Tech News Weekly 397: Meta's New Muscle-Reading Wristband
Release Date: July 24, 2025
Host: Micah Sargent
Guest Hosts: Jeff Carlson (CNET), Dan Moran (Six Colors)

1. Microsoft SharePoint Vulnerability Crisis [00:00 - 17:50]

Overview:
The episode begins with Micah Sargent addressing a critical security vulnerability in Microsoft SharePoint. This zero-day exploit has swiftly escalated into a global cybersecurity crisis, affecting hundreds of organizations, including sensitive government agencies like the National Nuclear Security Administration and the National Institutes of Health.

Key Points:

• Nature of the Vulnerability:
  The flaw impacts self-hosted (on-premises) versions of Microsoft SharePoint Server 2016 and later. Unlike Microsoft's cloud-hosted SharePoint, on-prem installations require organizations to manage their own security updates, making them more susceptible to such exploits.

• Impact and Scale:
  Initially identified by iSecurity, the vulnerability has led to over 400 confirmed server compromises within a week of its discovery. Michael Sikorsky from Palo Alto Networks emphasized the severity:

  "If you have SharePoint on premise exposed to the Internet, you should assume that you have been compromised at this point." ([14:35])

• Exploitation Tactics:
  The bug allows attackers to execute malicious code remotely, granting unauthorized access to files and broader network systems. Additionally, it enables the theft of digital keys, permitting persistent access even after patches are applied.

  "It's almost like you had stolen the royal lockmaker and so you're able to continue to do that." ([08:15])

• Affected Entities:
  High-profile targets include:

  • National Nuclear Security Administration: Responsible for maintaining the U.S. nuclear arsenal.
  • National Institutes of Health: The primary federal agency for biomedical research.
  • California Independent System Operator: Manages the state's electric grid, though operations remain unaffected.

• Attribution and Geopolitical Implications:
  Both Google and Microsoft have attributed the breach to China-backed hacking groups, a claim the Chinese government has denied, citing the complexities of cyber attack origins. Treasury Secretary Scott Besant announced intentions to discuss the matter in upcoming trade talks with Chinese officials.

  "Cyberspace is characterized by strong virtuality, difficulty in tracking origins and diverse actors, making the tracing of cyber attacks a complex technical issue." ([12:45])

• Response and Mitigation:
  Microsoft has released patches for all affected SharePoint versions. However, due to the stolen digital keys, organizations must rotate their digital certificates to prevent ongoing exploitation. CISA has urged immediate action, including disconnecting affected systems from the Internet if patches are unavailable.

Conclusion:
The SharePoint vulnerability underscores systemic issues in cybersecurity infrastructure, particularly the challenges of managing on-premises systems. With significant budget cuts impacting agencies like CISA, the ability to respond swiftly to such threats is compromised, highlighting the urgent need for robust cybersecurity measures.

2. T-Mobile's Satellite Texting Service [18:39 - 35:08]

Guest: Jeff Carlson, CNET

Overview:
Jeff Carlson shares his hands-on experience testing T-Mobile's new satellite texting service, exploring its functionality, performance, and potential applications.

Key Points:

• Testing Environment:
  Due to Seattle's extensive cellular coverage, Jeff had to travel two and a half hours northeast to North Cascades and further to Lake Diablo to find a dead zone suitable for testing the satellite service.

  "When you're using the Apple device... you have to point up to a satellite. With T-Mobile, it just knew there were satellites available and connected automatically." ([20:07])

• Service Performance:

  • Texting: Generally smooth with occasional lags.

    "Sometimes texts would have a little bit of lag, but often it felt like normal texting." ([21:12])

  • Image Sharing: Limited to MMS, with images taking approximately two and a half minutes to send, albeit with reduced resolution for efficiency.

    "The quality was perfectly decent, even if it wasn't full resolution." ([21:26])

• User Experience Challenges:
  Jeff noted interface issues on Android devices, where the satellite connection status was not clearly indicated, leading to confusion about connectivity status. In contrast, Apple’s implementation provided more intuitive indicators.

  "There wasn't anything that just said, 'Hey buddy, you no longer have a connection.'" ([23:29])

• Future Developments:
  T-Mobile plans to open up an API in October, allowing developers to integrate satellite data streams into other applications, enhancing functionality beyond simple texting.

  "They're allowing developers to connect to an API so applications like All Trails can use satellite data for mapping." ([27:04])

• Broader Implications:
  The service holds significant potential for remote communities with poor or no cellular coverage, enabling essential communications without the need for extensive travel to find signal areas.

  "This can make a big impact in rural areas by providing essential communications without needing to drive long distances for coverage." ([30:21])

Conclusion:
T-Mobile's satellite texting service represents a seamless integration of satellite connectivity into existing mobile infrastructure, offering reliable communication in areas devoid of cellular coverage. While current limitations include slower data transmission and limited media types, ongoing developments aim to expand its capabilities, potentially transforming it into an essential service for both remote individuals and communities.

3. AppleCare One and Public Betas [36:37 - 54:55]

Guest: Dan Moran, Six Colors

Overview:
Dan Moran discusses Apple's new subscription-based AppleCare One service and the recently launched public beta for Apple's operating systems.

Key Points:

• AppleCare One Subscription Service:

  • Structure:

    • Flat Fee: $19.99 per month to cover up to three devices, with additional devices available at $5.99 per month.
    • Benefits: Includes accidental damage coverage, theft and loss replacements, and other extended warranty services.
    • Flexibility: Allows users to add older devices (up to four years old) and swap devices within the plan dynamically.

      "If you have an Apple Vision Pro or an expensive laptop, AppleCare One can save you money compared to individual plans." ([44:25])

  • Cost-Effectiveness:

    • For lower-cost devices, individual AppleCare plans might be cheaper.
    • For higher-end devices like the Apple Vision Pro, AppleCare One offers significant savings.

  • Apple’s Motivation:

    • Recurring Revenue: Enhances Apple's services division through consistent subscription income.
    • Data Insights: Provides Apple with comprehensive data on device usage and repair frequencies, optimizing their service offerings.

      "AppleCare One is good for them as they analyze repair costs versus subscription fees to ensure profitability." ([47:05])

• Public Beta for Apple's Operating Systems:

  • Renumbered Systems: Apple has introduced OS versions labeled as "26," spanning iOS 26, macOS 26, etc.

  • Availability: Public beta accessible to all users, allowing a broader range of feedback compared to developer betas.

  • Feedback Focus: While developer betas address app compatibility and technical issues, public betas help identify user-facing bugs and edge cases affecting a larger population.

    "Public beta is more about finding issues that could affect millions, whereas developer beta focuses on app compatibility." ([53:27])

  • Impact of Feedback:

    • Encourages user participation to fine-tune the operating systems before final release.
    • Although significant changes are less likely at this stage, bug fixes and performance improvements are still possible based on widespread user feedback.

Conclusion:
AppleCare One represents Apple's strategic move to consolidate its extended warranty services into a flexible, subscription-based model that appeals to a broad range of device users. Concurrently, the public beta for Apple's operating systems fosters community engagement, ensuring that the final releases are robust and user-friendly. Both initiatives underscore Apple's commitment to enhancing user experience through adaptability and broad-based feedback mechanisms.

4. Meta's Muscle-Reading Wristband [58:29 - 74:55]

Overview:
In the story of the week, Micah Sargent delves into Meta's latest innovation—a wrist-worn device capable of reading muscle contractions and translating them into digital commands without the need for individual calibration.

Key Points:

• Device Specifications:

  • Name: SEMGRD (Surface Electromyography Research Device)
  • Technology: Utilizes surface electromyography (SEMG) to detect electrical signals from muscle contractions.
  • Design: Features 48 gold-plated electrodes arranged in 16 sensing channels around the wrist. It is wireless, battery-powered, and designed for quick on/off usage.

    "The device is small, lightweight, and can be worn effortlessly, unlike bulkier earlier prototypes." ([65:58])

• Research Milestone:

  • Scale and Data Collection:
    • Over 11,000 participants contributed to the data set, including 6,627 individuals for the handwriting task.
    • Creates the largest neuromotor interface data set to date, enabling models that generalize across diverse populations without the need for individual calibration.

      "This represents the first high-bandwidth neuromotor interface with performant out-of-the-box generalization across people." ([69:40])

• Functionality Demonstrated:

  • Cursor Control: Users achieved 0.66 target acquisitions per second by maneuvering a cursor through wrist movements.

    "Users could navigate a cursor across a screen simply by flexing their wrists." ([64:58])

  • Gesture Recognition: Capable of detecting nine distinct gestures at 0.88 detections per second, including finger pinches and thumb swipes in multiple directions.
  • Air Handwriting: Enables users to write text in the air at 20.9 words per minute, slightly slower than traditional mobile typing speeds but notable for touchless input.

• Advantages Over Existing Technologies:

  • No Calibration Required: Unlike many neuromotor interfaces that require personalized calibration, Meta's device works out-of-the-box across different users.
  • Potential Applications: Enhances accessibility for individuals with limited mobility, offers new interaction modes for virtual and augmented reality, and opens avenues for hands-free device control.

    "This isn't about mind reading; it's about translating deliberate muscle movements into digital commands." ([70:22])

• Future Prospects and Challenges:

  • Integration with AR/VR: Potential synergy with Meta's AR glasses, allowing seamless control without bulky peripherals.
  • Haptic Feedback: Current iterations lack tactile response, a feature essential for nuanced interactions, which Meta aims to develop further.
  • Commercialization Timeline: While the technology is promising, it remains years away from consumer-ready products due to cost and scalability considerations.

Conclusion:
Meta's SEMGRD wristband marks a significant advancement in neuromotor interfaces, particularly in its ability to generalize across diverse users without customization. This breakthrough paves the way for more intuitive and accessible human-device interactions, though practical application and widespread adoption await further development.

Final Thoughts

This episode of Tech News Weekly provided an in-depth exploration of critical cybersecurity threats, innovative communication technologies, evolving service models in the tech industry, and groundbreaking advancements in human-computer interfaces. From the urgency of addressing Microsoft SharePoint's vulnerabilities to the promising future of muscle-reading technology, the discussions highlighted the dynamic and interconnected nature of today's technological landscape.

Notable Quotes:

• "If you have SharePoint on premise exposed to the Internet, you should assume that you have been compromised at this point." — Michael Sikorsky, Palo Alto Networks ([14:35])
• "Cyberspace is characterized by strong virtuality, difficulty in tracking origins and diverse actors, making the tracing of cyber attacks a complex technical issue." — Chinese Embassy ([12:45])
• "Users could navigate a cursor across a screen simply by flexing their wrists." — Dan Moran, discussing Meta's wristband ([64:58])

Additional Resources:

• For more insights on AppleCare One and public betas, visit Six Colors at sixcolors.com.
• Explore the latest on Meta's neuromotor interfaces through Meta's official publications and research releases.

Stay informed with Tech News Weekly every Thursday, bringing you the latest in tech innovations, security updates, and industry insights.