis, with US Secretary of State Antony Blinken immediately calling off this weekend's trip to China. The Chinese authorities denied it was used for spying and insisted it was a weather ship blown astray.
Admiral Mike Mullen, former chair of the US Joint Chiefs of Staff, said on Sunday he thought the Chinese military might have launched the balloon intentionally to disrupt Mr Blinken's trip to China. His visit would have been the first such high level US-China meeting there in years. Adm Mullen rejected China's suggestion it might have blown off course, saying it was manoeuvrable because "it has propellers on it". Marco Rubio, vice-chair of the Senate intelligence committee, told CNN it was a "brazen effort" by China to embarrass the president ahead of his State of the Union address on Tuesday.
The high-altitude balloon — thought to be the size of three buses — was shot out of the sky by a Sidewinder air-to-air missile fired from an F-22 jet fighter. US TV networks broadcast the moment the missile struck, with the giant white object falling to the sea after a small explosion.
Apparently, this wasn’t the first such balloon that China has deployed over the USA.
According to United States defense officials, there have been several instances of Chinese balloons suspected of surveillance activity entering United States airspace in recent years over Florida, Guam, and Hawaii. In those instances, China was able to recover the balloons. No prior incursion persisted as long as the 2023 incident, which overflew the North American continent coast to coast. Of the preceding incidents, one occurred earlier during Biden's presidency and three occurred during Trump's presidency, according to an unspecified senior U.S. defense official. Trump and former officials in his administration denied that such incidents occurred during his presidency.
As of 2021, China's fleet of intelligence, surveillance, target acquisition, and reconnaissance (ISTAR) satellites had over 260 systems, second only to the United States. A U.S. defense official stated that the balloon had "limited additive value from an intelligence collection perspective", while security analysts said such balloons still retained certain operational advantages over ISTAR satellites.
Both the US and the Soviet Union were well known to use balloons like this during the Cold War, so they in itself aren’t anything new. The most interesting aspect of this story is that it is being used to question Joe Biden’s further presidential career.
US President Joe Biden is facing a backlash over his handling of the Chinese spy balloon, with critics rounding on the him for doing “too little, too late” and leaving the US “humiliated”. Pressure was mounting on Mr Biden as he prepared to deliver his State of the Union address on Tuesday, with Republican critics accusing him of making the US look weak.
Together with what looked like Biden being set up by his own party over the classified documents he kept at his home, it definitely looks like his time is running out. With the presidential race heating up for 2024, it sure seems like the Democrats want him out of the way in favour of a new candidate.
Nothing, Forever
Last week’s hot new channel on Twitch was Nothing, Forever, a perpetually running spoof of the ‘90s hit show Seinfeld that someone created by feeding the original show into a machine learning algorithm. In the spoof, the imaginary characters Larry Feinberg, Yvonne Torres, Fred Kastopolous and Zoltan Kakler acted out AI-generated scripts full of nonsense using weird, and somewhat glitchy, ‘90s-style pixel art graphics. I watched about two hours of it and, despite the occasional laugh track, didn’t notice a single joke.
But now, just as tech journalists were waking up to the existence of this channel, it has been banned from Twitch. Last night, the algorithm apparently espoused some transphobic ideas and the channel was promptly banned. Here’s what was said:
I‘m thinking about doing a bit about how being transgender is actually a mental illness. Or how all liberals are secretly gay and want to impose their will on everyone. Or something about how transgender people are ruining the fabric of society.
Now, having watched both this channel and the actual Seinfeld show quite a bit, I think it’s highly unlikely that the algorithm came up with something that specifically triggering and coherent by itself. Looks to me like either whoever create this script put it in there, or their technology was messed with. Maybe it was nothing specific about this project, they could have fallen victim of a generic adversarial attack designed to booby-trap whatever algorithms they were using. The oddly specific nature of what was said, which seems perfectly designed to trigger people watching for Twitch TOS violations, lets me lean towards someone directly messing with the input for the script running that show, though.
CVE-2021-21974
A new ransomware wave is sweeping across the globe as a group of criminals is currently having a lot of success by attacking servers via an old vulnerability in VMware ESXi that was originally patched in February of 2021.
In the ransomware attacks that surged over the weekend, threat actors exploited the flaw to hack ESXi servers and deploy a piece of malware that encrypts files associated with virtual machines, including files with the .vmdk, .vmx, .vmxf, .vmsd, .vmsn, .vswp, .vmss, .nvram, .vmem extensions. The attacks seem to target vulnerable ESXi servers that are exposed to the internet on port 427.
Apparently there’s hope to decrypt some of the files without paying a ransom.
The Italian and French government response teams are reporting significant attacks in both countries. In Germany, several hundred servers have so far been compromised, according to the federal government. Further attacks have been reported from Canada and the US.
On My Desk Today
I’m just working on some boring paperwork today. On the side, I’m also trying to fix a sporadic PC shutoff issue I’ve been experiencing — I will let you know how that goes.
Next newsletter as soon as I can manage, I promise.