2017 | Bach Seat

Tag Archive for 2017

RB | June 15, 2017

Comments Off

Scary SS7 Flaw Strikes Banks

Lost in last month’s hubbub over WannaCry ransomware was the revelation that hackers had successfully exploited the SS7 “flaw” in January 2017. In May reports surfaced that hackers were able to remotely pilfer German bank accounts by taking advantage of vulnerabilities in Signaling System 7 (SS7). SS7 is a standard that defines how the public phone system talks to itself to complete a phone call.

The high-tech heist was initially reported by the German newspaper Süddeutsche Zeitung (auf Deutsch). The attack was a sophisticated operation that combined targeted phishing emails and SS7 exploits to bypass two-factor authentication (2FA) protection. This is the first publicly known exploit of SS7 to intercept two-factor authentication codes sent by a bank to confirm actions taken by online banking customers.

How hackers get in

According to ars Technica, the attack began with traditional bank-fraud trojans. These trojans infect account holders’ computers and steal the passwords used to log in to bank accounts. From there, attackers could view account balances, but were prevented from making transfers without the one-time password the bank sent as a text message. After stealing the necessary login details via phishing emails, the perpetrators leveraged the SS7 flaw to intercept the associated mTAN (mobile transaction authentication numbers) authentication codes sent to the victims — messages notifying them of account activity — to validate the transactions and remain hidden, investigators say.

German Telecommunications giant O2-Telefonica confirmed details of the SS7-based cyberattacks to the newspaper. Ars says, in the past, attackers have obtained mTANs by obtaining a duplicate SIM card that allows them to take control of the bank customer’s phone number. SS7-facilitated compromises, by contrast, can be done remotely on a much larger quantity of phone numbers.

O2 Telefonica confirmed to Help Net Security that the attackers were able to gain access to the network of a foreign mobile network operator in January 2017. The attackers likely purchased access to the foreign telecommunications provider – this can apparently be done for less than 1,000 euros – and have set up a call and SMS forwarding.

Two-factor authentication

Two-factor authentication (2FA) is a security process in which the user provides two authentication factors to verify they are who they say they are. 2FA provides an extra layer of security and makes it harder for attackers to gain access to a person’s devices and online accounts because knowing the victim’s password alone is not enough to pass the authentication check. Two-factor authentication has long been used to control access to sensitive systems and data, and online services are increasingly introducing 2FA to prevent their users’ data from being accessed by hackers who have stolen a password database or used phishing campaigns to get users’ passwords.

News of the incident prompted widespread concern online. Security advocates railed against the popular and continuous use of text messages to authenticate account information while growing evidence suggests that SS7 is an unsafe channel to deliver such data. Security experts told ars that the same SS7-centric hacking techniques used against German banks will become increasingly prevalent in the future, forcing organizations to reconsider how they authenticate user activity.

The end of 2FA?

Cris Thomas, a strategist at Tenable Network Security warns in the article:

While this is not the end of 2FA, it may be the end of 2FA over SS7, which comprises a majority of 2FA systems … Vulnerabilities in SS7 and other cellular protocols aren’t new. They have been presented at security conferences for years … there are other more secure protocols available now that systems can switch to…

Cybersecurity researchers began issuing warnings about this flaw in late 2014 about dangerous flaws in SS7. I wrote about the SS7 flaw in September of 2016 and in March 2107. Maybe this will be the wake-up call for the carriers. One industry insider quipped:

This latest attack serves as a warning to the mobile community about what is at stake if these loopholes aren’t closed … The industry at large needs to go beyond simple measures such as two-factor authentication, to protect mobile users and their data, and invest in more sophisticated mobile security.

SS7 allows voice networks to interoperate

In 2014 security researchers first demonstrated that SS7 could be exploited to track and eavesdrop on cell phones. This new attack is essentially a man-in-the-middle attack on cell phone communications. It exploits the lack of authentication in the communication protocols that run on top of SS7.

Developed in 1975, today, over 800 telecommunications companies around the world, including AT&T (T) and Verizon (VZ), use This technology has not kept up with modern times. In May 2017, Wired published an article that explains some of the ways to secure SS7. Overcoming SS7 insecurity requires implementing a series of firewalls and filters that can stop the attacks. Researchers Wired spoke to suggest that adding encryption to SS7 would shield network traffic from prying eyes and bolster authentication. Both of these changes are unpopular with the carriers because they cost money and can impact the network core, so don’t expect any network changes to address the SS7 flaw anytime soon.

The Register reports that the FCC’s Communications Security, Reliability and Interoperability Council found that the proposed replacement for SS7 on 5G networks, dubbed the Diameter protocol has security holes too.

In March 2017, Oregon Sen. Ron Wyden and California Rep. Ted Lieu sent a letter to Homeland Security’s John Kelly requesting that DHS investigate and provide information about the impact of SS7 vulnerabilities to U.S. companies and governmental agencies. Kelly has not responded to the letter, according to the Wired article.

Of course, the TLA’s would never use this “flaw” in SS7 to spy on us.

What can you do?

The Guardian says that given that the SS7 vulnerabilities reside on systems outside of your control, there is very little you can do to protect yourself beyond not using the services.

They recommend for text messages, avoiding SMS instead of using encrypted messaging services such as Apple’s (AAPL) iMessage, Facebook‘s (FB) WhatsApp or the many others available will allow you to send and receive instant messages without having to go through the SMS network to protect your messages from surveillance.

For calls, the Guardian recommends using a service that carries voice over data and not through the voice network. This will help prevent your calls from being snooped on. Messaging services including WhatsApp permit calls. Silent Circle’s end-to-end encrypted Phone service or the open-source Signal app also allows secure voice communications.

Your location could be being tracked at any stage when you have your mobile phone on. The only way to avoid it is to turn off your phone or turn off its connection to the mobile phone network and rely on Wi-Fi instead.

Related articles

Privacy hawks in Congress call on Homeland Security to warn Americans of SS7 hacking threat (TechCrunch)

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: 2017, AAPL, Apple, AT&T, Authentication, Cell phone, Diameter protocol, Encryption, Facebook, FB, FCC, Firewall, Malware, man-in-the-middle attack, MITM, Mobile, Ron Wyden, Security, SS7, T, Ted Lieu, Telephony, Trojan Horse, Verizon, Vulnerability, VZ, WannaCry, WhatsApp, Wi-Fi

RB | June 6, 2017

Comments Off

Cryptocurrencies

The attackers behind last month’s WannaCry ransomware were planning to extort $300 in Monero cryptocurrency to unlock encrypted files. Until this crisis, who had heard of cryptocurrencies? or Monero? How could you even buy Moneros to unlock your PC, if you wanted to take that chance? More people are probably aware of Bitcoin (BTC). The Visual Capitalist explains that Bitcoin. Bitcoin is the original cryptocurrency. Its meteoric rise has made it a mainstay of conversation for investors, media, and technologists.

Despite its shady history, Bitcoin has spawned over 800 new markets and cryptocurrencies. Bitcoin is the dominant cryptocurrency, with a market cap of $37.2 billion. The rest of the cryptocurrencies are worth even more. All of the other cryptocurrencies are worth nearly $40 billion.

The leaders of the altcoin movement

Ethereum (ETH) launched in 2015, is the second-largest by market capitalization. It is also quite different from Bitcoin. The Visual Capitalist explains the difference. Bitcoin is designed to be a payments protocol first. Ethereum is designed to work as a blockchain-based computing platform. It is designed for developers to build and deploy decentralized applications, while also enabling smart contracts. The tokens used to power the network are called Ether, but they can also be traded online. At the time of writing, Ethereum’s market capitalization is $15.4 billion.

Ripple (XRP) is the native currency of the Ripple Protocol. It is a broader catch-all for an open-source, global exchange according to the Visual Capitalist. Ripple is aiming to be a settlement protocol for major banks, It’s already being used by banks such as Santander, Bank of America Merrill Lynch, UBS, and RBC. Ripple has a market cap of $10.9 billion.

Ethereum Classic (ETC) The Ethereum network actually split into two in 2016. The Visual Capitalist says it’s a complicated situation. You can read about the hack v. hack battle here. This cryptocurrency is based on the original Ethereum blockchain and has a market capitalization of $1.4 billion.

Litecoin (LTC) is one of the first altcoins. Litecoin is nearly identical to Bitcoin after being “forked” in 2011. Litecoin aims to process blocks 4x faster than Bitcoin to speed up transaction confirmation time. The improved process time creates several other challenges as well according to the Visual Capitalist. At the time of writing, Litecoin’s market capitalization is worth $1.3 billion.

Monero

Monero (XMR) is an open-source, privacy-oriented cryptocurrency launched in April 2014. It is the result of a fork of the Bytecoin cryptocurrency. CoinDesk says Monero is private by default. It has achieved the widespread adoption of those interested in using cryptocurrencies to remain anonymous. Monero has a market capitalization of $6.2 million.

The price of Monero’s XMR has experienced significant volatility at times. It has gained more than 1,300% since it began trading on CoinMarketCap. Since its start, the cryptocurrency has fluctuated between roughly $0.25 (in January 2015) and close to $60 (in May 2017).

Monero leverages ring signatures and stealth addresses to obscure the sender’s and recipient’s identity. Ring signatures combine or ‘mix’ a user’s account keys with public keys obtained from Monero’s blockchain. This creates a ‘ring’ of possible signers, meaning outside observers cannot link a signature to a specific user.

Originally, ring signatures obscured the senders and recipients involved in a Monero transaction without hiding the amount transferred. However, an update called RingCT implemented a new ring signature. RingCT concealed the value of each transaction and the sender’s and recipient’s identities to make transaction tracking harder.

In addition to leveraging ring signatures, Monero also enhances anonymity through stealth addresses. Stealth addressed are randomly generated, one-time addresses created for each transaction on behalf of the recipient. With this feature, recipients publish a single address, and transactions they receive go to separate, unique addresses. As a result, Monero transactions cannot be linked to the published address of the sender or recipient.

Cryptocurrencies fungibility

By providing a high level of anonymity, Monero offers fungibility. Fungibility means that each individual unit of a currency can be substituted for another. Another way of putting this is that every coin has equal value.

Due to Monero’s untraceable nature, no two coins are distinguishable from one another. They are both equal in the eyes of merchants. Without this level of fungibility, a vendor that accepts cryptocurrency might refuse a unit of one of these assets because of its past possibly illegal transaction history.

CoinDesk points out that Monero has enjoyed a steady increase in adoption since its release. This adaption seems to be led by Dark web marketplaces like AlphaBay and Oasis which have embraced it, reportedly due to popular demand.

For those who want to purchase Monero’s, to pay a ransom, or for other reasons, they can buy them at any exchange. The Monero market operates like that of many other cryptocurrencies. Those interested in buying the cryptocurrency can get it through exchanges including Poloniex, Bitfinex, and Kraken.

Bitfinex, offers XMR/USD and XMR/BTC exchanges along with deposits and withdrawals of Monero. Kraken offers the same options as Bitfinex as well as XMR/EUR.

Other cryptocurrencies in the altcoin universe include NEM, Dash, ByteCoin, and Golem.

rb-

If the fraudsters who set off the WannaCry crisis were expecting to make a fortune in cryptocurrency, it didn’t work. Apparently, they have only made approx. BTC 50.91735344 or just under $150,000 on 320 payments worldwide. This, according to a twitter bot actual_ransom from @collinskeith which is watching the bitcoin wallets tied to the #WannaCry ransomware attack.

I dunno – Until somehow cryptocurrencies break their implied link to illegal activities online, they will be relegated to the black market.

The value of cryptocurrencies are really hard to pin down. No one really knows how much they should be worth. Unlike a company, there are no assets or revenues that can be used to assess a predictable valuation. So cryptocurrencies are subject to wide swings in valuations because they operate without any tangible value behind them.

The underlying technology of blockchain seems to have a brighter future

Related articles

Even the world’s largest bitcoin exchange couldn’t handle this week’s cryptocurrency boom (Techcrunch)

Category: Uncategorized | Tags: 2017, Bitcoin, Bitfinex, Blockchain, BTC, Business, cryptocurrency, Dark web, Monero, Ransomware, WannaCry, XMR

RB | May 29, 2017

Comments Off

Windows Terrible, Horrible, No Good Month

Redmond’s Terrible, Horrible, No Good, Very Bad month continues. The WannaCry ransomware hit mostly Windows 7 machines, and now researchers from the Russian information security company Aladdin RD recently discovered a new bug that will slow down and crash Microsoft (MSFT) Windows Vista, Windows 7, and Windows 8 PCs, but does not seem to impact Windows 10 so far.

In a throwback to the Windows 95 and 98 era, Ars Technica reports that certain specially crafted filenames could make the operating system lock up or occasionally crash with a blue screen of death. Ars reports that the bug allows a malicious website to try to load an image file with the “$MFT” name in the directory path. Windows uses “$MFT” for special metadata files that are used by the NTFS file system. The effected systems do not handle this directory name correctly.

The file exists in the root directory of each NTFS volume, but the NTFS driver handles it in special ways. Ars explains that it’s hidden from view and inaccessible to most software. Attempts to open the file are normally blocked, but if the filename is used as if it were a directory name—for example, trying to open the file c:\$MFT\123—then the NTFS driver takes out a lock on the file and never releases it. Every subsequent operation sits around waiting for the lock to be released. Forever. This blocks all other attempts to get access to the file system, and so every program will start to hang, rendering the machine unusable until it is rebooted.

Ars says that web pages that use the bad filename in an image source will provoke the bug and make the machine stop responding. Depending on what the machine is doing concurrently, it will sometimes blue screen. Either way, you’re going to need to reboot it to recover. Some browsers will block attempts to access these local resources, but Internet Explorer will try to open the bad file.

Ars couldn’t immediately cause the same thing to occur remotely (by sending IIS a request for a bad filename), but it wouldn’t immediately surprise us if certain configurations or trickery were enough to cause the same problem.

The Verge has successfully tested the bug on a Windows 7 PC with the default Internet Explorer browser. Using a filename with “c:\$MFT\123” in a website image, their test caused a machine to slow down to the point they had to reboot to get the PC working again.

A Microsoft spokesperson told Engadget that the company is looking into the matter and will give an update as soon as it can.
“Our engineers are currently reviewing the information. Microsoft has a customer commitment to investigate reported security issues and provide updates as soon as possible.”

The Redmond boys also had to release an emergency out-of-band update for the Malware Protection Engine aka Windows Defender. Two Google security researchers discovered the “crazy bad” flaw. They claimed it was “the worst Windows remote code exec in recent memory.” The TechNet article says the vulnerability they patched would allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file (CVE-2017-0290). To MSFT’s credit, they did fix the bug and release the patch with a week of being notified.

rb-

Early reports are that this bug is an attack vector. However, this is a denial of service attack that will need a reboot. This new flaw could be bundled with other more dangerous malware to force the user to reboot allowing the attacking malware to get loaded.

Related articles

Microsoft patched more Malware Protection Engine bugs last week (The Register)

Category: Uncategorized | Tags: 10, 2017, 7, 8, Blue Screen of Death, BSOD, Defender, DoS, Microsoft, MSFT, NTFS, Security, Vista, Vulnerability, Windows

RB | May 26, 2017

Comments Off

Demand for Project Managers Dropping

The role of IT project managers is critical, as new technology adoption, regulatory compliance, outsourcing, and other factors make it vital that projects be properly planned and controlled.

Computer Economics says that too few organizations adequately staff the project manager function and, as a result, too many projects fall short of objectives, miss deadlines, or overrun budgets. In their report, IT Project Management Staffing Ratios (Reg. Req.), the research firm found that project managers as a percentage of the IT staff dropped slightly at the median from 4.8% in 2015 to 4.5% in 2016.

The Irvine, CA-based firm speculates that there are a variety of reasons for the recent decline in the percentage of project managers. They found that like other IT functions, the staffing ratio for project managers is in flux. The percentages of staff in certain other IT job categories are growing, with a higher percentage going to application development, business analytics, and security. This, by definition, pushes down the percentage in project management.

Other reasons Computer Economics cites include the improvement in project management tools, which might allow project managers to handle more projects. It also appears a small number of companies might be abandoning the dedicated role of project manager, combining it with the role of lead developer, for example. The study also blames the growing popularity of agile development, with its focus on, also may be contributing to the decline in project management as a discrete function. However, this decline has only been recent and may not yet reflect a trend. Tom Dunlap, research director for Computer Economics said,

Despite the slight drop in the percentage of PMs, I’d be surprised if that turned into a long-term trend. With the rapidly changing nature of technology in the enterprise and the generally bad track record of IT departments getting projects in on time and on budget, I expect the percentage of PMs to go up.

rb-

Compare this data to that PMI reported in their Project Management Job Growth and Talent Gap 2017–2027 (PDF) report where they are making the case for a growing job market for PMs. The report claims that through 2027, the global project management-oriented labor force in seven project-oriented sectors is expected to grow by 33 percent, or nearly 22 million new jobs.

3 Ways to Create Your Project Manager Calendar (www.wrike.com)

Category: Project Management | Tags: 2017, Agile, Career, Compliance, PMI, Project management, Project manager

RB | May 18, 2017

Comments Off

Motor City v. Silicon Valley

– Updated 03-30-2018 – Business Insider reports that Silicon Valley darling Tesla shares have collapsed almost 6% since January 1 on a string of critical reports about the company’s ability to keep up healthy production levels and meet delivery expectations for its new mass-market Model 3 sedan.

—

Back in April, the tech sector was leaping for joy when Tesla’s stock market valuation passed Ford and GM. Rumors abound in Silicon Valley that Tesla is the future of transportation and Elon Musk is the king of cars because they took more orders for cars that did not burn up or crash out of control. In 2016 Tesla delivered only 76,000 vehicles. Ford sold nearly 1 million F-Series trucks in 2016.

Despite the happy dances in Silicon Valley, which fancy itself as the logical successor to Detroit as the capital of American innovation new research says not so fast. The west coast upstarts — Uber, Google (GOOG), and Tesla (TLSA) — still have a lot of catching up to do when it comes to outpacing Michigan manufacturers. The Verge points us to Navigant Research, whose newly released “leaderboard” report ranks autonomous vehicle players not just on their ability to make a car drive itself, but on their ability to bring that car to the mass market.

Navigant Research scored 18 companies working on self-driving technology on 10 different criteria related to strategy, manufacturing, and execution. The report combined all that into an overall score to get a sense of who’s ahead and who’s not. General Motors (GM) and Ford (F) are currently leading the pack, with Daimler and Renault-Nissan close behind. Those four companies make up Navigant’s “leader” category. In other words, when you climb into your first self-driving car in 2021, it will almost certainly be built by one of those four companies.
Navigant Research Leaderboard: Automated Driving Vehicles

Most everyone else is in the “contender” category. This includes car companies like BMW, PSA, Hyundai, Toyota, Tesla, and Volkswagen; suppliers like Delphi and ZF; and tech firms like Alphabet’s Waymo. Further down the list, in the “challengers” category, are companies like Honda, nuTonomy, Baidu, and Uber.

Detroit is beating Silicon Valley

Sam Abuelsamid, a senior research analyst at Navigant and one of the authors of the report, told the Verge the reason Detroit beating Silicon Valley so badly in this all-too-crucial race to get autonomous vehicles on the road is because of experience. He says, Silicon Valley, “ …. will have to do deals with someone to get actual vehicles.”

Alphabet’s Waymo, scores top marks for technology but drags in the production strategy and sales, marketing, and distribution buckets. The company plans to work with legacy automakers to put its tech in cars, but has not yet struck any major deals. Mr. Abuelsamid detailed on an email with the Verge that Waymo is in the best position of the contenders.

They have almost every piece of this—except the product strategy … Waymo has what is arguably the best technology right now, although they probably aren’t that far ahead of the leading [original equipment manufacturers] but they will have to do deals with someone to get actual vehicles”

Despite Uber’s high profile, a recent study showed that only 15% of U.S. consumers have tried a ride-hailing app like Uber. Uber also has a safety problem – Uber drivers have been charged with murder and violent crimes against their customers. In the Navigant research, Uber wallows near last place thanks to low grades for distribution, product portfolio, and staying power—and because makes Uber makes neither cars nor money. In fact, its key strength—that it already operates a global fleet of shared vehicles—may not be enough here. “It’s a lot easier for the company that actually has the infrastructure to create vehicles to recreate what Uber’s done, than the other way around,” Mr. Abuelsamid says.

Scale matters in the auto industry.

The Navigant analyst explained scale matters in the auto industry.

All the little [Silicon Valley] startups may have some interesting ideas, but they don’t have the resources to produce something sufficiently robust to be commercially viable. If they have something good to offer, their best bet is an acquisition

The “legacy automakers” have engaged in mergers and acquisitions and early maneuvering in the autonomous vehicle arena as Mr. Abuelsamid stated. The report predicts that big companies will buy little startups to leverage their technology and expertise to round out the much larger-scale enterprise of developing, testing, validating, producing, and distributing self-driving cars.

Wired says Ford and GM both score in the low to mid 80s on the technology front; it’s their old-school skills that float them to first and second place. They’ve each spent more than a century developing, testing, producing, marketing, distributing, and selling cars. Plus, each has made strategic moves to bolster weak points.

GM recently acquired Cruise Automation, a San Francisco-based autonomous vehicle technology maker in a deal valued at more than $1 billion. GM said the acquisition will allow it to “accelerate” its autonomous vehicle development efforts.

Ford has announced an investment of $1 billion over the next five years in Argo AI, a startup run by Carnegie Mellon roboticists and engineers who really know their artificial intelligence stuff.

Fiat Chrysler has partnered with Alphabet to jointly test autonomous technology in Pacifica minivans, and Alphabet is opening a 53,000 square foot self-driving car development center near Detroit in Novi, MI.

GM has invested $500 million in ride-sharing provider Lyft to beef up its ridesharing service. In the “long-term strategic alliance,” the companies will work on what they call “on-demand autonomous vehicles.” For now, the deal means GM cars will be the “preferred” vehicle used by Lyft drivers who rent their cars in various U.S. cities. Those vehicles will tap into GM’s OnStar service, while GM and Lyft promised “personalized mobility services and experiences,” but did not elaborate.

Ford, meanwhile, recently announced a $75 million investment in LiDAR maker Velodyne, to “quickly mass-produce a more affordable automotive LiDAR sensor” so the company can launch a fleet of self-driving ride-sharing cars by 2021

Ford has also acquired SAIPS, an Israeli machine learning firm to further strengthen its ability in artificial intelligence and computer vision. SAIPS has developed algorithmic solutions in image and video processing, deep learning, signal processing and classification. This expertise will help Ford autonomous vehicles learn and adapt to the surroundings of their environment

Ford announced that it would take part in a $6.6 million seed funding round for Civil Maps to further develop high-resolution 3D mapping capabilities. This provides Ford another way to develop high-resolution 3D maps of autonomous vehicle environments. Ford has also agreed to acquire Chariot, an on-demand shuttle service based in San Francisco.

Mr. Abuelsamid predicts that early on, you probably won’t be buying a self-driving car at a dealership, but rather riding in one that you hail through an app-based service like Uber or Lyft. These vehicles will be part of a fleet owned by a manufacturer, like Ford or GM. Fleet ownership will help manufacturers manage the issues self-driving vehicles are likely to encounter early on, like insurance for the inevitable accidents. Navigant’s Abuelsamid says

With all of that in mind, it’s far easier for a manufacturer to replicate the sort of logistics platform that Uber or Lyft have than it is for those companies to invest in and create the development, manufacturing, and service infrastructure that [original equipment manufacturers] have

Mr. Abuelsamid noted that Tesla ranked pretty far down the “contender” because Elon Musk’s company is “lacking in quality, distribution, financial stability, and their [Autopilot] 2.0 hardware will never be more than limited Level 4-capable (PDF) at best.” In other words, Musk would be advised not to start gloating about his company being valued higher than the OG’s Ford and GM quite yet.

Wall Street has lost its mind when it comes to Ford (F) (businessinsider.com)

Category: Cars | Tags: 2017, Artificial intelligence, autonomous vehicles, Baidu, Detroit, Elon Musk, F, Ford, GM, Machine learning, Michigan, Motor Ciy, Silicon Valley, Tesla Motors, Uber, Waymo

« Older Entries Recent Entries »

Bach Seat

Tag Archive for 2017

Scary SS7 Flaw Strikes Banks

How hackers get in

Two-factor authentication

The end of 2FA?

SS7 allows voice networks to interoperate

What can you do?

Cryptocurrencies

The leaders of the altcoin movement

Monero

Cryptocurrencies fungibility

Windows Terrible, Horrible, No Good Month

Demand for Project Managers Dropping

Related articles

Motor City v. Silicon Valley

Detroit is beating Silicon Valley

Scale matters in the auto industry.

Related articles

Meta