Weekly Digital News Roundup: Feb 11 – Feb 16
Zenefits Scandal Highlights Perils of Hyper growth at Start-Up
- According to The New York Times, Zenefits, the three-year-old company that makes software for small businesses, announced last week an escalating series of errors and investigations that will most likely go down as a defining scandal of the latest tech boom. Zenefits may be among the first of several cautionary tales to highlight a sobering lesson: For a start-up, growing too quickly can produce just as spectacular a failure as growing too slowly.
- The start-up raised $500 million last year at a $4 billion valuation, one of the largest financing rounds in a year of mega-fundings. At one point, Andreessen Horowitz, Silicon Valley’s pre-eminent venture firm, had invested more in Zenefits than in any other company. In total, Zenefits has raised about $581 million. Then, last week, Zenefits announced that Parker Conrad, its co-founder and chief executive, had resigned.
- Insurance regulators in California and Washington State have been investigating the company. According to people with knowledge of the investigation, at the root of the California inquiry is software that Mr. Conrad created to let Zenefits’ employees cheat on the state’s online broker license course. It was the discovery of this software that led to Mr. Conrad’s departure.
The FBI wants Apple to create an iPhone backdoor: Here’s how it’s possible
- According to Mashable, a federal court judge has ordered Apple to assist the FBI with unlocking an iPhone used by one of the attackers responsible for the December mass shooting in San Bernardino, California. Apple, for its part, is fighting the court order, arguing that the FBI is asking it “to build a backdoor to the iPhone.”
- As with virtually all practical technical questions, both the hardware and software matter. In this case we’re talking about an iPhone 5C and iOS 9. iOS security features prevent someone from accessing an iPhone if an incorrect passcode is input 10 times in a row. By default, the phone will lock the phone for a specific amount of time before it will accept passcodes again, but if the owner has enables the auto-wipe feature, the phone will wipe itself of all the data on the phone. From the government’s perspective, the only way to unlock this iPhone without the passcode is for Apple to craft special software that will make a brute-force hack possible without fear of a security wipe, without delays, and allowing an input mechanism other than physically tapping in combinations.
- So — can Apple do it? According to Jonathan Zdziarski, a forensics expert who literally wrote the bookon iPhone forensics, yes, this is absolutely possible. He says, “Apple can, on a technical level, comply with the court’s order to brute force the PIN on an iPhone 5C.” It’s important to note that this particular vector — or backdoor — would likely only apply to the iPhone 5C and below. That’s because the iPhone 5S and higher come equipped with Touch ID. The official word from the FBI and the court is that this is a request specific to this phone and this circumstance. That’s partially because the custom firmware Apple is being asked to create could only work with the software keys on this particular iPhone 5C.
LA Hospital Servers Shut Down By Ransomware
- According to TechCrunch, in what should be the best recommendation for backups ever in the history of computing a Los Angeles hospital has been struck by ransomware and cannot access patient records, x-rays, and other important data. Hackers are using the ransomware, which encrypts all the files on a network, to hold all of the hospital data hostage and they are asking for about $3.6 million in bitcoin to release the data.
- The Hollywood Presbyterian Medical Center is currently unable to manage patients according to a report by a local Fox affiliate. The hospital president and CEO Allen Stefanek said that the attack was random and that staff is currently making notes and writing down records by hand.
- Ransomware is, in short, one of the easiest hacks to avoid. A solid backup, even one made a few days before the ransom software is run, is one way to prevent things like this before they start. However, it’s clear that security tactics at Hollywood Presbyterian weren’t quite up to snuff if the problem is still happening. Given the importance of medical data, however, here’s hoping the hospital has a way to decrypt or save the data before the arbitrary and malicious malware blows up. Because ransomware usually hits smaller machines, this catch is probably quite exciting for the hackers and akin to putting out a line for a few carp and instead catching a whale.