Bitcoin ETF inflows have turned positive as gold ETFs see record outflows after a historic rally. Is capital beginning to rotate from gold to Bitcoin?
Google found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China. Sources from a U.S. government defense contractor said some of those hacking tools were theirs.
Read more Archer’s countersuit comes four months after Joby sued its rival for alleged ‘corporate espionage.’
Read more The fresh fundraise comes less than a year after Founders Fund closed its third growth fund, a $4.6 billion vehicle intended primarily for follow-on investments in its successful late-stage companies.
Read more The federal government has selected eight proposals to test electric aircraft across 26 states.
Read more More than 30 OpenAI and Google DeepMind employees signed onto a statement supporting Anthropic’s lawsuit against the Defense Department after the agency labeled the AI firm a supply-chain risk, according to court filings.
Read more This story originally appeared in The Algorithm, our weekly newsletter on AI. To get stories like this in your inbox first, sign up here.
“Anyone wanna host a get together in SF and pull this up on a 100 inch TV?”
The author of that post on X was referring to an online intelligence dashboard following the US-Israel strikes against Iran in real time. Built by two people from the venture capital firm Andreessen Horowitz, it combines open-source data like satellite imagery and ship tracking with a chat function, news feeds, and links to prediction markets, where people can bet on things like who Iran’s next “supreme leader” will be (the recent selection of Mojtaba Khamenei left some bettors with a payout).
I’ve reviewed over a dozen other dashboards like this in the last week. Many were apparently “vibe-coded” in a couple of days with the help of AI tools, including one that got the attention of a founder of the intelligence giant Palantir, the platform through which the US military is accessing AI models like Claude during the war. Some were built before the conflict in Iran, but nearly all of them are being advertised by their creators as a way to beat the slow and ineffective media by getting straight to the truth of what’s happening on the ground. “Just learned more in 30 seconds watching this map than reading or watching any major news network,” one commenter wrote on LinkedIn, responding to a visualization of Iran’s airspace being shut down before the strikes.
Much of the spotlight on AI and the Iran conflict has rightfully been on the role that models like Claude might be playing in helping the US military make decisions about where to strike. But these intelligence dashboards and the ecosystem surrounding them reflect a new role that AI is playing in wartime: mediating information, often for the worse.
There’s a confluence of factors at play. AI coding tools mean people don’t need much technical skill to assemble open-source intelligence anymore, and chatbots can offer fast, if dubious, analysis of it. The rise in fake content leaves observers of the war wanting the sort of raw, accurate analysis normally accessible only to intelligence agencies. Demand for these dashboards is also driven by real-time prediction markets that promise financial rewards to anyone sufficiently informed. And the fact that the US military is using Anthropic’s Claude in the conflict (despite its designation as a supply chain risk) has signaled to observers that AI is the intelligence tool the pros use. Together, these trends are creating a new kind of AI-enabled wartime circus that can distort the flow of information as much as it clarifies it.
As a journalist, I believe these sorts of intelligence tools have a lot of promise. While many of us know that real-time data on shipping routes or power outages exist, it’s a powerful thing to actually see it all assembled in one place (though using it to watch a war unfold while you munch on popcorn and place bets turns the war into perverse entertainment). But there are real reasons to think that these sorts of raw data feeds are not as informative as they may feel.
Craig Silverman, a digital investigations expert who teaches investigative techniques, has been keeping a log of these dashboards (he’s up to 20). “The concern,” he says, “is there’s an illusion of being on top of things and being in control, where all you’re really doing is just pulling in a ton of signals and not necessarily understanding what you’re seeing, or being able to pull out true insights from it.”
One problem has to do with the quality of the information. Many dashboards feature “intel feeds” with AI-generated summaries of complex, ever-changing news events. These can introduce inaccuracies. By design, the data is not especially curated. Instead, the feeds just display everything at once, with a map of strike locations in Iran next to the prices of obscure cryptocurrencies.
Intelligence agencies, on the other hand, pair data feeds with people who can offer expertise and historical context. They also, of course, have access to proprietary information that doesn’t show up on the open web.
The implicit promise from the people building and selling this sort of information pipeline about the Iran conflict is that AI can be a great democratizing force. There’s a secret feed of information that only the elites have had access to, the thinking goes, but now AI can bring it to everyone to do with what they wish, whether that’s simply to be more informed or to make bets on nuclear strikes. But an abundance of information, which AI is undeniably good at assembling, does not come with the accuracy or context required for real understanding. Intelligence agencies do this in-house; good journalism does the same work for the rest of us.
It is, by the way, hard to overstate the connection this all has with betting markets. The dashboard created by the pair at Andreessen Horowitz has a scrolling list of bets being made on the prediction platform Kalshi (which Andreessen Horowitz has invested in). Other dashboards link to Polymarket, offering bets on whether the US will strike Iraq or when Iran’s internet will return.
AI has also long made it cheaper and easier to spread fake content, and that problem is on full display during the Iran conflict: last week the Financial Times found a slew of AI-generated satellite imagery spreading online.
“The emergence of manipulated or outright fake satellite imagery is really concerning,” Silverman says. The average person tends to see such imagery as very trustworthy. The spread of such fakes could erode confidence in one of the most important pieces of evidence used to show what’s actually happening in the war.
The result is an ocean of AI-enabled content—dashboards, betting markets, photos both real and fake—that makes this war harder, not easier, to comprehend.
When Tony Fadell started working on the iPod, usability often trumped security. The result was an iterative process. Every time someone would find a security weakness or a way to hack the device, the development group would iterate to add measures and fix the issues. Yet, flaws would frequently be found, and the secure design of the product became a moving target.
But when it came to designing a device specifically for security purposes, there could be no iterative process after rolling it out: Security had to be the number one priority.
“As you develop these things, you’re a victim of your own development speed,” says Fadell, who developed Ledger Stax, a signing device for securing digital assets, and is now a board member at digital asset security firm Ledger. “If you introduced these features and functions without the proper review, and now customers are demanding security, you’ll realize that you should have designed it differently from the start, and it’s very hard to undo what you’ve already done.”
A critical aspect of designing secure technology, however, must be ease of use too. Without it, it is all too simple for users to make a mistake or use an unsafe workaround that undermines device protections. Think a post-it stuck to a monitor or some variation of “123456” or “admin” for passwords.
With digital asset security devices like signers—more commonly called “wallets”—such errors could lead to seriously detrimental outcomes. If, for example, a user’s private key falls into the wrong hands, bad actors can use it to steal their digital assets. Estimates suggest that around 20% of all Bitcoin—worth around $355 billion—are inaccessible to owners. One of the reasons for this is likely because they lost their private keys.
In the past, crypto devices have been notoriously difficult to use. As cryptocurrency becomes ever more popular, valuable, and mainstream—attracting greater attention from criminals as the stakes rise—designers and engineers are prioritizing both security and usability when developing digital asset devices, drawing on in-depth research to iterate.
The three components of security
Strong security models for devices like signers, which are used to secure blockchain transactions, require three major components. First, a secure operating system. Second, a secure element to bind the software to the hardware. And third, a secure user interface. Each of which need to be frequently tested by researchers and white hat hackers to simulate real-world attacks and improve product resilience and usability.
The first two elements focus on securing the device software and hardware. Secure software has always been a problem, but one that has improved over the last decade, as security architectures and processes have been refined. Meanwhile, hardware security components have become widely available—from trusted platform modules on computers to secure enclaves in smartphones—allowing digital information to essentially be locked to a device.
For crypto signers, hardware must provide encryption capabilities. And the security of the software must be frequently tested. Ledger, for example, has a secure OS and a Secure Element that handles encryption primitives, and a secure display that prevents device takeover.
Security and usability working hand in hand
Asset recovery is a major consideration when designing signers. If recovery options are not easy to use, an owner could lose access. But if recovery processes are not secure enough, attackers could exploit the system. With SIM swapping attacks, for example, attackers can tap into a mobile communications channel used for account recovery and “recover” a victim’s password to steal their assets.
In the digital-asset ecosystem, the creation of the seed phrase, a sequence of 12 to 24 words that could act as a passphrase for wallets is an example of improving usability and security. Known more formally as Bitcoin Improvement Proposal 39 (BIP-39), the approach gives users a master password to unlock their hierarchical deterministic (HD) wallets.
There is a lot of creative tension between the security team and the UX team that happens to achieve the proper balance between convenience and safety, Fadell says, referring to Ledger’s security research team, the Donjon. “We mock things up, we prototype things from a UX UI perspective, we walk through it, then we walk the Donjon team through it,” Fadell explains. “We push back and forth to find the absolute optimal solution to balance the two.”
Through the research the Donjon team has conducted, Ledger designed its Recovery Key—an NFC-based physical card to back up your 24 words—to be both user-friendly and secure. “What we did, as a first in the industry, was include an NFC card,” says Fadell. “Instead of only writing it down, you can also have an NFC card called a Recovery Key. You can have multiple Recovery Keys and store them in a lockbox, a safety deposit box, or give them to someone you trust for safekeeping.”
A number of government initiatives are working to regulate this balance between security and usability. This includes the US Cybersecurity and Infrastructure Security Agency’s Secure by Design, which aims to build cybersecurity into the design and manufacture of technology products. And the UK’s National Cyber Security Centre’s Software Security Code of Practice, which outlines security principles expected of all organizations that develop or sell software.
Enterprise security presents distinct challenges
Embedding usability and security into devices for companies adds further complexity as businesses need features such as multi-signature capabilities to protect against single points of failure, whether from external attacks or internal bad actors.
Security design can take these requirements into account, with secure governance using multiple signatures (multisig), hardware security modules (HSMs) for key storage, trusted display systems, and other usable security capabilities.
These technologies are critically important for companies who have roles in the blockchain ecosystem. Failure to establish robust security measures can have dire consequences. In 2024, for example, unknown cybercriminals made off with more than $300 million worth of assets from DMM Bitcoin, leading the Japanese cryptocurrency platform to close six months later. Japan’s Financial Services Agency discovered severe risk management issues, including inadequate oversight, lack of independent audits, and poor security practices.
For companies, allowing a multi-stage process that involves a required number of stakeholders is critical, says Fadell. “It’s making sure that the attack vector is not just one person, and so you need to support multiple people with multiple factors on all of their devices as well,” he says. “It gets to be a real combinatoric problem.”
R&D to stay one step ahead
To keep up with requirements and offer strong security with improved visibility, crypto firms need to invest in research and development, Fadell says. Attack labs, such as Ledger Donjon, can conduct real-world testing on specific enterprise security requirements and create scenarios to educate both management and workers of the potential threats.
Such research and development can support device designers and engineers in their never-ending mission to balance security measures with usability so that digital asset devices can support users to safeguard their digital assets in a constantly evolving crypto and cyber landscape.
Learn more about how to secure digital assets in the Ledger Academy.
This content was produced by Insights, the custom content arm of MIT Technology Review. It was not written by MIT Technology Review’s editorial staff.
This content was researched, designed, and written by human writers, editors, analysts, and illustrators. This includes the writing of surveys and collection of data for surveys. AI tools that may have been used were limited to secondary production processes that passed thorough human review.
This is today’s edition of The Download, our weekday newsletter that provides a daily dose of what’s going on in the world of technology.
Is the Pentagon allowed to surveil Americans with AI?
The ongoing public feud between the Department of Defense and the AI company Anthropic has raised a deep and still unanswered question: Does the law actually allow the US government to conduct mass surveillance on Americans?
Surprisingly, the answer is not straightforward. More than a decade after Edward Snowden exposed the NSA’s collection of bulk metadata from the phones of Americans, the US is still navigating a gap between what ordinary people think and what the law allows.
Today, the legal complexity has a new edge: AI is supercharging surveillance—and our laws haven’t caught up. Read the full story.
—Michelle Kim
The must-reads
I’ve combed the internet to find you today’s most fun/important/scary/fascinating stories about technology.
1 The White House has tightened its AI rules amid the Anthropic spat
New guidelines require companies to allow “any lawful” use of their models. (FT $)
+ London’s mayor has slammed Trump’s treatment of Anthropic and invited the firm to expand in the city. (BBC)
2 A satellite firm has stopped sharing imagery after exposing Iranian strikes
Planet Lab said it wants to stop “adversarial actors” from using the data. (Ars Technica)
+ AI is turbocharging the conflict in Iran. (WSJ $)
+ War is adding a brutal new element to the country’s internet issues. (Wired $)
3 The OpenAI-Anthropic feud is getting messy
The Pentagon contract controversy has intensified a deeply personal animosity between the founders. (NYT $)
+ Sam Altman and Dario Amodei’s rivalry could reshape the future of AI. (WSJ $)
+ OpenAI’s robotics lead has quit over concerns about surveillance and “lethal autonomy.” (TechCrunch)
+ The company’s DoD “compromise” has brought Anthropic’s fears to life. (MIT Technology Review)
4 Staff at Block are outraged over the company’s “AI layoffs”
They’re pushing back against Jack Dorsey’s bullishness on AI. (The Guardian)
+ They’ve also cast doubt on the payroll savings. (Gizmodo)
+ It’s not the first case of fears over AI taking everyone’s jobs. (MIT Technology Review)
5 Data center “man camps” are springing up in Texas
Aimed at luring workers to help build the centers, they will offer free steaks and golf simulators. (Bloomberg $)
6 The OpenClaw craze is sparking a rally in Chinese tech stocks
Shares surged after government agencies and tech leaders promoted the AI agent. (Bloomberg $)
+ Why is China falling so hard for it? (SCMP)
7 AI-generated videos are altering our relationship to nature
And could lead to “distorted expectations” of animal behavior. (NYT $)
+ AI slop could form a new kind of pop culture. (MIT Technology Review)
8 A rogue AI agent freed itself to mine crypto in secret
The model escaped its sandbox to start a side hustle in digital currency. (Axios)
+ AI agents are also starting to harass people. (MIT Technology Review)
9 In a first, a spacecraft has changed an asteroid’s orbit around the sun
The feat was a test of Earth’s future defenses. (Engadget)
10 How the Furby brought creepy-cute robotics into playtime
A new show traces the legacy of the surprisingly high-tech toy. (The Verge)
Quote of the day
“I wanted to approach the whole situation with love.”
—Block cofounder and CEO Jack Dorsey tells Wired why he wore a hat with the word ‘Love’ on it during a meeting where he laid off 40% of his workforce.
One more thing
LINDA NYLIND / EYEVINE VIA REDUX
Geoffrey Hinton tells us why he’s now scared of the tech he helped build
Geoffrey Hinton is a pioneer of deep learning who helped develop some of the most important techniques at the heart of modern artificial intelligence, but after a decade at Google, he’s stepped down to focus on concerns he now has about AI.
Hinton wants to spend his time on what he describes as “more philosophical work.” And that will focus on the small but—to him—very real danger that AI will turn out to be a disaster. Read the full story.
—Will Douglas Heaven
We can still have nice things
A place for comfort, fun and distraction to brighten up your day. (Got any ideas? Drop me a line.)
+ De La Soul’s Tiny Desk concert is a masterclass in joy and grief, proving their “Daisy Age” philosophy is timeless.
+ These original Disney concepts of beloved characters are a portal into an alternate childhood.
+ This square phone traverses two decades of nostalgia by rotating into a Game Boy AND a BlackBerry.
+ A newly discovered Rembrandt shows the Old Masters still have new tricks to reveal.
In honor of International Women’s Day, the company provided information on the topics women were most engaged in, which included an evolving interest in women’s sports.