Radiohead beats hacker to releasing files

Here’s a fascinating story I couldn’t resist today: Radiohead found itself being threatened by an anonymous hacker, who demanded $150,000 to stop the release of 18 hours of stolen audio. Instead of paying it, Radiohead did the unthinkable: releasing it all on their own, and using the funds for charity.

The audio is from the OK Computer era, and is a treasure trove of demos, messing about, and a rare peek inside the ideation process of an incredibly famous band. 

According to Thom Yorke, Radiohead’s front man, the hacker broke in and stole 18 minidiscs (which is a blast from the past on its own), presumably backed up digitally, then threatening their release in order to profit. 

Publicly, this all started last week when an anonymous user on a. On the Radiohead subreddit, users were already considering pooling together money to buy the material out of “high historical interest,” but grew concerned about the ethics of it all. 

Yorke says that “It’s not v interesting. There’s a lot of it … as it’s out there it may as well be out there until we all get bored and move on.”

What blew my mind about this story is that this, and attacks just like it, are becoming increasingly common as the threat landscape has morphed from viruses and trojans as a tool for destruction, into a tool for individual profit. Ransomware has become a part of our vocabulary, and there are even entire ‘sextortion’ email spammers that play against these fears.

Those scams, in which a spammer emails victims of password breaches and tells them that they’ve compromised their machines and accounts, demand money in exchange for not releasing “embarrassing recordings” of sites the user visited. 

The thing, however, is that there are no recordings, nor was there ever an actual compromise... the spammer is just betting on the reader being a) a human-being who has looked at a pornography site at least once and b) scared enough by this random threat into paying to avoid the ‘footage’ leaking.

These emails are convincing! You probably have a spam box filled with them, but if not, here’s a snippet of one that’s going around at the moment:

For the last 2 months I have been spying on you through your device camera.. especially when you visited those sites to have fun... Those videos show clearly you having fun and the content for adults you were watching.. this is pretty nasty and I would be very worried if I were you.
I have secured 4 videos: Hello_char_gd_1554667448.mp4 (75.9 MB)

The spammer uses association tactics, including the use of your breached email addresses’ name, in their “files” they will release, in order to try and make you believe it’s real. In my case, I have a generic email address, not my name, so it’s pretty obvious what’s going on here.

The Radiohead case might have been a little different, in that they actually were compromised, but there’s a lesson in what happened that applies to both of these things: never pay the hackers. 

It’ll probably not work out in your favor if you do pay them, and at least this time, Radiohead showed them who’s in charge.


Tab Dump

Facebook’s shady spying tool that pays users to monitor them is back
After Facebook’s ‘Onavo’ VPN service was exposed as a thinly-veiled tool that monitored users’ habits for market research, it was banned by Apple. Now, it’s back, albeit a little more transparent, but still just as terrible.

Dropbox “reinvents” itself with new app that ties it all together
I plan to write about how Dropbox has become a commodity in the future, but this is a company desperately trying to become anything other than the thing they’ve been for the last decade. They’ve now refocused on being the hub that ties all of your work together, but I don’t see any specific value here that Google Drive isn’t already giving me.

Slack will IPO next week at an expected valuation of $17B(!)

The man behind Have I Been Pwned, which helps you track what data breaches you’re in, is considering selling the site

Google is moving hardware production of Nest and its data center motherboards out of China
With no end in sight for the crappiest trade war in history, Google is making backup plans.