Astronomers have detected a black hole, named Swift J0230, that’s currently eating big ol’ chunks out of a star that looks a whole lot like the Earth’s sun. Whenever the star passes the black hole, it loses the equivalent mass of three Earths.
In today’s email:
‘Smart’ sex toys: Why users and their data are left vulnerable.
Superstars: Are top athletes good for the economy?
Amazon: Trapped in the cancellation labyrinth.
Around the web: What’s a “stay interview,” a chat with Samir Chaudry, a woolly nest, and more.
👇 Listen: Surprising nobody, a world with ~17B internet-connected devices is a security disaster.
The big idea
Hackers will hack anything — including your sex toys
As the Internet of Things grows, vulnerabilities emerge in all sorts of devices — even sex toys.
2023-09-13T00:00:00Z
Juliet Bennett Ryla
Far be it from us to kink-shame people who like sex toys, but we’re definitely shaming sex toy companies that don’t protect users’ data.
Case in point: A security researcher told TechCrunch he exploited two vulnerabilities in an app-controlled chastity device, accessing a database of 10k+ users, in June — but the device’s maker still hasn’t done anything about it.
Yikes, but…
… this isn’t the first time such a company has been caught with its security pants down.
Standard Innovation Corp. settled for $3.75m in 2017 after two women claimed its We-Vibe toy and app collected intimate data including usage, settings, and email addresses.
In 2017, a security researcher demonstrated how a toy with a camera could be hacked, allowing others to see the feed.
And there are far more Internet of Things (IoT) sex toys than you might think, per the Internet of Dongs, a website that tracks and tests them.
Okay, but would someone actually hack a sex toy?
In 2020, connected chastity device CellMate was hacked via an exposed API. One user toldVice that hackers demanded $750 in bitcoin to unlock it. Fortunately, he hadn’t been wearing it.
But this showcases a larger problem. There are ~17B connected devices worldwide, per CNBC, including fridges, watches, toilets, lights, and, for some reason, this smart egg crate.
And Microsoft’s Digital Defense Report 2022 found that “the security of Internet of Things (IoT)… has not kept pace” with software and hardware, making them an entry point for bad actors.
As this tech creeps further into everyday life, companies owe it to their users to test for and fix vulnerabilities, and to be transparent about what data they collect and why — no matter the device.
Fun fact: Hackers once used smart sensors in a casino fish tank to access its network and steal customer data.
TRENDING
Oh, no: A portrait of a young girl recently sold at auction for ~$2k, which would be unremarkable had it not already been sold and returned 2x by people who claim it’s “cursed.” It could also just be a marketing gimmick to hype the value of a boring painting, but… we’ll be keeping an eye out.
SNIPPETS
Google and the US Department of Justice began a 10-week antitrust trial yesterday. The case, which accuses the company of illegally monopolizing internet search, could determine Google’s future and how we use the internet.
Appleunveiled its newest iPhones, highlighted by the iPhone 15 Pro, a titanium model that can capture spatial video. But the thing everyone’s talking about is simpler: Apple’s switch from a Lightning connector to a USB-C socket.
Not particularly useful: Meta’s Threads is blocking searches related to covid amid an uptick in infections, saying it temporarily won’t provide results that may contain “potentially sensitive content.”
TikTok Shop is now available in the US, meaning the app’s 150m+ American users can now buy products directly from their favorite creators. Many will be shipped via TikTok’s own fulfillment centers.
RIP, refills:McDonald’s said it will remove its self-serve soda machines at all US locations by 2032, citing declining numbers of dine-in customers.
Coca-Cola’s latest mystery flavor is here. The brand used AI to develop the flavor and packaging for its new, limited-edition Y3000 cola. The drink is “futuristic flavored,” whatever that means.
Lyft announced a new feature that helps match female drivers with female passengers in an effort to attract women to the app and improve safety.
Macy’s tapped Olivier Bron as the new CEO of Bloomingdale’s. Bron comes to the brand from French retail group Galeries Lafayette, bringing international perspective to the legacy retailer.
TKO Group Holdings, the company combining WWE and UFC, made its debut on the New York Stock Exchange. Next up for the brand: bringing content to streaming services and acquiring more sports companies.
Reading just 30 minutes a day can sharpen that mind of yours and make you a better leader. Need some recs? Here are 15 of the best leadership books.
Starstruck
Are superstar athletes good for the economy?
On a chilly February day earlier this year, downtown Kansas City exploded in celebration because of football.
Residents started filling the streets at 6am. Children, given the day off by local school districts, tossed footballs. Vendors hustled around selling unlicensed T-shirts.
A few hours later, with close to 1m people on hand, a caravan of double-decker buses rolled through downtown, officially starting the Super Bowl parade. The man who made this all possible, superstar quarterback Patrick Mahomes, stood on the top level of one bus, hoisting his MVP trophy with one hand and a Coors Light with the other.
Fans couldn’t get enough, cheering wildly when Mahomes showed off a golden championship belt around his waist and when he chugged his beer and spiked the can in the street. They applauded when he exited a port-a-potty.
Clark Hunt, co-owner of the Chiefs, even called Mahomes “the single-most important person in Kansas City.”
But though the world’s best athletes make their cities happier, it’s hard to tell if these superstars make them richer.
Athletes — like Mahomes in KC, Giannis Antetokounmpo in Milwaukee, or LeBron James in Cleveland — have brought championships and excitement to fans in their region. They’ve given millions of people around the world a reason to pay attention to cities that they never would otherwise.
But how good for the economy are they? Do transcendent athletes really pad the coffers of local businesses and create jobs?
You’ve dreamt up brilliant ideas, I’ve dreamt up brilliant ideas — but time and again, Sam Parr actually went the distance to make them real.
Within a decade, he launched Hustle Con, The Hustle, Trends, My First Million, and most recently, Hampton — a private community for high-growth CEOs and founders.
Here are Sam’s six steps to discovering the next big thing. We made a clean one-pager fit for saving to your desktop, or taping on the ceiling.
Right above your bed. So every night, you can internalize this shit.
A personal window into the “nonconsensual enrollment problem” that has Amazon and the FTC facing off in court.
2023-09-13T00:00:00Z
Ben Berkley
If anyone at the Federal Trade Commission is bored today, feel free to reach out — my household may have another ready-made case against Amazon for you.
Hope you enjoy this journey as much as we’ve hated it:
March 18: Billed $5.26 for an Amazon Music Unlimited subscription we never signed up for.
March 18: Amazon chat support: subscription canceled, refund issued.
July 1, 9:08am: Automatically billed $5.26 — again.
July 1, 9:21am: Subscription canceled, refund issued — again.
July 1, 6:29pm: Billed again.
July 2, 6:50am: “I can assure you that the subscription is over now.”
Aug. 4: Billed again.
Aug. 4: “You will not get charged in the future… Please be assured and trust me.”
The very next morning: Billed again.
Aug. 5: “That must be a glitch, no worries I have fixed it for you. You will not be charged again.”
Sept. 8: A new “$5.26” on the bank statement, of course.
Sept. 8: “I have put a note on the account for no further charges.”
We aren’t alone in experiencing this — and won’t hold our breath that this “note” will do the trick.
This saga, though frustrating, isn’t shared to grind an ax; it’s just another view on the kind of chicanery Amazon’s already defending in court.
This isn’t anything new
In June, the FTC sued Amazon for fooling customers into signing up for its $15/month Amazon Prime service and intentionally making it difficult to cancel, perArs Technica.
The FTC’s complaint revealed that Amazon internally called its cancellation process “Iliad,” a nod to Homer’s ~15.7k-line epic, and accused Amazon leadership of slowing or rejecting changes that’d help customers navigate the “labyrinthine” Iliad.
Per the FTC, the “nonconsensual enrollment problem was well known within Amazon.”
The case is pending, but Amazon called the claims “false” and got back up from Stratechery, which said the FTC is “simply anti-business.”
Our takeaway: Skulduggery like this at least explains why Amazon’s legal chief made $18.2m — or 3.46m months of Amazon Music Unlimited — last year. That’s one busy man.
AROUND THE WEB
🚗 On this day: In 2004, Oprah Winfrey gave away 276 new cars to her studio audience, all donated by Pontiac.
⚔️ That’s interesting: The story of Texas death row inmates who’ve found friendship over “Dungeons & Dragons.”
🎧 Podcast: My First Million’s Shaan Puri interviews YouTuber Samir Chaudry about interview prep, the creator economy, working with MrBeast, billion-dollar empire builders, and more.
✏️ How to: Conduct a “stay interview” and avoid an exit interview.
Look at that! You’re on your way to the top of the food chain.
You seem like the kind of person who knows how to work a network. And now you’ve landed an opportunity to snag some business class aromatherapy.
Get {{5-contact.referral_count}} more referrals and you’ve got yourself a Hustle candle. Let us help you set the mood and bring some positive vibes to your workspace.
You’re just {{5-contact.referral_count}} referrals away. The candle awaits.
Look at that! You’re on your way to the top of the food chain.
You seem like the kind of person who knows how to work a network. And now you’ve landed an opportunity to snag the desk plant you never knew you needed.
Get {{15-contact.referral_count}} more referrals and you’ve got yourself a Hustle branded clover grow kit. If you want something to grow, you must water. Practice your nurturing abilities with this custom Hustle clover grow kit and grow your referrals at the same time.
You’re just {{15-contact.referral_count}} referrals away. Desk plant nirvana awaits.
Look at that! You’re on your way to the top of the food chain.
You seem like the kind of person who knows how to work a network. And now you’ve landed an opportunity to snag the desk organizer of all desk organizers.
Get {{25 – contact.referral_count}} more referrals and you’ve got yourself a Hustle-branded organizer, to hold your gadgets and give your desk space a breath of fresh air.
You’re just {{25 – contact.referral_count}} referrals away. The desk organizer awaits.
Look at that! You’re on your way to the top of the food chain.
You seem like the kind of person who knows how to work a network. And now you’ve landed an opportunity to organize all those stray cords floating around your desk.
Get {{50 – contact.referral_count}} more referrals and The Hustle tech organizer is yours. It’s clean, compact, and all you need to make sure your technology life support is closeby.
You’re just {{50 – contact.referral_count}} referrals away. The tech organizer awaits.
Look at that! You’re on your way to the top of the food chain.
You seem like the kind of person who knows how to work a network. And now you’ve landed an opportunity to snag the prestigious Hustle backpack.
Get {{100 – contact.referral_count}} more referrals and it’s yours. Carry your laptop, gym clothes, Coca Cola’s secret recipe, or whatever you feel like. Walk around with the crew on your back!
You’re just {{100 – contact.referral_count}} referrals away. A new bag awaits.
Look at that! You’re on your way to the top of the food chain.
You seem like the kind of person who knows how to work a network. And now you’ve landed an opportunity to snag some new tech.
Get {{250 – contact.referral_count}} more referrals and you’ve got yourself a Zoom Glow-up kit. This kit will include a Blue Yeti mic, Logitech camera, and a Lume Cube light. This is the perfect set-up to make every video recording and Zoom meeting feel like an Oscar-quality production. Keep climbing.
You’re just {{250 – contact.referral_count}} referrals away. The Zoom upgrade awaits.
Well, well. Look who climbed the ladder. We’re so proud.
You seem like the kind of person who knows how to work a network. And now you’ve got an opportunity to bag The Hustle’s grand prize.
Just {{500 – contact.referral_count}} more referrals and you’ll get yourself a ticket to Inbound 2023, the most bodacious business conference in the industry. You could rub shoulders with moguls, or catch a keynote next to your favorite YouTuber. Get your hustle on for a shot at maximizing your network.
You’re just {{500 – contact.referral_count}} referrals away. The final boss awaits.
Today’s email was brought to you by Juliet Bennett Rylah and Sara Friedman.
Editing by: Ben “Amazon customer service on speed dial” Berkley.Was this email forwarded to you? Sign up here.
We use cookies to make the Hustle website a better place. Cookies help to provide a more personalized experience and relevant advertising for you, and web analytics for us. To learn more about the different cookies we're using, check out our Cookie Settings. For further information, check out our Cookie Policy & our Privacy Policy.
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Cookie
Duration
Description
__cf_bm
30 minutes
This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Cookie
Duration
Description
__hssc
30 minutes
This cookie keeps track of sessions.
This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie.
It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
__hssrc
session
Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser.
If this cookie does not exist when HubSpot manages cookies, it is considered a new session.
It contains the value "1" when present.
__hstc
6 months
The main cookie for tracking visitors.
It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
_ga
6 months
The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_58267113_7
1 minute
This cookie is set by Google and is used to distinguish users.
_gat_UA-58267113-7
1 minute
This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.
_gcl_au
3 months
Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid
1 day
Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
_hjAbsoluteSessionInProgress
30 minutes
This cookie is set by Hotjar. Used to detect the first pageview session of a user.
_hjFirstSeen
session
This cookie is set by Hotjar. Identifies a new user’s first session.
Used by Recording filters to identify new user sessions.
_hjIncludedInPageviewSample
30 minutes
This cookie is set by Hotjar. Set to determine if a user is included in the data sampling defined by the website limit.
_hjIncludedInSessionSample
30 minutes
This cookie is set by Hotjar. Set to determine if a user is included in the data sampling defined by your site's daily session limit.
_hjSession_1955701
30 minutes
This cookie is set by Hotjar. Holds current session data.
Ensures subsequent requests in the session window are attributed to the same session.
_hjSessionUser_1955701
1 year
This cookie is set by Hotjar.
Set when a user first lands on a page.
Persists the Hotjar User ID which is unique to that site.
Ensures data from subsequent visits to the same site are attributed to the same user ID.
_omappvp
6 months
The _omappvp cookie is set to distinguish new and returning users and is used in conjunction with _omappvs cookie.
_omappvs
20 minutes
The _omappvs cookie, used in conjunction with the _omappvp cookies, is used to determine if the visitor has visited the website before, or if it is a new visitor.
_omra
6 months
This cookie is set by OptinMonster. Used to store interaction and conversion data for campaigns in conjunction with Revenue Attribution.
hubspotutk
6 months
This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts.
It contains an opaque GUID to represent the current visitor.
om-wip10afyetrnlu70kibe
1 month
Used to determine if a visitor has been shown a campaign by the slug
sailthru_content
1 year
This cookie is set by Sailthru. Tracks recent pageviews for all visitors, and can be used to populate a new user profile.
sailthru_pageviews
30 minutes
This cookie is set by Sailthru to tracks the number of page views for each user.
sailthru_visitor
1 year
This cookie is set by Sailthru. The cookie contains an id that is used to identify a user’s pageviews within a session.
test_cookie
15 minutes
The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Cookie
Duration
Description
_clck
1 year
This cookie is set by Microsoft Clarity. Persists the Clarity User ID and preferences, unique to that site, on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
_clsk
1 year
This cookie is set by Microsoft Clarity. Connects multiple page views by a user into a single Clarity session recording.
_cq_check
Session
This cookie is set by CHEQ AI Technologies. Used to monitor the technical information and use of devices that connect to our website to protect it from malicious traffic.
_cq_duid
3 month
This cookie is set by CHEQ AI Technologies. Used to monitor the technical information and use of devices that connect to our website to protect it from malicious traffic.
_cq_suid
Session
This cookie is set by CHEQ AI Technologies. Used to monitor the technical information and use of devices that connect to our website to protect it from malicious traffic.
_fbp
3 months
This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
_lc2_fpi
2 years
This cookie is set by LiveIntent. A random, unique, device identifier, stored as a 1st party cookie, to enable targeted advertising
_li_dcdm_c
session
This cookie is set by LiveIntent. The domain name where the _lc2_fpi cookie was stored
_tt_enable_cookie
13 months
To measure and improve the performance of your advertising campaigns and to personalize the user's experience (including ads) on TikTok.
_tt_sessionId
13 months
To measure and improve the performance of your advertising campaigns and to personalize the user's experience (including ads) on TikTok.
_ttp
13 months
To measure and improve the performance of your advertising campaigns and to personalize the user's experience (including ads) on TikTok.
_twclid
30 days
This cookie is set by Twitter. It is used for tracking and personalization purposes, such as remembering a user's preferences and activity on the site.
_uetsid
1 day
This cookie is set by Microsoft Advertising. It contains the session ID for a unique session on the site.
_uetvid
13 months
This cookie is set by Microsoft Advertising. UET assigns this unique, anonymized visitor ID, representing a unique visitor. UET stores this data in a first-party cookie.
AnalyticsSyncHistory
1 month
Linkedin sets this cookie. Used to store information about the time a sync took place with the lms_analytics cookie
ANONCHK
10 minutes
This cookie is set by Microsoft Clarity. Indicates whether MUID is transferred to ANID, a cookie used for advertising. Clarity doesn't use ANID and so this is always set to 0.
auth_token
5 years
This cookie is set by Twitter. It is used for authentication purposes, to keep the user logged in to their Twitter account.
bcookie
1 year
This cookie is set by LinkedIn. Browser Identifier cookie to uniquely identify devices accessing LinkedIn to detect abuse on the platform.
bscookie
1 year
This cookie is set by Linkedin. Used for remembering that a logged in user is verified by two factor authentication.
cg_uuid
1 year
Sets a unique ID for the visitor that allows third-party advertisers to target the visitor with relevant advertisements. This pairing service is provided by third-party advertisement hubs, which facilitates real-time bidding for advertisers.
CLID
1 year
Identifies the first-time Clarity saw this user on any site using Clarity.
fr
3 months
Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
guest_id
1 year
This cookie is set by Twitter to identify and track the website visitor.
guest_id_ads
1 year
This cookie is set due to Twitter integration and sharing capabilities for the social media.
guest_id_marketing
1 year
Used to detect whether a user is logged into Twitter.
lang
Session
This cookie is set by Linkedin. Used to remember a user's language setting to ensure LinkedIn.com displays in the language selected by the user in their settings.
li_gc
6 months
This cookie is set by Linkedin. Used to store consent of guests regarding the use of cookies for non-essential purposes.
lidc
24 hours
Linkedin sets this cookie. Used To facilitate data center selection.
lidid
2 years
This cookie is set by LiveIntent. A random, unique, device identifier, stored as a 3rd party cookie, used to enable targeted advertising
muc_ads
2 years
Collects data on user behaviour and interaction in order to optimize the website and make advertisement on the website more relevant
MUID
9 months
This cookie is set by Microsoft Advertising. Identifies unique web browsers visiting Microsoft sites. These cookies are used for advertising, site analytics, and other operational purposes.
personalization_id
2 years
This cookie is set due to Twitter integration and sharing capabilities for the social media.
SM
session
This cookie is set by Microsoft Clarity. Used in synchronizing the MUID across Microsoft domains.
SRM_B
1 year 24 days
This cookie is set by Microsoft Clarity. Identifies unique web browsers visiting Microsoft sites.
UserMatchHistory
1 month
Linkedin sets this cookie. Used for id sync process. It stores the last sync time to avoid continually repeating the syncing process.
X-AB
1 day
This cookie is set by Snapchat. This is a tool used to combine or change content on the website. This allows the website to find the best variation/edition of the site.
