Best Long-Reads of the Week, 6/4/22

Best Long-Reads of the Week, 6/4/22

Is social media bad for us, Zelensky thoughts on the IT army, Have you read all of your apps' privacy policies, the FBI tried to ambush a journalist's source who wanted to spill the beans on NSA, more

person holding book

Metacurity is pleased to offer our free and paid subscribers this weekly digest of some long-form infosec pieces and related articles that we think cybersecurity professionals might appreciate that we couldn’t properly fit into our daily crush of news.

Let us know what you think, and feel free to let us know if we missed something important by sending us a note to Happy reading!

  • The New Yorker’s Gideon Lewis-Kraus looks at how harmful social media is to society and finds, surprisingly, that the popular opinion that social media is bad for us isn’t backed up by science…yet. (However, another New Yorker piece this week, two book reviews from Kyle Chayka, makes the case that social media traps users in a “race to the bottom.”)
  • Geoffrey Cain in Wired scored an interview coup with Ukrainian President Volodymyr Zelensky in which the heroic head of state talks about his skilled social media usage, persuading tech companies to end their operations in Russia, how Elon Musk’s Starlink rescued Ukraine and why he thinks Ukraine’s IT Army of volunteer hackers is the wave of the future.
  • Geoffrey Fowler makes the case in the Washington Post for why we should all stop pretending we’re reading the privacy policies for our apps, given that his apps’ policies amounted to a million words.
  • James Risen tells the tale in The Intercept of how an FBI agent schemed to ambush one of his sources who was “disgusted by the massive scale of the NSA’s surveillance operations and wanted to expose the full scope of the agency’s global power, which the source claimed went far beyond what Snowden had revealed.”
  • Nat Rubio-Licht and Michelle Ma offer a detailed run-down in Protocol on tech layoffs and hiring freezes, starting with cybersecurity company Lacework trimming its workforce by 300. (FYI - I have dug a tiny bit into whether Lacework’s layoffs speak to a broader trend in the cybersecurity arena, and so far, the answer appears to be no, but stay tuned.)
  • This piece from TheGrugq talks about how contrary to some views, Russia was active on the cyber front in the early days of the Ukraine war but Ukraine met Russia’s offense with resiliency and toughness.
  • Kyle Alspach from The Protocol did a deep dive into cross-tenant vulnerabilities as a new type of risk on cloud platforms, highlighting a string of severe vulnerabilities that have appeared in Microsoft’s Azure public cloud platform.

Read more