North Korea created WannaCry virus

In May, which feels like last year already, a virus spread across the world at the fastest rate we'd ever seen. Called WannaCry, the attack installed itself using an exploit discovered and leaked by the NSA, then encrypted the user's system and demanded Bitcoin to get it back.

Everyone from enormous enterprises, like FedEx, the UK's NHS, Deutsche Bahn, to  consumers were affected. To unlock, it costed about $300 — $600 in Bitcoin, and more than 300,000 machines ended up infected in just 24 hours.

It was unclear who was behind the attack until today: North Korea. According to an op-ed from the US government's lawyer in The Wall Street Journal (paywall), there's no doubt the country created the virus:

The attack spread indiscriminately across the world in May. It encrypted and rendered useless hundreds of thousands of computers in hospitals, schools, businesses and homes. While victims received ransom demands, paying did not unlock their computers. It was cowardly, costly and careless. The attack was widespread and cost billions, and North Korea is directly responsible.

It's a huge revelation for a number of reasons: North Korea might be geographically shoeboxed into its country, with its citizens having limited access to outside internet, but with the devastating scale of this attack it's now a rising cyber-superpower.

North Korean hackers were also responsible for the devastating Sony hack, which saw the company's internal emails spill onto the internet, and dozens of unreleased movies leak.

It appears their attacking skills are getting better, faster, than their adversaries. As many Western countries are struggling to modernize aging infrastructure, it provides more opportunities and attack vectors than ever for crippling attacks. One can only imagine how devastating a full-on compromise of the power grid, or internet utility, might be.

While all of this is going on, Marcus Hutchins, the 23-year-old that discovered the WannaCry outbreak and ultimately stopped it was... well, thrown in jail. These types of moves might be the undoing of most countries: instead of using smart people like Marcus to learn and ultimately build better defenses, they're tried as criminals.

Over the coming years we'll see more ransomware attacks, and more data theft than ever before. Viruses aren't fun anymore for hackers, but stealing data and getting money for encrypting it seems to be the name of the game now.

Facebook says social media is bad (really)

This blog post from Facebook's director of research, David Ginsberg, dropped on Friday night and it might be the most historic thing the company's ever said publicly about social media and its impact on people:

In one experiment, University of Michigan students randomly assigned to read Facebook for 10 minutes were in a worse mood at the end of the day than students assigned to post or talk to friends on Facebook. A study from UC San Diego and Yale found that people who clicked on about four times as many links as the average person, or who liked twice as many posts, reported worse mental health than average in a survey. 

OK great, we sort of knew this, but we've never heard it coming from the 1-billion-plus social network before, so it's an interesting turning point. Don't worry, though, says Facebook — all you need to do to feel better is — surprise — share more:

On the other hand, actively interacting with people — especially sharing messages, posts and comments with close friends and reminiscing about past interactions — is linked to improvements in well-being. This ability to connect with relatives, classmates, and colleagues is what drew many of us to Facebook in the first place, and it’s no surprise that staying in touch with these friends and loved ones brings us joy and strengthens our sense of community.

I love the irony, but I do suspect it's true. Facebook is both the cause and solution to its own problem, naturally, but the biggest question we're left with is would those people feel better if they deleted their Facebook altogether? Of course, we'll never hear that from the company.

Facebook is a part of life now, and it's not going away, but there is a lot of pressure on the company now as people begin to understand its impact on their lives, particularly after a year where we learnt governments are using social platforms to manipulate popular opinion.

Tab Dump

Firefox's drama llama
Mozilla, the parent company of Firefox, slipped an "experiment" into the open-source browser over the weekend that advertised Mr. Robot, and... violated all the trust it had built up over the years for being the 'protector of privacy and choice.' Here's what Drew DeVault, a software developer had to say:

Mozilla and NBC Universal did a “collaboration” (read: promotion) for the TV show Mr. Robot. It involved sideloading a sketchy browser extension which will invert text that matches a list of Mr. Robot-related keywords like “fsociety”, “robot”, “undo”, and “fuck”, and does a number of other things like adding an HTTP header to certain sites you visit

Mozilla is sorry, but this was a pretty serious blunder marketing-wise for a company that advertises to the most privacy-sensitive users.

The full Uber letter reveals FBI-level spying
A 37-page letter halted the Uber v Waymo investigation in its tracks, and now we can see what's in it for the first time: spy games. The company used ephemeral messaging, private surveillance and even, supposedly, hacking to steal data from competitors. Juicy stuff, but also worth keeping in mind that Uber claims the letter was written as an act of extortion.

Facebook's tests in Slovakia reveal big changes
It's rumored Facebook plans to rip branded content out of the Newsfeed in favor of seeing your friends only, and that's already being tested in Slovakia. The results? A devastating fall in engagement for a bunch of big media, but nobody's talking about the core piece here: are those users now enjoy Facebook more?