Dark mode: ON

Infosec Decoded Season 4 #16: Girl Influencers

With Doug Spindler and @sambowne@infosec.exchange

Fri, Feb 23, 2024

Doug Spindler

AT&T outage - Tens of thousands of Americans had trouble making phone calls, sending texts, reaching emergency services or even accessing the internet on Thursday because of a nearly 12-hour AT&T network outage.
AT&T hasn’t identified a specific cause, and officials are investigating.

Flaw in DNS discovered after 24 years.
Researchers looking at the specs for DNS discovered a theoretical flaw. They then proved there was in fact a fundamental design flaw in a Domain Name System (DNS) security extension, which under certain circumstances could be exploited to take down wide expanses of the Internet.

Sam Bowne

AT&T reveals cause of Thursday’s massive outage

A Marketplace of Girl Influencers Managed by Moms and Stalked by Men (NY Times, no paywall)
"Nearly one in three preteens list influencing as a career goal, and 11 percent of those born in Generation Z, between 1997 and 2012, describe themselves as influencers. The so-called creator economy surpasses $250 billion worldwide, according to Goldman Sachs, with U.S. brands spending more than $5 billion a year on influencers.
Health and technology experts have recently cautioned that social media presents a “profound risk of harm” for girls. Constant comparisons to their peers and face-altering filters are driving negative feelings of self-worth and promoting objectification of their bodies, researchers found."
"Some of the child influencers earn six-figure incomes, according to interviews."

Meta Staff Found Instagram Subscription Tool Enabled Child Exploitation. The Company Pressed Ahead Anyway. (WSJ, no paywall)
"To address the problems, Meta could have banned subscriptions to accounts that feature child models, as rival TikTok and paid-content platforms Patreon and OnlyFans do, those people said. The staffers formally recommended that Meta could require accounts selling subscriptions to child-focused content to register themselves so the company could monitor them."

The hidden high cost of return-to-office mandates
American drivers are now even more distracted by their phones. Pedestrian deaths are soaring.

Chrome's Version of Edge's "Super Duper Secure Mode"
It disables Just-In-Time compilation for V8, the engine inside Chrome that processes JavaScript and WebAssembly code. More than half of all Chrome/Chromium zero-days exploited in the wild in 2021 were JIT-related issues.