On this week’s episode of the Futurum Tech Podcast, I’m joined by my colleague and fellow analyst, Olivier Blanchard. In our Main Dive, we tackled this week’s news of the injunction issued by a judge in the case filed by Amazon protesting the award of the Pentagon’s $10Bn 10-year Department of Defense contract (referred to as the JEDI contract) to Microsoft. In what might be termed a ‘tech nerd alert’, we also covered an update on the FTC case against Qualcomm (in all its ridiculousness), an FBI alert to software providers about dangers from a particular kind of malware, an Ohio man charged with running an illegal operation related to Bitcoin mixing (no, that’s not a dance), bugs in Bluetooth Low Energy (BLE) chips. We covered the FTC’s announcement of an investigation into Big Tech that we’re not quite sure about, and wrapped up with news about a breach of a database exposing millions of images and other information relating to plastic surgery patients. Ouch. Without further ado, here’s a brief recap of the episode.
Our Main Dive
The Department of Defense selected Microsoft as its vendor for its $10 billion dollar, 10-year cloud services contract. Amazon, long considered the front runner for this contract, took issue with the process by which this contract was awarded, including concern about possible interference by the President in the contract award based on his well-known acrimonious relationship with Amazon owner, Jeff Bezos. We take a look at what happened, what we think is ahead, and what matters most here (hint: transparency and fair procedures in any dealings with the government). I covered this in an article just published on the Futurum blog, so if you’d like a deeper look, check it out: Amazon Scores as Judge Blocks Microsoft’s JEDI Cloud Contract Award.
Our Fast Five
We dig into this week’s interesting and noteworthy news:
- Update on the FTC vs. Qualcomm case that’s going before the 9th Circuit Court. Olivier brought us up to speed on the ongoing saga of the FTC going after Qualcomm’s business model and as a follow up to Judge Lucy Koh’s decision in 2019 and her attempt to essentially rewrite intellectual property law. Argued yesterday, it seemed, based on watching the proceedings live online, that Qualcomm’s argument is still the strong one, and that the FTC still has failed to prove that any anti-competitive behavior happened. In addition, Olivier minced no words about the fact that the FTC’s legal theory is muddled and self-contradictory.
Olivier also noted that that the Department of Justice also appeared, on its own behalf as well on behalf of the Departments of Defense and Energy. This is relevant as there is a national security component to this case and if Qualcomm is deemed harmed by Judge Koh’s decision, it would require Qualcomm to change both its business and its technology licensing models and could potentially be hindered in its ability to compete effectively against Huawei. Suffice it to say there are big national security interests at play here and look for a more in-depth piece on this from Olivier in the next day or so.
- FBI warns software providers about hacking. I was interested in the fact that the FBI sent a security alert to the US private sector about an ongoing hacking campaign that appears to be targeting supply chain software providers. The goal seems to be to infect companies with the Kwampirs malware, which is a remote access trojan (RAT). The FBI’s notification on this, sent out last week, specifically said:
“Software supply chain companies are believed to be targeted in order to gain access to the victim’s strategic partners and/or customers, including entitles supporting Industrial Control Systems (ICS) for global energy generation, transmission, and distribution.”
This malware was first mentioned in a 2018 report published by Symantec, a US cybersecurity firm that was acquired by semiconductor manufacturer Broadcom in late 2019 for $10.7 billion. Symantec initially identified a hacker group named Orangeworm had used tis malware to target supply chain companies that provide software for the healthcare sector. Orangeworm has been in operation since 2015, mostly targeting the healthcare industry, but also targeting secondary markets like Manufacturing, Information Technology, Agriculture, and Logistics.
New attacks seem to be targeting industrial control systems and the FBI has identified similarities between this malware and a separate malware developed by an Iranian group. Based on what we have going on (in the US today that is) with Iran, this wouldn’t be surprising.
- Ohio man arrest for running Bitcoin mixing service that laundered $300 million. In what is the first case the DOJ has brought against a Bitcoin mixer, charges have been brought against an Akron, Ohio based man. A mixer-service is an operation on the dark web that helps criminals disguise the origin of Bitcoin transactions. The story is an interesting one, and while it’s not the first, it also surely won’t be the last in which we see criminals trying to use Bitcoin to do dirty deeds.
- Bugs in Bluetooth low energy chips might just be somewhere near you. Researchers from Singapore recently published a paper outlining security holes they discovered in Bluetooth chips from a variety of vendors (called SweynTooth). The team disclosed the discovery to the vendors fairly quickly back in 2019 and waited 90 days (for fixes to be made) before publishing their paper.
What now? It’s both good news and bad news. The good news is that we know there’s a vulnerability and chipmakers have the ability to find and fix these issues to minimize impact.
The bad news? We don’t know for sure what products in the market use these chips, which ones could have been patched and have received necessary updates, and which might be affected by this issue, but which cannot be patched. The researchers have published a list (that is linked here) of the Bluetooth chip manufacturers who they’ve identified as having buggy chips, but also make it clear their list is not exhaustive.
Other sort of good news? In the big scheme of things, these low energy chip problems aren’t huge, and all of them require a hacker to be within Bluetooth Low Energy (BLE) Range.
That said, the below image is a sampling from the research report of the kind of devices that could be impacted by this vulnerability. And when you think about how many of these seemingly innocuous devices are on our wrists or in our homes, and extrapolate that out — well, it gets a little more worrisome.
- Big Tech braces for sprawling FTC acquisitions review. The FTC announced on Tuesday that it will review the past decade of takeovers by tech giants Alphabet, Amazon, Apple, Facebook, and Microsoft. What does this mean? Does the FTC just want to keep its people busy, or is there a real need to investigate acquisitions by Big Tech with a view toward how they may, or may not, be restricting competition? We have some thoughts on this one, but you’ll have to listen to hear them.
Plastic surgery images and invoices leak from unsecured database. French company NextMotion provides a surgery software solution to physicians. Thousands of patient images, videos, and recordings relating to plastic surgery patients were left on an unsecured database where they could be viewed by anyone with the right IP address. This date included some 900,000 records belonging to thousands of different patients.
Crystal Ball: Future-um Predictions and Guesses
We circle back and talk about the situation between Amazon, the US Government and how it relates to the award of the DoD JEDI contract. What should we expect from it?
Shelly Kramer: Hello and welcome to this week’s episode of the Futurum Tech podcast. I’m your host, Shelly Kramer, and I’m joined today by my fellow analyst, Olivier Blanchard. Hello, Olivier.
Olivier Blanchard: Hey.
Shelly Kramer: Great to have you. It’s just the two of us today, so you get the A team, for those of you who are listening, and who are regular listeners. And said without any bias, of course, and before we get started, I do want to take a minute and provide a disclaimer.
In the course of this podcast, we might talk about publicly traded companies. We might mention opinions about the meaning of earnings reports, or we might make predictions, or anything like that, and please know that this show is intended for entertainment purposes, and for informational purposes only. Please don’t take our opinions to the bank. Please don’t take stock recommendations, because that is not how this show is intended.
So now that that business is out of the way, we are going to talk today about the latest news with regard to the Department of Defense’s $10 billion, 10-year JEDI Cloud services contract. That contract has been the subject of much attention, discussion, debate, acrimony, frustration.
And what happened yesterday that was in the news is that Amazon, the contract was awarded to, ultimately awarded to Microsoft, which was a surprise in the industry to a lot of people, who assumed that Amazon was going to get that contract. The contract was awarded to Microsoft and not long after the award was announced, Amazon was frustrated and angry. And there’s always been talk about the fact that about the supposition that perhaps because the current President of the United States is not really a fan of Amazon’s owner, Jeff Bezos, that that played a role in the discussion, or the decision relating to this contract award.
So Amazon filed a lawsuit. And what happened yesterday that was so interesting, is that the judge in the case issued a temporary sealed injunction blocking any forward movement on this contract that was originally awarded to Microsoft. And so, Amazon has requested the ability to interview, to depose, rather, the President and other members of the team who were involved in making this decision. So it’s really big news in the tech world today. And Olivier, you and I haven’t really talked about this.
I wrote about this yesterday, and my thoughts on this have always been pretty clear. I have always come down on the side, that I have two very strong feelings. One is Amazon has always probably been the front runner for a reason, but I’ve also always felt that Microsoft was perfectly capable of taking on this contract of delivering what that company has done in terms of market share, in the Cloud space, is nothing short of amazing. And Microsoft has gotten the security clearances that are needed.
And so, I’ve always believed that Microsoft is not only 100% perfectly capable of providing these services, but I always felt that Microsoft is going to get the nod. And I felt that way because it was always so clear how much the President hated Jeff Bezos and Amazon. And so, and I’m also not surprised that Amazon has fought this, so I’m interested, what do you think about this, Olivier?
Olivier Blanchard: Well, okay, so let me preface my answer with a little disclaimer that I, although, in my personal life I’m fairly political, as I think everyone has a right to be and maybe should be, because these discussions matter, and they’re good subjects of debate. But when it comes to this podcast specifically, I am tend to be apolitical, and I want to be objective about the way that I look at things. So anything that I say in the next few minutes is not partisan. It’s not Republican versus Democrat, it has nothing to do with that.
Shelly Kramer: Well, and you know what? That’s a great, I want to interject as well. I’m as passionate about politics as you are. And so, that’s a really good point. My thoughts on this mirror yours, this is not politics. This is being objective and knowledgeable about the technology space, so thank you for saying that. And 100%, I’m on the same page as you.
Olivier Blanchard: Right, perfect. Okay, so now that I’ve said that, and this could happen with any, an administration from any political ill. It could be left, it could be right, it could be centered, it doesn’t matter. My issue with this is, well, two points. I have one issue with it, but I want to make another point first, and it’s that I don’t have a dog in this fight.
I think that Microsoft and Amazon are both very capable of handling this contract, and I’m happy for Microsoft. If Microsoft ends up with the contracts at the end of the day, I’m happy if Amazon gets the contract as well. I’m happy if they both get portions of the contract, and just share it between themselves. I think we’re well served by both companies and so I don’t have an issue with that. My issue here is with procedure, and with the way that the contract was awarded in the first place, and especially the appearance of conflicts of interest, or impropriety.
So it’s very important for a free markets, for democracy, for a republic like the United States to have trust in a system that rewards companies on merits. And especially with something like this, that deals with national security, it’s even more important that the government pick the best possible company, or valid and objective pragmatic reasons for doing so.
And it’s problematic when we have an administration, and it’s not just a Trump thing, it could be anybody, but any administration that starts to put its finger on the scales and starts picking winners and losers, not based again, on merits and on competition, but on personal preference or animosity towards one company, or an individual who may be linked to a company. And in this case, there, an argument could be made that the feud between President Trump and Jeff Bezos may have been a factor in this decision. And we can’t have that in an economy like the United States and a governmental system like the United States.
Because once that happens, and once we lose trust in the free markets, then we don’t really have a free market anymore. We have this kind of system of, corrupt oligarchy, or we start to believe that maybe that’s how it is, and allies of the administration get the contracts and enemies are critics of the administration don’t. And so, it’s dangerous, not just because of this particular contract, and Amazon versus Microsoft. It’s dangerous because of the signal it sends to other companies down the road. And it’s also dangerous for investors.
It’s dangerous for companies that are very reliant on investments for R&D, for intellectual property. And it creates an uncertainty that didn’t exist before, in the market. And I find that very dangerous. And so, I think that this injunction is important, because it forces us to stop, slow down and actually have this discussion in court, so that we can maybe avoid these types of disappearance of conflicts of interest later.
Shelly Kramer: I agree. And no, I do. I do.
Olivier Blanchard: Yeah. No, I mean-
Shelly Kramer: What I struggle with is, and I am the most perennially optimistic person, I know, I’m always looking for the good. I’m trying to look for the good. My problem with this, and I do believe that there are probably a whole lot of people who would say, that regardless of what administration we’re talking about, there’s favoritism, there are contracts awarded, there are all kinds of things that happen that other people don’t agree with. I think that’s probably fair to say.
I think that where I land on this right now, and my personal moment of despair is that I feel like, and again, I’m trying very, very hard not to be political, I feel like both of these companies are imminently qualified. I feel like some of the other people who were originally vying for this business or for a piece of this business were infinitely less qualified.
They would probably disagree. And I do think that there’s value in keeping this particular Cloud services contract with one vendor. That said, could it be handled handled by multiple vendors? Probably so, but I’d find it very difficult to be confident, then, in our current political climate, that what we are going to have is depositions that are taken, and truthful things that are said. And I think it’s very difficult.
Because you know what? We’re looking, we’re kind of living in a time where people say, whatever’s convenient for them to say at that particular moment. And you can believe it or you can not believe in it, it doesn’t really matter, and people don’t really seem to care all that much. A lot of people don’t seem to, you know what I’m saying?
So I do feel like in my own personal moment of despair, I feel like I want to say, “Absolutely, I agree 100% with everything you said,” and processes should be fair, and honorable and transparent and respected and all of that. And everything that you said is 100% accurate. I just feel like in today’s world that we’re living in, I’m not so sure that I, the perennial optimist, am confident that that will happen.
And really that’s, why I wrote in my post, I really feel like, I totally admire Amazon for stepping up and for saying, “Hey, this is BS, and we don’t feel like this was fair.” For them to not have done anything really doesn’t make any sense, right? And if anybody can afford to spend money on this, fighting this fight, it’s Amazon. And fighting for the right thing in this particular instance, I think that’s a good thing.
But what I find myself, my internal skeptic and realist, where I end up here is that this probably isn’t going to change. And maybe not. I mean, I just don’t know.
Olivier Blanchard: Right. Well, it’s, yeah, I’m a firm believer in process and norms and transparency, right? I think we all are. And so I think that the litmus, well, not the litmus test, but the way that we get out of this, and we can have political partisanship, and we can bicker and argue and retreat into our partisan corners, but at the end of the day, I think that what saves us are the institutions , that exist for a reason. The kind of, I guess goodwill and professionalism, and ethical framework, that hopefully guides us, and guides different industries, and those institutions.
And so, there are always going to be forces, whether they’re in the private sector, or around the government, that are going to lean towards self-serving behaviors and corruption. And so I’m not idealistic enough to, or naive enough to think that corruption and influence don’t inject themselves into these types of contract negotiations, into these discussions.
There’s always an ulterior motive. A company wanting to move to a different, a specific state, or playing three states against each other to get tax breaks, because it’s, the real value there is the creation of, 10-15,000 jobs for that state. There’s always some, “You scratch my back, I scratch yours.”
But in this particular case, because the appearance of a conflict of interest and the appearance of undue influence by this President was so conspicuous, and egregious, and persistent, on Twitter, specifically, it’s difficult for a court, and it’s difficult for a company like Amazon, which in this case, feels like it’s the aggrieved party, not to take action. And I guess the good part about this is that the government will get a chance to present its case, and show the process by which it arrived at this decision.
And so, if Amazon cannot prove that it was discriminated against by the President, then we’re good. Even though we may have the impression that it was, and the impression was certainly given. It’s a good thing, that we have the courts, so that these arguments can be made and that evidence can be presented. And so long as trials and court arguments and procedures allow for witnesses, and allow for evidence to be presented, then I think we’ll be good. It starts to get worrisome when that no longer happens, for some reason, and we’re not there.
Shelly Kramer: And we’ll tell that to the four prosecutors who just quit their jobs this week.
Olivier Blanchard: Right. Well, no, yeah, sure.
Shelly Kramer: No, wait. Anyway, no, no, yeah. So I, I’m just jacking with you, we’re not going to go down that path. I’m just saying that I-
Olivier Blanchard: No, we’re not going to go down with that.
Shelly Kramer: You know what? I too, fervently believe in our system, and the way it’s set up, and for a reason, and all of that thing. So I’m not going to lose hope that this will, the right things will happen. But I do think, that, as I said, the skeptic in me does struggle a little bit. So with that, we are going to move on, and talk about an equally acrimonious case and situation that involves Qualcomm.
Olivier Blanchard: Yes, so, the first of two fast fives that referred to the FTC. So I guess we’re getting really nerdy and wonky today with policy discussions, moreso than tech, but this affects technology. Because, if you followed both the podcast and our Insights blog, we’ve talked and written extensively about this, this case with the FTC going after Qualcomm’s business model, over the last few years.
And as you may recall, the case was over, for at least the first part of it. Judge Koh, in California, issued a ruling against Qualcomm, which was very controversial, is one way to put it, and went out way over the line of normal legal jurisprudence and IP law, and attempted to kind of reframe intellectual property law, and technology licensing, completely just out of the blue.
So, of course Qualcomm, appealed and the case was just argued yesterday before the Ninth Circuit panel of three judges, and both sides, the FTC and Qualcomm, had 25 minutes to present their case. The Department of Justice also joined Qualcomm for a few minutes in their arguments against the FTC’s case. And so now, we wait, we wait for a decision.
But I just wanted to touch on a couple of points, one, that this happened. So this is an update on an ongoing saga, and two, it seemed to me, just watching the proceedings live on my computer, that Qualcomm’s argument is still the strong one. The FTC still has failed to prove that any anti-competitive behavior happened. The FTC’s legal theory is muddled and self-contradictory, even though their attorney, the FTC’s attorney was fantastic. I would hire the guy in a skinny minute. He was amazing, but his argument is garbage.
And there are three points here. One is that you FTC is trying to allege that companies like Intel and Mediatech were not able to enter the premium cellular modem markets, because Qualcomm was somehow preventing them to do so by charging licensing prices that were a little bit higher than, I suppose the FTC feels was adequate, even though those were standard prices, and agreed to in contracts, and perfectly FRANZ friendly.
So again, it’s just odd to me that the FTC continues to argue this case. And I feel, having listened to this, that the Ninth Circuit Court will probably rule in Qualcomm’s favor, and at the very least mute Judge Koh’s initial ruling, and probably throw most of it out outright.
One other note is the Department of Justice is there on its own behalf, but also on behalf of the Department of Defense, and I think, the Department of Energy, as well. And the reason being that there’s a national security component to this, and the basic legal theory is that if Qualcomm is harmed by Judge Koh’s decision. So if judge Koh’s decision stands, which would require Qualcomm to change their business model, and their technology licensing model, Qualcomm would be harmed financially, and its ability to compete against companies like Huawei would be minimized.
And there are compelling national security interests involved here. And the Department of Justice’s argument is that not only is the case meritless on its face, but Judge Koh failed to adequately consider the national security implications of her decision before making it. And I think, if nothing else, that procedural arguments, I think, to me, holds a lot of water, and it’s something, one of the many things that Judge Koh completely missed, when she ruled in this case.
But we are posting a review of the arguments, and my first impressions of them on the Insights blog. So follow the show notes for a link to that.
Shelly Kramer: Well, it is interesting, that’s for sure. I couldn’t, watching this plan-
Olivier Blanchard: It’s simpler, yeah. It’s simpler when you read it, yeah.
Shelly Kramer: Yeah.
Olivier Blanchard: It’s hard to kind of encapsulate the whole thing in just, two minutes.
Shelly Kramer: There’s a lot of moving pieces. So I’m going to talk about, and a warning from the FBI, directed to software providers about hacking. This news always gets my attention. And so what happened is that the FBI sent a security alert to the US private sector about an ongoing hacking campaign.
It appears to be targeting supply chain software providers, which is kind of a big deal. And the goal seems to be to try and infect companies with a type of malware called Kwampirs, and it’s what’s called a remote access Trojan.
And what the FBI said in its notification was the following: “Software supply chain companies are believed to be targeted, in order to gain access to the victims’ strategic partners and/or customers, including entities supporting industrial control systems for global energy generation, transmission and distribution.” Hmm. Okay. Well, let’s step back and think of it, just look at this a little bit more, but that is a big deal. The malware was first mentioned by Symantec, in a report they published in 2018.
Symantec’s a US cybersecurity company that was acquired by semiconductor manufacturer Broadcom, in late 2019, for a little over $10 billion. So Symantec identified a hacker group that was named Orangeworm, that had used this malware to target supply chain companies that provide healthcare software, rather, for the healthcare sector.
Healthcare is a huge target of hackers, in general, and largely because there’s so much personally identifiable information that’s able to be accessed when you target in the healthcare sector. But anyway, so, Orangeworm has been in operation since 2015. It’s mostly targeted the healthcare industry, but they’ve secondarily targeted markets like manufacturing, information technology, ag, and logistics. These new attacks are alarming, because, and again, we warned you that this was like the super nerdy version of this podcast today, but these new attacks are particularly alarming, because they seem to be targeting industrial control systems.
And what the FBI has identified here is similarities between this malware and a separate kind of malware that was developed by, here’s the money line, by an Iranian group. Okay? So we’re not friends with Iran right now. At least some of us aren’t friends with Iran right now, so-
Olivier Blanchard: Or generally.
Shelly Kramer: Or generally, right. And by the way, the minute we had escalation of tensions with Iran in the last couple of months, one of the biggest things on the cybersecurity front, has been, this is where we are vulnerable.
Because the Iranians are really known for their expertise, when it comes to cybersecurity, and all of the things that go along with that. So that got my attention.
I thought it was particularly interesting, and definitely something, when the FBI issues a warning like that, hoping that, and this is where it gets tricky. Because you see this news and you have to step back and go, “They’re targeting these software companies who are vendor partners, just somewhere in the supply chain.” And all it takes is just one little tiny link, one little tiny break, in somebody’s, in one of these software providers’ systems, that allows this malware to get in. And then, we have a problem, and really, in a very big place down the line.
So that’s really why this got my attention, and I thought it was something worth talking about. So with that, we’re going to talk about some other dirty deeds done dirt cheap, or something like that. And now, now you’re welcome, for that song in your mind. And you’re going to talk about something going on with Bitcoin.
Olivier Blanchard: Bitcoin, yes. So this is the law and order portion of our podcast. So this, this individual, 36-year-old man from Akron, Ohio, Larry Harmon, stands accused, apparently, of operating a Bitcoin kind of, it’s called Bitcoin mixing, which is-
Shelly Kramer: I thought that was a dance.
Olivier Blanchard: Yeah, it should be-
Shelly Kramer: Let’s go and have a Bitcoin mixer.
Olivier Blanchard: The Bitcoin mix should, 100%, be a dance. And I think I know what it would look like. But essentially, so his “company,” Helix, was operating as a Bitcoin mixer. What it does is it takes funds from different users, and then splits that amounts into a million, billion, small parts. And then it uses a bunch of micro transactions to reassemble everything. And so, it’s a way of not really, money laundering, but muddying the waters, when it comes to where Bitcoin comes from, and where it goes. And essentially, the government’s assertion in this case is that, and I quote, “The sole purpose of Harmon’s operation was to conceal criminal transactions from law enforcement on the darknet.”
And so yeah, Bitcoin was a, is… We’ve always pointed to the fact that Bitcoin is ideally placed to be used for money laundering and all sorts of elicits activity. And in this case, this guy is alleged to have laundered as much as $300 million using this scheme.
So number one, it’s good that the authorities are paying attention to this, and are able to catch it. And then, number two, if you’re engaged in this type of activity, because you’re very tech savvy, now would be a good time to stop.
Shelly Kramer: Now would be a good time to stop.
Olivier Blanchard: Yeah. Or yesterday might have been a good type to stop.
Shelly Kramer: Yeah.
Olivier Blanchard: Six months ago.
Shelly Kramer: Yeah. And you know what? This was not done dirt cheap. 300 million, that’s a lot.
Olivier Blanchard: It’s decent.
Shelly Kramer: A lot of money, yeah, it’s decent.
Olivier Blanchard: It’s decent, yeah. And you know, if this guy got caught, other people are doing it too. It’s-
Shelly Kramer: Yeah. So just don’t do bad stuff.
Olivier Blanchard: Don’t do bad stuff. That’s right.
Shelly Kramer: Take it from us, don’t do bad stuff, and then you won’t get caught. I don’t think really the world works that way, Olivier, I don’t think that-
Olivier Blanchard: Risk versus reward, right?
Shelly Kramer: Yeah. You know, the way I always operate, is that when I show up for jury duty, I look around and I think, “This is a real mix of humanity.” And I’m certainly not better than anybody else or anything else, but I, it scares me enough to have a room full of people perhaps, sending, deciding to send me to jail, that I, yeah, I try not to do anything illegal.
Olivier Blanchard: Yeah. Well, for me, it’s simple, because I’m not clever enough, so-
Shelly Kramer: That’s true.
Olivier Blanchard: Yeah. It’s like, I’m not even tempted.
Shelly Kramer: But you’re handsome, so you had to, like, what am I going to do? And you know what? That’s ridiculous, because you’re very clever. So I can’t say that, I only said that, yeah, I’m kidding.
Olivier Blanchard: Not criminally clever.
Shelly Kramer: I don’t want to be criminally clever.
Olivier Blanchard: And I don’t want to go to prison.
Shelly Kramer: I just don’t operate that way. And how do my kids go to school and say, “Oh yeah, mom’s in the federal prison”? I just don’t want to go there. So, speaking of bugs in prison, no, speaking of, a weird technology thing, and being on the total nerdy front, I wanted to talk about bugs in Bluetooth, low energy chips. And you know, you may think, “What does this matter to me?”
But the reality of it is, it could matter to you, because here’s the thing. Some researchers from Singapore published a paper recently, and they identified some security holes that they found in Bluetooth chips from a variety of vendors. We pay a lot of attention to chip makers around here. And so, that got my attention. And so, what the team did here, they were actually pretty cool.
They disclosed the discovery to the vendors that they were able to find pretty quickly, back in 2019, and then 90 days later, they gave these vendors time to sort of fix the problem. And then they published a paper on that.
So there’s good news and bad news here. The good news, or rather, the bad news, I always like to start with the bad news, is that they don’t know for sure what products in the market use the chips that have been identified as problematic. And by the way, there could be more chips, and they haven’t identified them all. So I’m going to include a link to their report in the show notes, so that you can have this and take a look at it, if you’re in the chip business, or using chips in your products. So they don’t know what products in the market use chips that could be problematic.
They also don’t know which chips could have been patched in that window, from when they might have read the report, and gotten notice. And so they don’t know who has actually taken time to patch those things. We don’t know how many other devices that use these chips, that might be affected, but which cannot be patched. Okay? So some things can’t be patched. That’s problem. So they’ve published a list of these Bluetooth manufacturers they’ve identified as having these buggy chips.
Again, they make it very clear, their list is not exhaustive. But, and the other thing is, is these are low energy chips.
All of them require a hacker to be within range. But here’s the thing, Fitbits could be affected, little plugs that are called Eve Energy plugs that are smart plugs, key fobs that you use to unlock your car.
So when you hear this and you go, “Oh, I don’t need to pay attention to this, this is so not affecting me,” well, the reality of it is, it actually could affect you. Because some of these devices are ordinary, average devices, smart locks, other kind of tags, that you use to help you find things that you’ve lost that could be vulnerable, that could actually give a hacker entree into your life, and in a way that you wouldn’t want it. So anyway, I thought it was interesting.
Olivier Blanchard: Yes, blue Bluetooth is actually a broad vulnerability, with a lot of devices, more so than anything else. So you think that Wi-Fi networks are vulnerable, but actually, your Bluetooth connection is much more so.
Shelly Kramer: So with that, we’re going to speed onto the last item in our fast five coverage, and we’re going to talk about a big topic. And that is, Big Tech bracing for some scrutiny by the FTC.
Olivier Blanchard: Yeah, so the FTC is at it again. I’m not really sure what’s going on with the FTC right now, but the FTC has decided to go on another fishing expedition, for some strange reason. And it’s announced that it’s going to do a full review of all acquisitions, all of them, by major technology companies, specifically, Alphabet, Apple, Amazon, Facebook, and Microsoft, going back to the ’80s. So we’re talking about nearly a thousand different acquisitions.
I guess the FTC’s looking for more antitrust behavior, but acquiring companies is not in and of itself antitrust at all. It, again, doesn’t meet the threshold. So, when I’m looking at these two cases, the case against Qualcomm, which is, has been absurd and is generally accepted as being ill-advised, and poorly thought out, and having nothing to do with antitrust, and being unable to show antitrust behavior. And now, this gigantic fishing expedition, and going after all of these tech companies, it just seems like the FTC may be-
Shelly Kramer: Trying to stay busy?
Olivier Blanchard: Trying to stay busy, trying to stay relevant. And I find that unfortunate, because I think that there are, many, probably legitimate cases of antitrust, that the FTC could be looking at.
But obviously here, it’s trying to cast as big a net as possible, and get a lot of press as opposed to maybe serving the, the interests of people. So we’ll see what happens. I wouldn’t worry about it too much, but it’s, what it’s going to do, is it’s going to fall force these tech companies to hire a lot of lawyers, and submit a lot of paperwork, just so they, the FTC can come across as doing something. I’m not really sure.
Shelly Kramer: You know what I read about this, that particularly interested me, was the complaint, in the mind of the FTC, that in many instances, what these large technology companies did, was buy a competitor simply to shut them down, so that they wouldn’t have competition.
And, while I suppose, that we have seen that happen in some instances, but I think a lot of times, what they do is, Hoover up the technology, and the talent, integrate the talent into their teams, and then develop another product, or a better iteration of their product. That doesn’t mean that they sometimes maybe don’t buy things to shut them down. But again, I just thought that was-
Olivier Blanchard: Right, but the thing is that… And that’s a fair point. The thing is, is it’s, that’s just capitalism. It’s not antitrust. And so, even when they do so, in those instances, someone can file a complaint in that particular instance. You don’t go on a giant fishing expedition of, “Give us all your papers, and then we’ll see if we can find something in there, or if we can discover a pattern.”
Generally, a complaint is filed, the FTC looks at it, considers it, and if it appears to have some validity, then it can decide to bring a case. Here, this is a wholesale, just, giant nets being cast at all of these target companies, to see if maybe they’ll find some irregularities. And I find that particular mode of action antithetical to the charter of the FTC, or its purpose.
Shelly Kramer: I agree. All right. With that, we are going to move on to the almost final section of our show, and that is the tech bytes section of our show. And that’s where we share with you something that we discovered, that really is just an example of tech kind of biting. So Olivier, this was your final, I’ll let you tell about it.
Olivier Blanchard: Oh, right. Well, so that’s just another kind of data breach. So essentially, what happened is, thousands of images and videos, and also, records of plastic surgery patients, were left on apparently an unsecured database. This includes something like 900,000 records. And all you had to do to access these records was have the right IP address. And so, it’s not just a US problem.
Some of that data came from all around the world, and the company that was kind of in charge of, I think, managing this is a company named NextMotion. And it’s French, so-
Shelly Kramer: French company, I blame you.
Olivier Blanchard: Yes, yeah, we would call it, “NextMotion,” I guess? And so, and it was a lot of before and after photos of patients. So it’s a little bit embarrassing. And obviously, I think that, when we talk about data privacy, anything that deals with healthcare, and pictures that leave you vulnerable.
So, before and after pictures, where you’re partially dressed, or completely undressed, there is an expectation of, not only privacy, but added protection by the companies that manage these images, these videos and this data. And obviously, in this case it appears that the company was negligent in its efforts to keep that data secure.
Shelly Kramer: Having a security first mindset strategy, and really, culture, is very, very difficult. And unfortunately companies learn to do that, often, after the fact. And really, the only people who pay the price are you and me, and your plastic surgery photos, that I’m… I’m sorry. I know it’s embarrassing, and so, it’s too bad. All right.
Olivier Blanchard: Just another giant data breach. It must be a day that ends with the letter Y.
Shelly Kramer: Exactly. Okay. So with that, that wraps up our show, except for the fact that we’re going to circle back with our crystal ball prediction, and this prediction will relate to, what do you think’s going to happen Olivier, with regard to the situation between the Microsoft and Amazon, and the award of the JEDI Cloud contract. What do you think’s going to happen?
Olivier Blanchard: Well, one of two things. If the current administration gets a second term, nothing will happen. And I think that Microsoft will still be awarded the contract after awhile. And my only question there, is how much Amazon be not fined, but charged for bringing the lawsuit. ‘.
Because I don’t know if we mentioned this earlier, I’ve missed it if we did, but one of the conditions of this stay currently, of this injunction, is that Amazon has agreed to pay for, I guess, expenses, legal expenses, if they lose, or if the case appears to have no merit.
So Amazon has some money on the line there aside from from the contract. So I think that it’s just going to be a procedural kind of hurdle. But then in the end, Microsoft will win.
If, however, the administration is replaced by a Democratic administration next year, I assume that the case will still be live, and still be active. And then, I think, a review of the decision making process may be a little bit more extensive.
And what could happen conceivably is that the award gets scratched, and the companies are invited to bid again, with more transparency this time. So I think it really does kind of hands on how the election goes at the end of this year.
Shelly Kramer: I’m not sure what my prediction is. I think that, I don’t want to say out loud, some parts of it, I feel like I’m just going to go ahead and say that this is going to remain with Microsoft. And that doesn’t mean that Amazon doesn’t have a case. It doesn’t mean that I don’t believe that there were procedural issues.
I think the biggest challenge in this case is, how quickly can this be wrapped up? Because we are in an election year, and it’s not that many months away, but I do think that it would be in the best interests of the government, as a whole, to wrap this up and make this decision to move forward. So I’m going to say that I think it’s going to stay with Microsoft.
I would love to be proven wrong, and I would love to have a do over, like you say, and more transparency, and into the process and everything. So either way, I win, either way, so-
Olivier Blanchard: Right. Well, either way, we all win, because-
Shelly Kramer: Either way, yeah, that’s true.
Olivier Blanchard: Yes.
Shelly Kramer: That’s true. Either way, we all win, because either of those companies would be terrific at this. And the reality of this too is, $10 billion over the course of 10 years is not a real lot of money, to either one of these companies. It’s not like, either this is going to make or break them.
Olivier Blanchard: It’s bragging rights. It’s not really-
Shelly Kramer: So I think we lose, yeah, I think we lose focus on that, as we talk about this.
Olivier Blanchard: No, honestly, Amazon might not really want this contract in the end, right? It might be a blessing in disguise. They can focus on the other things.
Shelly Kramer: That are exponentially more lucrative. All right, so with that, we’re going to wrap up our show. Thank you for joining us today.
Thank you, Olivier, as always for sharing your gray matter, and your cleverness, and I appreciate that. We all appreciate that. And with that, we’re going to say, see you next time.
There will be plenty of more tech topics and tech conversations, right here on the Futurum Tech Podcast, FTP. Hit that subscribe button, join us, become part of our community. We would love to hear from you.
Disclaimer: The Futurum Tech Podcast is for information and entertainment purposes only. Over the course of this podcast, we may talk about companies that are publicly traded and we may even reference that fact and their equity share price, but please do not take anything that we say as a recommendation about what you should do with your investment dollars. We are not investment advisors and we do not ask that you treat us as such.
Image Credit: Federal News Network
Shelly Kramer is a Principal Analyst and Founding Partner at Futurum Research. A serial entrepreneur with a technology centric focus, she has worked alongside some of the world’s largest brands to embrace disruption and spur innovation, understand and address the realities of the connected customer, and help navigate the process of digital transformation. She brings 20 years' experience as a brand strategist to her work at Futurum, and has deep experience helping global companies with marketing challenges, GTM strategies, messaging development, and driving strategy and digital transformation for B2B brands across multiple verticals. Shelly's coverage areas include Collaboration/CX/SaaS, platforms, ESG, and Cybersecurity, as well as topics and trends related to the Future of Work, the transformation of the workplace and how people and technology are driving that transformation. A transplanted New Yorker, she has learned to love life in the Midwest, and has firsthand experience that some of the most innovative minds and most successful companies in the world also happen to live in “flyover country.”