two women on facetime with a facetime logo and an cross through the logo

Tech news roundup: 21st July

Jul 21, 2023
Calculating reading time...

In this week's tech news, we cover Microsoft merger with Activision Blizzard, Chinese hackers vs US government, NHS cyber breach, Coinbase updates its features with direct messaging, Google calandar can now take paid appointments, FTC vs OpenAI, Twitter blocks links from Threads and Shutterstock and OpenAI form a deal.

Apple Threatens to Shut Down Communication Services in UK over Surveillance Concerns

Tech behemoth Apple has sounded an alarm, stating its readiness to shut down its two end-to-end encrypted communication services - FaceTime and iMessage - in the United Kingdom. This drastic move is proposed in response to the UK government's planned expansion of digital surveillance powers granted to state intelligence agencies.

The government's proposal is primarily targeted at amending the existing notices regime under the 2016 Investigatory Powers Act (IPA). A significant component of this proposed amendment includes a mandate for messaging services to have their security features approved by the Home Office prior to their deployment. The government asserts that these changes are vital to maintain the efficacy of law enforcement and intelligence agencies, given the rapidly evolving technological landscape.

Apple has firmly opposed these proposed changes, characterizing them as a "serious and direct threat to data security and information privacy". The tech giant goes on to highlight that these potential policy changes would have an impact that extends beyond the UK's borders.

This bold stance from Apple adds to an intensifying wave of dissent within the tech industry against the UK government's policymaking. Other significant players, such as WhatsApp, Signal Messenger, and Wikipedia, have also voiced concerns about aspects of the UK's digital policy they consider damaging to the interests of their user base.

In essence, Apple's stark warning suggests that it may halt operations of FaceTime and iMessage in the UK if the government decides to proceed with its planned digital surveillance power expansion under the IPA. This underlines the growing friction between tech companies and UK government over digital policy decisions.

Google Fixes a Zero-Day Bug Found in a Competitive Twist

In the exciting world of tech, the unexpected often proves to be the rule, not the exception. The story of Google's latest Chrome fix highlights this unpredictability perfectly.

Google recently tackled a zero-day vulnerability in its Chrome browser. The twist? The bug was initially discovered by an Apple employee during a Capture The Flag (CTF) hacking contest back in March.

Here's where things get even more interesting - this Apple employee didn't report the bug to Google. The tech giant was blissfully unaware of the lurking vulnerability as it had not been flagged, and consequently, no patch was issued. The reasons behind the employee's choice not to report are yet unclear, sparking questions and intrigue within the tech community.

The plot thickens further when we learn that the bug was eventually reported, not by the original discoverer but by another participant of the CTF competition. This person was not involved in finding the bug and was not even part of the same team as the original finder.

The decision to report was primarily driven by a sense of responsibility and a bit of uncertainty. As the reporter stated, they weren’t completely sure if the issue was already reported to the Chromium team, so they decided to play it safe and bring it to light. A move that proved fruitful, as Google generously awarded them with a $10,000 bug bounty for their vigilance.

In the end, Google successfully fixed a zero-day vulnerability in Chrome, thanks to the help of an unexpected hero. Meanwhile, the tech world still awaits clarification on why the initial discoverer chose to remain silent. This story serves as a reminder that even within the fast-paced world of technology, a twist or two is never far away.

Apple Gears Up for AI Showdown with Internal "Apple GPT" Chatbot

There's a stir in the tech world this week as we've learned from Bloomberg's tech guru, Mark Gurman, that Apple is sinking its teeth into the realm of artificial intelligence (AI). Taking on tech behemoths like OpenAI and Google, Apple is working on a powerful chatbot, cheekily dubbed "Apple GPT" by its engineers.

Still finding its footing, Apple is yet to carve out a definitive plan for launching this exciting new AI tool to the public, but the rumor mill is buzzing with talks of a major AI-related revelation due next year. What we know for certain, however, is that Apple is not just participating in the AI race, but they're crafting their own route, developing a unique framework known as "Ajax". This innovative setup aims to build large language models - the powerful AI engines that drive the likes of ChatGPT and Google's Bard.

Apple hit the pause button on the chatbot's internal deployment at one point, due to security concerns surrounding generative AI, but it seems the wheels are back in motion now. The chatbot is being shared with a growing number of Apple employees, though it's not a free-for-all; special approval is still necessary for access.

The main function of the chatbot, for now, is in aiding with product prototyping. It's an incredibly useful tool, able to summarize text and answer questions based on its training data. In its current state, "Apple GPT" isn't revolutionary, mirroring the abilities of existing tools like Bard, ChatGPT, and Bing AI. But with Apple actively recruiting in the field of generative AI, it seems this is just the beginning of their AI journey. Stay tuned for more exciting updates as Apple delves deeper into the world of AI.

A New Creative Leap: Google Meet AI Generates Custom Backgrounds

Google has unveiled an innovative feature that could potentially revolutionize our virtual meeting experience. Part of an experimental trial under the Google Workspace Labs, the tech behemoth is testing a generative AI feature aimed at creating personalized backgrounds for Google Meet calls. What makes it particularly exciting is its interactive nature: users get to play a part in the creation process.

Here's how it works: Selected participants have the ability to input a prompt, essentially instructing the AI to produce a background of their choice. Fancy a meeting from a "luxurious living room interior?" Simply type it in. Moreover, users can fine-tune their backgrounds by choosing a specific style such as "Photography," "Illustration," or even "Fantasy." This feature provides a wide canvas for creativity, also offering suggestions for backgrounds based on the given prompt.

Safety and user satisfaction remain a priority for Google, so if a user finds the generated content inappropriate, they can report it directly to Google for review.

This development is the latest in a series of enhancements that Google has made to Google Meet this year, adding to a repertoire that includes features like hand-raising, breakout rooms, and attendance tracking. Google is continuously striving to create a more dynamic and engaging virtual meeting experience, and this novel feature could be a game-changer for personalizing our online spaces.

Spyware Makers Intellexa and Cytrox Hit with U.S. Economic Sanctions

In a recent turn of events, two European spyware companies, Intellexa and Cytrox, based in Greece and Hungary respectively, have been targeted by the U.S. government with economic sanctions. This move is a key part of the Biden administration's wider mission to combat the proliferation of malicious software that is distributed solely to law enforcement and intelligence agencies.

Both companies, along with two associated entities in Ireland and North Macedonia, now find themselves on the U.S. government's economic denylist. The U.S. Commerce Department has charged Intellexa and Cytrox with trafficking in cyber exploits, actions that infringe upon the privacy and security of individuals and organizations across the globe. This, the U.S. government maintains, poses a significant threat to their national security.

What this means in practical terms is that these two companies are now on the Commerce Department's Bureau of Industry and Security (BIS) Entity List. This designation results in rigorous scrutiny for any application to export goods or services from the U.S. to these companies. In all likelihood, these applications will face rejection, effectively barring Intellexa and Cytrox from procuring U.S. goods and services.

Intellexa, known for its creation of the notorious FinSpy, has yet to comment on the situation. Similarly, Cytrox has been unreachable for comment. It's worth noting that in 2021, both Meta and digital rights watchdog Citizen Lab accused Cytrox's clients of utilizing the company's spyware against human rights activists. This recent action by the U.S. government further underscores the growing concern around the misuse of spyware worldwide.

Wix Unveils New AI-Powered Site Builder

Wix, a well-established player in the website creation landscape, has just raised the stakes with its most recent unveiling: the AI Site Generator tool. This innovative feature comes on the back of the understanding that users today don't want to fuss over each and every design detail of their websites. Rather, they want a streamlined, efficient experience that results in a professional and personalized site.

Avishai Abrahami, Wix's CEO and co-founder, underscores that this new tool brings "real value" to customers. The AI Site Generator does not just build websites; it curates high-quality content, customized layouts, and bespoke design. This all comes from a wellspring of AI expertise and almost ten years of experience in the domain, demonstrating how Wix aims to make website-building an intuitive and valuable process.

Although the AI Site Generator is a groundbreaking innovation, it's not Wix's first foray into AI. Wix has previously made strides in AI with features like the text creator, which uses OpenAI's ChatGPT to help users generate tailored content for their websites. Another notable AI feature is the template text creator, which creates all the text for a website.

The AI Site Generator operates using a mix of proprietary and third-party AI systems, transforming user input into an impeccably designed website. It works by engaging the user in a chatbot-like conversation, asking a series of questions about their site and business. This conversational interface allows the tool to interpret user responses into a unique, custom website, thus turning the vision for your business into a tangible, fully-functional website.

Microsoft's Misplaced Keys Lead to Major Breach

Last week, the world of tech security was rocked by news that Microsoft inadvertently allowed hackers, believed to have links to China, to infiltrate scores of email accounts undetected. The article provided a harrowing overview of the cybersecurity breach, which implicated even the inboxes of US Commerce Secretary Gina Raimondo and various State Department officials.

The cyber culprits, a new espionage group tagged as Storm-0558, ingeniously leveraged a Microsoft consumer signing key (MSA key). They cunningly exploited a validation error in Microsoft's code, which let them fabricate tokens. These tokens then acted as a master key, granting them free access to a host of enterprise inboxes.

Microsoft was initially under the impression that an enterprise signing key, used specifically for corporate and enterprise email accounts, was being misused. However, they eventually discovered the perpetrators were misusing the consumer MSA key to forge access tokens for enterprise inboxes. The repeated use of the same key across multiple inboxes allowed Microsoft to spot a pattern and halt all activities connected to this incident.

The affected parties have been duly informed and measures have been taken to strengthen the company's key issuance systems. However, this glaring breach, which started in mid-May and is considered the most substantial incident of unclassified government data compromise since 2020, has inevitably led to a wave of criticism directed at Microsoft.

Despite the US cybersecurity agency CISA reporting single-digit government accounts hacked and some unclassified email data exfiltrated, the US government has not publicly blamed anyone. In response to the widespread speculation, China’s top foreign ministry spokesperson vehemently denied the allegations earlier this week. The dust is yet to settle, and Microsoft continues to face rigorous scrutiny for its oversight in this incident.

"Pokémon Sleep": An Exciting New Spin on Sleep Across the Pond

Unveiling a fresh perspective on sleep, the Pokémon Company has launched its innovative new app, Pokémon Sleep. Now available in both the U.S. and the U.K., this charming app promises to transform your bedtime into an engaging gaming escapade.

Before you drift off to dreamland, simply place your phone next to your pillow and let Pokémon Sleep take charge. Upon waking, you can explore your sleep data in a fun, Pokémon-themed way.

However, Pokémon Sleep is not merely a sleep tracking app. It stands out by integrating the exciting world of Pokémon. As you dive into the game, you'll meet Professor Neroli, a scholar of Pokémon sleep science, who hands you a "sleep device" linking your sleep patterns to those of your virtual Pokémon friends.

The app also provides an incentive for hitting the sack early, rewarding you with in-game benefits. Your journey begins with a trusty, dozing Snorlax that accumulates "drowsy power" with each night's sleep, assisting you in meeting more Pokémon.

The experience can be further amplified by connecting a Pokémon GO Plus device. Doing so rewards you with a Pikachu wearing a sleep cap and a snoozing, cap-wearing Snorlax in Pokémon GO.

Despite Pokémon Sleep's surprising emergence, it has actually been subtly promoted at Pokémon GO Fest events as far back as 2019, where the word "SLEEP" could be spelled out by catching Unown. Whether it's an ingenious marketing ploy to push Pokémon GO Pluses, or an out-of-the-box effort by Pokémon engineers to encourage healthy bedtime habits (particularly among younger fans), Pokémon Sleep offers a whimsical new lens to view and value our sleep routines.

Did you enjoy this article?

If so, feel free to subscribe to our newsletter below to stay updated on all things tech news, marketing updates and more.