Freezenet’s Official Podcast: August 2019: The Big One Oh! Drew Wilson | September 11, 2019 In this tenth episode of the Freezenet official podcast, “The Big One Oh”, we check out the news and reviews for the month of August. Welcome to the public version of the tenth episode of the Freezenet official podcast for August 2019. This episode is entitled the Big One Oh because we’ve made it to episode 10 already! Can you believe that? We would like to apologize for the delay in this month’s episode. For those seeing the public version, it’s only out by a few days, but we hope this won’t occur again in the future. The delays were largely unexpected. This month, we cover the massive story of the Capital One data breach which saw 100 million accounts compromised. We also cover the war on encryption expanding in the US and Canada. Also, we had to talk about the huge fine handed down by the FTC to Facebook. After all, it is a $5 billion fine. In addition, we discuss the exclusive stories surrounding both the Ferry Corsten DMCA takedown issue as well as Twitch winning a default judgment against a user in court. There’s, of course, plenty of other stories we covered as well. Also, we have the usual compliment of music and video game reviews as well. We even talk about a historic first in plumbing where a toilet exploded. All this and more on this months episode! You can check out our official podcast on Soundcloud or take a listen below: What follows below is a transcript to this episode: Intro It’s the big one oh! Hi, I’m your host, Drew Wilson. Welcome to the 10th episode of the Freezenet official podcast for August, 2019. Here are your top 3 headlines: The Top 3 Our top story this month is the Capital One data breach which saw 100 million accounts compromised. Coming in at number 2, the US and Canadian governments both receive pushback for their anti-encryption stances. Finally at number 3, Facebook hit with a $5 billion fine from the FTC. Top Stories First, we have to talk about the story that absolutely dominated headlines this month. That is the massive Capital One data breach which saw 100 million accounts compromised. The hacker behind the blockbuster data breach has since been arrested and is sitting in jail awaiting court proceedings. It didn’t take long for lawyers to get busy on this one. Right after the breach took place, American law firm Morgan & Morgan filed a class action lawsuit in the US barely 24 hours later. The lawsuit was filed in the United States District Court for the Eastern District of Virginia. The law firm is arguing that the bank failed to take “reasonable care” of the sensitive information they had. That, of course, wasn’t the only lawsuit that was filing as a result of the breach. Law firm Tycko & Zavareei LLP also filed a lawsuit over the breach, but it wasn’t just Capital One they were targeting. The lawsuit also named online code repository GitHub as a defendant. The firm says that because the stolen data wound up on their servers, they ended up acting negligently for not removing the content fast enough. The firm says “As a result of GitHub’s failure to monitor, remove, or otherwise recognize and act upon obviously-hacked data that was displayed, disclosed, and used on or by GitHub and its website, the Personal Information sat on GitHub.com for nearly three months” Some are saying that Section 230 of the Communications Decency Act of 1996 might be a successful defence against the lawsuit. This is because the law protects platforms that act in good faith from lawsuits stemming from illegal activity of users. Meanwhile, the legal troubles over the Capital One breach spilled over into Canada. Vancouver law firm, Charney Lawyers, is filing a class action lawsuit in Canada against Capital One over the breach. The firm said that the breach could turn out to be “very serious”. We here at Freezenet actually got questions about the breach. The questions are generally: “Did this breach affect me?”, “What should I do to protect myself?”, and “Who should I speak to if I think I may be part of the breach?” For you, one of the things you can do is speak to your bank about this. They should have an idea of where you can go. Additionally, keep an eye on your statements for suspicious activity. Finally, if you’ve contacted Capital One and still don’t know if you’ve been impacted, you can also contact the law firms filing these lawsuits. If you are from the United States, you can check out forthepeople.com. That is the Morgan & Morgan lawsuit we just mentioned. If you are from Canada, then you can get in touch with the law firm filing the class action lawsuit in Canada. That law firm is Charney Lawyers. The website set up for this is capitaloneclassaction.ca. If you are confused by those URLs, we’ll include the links in the transcript so you can check out those sites directly. The US one does require some clicking through, so we’ll provide a specific URL for you. This will point to the direct page in question rather than having to navigate or search. Hopefully, this helps some of you out there that still have questions. Meanwhile, the war on encryption is raging in both Canada and the United States. The five eyes spy agencies renewed calls for countries to crack down on security. It seems some countries are listening to those calls. In the United States, the Trump administration, through US Attorney General William Barr, railed against so-called “warrant-proof” encryption. He suggested that encryption that the government cannot break should be banned completely. Barr wrote, “By enabling dangerous criminals to cloak their communications and activities behind an essentially impenetrable digital shield, the deployment of warrant-proof encryption is already imposing huge costs on society. It seriously degrades the ability of law enforcement to detect and prevent crime before it occurs. And, after crimes are committed, it thwarts law enforcement’s ability to identify those responsible or to successfully prosecute the guilty parties” Barr received pushback for comments like that from multiple advocacy groups. In an open letter, the groups urged Barr to back off the plan. “Strong digital encryption is the bedrock infrastructure that allows everyday people, businesses, and our government to trust technology for critical needs,” the open letter asserted. “Barr’s demand that tech companies give law enforcement special access to encrypted devices would seriously violate that trust, compromising the security of potentially billions of people by creating a vulnerability that criminals and terrorists could easily exploit.” A very similar battle is playing out in Canada right now. Canada’s public safety minister, Ralph Goodale, made comments about encryption and how he feels that the country should start cracking down on security. In one comment, Goodale said, “We need to work with the internet companies and the service providers to achieve two objectives simultaneously. The objective of the privacy values that flow from strong new technologies and encryption, but at the same time making sure that our platforms and services and systems are not harbouring the kind of behaviour that would exploit children and create victims” Rights organization, the Citizen Lab, disagreed with the assessment and the need to crack down on encryption. After commenting that Goodale has a history of defending security, the organization said, “This year, however, the tide may have turned, with the Minister apparently deciding to adopt the very irresponsible encryption policy position he had previously steadfastly opposed. To be clear, should the Government of Canada, along with its allies, compel private companies to deliberately sabotage strong and robust encryption protocols and systems, then basic rights and freedoms, cybersecurity, economic development, and foreign policy goals will all be jeopardized.” Now, turning things over to our third big story of the month. It was rumoured to be a record setting fine and the public ruling didn’t disappoint. The Federal Trade Commission (FTC) has fined Facebook $5 billion over the Cambridge Analytica data mining controversy. The controversy itself saw Cambridge Analytica declare bankruptcy after their offices were raided. It also led to high profile appearances in various governments around the world. This includes a rather fiery one where Facebook CEO, Mark Zuckerberg, appeared before the US government and was grilled over the whole scandal. “Despite repeated promises to its billions of users worldwide that they could control how their personal information is shared, Facebook undermined consumers’ choices,” said FTC Chairman Joe Simons in a release. “The relief is designed not only to punish future violations but, more importantly, to change Facebook’s entire privacy culture to decrease the likelihood of continued violations.” It’s certainly been quite a dramatic month. We are only just beginning, though. Here are some of the other stories making news this month. Other Stories Making News We got an exclusive follow-up to our exclusive story we brought you last month. In last month’s podcast, we told you about how Ferry Corsten had two of his radio shows taken down on YouTube. Those episodes are for Corsten’s Countdown and concern episode’s 628 and 629. The DMCA’s were issued by the record label EDM/District. Well, we are happy to report that it seems that the situation has been resolved. Both episodes are now available on YouTube again. What the circumstances were in all of this remains unclear. We still didn’t hear back from Corsten about the issue, but at the very least, those episodes can be listened to again. From one exclusive to another. We also brought you an exclusive story about a court case involving video game streaming service Twitch. According to court documents obtained by Freezenet, the streaming service has won a default judgment against a user who used a botnet to fake views. Jared Kelly was ordered to pay statutory damages thanks to trademark infringement, unfair competition, cybersquatting, and breach of contract. In addition to this, Kelly was ordered to not use Twitch’s intellectual property and use the Twitch services. Kelly was traced through a Fastspring account via the ID “Twitchviewerbot” and was subsequently hauled into court for selling his bot services. There’s been some developments over the Equifax data breach. That breach saw 147 million accounts compromised. The credit monitoring company has reached a $700 million settlement in court. “This companys ineptitude, negligence, and lax security standards endangered the identities of half the U.S. population,” New York state Attorney General Letitia James said in a statement. In response to the Equifax settlement, the response from American’s was unexpectedly large. American’s went to the website at equifaxbreachsettlement.com in droves. One of the offers was that American’s could receive a $125 settlement payout. Other options included free credit monitoring among others. Still, most took the $125 option. That resulted in an unexpected shortfall. Apparently, a portion of the settlement funds were set aside for the payouts. Because so many were choosing that option, the funds ended up quickly drying up. This lead some to recommend going the free credit monitoring rout. As a result of the potential funding shortfall, it looks like not everyone will be getting their settlement money. The saga over Australia’s quest to ban effective security continued this month as well. According to comments made by Australian cloud computing company Vault, multinational companies are now blacklisting the country for fears that their information could be compromised thanks to the countries Assistance and Access Act. The law that was passed in 2018 would require companies operating in the country to have backdoors installed on their encryption for law enforcement purposes. Vault says that companies are going through a “headline test” and are seeing a compliance burden so great, they are thinking twice with investing in the country. To add insult to injury, the Law Society made their own submission to the Australian government. They are saying that the laws as they stand now are illegal. This stems from a long-running problem of not being able to comply with the anti-encryption laws in the country, while at the same time, complying with privacy laws in other countries. They point out that it would be impossible to comply with Australia’s Assistance and Access Act, while at the same time, complying with the US CLOUD Act. Critics of the anti-encryption law also point out that it would also be impossible to comply with the Assistance and Access Act and Europe’s General Data Protection Regulation. DRM reared its ugly head this month as well. Video game software company, Bethesda, released the first three Doom games on the Nintendo Switch. Unfortunately, the games required that users login with their accounts before playing the game on their mobile console. This drew a storm of controversy from gamers who point out that this was never required with the original DOS game, so why is it required on the Nintendo Switch? Shortly after, Bethesda backed off the highly controversial DRM system. They released a patch and said that the login requirement was supposed to be for players of the Slayers Club. Otherwise, the login requirement should be entirely optional according to the company. YouTube game streamer Supmatto got a knock on his door this month. Investigators, working on behalf of Take Two Interactive, showed up because of what they say were leaks for the upcoming game Borderlands 3. Supmatto did talk about leaked details on his YouTube page, but also offered a bunch of speculation. Supmatto received multiple DMCA notices against his channel as well. After a short haitus, the streamer said that he is re-evaluating whether or not he will continue to stream content after this. He went on to stop publishing material online altogether. Meanwhile, Epic Games is finding themselves in legal hot water. A class action lawsuit was filed by Franklin D Azar & Associates over the software companies game Fortnite. The lawsuit says that on January 16, 2019, the developer acknowledged that there was a flaw in the login security system. As a result, it permitted people to hack into other users accounts and purchase items without the owners knowledge. It is alleged that there are entire databases filled with login credentials floating around. Epic Games, for its part, says that they are looking for the large password dumps and requiring affected users to reset their passwords. The U.S. Court of Appeals for the Second Circuit has handed down a ruling that could help protect online platforms from certain lawsuits. In the Force vs Facebook lawsuit, plaintiffs attempted to sue Facebook for hosting material related to a terrorist attack. They tried to argue that Facebook should bear some legal responsibility for the material in question even though it was posted by third parties. Facebook, for its part, pointed out that Section 230 of the Communications Decency Act protects the platform from such lawsuits. The court agreed. The Electronic Frontier Foundation welcomed the ruling, saying that they sympathise with the victims of the terrorist attacks. They then point out that holding platforms liable would create disastrous unintended consequences. That is why they filed an amicus brief in the case defending Facebook. The US Trump administration is floating another way of cracking down on civil rights. This time, the Trump administration is considering renewing the NSA dragnet surveillance of American’s phone and Internet records. The massive amounts of data was being collected by the National Security Agency until 2018. That was when they were ordered to destroy records that were outside the scope of their investigations. The proposed renewal would not only put dragnet surveillance back in place, but also would renew it indefinitely. Critics point out that this goes way beyond any other previously passed renewal orders. The Electronic Frontier Foundation states in part: “If the program does not help ensure the safety of Americans, cannot stay within the law, and violates our privacy, then why should Congress reauthorize it? After all, as of now, the NSA isn’t even using it. This December, rather than permanently renew the authorization that allows the NSA to use an invasive program, it’s important that we push Congress to end the Call Details Record program once and for all and enact other important reforms.” The Los Angeles Police Department was hit with a data breach. A report describes the breach as containing “The names, birth dates, email address and account passwords of thousands of LAPD officers, along with thousands more applicants” Finally, in a follow-up we brought you back in June, the Securities and Exchange Commission is investigating the American First data leak. The leak saw a stunning 885 million records exposed to anyone with a web browser. No authentication required. In a letter sent to a researcher that blew the lid on this whole story, the SEC sought any information related to the data leak. The letter points out that the request does not mean that there has been a violation of the law. Still, the governmental organization is working to determine if First American violated any securities laws. One thing is for sure, it has been one really busy month here on Freezenet. Video Game Reviews Now, turning towards entertainment, here are video games we’ve reviewed this month: First up is Pole Position for Atari 5200. Impressive third person perspective and good handling, but the gear shifting system leaves a bit to be desired. Overall, though, this game gets a 70%. Next up is Q-Bert for the Atari 5200. Good controls, nicely realized difficulty curve, and decent sound effects and jingles. So, this game gets a great 84%. After that, we tried Zone Ranger for the Atari 5200. Objectives can be unclear, but the variety is nicely done. This game earns a solid 72%. From there, we tried Zenji for the Atari 5200. The simplicity and the explanations do make this game very approachable. Unfortunately, expect the occasional spike in difficulty. Overall, this game gets a 76%. Finally, we tried Kangaroo for the Atari 5200. Good level variety, but clunky movements, basic graphics and basic sound effects does hamper play. This one flopped with a 42% Music Reviews As for music we’ve listened to this month, we’ve got… Jon Bon Jovi – Blaze of Glory The Allman Brothers Band – Good Clean Fun Aerosmith – The Other Side (LP Version) Starship Amazing – Bonk (You Got Bonked) INXS – Suicide Blonde The Black Crowes – Hard to Handle Damn Yankees – Coming of Age … and finally, Jesus Jones – Right Here Right Now Picks of the Month So, that leads us to our pick of the month. This month, our pick of the month belongs to Starship Amazing – Bonk (You Got Bonked). Also, be sure to check out Q-Bert for the Atari 5200 and Jon Bon Jovi – Blaze of Glory. Oddities And in other news… There are some things the Transportation Security Administration will allow as carry-on luggage. Other things, they won’t allow on the plane. As one traveller going through the Baltimore/Washington International Thurgood Marshall Airport found out, his souvenir missile launcher definitely falls into the latter category. The unnamed traveller obtained the missile launcher before coming home from Kuwait. He apparently was in the military which would explain the weapon. While the weapon was described as not live, the weapon was disposed of by a state fire marshal. Sometimes, security is just no fun. It is being described as a first in plumbing history. During a storm, a Florida couple bore witness to the results of lightening hitting their septic tank. The strike ignited methane gas that had built up within the septic system. As a result, their toilet exploded. A-1 Affordable Plumbing said the explosion occurred in the master bathroom, “sending porcelain airborne like a missile.” Meanwhile, the couple described the explosion as “very loud”. I can see why. Police in Johnstown, Pennsylvania executed a search warrant. After authorities arrived, they found over 500 stamp bags of heroin, over 50 ecstasy pills, over 50 hits of LSD, 1 ounce of crystal methamphetamine, over 10 grams of cocaine, suboxone, mushrooms, molly and over 25 grams of marijuana. No word if they also found a Partridge in a Pear Tree. Outro So, before we close out the show. We have a very minor announcement to make. In a follow-up to what we told you last episode, we are now able to create first impression video’s. The hardware we installed did come with a few hiccups, but the end result seems to be pretty good. While we aren’t sure about next month necessarily, we are hoping to turn this into a monthly thing. We are basically posting gameplay footage of our first 10 minutes of games we are looking at. This month, we brought you our first impressions of the Steam game Half-Life 2. We hope you enjoy it and look forward to producing more videos in the future! Also, huge shout out to Nolan for providing mixing and recording services. His hard work to make this podcast sound so great is definitely appreciated. If you’d like to get your hands on some behind the scenes stuff, exclusive content, and early access material, you can check out our Patreon page at Patreon.com/freezenet. Through this, you can help make Freezenet just that much better all the while getting some pretty cool stuff in the process. That’s Patreon.com/freezenet! …and that’s this months episode for August 2019, I’m Drew Wilson for Freezenet. Be sure to check out our website at freezenet.ca for all the latest in news and reviews. You can also like us on Facebook and follow us on Twitter @freezenetca. Thank you for listening and see you next month. Drew Wilson on Twitter: @icecube85 and Facebook.