Axios Login: The fog of cyberwar

Plus: Videogame sex rethought | Thursday, March 24, 2022

Open in app View in browser     Axios Login By Ina Fried ·Mar 24, 2022 Countdown: 12 days until Axios' inaugural What's Next Summit on April 5! Register here to attend virtual livestream sessions featuring the CEOs of GM, Accenture, TIAA and more.  Today's newsletter is 1,197 words, a 5-minute read.     1 big thing: The fog of cyberwar Illustration: Annelise Capossela/Axios   An actual shooting war on the ground makes the business of flagging and blocking cybersecurity threats even more devilishly tricky than usual, Axios' Scott Rosenberg reports. The big picture: With Ukraine fending off Russia's invasion, every new hack — like the recent exploits of the Lapsus$ group — ends up being viewed not only on its own terms but through the lens of that conflict. Russia has long been a major actor on the cyber stage, but its Ukraine invasion came with heightened predictions of an extraordinary barrage of cyberattacks — and the warnings have kept up. Each time a new incident comes to light, security leaders ask themselves: "Is it Russia? Is it someone who wants us to think it's Russia? Is it just somebody who thinks we might be more vulnerable because we're so busy dealing with Russia?" Driving the news: Lapsus$, a group that has tried to extort payments from companies like Nvidia and Microsoft, this week claimed to have broken into the systems of Okta, a single sign-on provider with thousands of client companies and hundreds of millions of users. During the Ukraine war, an incident like this carries an extra burden of urgency. It could be a setup for a larger Russian operation. It could be a deliberate distraction from some other Russian operation. It could have nothing at all to do with Russia. So far, in fact, that's where the very limited evidence points. The latest: Security researchers followed the Lapsus$ trail and believe the group's mastermind is a 16-year-old living at his mother's house near Oxford, U.K., Bloomberg reported Wednesday. Be smart: That doesn't sound like a Russian operation. Then again, until we know more, it doesn't totally rule it out, either. In this environment, no incident gets the benefit of the doubt, even when there's no evidence of foul play. For instance, Apple's cloud-based services have been bouncing off and online for much of this week. Apple has so far stayed mum about what's going on, and the odds are that it's a technical snafu of some sort. But in this climate, the public is going to raise suspicions even when the evidence doesn't. All this puts even more burden on the work of "attribution" — naming the parties responsible for any attack, which security experts typically make a first run at but governments ultimately decide. A cyberattack at the start of the February invasion took out Viasat's KA-SAT, a key satellite system used by the Ukrainian government. The incident could plausibly be viewed as part of a Russian cyberoffensive since it served the Kremlin's interests so well, but no one has yet conclusively pointed a finger at Moscow. All this uncertainty is part of what makes the entire realm of cybersecurity — from outright cyberwarfare to espionage to run-of-the-mill online crime — so challenging.     2. Google testing Spotify in-app payment Photo illustration: Rafael Henrique/SOPA Images/LightRocket via Getty Images   Google on Wednesday announced a deal allowing Spotify users on Android devices to pay for their subscriptions using an alternate billing system that isn't Google's, so long as users still have the option to use Google's system, Axios' Sara Fischer reports. Why it matters: The pilot program marks an important milestone for developers who have long argued app store fees are too high, and as a result, anti-competitive. Yes, but: Neither Google nor Spotify said how much commission Google may be getting from Spotify as a part of the new deal. Catch up quick: For years, developers have been forced to conduct subscription transactions via the payment systems of major app stores, like Google Play and Apple's App Store. Those app stores would collect a fee, typically around 30% for the first year. Spotify has long argued that such app store fees were anti-competitive, and it still doesn't allow its users to buy subscriptions via Apple's App Store. The big picture: Google isn't the only tech giant to begin reconsidering its app store fees. Apple said in late 2020 it would take a smaller cut from App Store sales (15% instead of the standard 30%) for businesses earning less than $1 million selling their apps. Microsoft last year cut the commission it takes on PC games sold through its Windows App Store to 12%.     3. Arizona lets you use your iPhone as your ID Image: Apple   Apple's quest to let you leave your wallet at home has taken another step forward as Arizona has become the first state to let people store their official driver's license or ID on their iPhone. Why it matters: Payments via phone, once rare, have become widely accepted. Until now, though, there has been no electronic option for government-issued identification. Driving the news: Apple announced Wednesday that Arizonans can now store their driver's licenses on their phone. Apple also said that Colorado, Hawaii, Mississippi, Ohio and Puerto Rico plan to bring this feature to their residents. That's in addition to the seven states that Apple had announced last year would support the feature (Connecticut, Georgia, Iowa, Kentucky, Maryland, Oklahoma and Utah). How it works: In Arizona, people have to scan the front and back of their driver's license or ID and take a video selfie to authenticate they are the person on the license. Between the lines: Apple also said the electronic version can be used at TSA checkpoints at Phoenix Sky Harbor Airport. Yes, but: I'm guessing you might need your physical ID to fly back to Arizona.     A message from Axios Get their attention     Professionals are busy — so we ensure our partners get their messages across quickly and effectively. How it's done: Smart Brevity Studio creates concise articles and visuals that get up to 5X more engagement than they do on other platforms. Find out more.     4. Developers are rethinking sex in video games Illustration: Brendan Lynch/Axios   Artful depictions of sex have a crucial place in video games because of how they allow people to examine their ideas of romance and relationships, Axios Gaming's Megan Farokhmanesh reports. Driving the news: Designer and writer Sharang Biswas gave a Game Developers Conference talk exploring how sex is, and can be, depicted in games. From the beginning, video games have often problematically incorporated sex, with rampant sexism, glorified assault and transactional approaches to pursuing romance. Many tend to be goal-oriented, where the objective is to build a romance with a character just to sleep with them. The big picture: Games depicting sexual behaviors are often a way to discuss broader societal issues. "Expanding the conversation about sex through our various artforms, including games and playful experiences, is important," Biswas said. What's happening: Gamemakers in the indie scene are leading the charge when it comes to games that explore sex and sexuality. Naomi Clark's two-player card game Consentacle is about navigating boundaries and figuring out how to please a sex partner. "There is no one way that people have sex," he says, nor is there one specific body type that should be allowed to. Biswas advises developers to think about getting weird, and consider "mechanics that aren't directly about sexual acts." Sign up for the Axios Gaming newsletter here.     5. Take note On Tap Nvidia's GTC developer conference wraps up online, while Game Developers Conference continues in San Francisco. ICYMI Stephen Wilhite, who created the GIF animated picture format while working at Compuserve in the 1980s, died last week of COVID at age 74. Of note: He pronounced it "jif." (The Verge) Snap has purchased NextMind, a startup focused on brain-computer interfaces. (The Verge)     6. After you Login This Lego-sorting vacuum sounds like a parent's dream. Plus it combines my love of Lego with a tie to "The Office" (which had a running bit about a toy-slurping vacuum called "Suck-it").     A message from Axios Get their attention     Professionals are busy — so we ensure our partners get their messages across quickly and effectively. How it's done: Smart Brevity Studio creates concise articles and visuals that get up to 5X more engagement than they do on other platforms. Find out more.   Like this email style and format? It's called Smart Brevity®. Over 200 orgs use it — in a tool called Axios HQ — to drive productivity with clearer workplace communications.   Axios thanks our partners for supporting our newsletters. If you're interested in advertising, learn more here. Sponsorship has no influence on editorial content. Axios, 3100 Clarendon B‌lvd, Suite 1300, Arlington VA 22201   You received this email because you signed up for newsletters from Axios. Change your preferences or unsubscribe here.   Was this email forwarded to you? Sign up now to get Axios in your inbox.   Follow Axios on social media: