lee/hpr-knowledge-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
hpr-knowledge-base/hpr_transcripts/hpr3817.txt
Lee Hanken 7c8efd2228 Initial commit: HPR Knowledge Base MCP Server 
- MCP server with stdio transport for local use
- Search episodes, transcripts, hosts, and series
- 4,511 episodes with metadata and transcripts
- Data loader with in-memory JSON storage

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-26 10:54:13 +00:00

157 lines
10 KiB
Plaintext
Raw Permalink Blame History

Episode: 3817
Title: HPR3817: The Oh No! News.
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr3817/hpr3817.mp3
Transcribed: 2025-10-25 05:54:07
---
This is Hacker Public Radio Episode 3817 for Tuesday, the 21st of March 2023.
Today's show is entitled The Oh No News.
It is hosted by some guy on the internet and is about 12 minutes long.
It carries a clean flag.
The summary is, oh no, news is good news.
Hello and welcome to another episode of HPR.
It's time to begin The Oh No News.
In our first headline, T-Mobile discloses a data breach affecting 37 million T-Mobile
customers.
On January 5, 2023, T-Mobile US identified that a bad actor was obtaining data through
a single application programmer's interface, also known as an API without authorization.
The API in question did not contain any sort of payment card information.
It also did not have access to social security numbers, tax IDs, drivers, licenses, and
other government numbers, pins or passwords or other financial information.
The data that was exposed by the API was limited to T-Mobile set data, which included
the contact name, billing address, email, phone numbers, date of birth, T-Mobile's account
numbers, and information such as the number of lines and account plan features.
So according to the story, the attackers may know if you're on a family plan, a single
plan, the number of lines you have in the plan, a type of phone, that kind of thing.
The good news is they will not have your password.
I'm not sure if they can perform any sort of SIM jacking with the information they do
have from the exposed API, however, I still believe it's a great idea for you to change
your password and definitely don't forget to use multi-factor authentication.
T-Mobile also mentioned, we currently believe that the bad actor first retrieved data through
the impact of the API, starting around November 25th, 2022.
Our next headline, true finder and instant checkmate confirm a data breach affecting 20
million customers.
People connect, the owners of truth finder and instant checkmate background services, confirm
they suffered a data breach after learning of customer data from their 2019 backup database
was posted on an online form.
The leaked data included names, email addresses, telephone numbers, encrypted or hash passwords,
expired or inactive password reset tokens and subscribers.
This one was especially bad because these agencies or companies, they perform background
checks for other companies.
So there is possibly an extremely large database with all sorts of private information that
you definitely don't want out there, including social security numbers, things like that,
floating around in the hands of attackers right now, due to this 2019 database backup that
was leaked on an online form.
Now some of the information displayed on the form by the person who was, I believe, selling
it or just displaying that they had the data, they only released a little bit of it from
a CSV file, but there's no telling how much more you can gain access to.
The SEC charges in the Hall of Famer Paul Pierce, for unlawfully toting and making
the misleading statements about crypto securities.
The Securities and Exchange Commission today announced charges against former NBA player
Paul Pierce.
For touting EMAX tokens, crypto asset securities offered and sold by Ethereum Max on social
media without disclosing the payment he received for promotion and for making false and misleading
promotional statements about the same crypto asset.
Pierce agreed to settle the charges and pay 1.4 million dollars in penalties, discordment,
and interest.
The SEC's order finds that Pierce failed to disclose that he was paid more than $240,000
worth of EMAX tokens to promote the tokens on Twitter.
The SEC's order also finds that Pierce tweeted a misleading statement relating to EMAX,
including tweeting a screenshot of an account showing large holdings and profits without
disclosing that his own personal holdings were in fact much lower than those in the
screenshot.
In addition, one of Pierce's tweets contained a link to Ethereum Max website which provided
instructions for potential investors to purchase EMAX tokens.
This case is yet another reminder to celebrities.
The law requires you to disclose to the public from whom and how much you are getting paid
to promote investment in securities and you can't lie to investors when you told
the security.
When celebrities endorse investment opportunities, including crypto asset securities, investors
should be careful to research if the investments are right for them and they should know why
celebrities are making those endorsements.
If you are curious about any federal security laws, the federal securities laws are clear
that any celebrity or other individual who promotes a crypto asset security must disclose
the nature, source, and amount of compensation they received an exchange for the promotion.
Sid Gerber, the director of SEC's division of enforcement.
The SEC's order finds that Pierce violated the Anti-Touting Act and anti-Fraud provisions
of the federal securities law.
Without admitting or denying the SEC's findings, Pierce agreed to pay 1.1 million dollars
in penalties and approximately $240,000 in Discouriment and Prejudgment Interest.
Pierce also agreed to not promote any crypto asset securities for three years.
The next article.
The SEC charges Terraform and Kwan with defrauding investors in crypto schemes.
The SEC today charge Singapore-based Terraform labs and Kwan with orchestrating a multi-billion-dollar
crypto asset securities fraud involving an algorithmic, stablecoin, and other crypto
asset securities.
According to the SEC's complaint, from April 2018 until May 2022, Terraform and Kwan
raised billions of dollars from investors by offering and selling an interconnected
suite of crypto asset securities.
Many in unregistered transactions.
These included M-assets, security-based swap design to pay returns by mirroring the price
of stocks of U.S. companies in Terra, U.S., U.S.T., a crypto asset security referred to
as algorithmic, stablecoin that supposedly maintained its peg to the U.S. dollar by
being interchangeable for another of its defendants.
Crypto asset securities Luna.
The complaint further alleges that Terraform and Kwan offered and sold investors other
means to invest in their crypto empire, including the crypto asset security tokens Mirror,
tokens and Luna itself.
The SEC's complaint alleges that Terraform and Kwan marketed crypto asset securities to
investors seeking to earn a profit, repeatedly claiming that the tokens would increase in value.
Terraform and Kwan repeatedly misled and deceived investors that a popular Korean mobile
payment application used the Terra blockchain to settle transactions that would accrue value
to Luna.
Meanwhile, Terraform and Kwan also allegedly misled investors about the stability of the
U.S.T.
In May 2022, U.S.T. depagged from the U.S. dollar.
And the price of it and its sister tokens plummeted to close to zero in value for our last article.
Packaging defaults for official Ubuntu flavors have changed.
That's right, you heard it correctly.
Ubuntu and its official flavors will no longer ship with flat pack pre-installed.
To maintain its focus while also providing user choice, Ubuntu and its flavors consider
devs and snaps the default experience.
Users have the freedom of choice to their software from other sources, including flat pack.
A way to install these alternatives is and will continue to be available for installation
from the Ubuntu archive with a simple command.
There you have it, flat pack will no longer be pre-installed.
Second quote.
Going forward, the flat pack package, as well as packages to integrate flat pack into
the respective software center, will no longer be installed by default in the next release
due April 2023, Lunar Lobster.
Clothes Quote.
I included this story because I wanted to offer some thoughts on it.
I've heard other podcasters mention this story and they seem to speak about it as though
it is this terrible thing that is happening.
When a distribution wants to make changes such as packaging and they don't take an
aggressive measure to prevent the user from receiving other packages from other software
repositories, I don't see that as a problem.
Now in the past, with Linux Mint, Clim has decided to install a package or a script that
would limit the user's ability to receive snaps, so unless you knew what you were doing,
you could not actually install SnapD and then install SnapPackages from the SnapStore.
This was an aggressive approach that I believe was unnecessary and it limits the user's
freedom.
Zoom2's approach is mainly to reduce maintenance in the long end and push the house brand.
I believe when other podcasters were speaking about this, they spoke more from a personal
use standpoint where they may personally use flat packs instead of snaps and that seemed
to pass on sort of a bias against this move.
I don't believe that was the responsible approach when speaking about a story like this, Linux
already gets enough flack for having confusion when it comes to all the different packaging
methods, verification of the different packaging methods, not to mention the discussions with
Snap on the back end, not being open source, however it is delivering open source technology
to the user, open source software to the user.
So I think this is a good move overall for Ubuntu.
Ubuntu still get the freedom they want and Ubuntu can minimize or hope to minimize their
maintenance load.
If you have any thoughts on this, please share them either in comment form, email or you
can do a show about it.
If there's time, maybe we can get together and do a show and discuss it ourselves, but
that's it for the all-no news folks.
Take care.
You have been listening to Hacker Public Radio at Hacker Public Radio does work.
Today's show was contributed by a HBR listener like yourself.
If you ever thought of recording podcasts, then click on our contribute link to find out
how easy it really is.
For HBR, it has been kindly provided by www.unsthost.com, the Internet Archive and R-Sync.net.
On the Sadois status, today's show is released under Creative Commons, Attribution 4.0 International
License.
Reference in New Issue View Git Blame Copy Permalink