You've probably heard about the actor's union (SAG-AFTRA) going on strike in the USA. I bring up this labour relations news in a technology newsletter because one of the key sticking points between the media companies and actors, like the stalled negotiations between the Writers Guild and media companies, is the use of AI. In the case of actors, one of the proposals is to create a "digital likenesses for SAG-AFTRA members" and in return the actors get "get one day's pay". The media companies however "own that scan, their image, their likeness and should be able to use it for the rest of eternity on any project they want, with no consent and no compensation". Literally a goddamn episode of Black Mirror. Hard to tell if the media companies are taking the piss here.
This has kinda flown under the radar, but a few days ago Microsoft made public that a Chinese-based hacker called Storm-0558 gained access to "approximately 25 organizations including government agencies as well as related consumer accounts of individuals likely associated with these organizations". That is bad but shit happens. Wired explains that what makes it worse is "hackers were somehow able to steal a key that Microsoft uses to sign tokens for consumer-grade users of its cloud services" and "exploited a bug in Microsoft's token validation system, which allowed them to sign consumer-grade tokens with the stolen key and then use them to instead access enterprise-grade systems". Stealing keys is a pretty bloody big bug and Microsoft isn't giving more details.
Australia Post is finally getting rid of POLi. If you're unfamiliar, this was an payment method that let people pay for things online by having the POLi website log in to their internet banking and make the transfer for them and verifying to the merchant that a transfer was made. That entire setup was absolutely ridiculous, making the user hand over their internet banking credentials, including 2FA codes (!!) to POLi. Banks hated it as it undermined their messages to never give your details to anyone. I was always surprised to see POLi still used by many large businesses like utilities and airlines and that there were people comfortable using POLi too! RIP to a real bastard, you will not be missed.
As part of macOS Sonoma, Apple has introduced a Chrome extension that lets you access your passwords in iCloud with Google's browser. The Extension can also "AutoFill passwords and one-time codes, save new passwords, and lets you right-click QR codes to set up code generators". It'll work with other Chromium based browsers like Edge, but tough shit if you use Firefox I guess? This extension also does not work with passkeys. That feature is built-in to macOS, but apps need to be updated to support accessing passkeys stored on the device or within iCloud. It's nice password managers are built-in to operating systems, but damn the lack of cross-platform (cross-app even!) support is disturbing. Just entrenches more ecosystem lock-in. P.S: Proton now has a password manager that looks pretty good.
Here's five interesting discussions over on The Sizzle's paid subscriber forum for you to enjoy over the weekend. If you are not a paid subscriber but want to get involved, visit https://thesizzle.com.au/payme to get onboard.
The Pirate Bay's first server, on display at Sweden's National Museum of Science and Technology (James Losey / Flickr)
📻 Letter To The President - 2Pac
😎 The Sizzle is curated by Anthony "decryption" Agius and emailed every weekday afternoon.
💬 Checked out the paid subscriber only forum? It's a tidy little place to discuss tech with like minded Aussies.
👋 Forums not your thing? The Sizzle has a Slack group you can procrastinate in and chat with other nerds bored at work.
💳 Paid subscriber looking to manage your billing info, change email address or cancel your subscription? Visit the customer portal.
🎁 Make someone's day and buy them a 12 month gift subscription to The Sizzle.
📚 Browse The Sizzle Archive. A few issues are missing and it's not searchable, but it's better than nothing.
🫂 Friends of The Sizzle is a small group of businesses or organisations operated by Sizzle subscribers. Support your fellow Sizzler!
💔 Tired of my bullshit? Unsubscribe and I'll never speak to you again.
The Sizzle is created on Wathaurong land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. I pay my respect to them and their cultures and to elders both past and present.