June 10, 2025

Microsoft’s OneDrive Fiasco and the FAA’s Retro Tech | Tech News of the Week

Microsoft’s OneDrive Fiasco and the FAA’s Retro Tech | Tech News of the Week
Apple Podcasts podcast player icon Overcast podcast player icon Spotify podcast player icon PocketCasts podcast player icon Castro podcast player icon Podcast Addict podcast player icon Youtube Music podcast player icon iHeartRadio podcast player icon RSS Feed podcast player icon Deezer podcast player icon Amazon Music podcast player icon PlayerFM podcast player icon Castbox podcast player icon Goodpods podcast player icon Podchaser podcast player icon
Apple Podcasts podcast player icon Overcast podcast player icon Spotify podcast player icon PocketCasts podcast player icon Castro podcast player icon Podcast Addict podcast player icon Youtube Music podcast player icon iHeartRadio podcast player icon RSS Feed podcast player icon Deezer podcast player icon Amazon Music podcast player icon PlayerFM podcast player icon Castbox podcast player icon Goodpods podcast player icon Podchaser podcast player icon

Welcome to Tech News of the Week! Here's what caught our eye in the past seven days:

Scammers are out in full force this summer with hyper-detailed (but totally fake) DMV texts warning about traffic violations. Chris reads one of these gloriously absurd attempts to scare Pennsylvanians into paying fake fines. Spoiler: no, you're not going to lose your license on June 3rd. But you might lose your dignity if you fall for it. 🚨 Link: https://www.ic3.gov/PSA/2024/PSA240412

OpenAI and the New York Times are still duking it out in court, and the judge just ordered OpenAI to keep a copy of all prompts and responses. Forever. This affects non-enterprise users, and yes, this includes your spicy GPT history. If you’ve been using AI to cheat on word games, you might want to consider switching to Claude. 🔍 Link: https://openai.com/index/response-to-nyt-data-demands/

Microsoft thinks you need convenience more than security, which is why apps can access your entire OneDrive if you click “yes” just once. Handy, right? Until ChatGPT or some shady lookalike app decides to rifle through your documents like a nosy raccoon. 🗂️ Link: https://www.techspot.com/news/108157-microsoft-file-picker-flaw-grants-full-onedrive-access.html

And speaking of old, guess who’s still rocking floppy disks and Windows 95? That’s right, the FAA. Because what better way to run national aviation infrastructure than with 30-year-old tech and hardware that needs 13 disks to install Windows. ✈️ Link: https://arstechnica.com/information-technology/2025/06/faa-to-retire-floppy-disks-and-windows-95-amid-air-traffic-control-overhaul/

  • (00:00) - Intro
  • (00:19) - Scammy Summer DMV Texts
  • (02:56) - NYT v. OpenAI: Prompt Logs Forever
  • (04:35) - OneDrive’s Convenient Data Leaks
  • (07:45) - FAA Still Using Floppies and Win95

Click here to view the episode transcript.

00:00 - Intro

00:19 - Scammy Summer DMV Texts

02:56 - NYT v. OpenAI: Prompt Logs Forever

04:35 - OneDrive’s Convenient Data Leaks

07:45 - FAA Still Using Floppies and Win95

[00:00:00.00]
Announcer: Welcome to Tech News of the Week with your host, James McAvoy, impersonating John McEnroe.


[00:00:06.13]
Ned: Welcome to Tech News of the Week. This is our weekly Tech News podcast, where Chris and I get into four interesting tech news articles we found. Chris, what do you got for us?


[00:00:19.26]
Chris: Tis the season of quasi- believable but definitely scammy text messages. Summer is here, and with it comes all the usual things, temperatures being 65 one day, 103 the next, weaponized mosquito sworms dark enough to blot out the sun, and scammers taking aim at the general public with new and exciting scams. In particular, the FBI has called out some trends affecting at least three states over the past few weeks, including Pennsylvania. People are getting long, detailed text messages about some type of vehicular violation that they have allegedly neglected to resolve and the dire consequences if they don't resolve it. In the interest of making a lightning round article a little too long, I'm going to read one that I got. Commonwealth of Pennsylvania Motor Vehicles, DMV. Final notice. Enforcement penalties begin on June fourth. Our records show that as of today, you still have an outstanding traffic ticket in accordance with Pennsylvania State Administrative Code 15C-16. 003, if you do not complete payment by June 3, 2025, we will take the following actions. Then they gave a bunch of actions, Pay now. Here's a link. Please pay immediately before enforcement to avoid license suspension and further legal disputes.


[00:01:42.14]
Chris: Now, this sounds scary at first, especially since the noxious idea of automated camera-based ticketing is so popular now that people might actually think it's legit. It also sounded scary at second because I got another one reminding me about the same thing. Interesting and new. A quick Google search, though, will show that the administrative code reference doesn't exist. The following actions they suggested are nonsense, and they told me that I was going to be affected before the policy began. Still, scammers aren't looking to write the next Jane Iyer here. They just want people to pan a click and give them money. A few things about this that people need to First, no government agency will ever text you or call you about a fine or a violation, ever. If you ever have an outstanding fine from a traffic ticket or an unpaid toll or an expired registration, you will get a letter. It'll probably arrive six weeks late, but it will be a letter.


[00:02:56.06]
Ned: Yeah, because if you try to scam someone through the mail, that's a federal crime. The text messages. New York Times won't let OpenAI forget. As part of the ongoing litigation between OpenAI and the New York Times, the judge presiding over the case has ordered that OpenAI must retain all user prompts and prompt responses going forward. According to the logic of the Times, those attempting to circumvent the New York Times paywall may be more likely to purge their prompts to avoid detection. Typically, OpenAI maintains logs for 30 days before purging them, but now they need to retain the data indefinitely. This only applies to the free, pro, and team subscriptions, but not enterprise or EDU customers customers or if you have a zero data retention endpoint. The logs will not be stored on their regular systems, but instead on a separately secured system with a legal hold status. The court has not yet forced OpenAI to turn over these logs to the Times, and it's likely that the judge will order legal discovery by the OpenAI team rather than give the Times unfettered access. The lawsuit is over OpenAI, allegedly using New York Times content as training father for their model, so I'm I'm not sure why capturing user prompts is in scope, but if you don't want anyone knowing about how you use OpenAI to solve today's connections, you might want to switch over to Claude.


[00:04:26.20]
Ned: Or just stop cheating, Chris. There's no way you got Purple on the first try for the last two weeks.


[00:04:35.11]
Chris: Are you out of your mind? I don't play Connections. That way lies madness. I do the crossword puzzle like a responsible 100-year-old. Microsoft makes it a little too easy for applications to access your OneDrive files, like all of them. If you're a human who's alive, you're probably aware that Microsoft has been pushing OneDrive usage pretty hard recently. And by recently, I mean like the last 5-50 years? It seems like forever. More recently, though, they have started allowing apps to access certain files in your OneDrive directly without you having to go through the unbearable hassle of a drag and drop. The mechanism used for this totally necessary convenience is called the OneDrive File Picker. Applications such as ChatGPT, Slack, Trello, etc, will ask you to allow it to use OneDrive File Picker to access your info. This makes sense if, say, you want to share a file with a coworker, or you have ChatGPT give you a bad summary of someone else's work. Trouble is, the OneDrive file picker does not seem to have been designed with security in mind at all. Basically, when you consent to let an app access your info, you are assuming it's to access one specific file or one specific directory.


[00:06:10.08]
Chris: But the default that the OneDrive file picker has is that it just goes ahead and request read access to your entire drive. This, as the kids say, is bad. Now, on the one hand, it is convenient. There's that word. You won't have to click okay every time the app wants to use the picker to access another file. If you link, say, slack, well, I mean, it's still super bad, but it has some logic to it. What about an app like ChatGPT? A quote-unquote legitimate company that has absolutely no problem scooping up data from everywhere it can? You really want them sniffing around trade secrets or your secret superjournal. Rtf? Don't read that file. It's password-protected. The password is sandwich. Reach. Even worse would be either lookalike apps or straight-up malicious ones that use the same mechanism and are absolutely designed to steal your information. Because users are accustomed to the file picker, it came from Microsoft, it's probably legit, they're not going to think twice about clicking okay. Security researchers have been pretty hard on Microsoft for this, basically saying that they designed the overly broad OAuth scopes and misleading consent screens to stay firmly on the side of convenience versus safety, which is dumb.


[00:07:40.25]
Chris: Dumb, Microsoft. Do better.


[00:07:45.08]
Ned: Faa stands for Floppies are Awesome. You know that save icon in Microsoft Word? Yeah, like the weird square thing? That's not just a weird vestigial clip art thing from the 1990s. It's a floppy disk. Before you ask, a floppy disk is a digital storage medium, like a thumb drive, but with way less capacity and much slower. If you don't know what a thumb drive is, I'm sorry. That 1. 44 megabytes of space on a double-side, high-density, three-and-a-half-inch floppy worked out to about 13 disks just to install Windows 95.


[00:08:25.23]
Chris: Those were the days.


[00:08:27.17]
Ned: They were. Speaking of Windows Windows 95, you know what has floppies and Windows 95? The FAA, which has both of them in active use today. That's right. Portions of the aging FAA infrastructure still use the 30-year-old operating system and equally old storage medium. Despite years of work to upgrade and update their aging systems, the FAA has completely failed to modernize. The biggest challenge is designing a resilient a client system that can operate 24/7 without failure. The recent high-profile FAA outages that resulted in grounding flights have been a stark reminder of just how rare those occurrences are and how painful they can be. I'd like to say that software and hardware have become more robust and secure over the last 30 years. Who am I kidding? Have you used Windows 11? Still, something has to give. It isn't like we weren't able to modernize other essential systems or design new ones. You know who could probably help? The US Digital Service and Sector 18F. Wait, what's that? Both agencies were dismantled so Elon Musk could wave around a chainsaw? I'm sure Grock can swoop in and help us fix the FAA problems. I mean, once it's done promoting white genocide and ethnonationalism or something.


[00:09:55.02]
Ned: On second thought, I hear trains are lovely. All right, that's it. We're done. Go now. Bye.