An ethically bankrupt CEO targeted Moomoo's infrastructure
and how I would react to the attack if I were CEO of Moomoo Technologies Inc.
What this column details is relevant to anybody investing in Moomoo with their time and talents; it is also relevant to all the people -- we are primarily "retail investors" (normal as opposed to institutional) -- with auditable assets under what is ultimately $Futu Holdings Ltd (FUTU.US)$ . I am hopeful you will give the column a full read and long meditation before making any negative or knee-jerk reactions about the documentation of this discovery. Note the content was previously shared with Moomoo's Human Resource people via email already.
First, let us be specific (a SWOOP principle of "Precise") about what is an "ergonomically favorable environment" for research, reading, writing or "reacting" to screen-based content? A standing desk environment, where the person is standing up at their computer and reading from a height-adjustable monitor and keyboard, is ergonomically friendly. Reading from a seat that encourages straight back (non-slouching) spinal posture is ergonomically friendly. Even reading from a propped-up laptop while sitting or squatting on the ground can be done ergonomically if you have enough of a background in yoga, dance, gymnastics, or Tai Chi. Notice how I did not mention mobile or phone-based "apps" as being good for reading, consuming interactive trade-based data or media, writing or "reacting" to screen-based content? Because mobile apps are not ergonomically good for humans seeking to do any of those things. If I were CEO of Moomoo Technologies Inc., I would take the information from this column seriously and deprioritize our app-based development, choosing instead to focus on the health of clients interested in the online trading interface. Perhaps we'd discuss the implications of deprioritizing the "app" model entirely, and what good might happen if we encourage a deeper inspection and discussion of the relationships among all the online components needed in the "fintech" industry.
Because I am a writer, I like to read and edit in the same (keyboard) environment I write. Rarely do I let myself get into anything that does not have the auditable non-"appified" layer of content the app is trying to bring me from its parent servers. Sometimes apps intentionally cut off data that should not be cut off. Browsers such as Firefox, Edge and Chromium allow deeper inspection.
Since I write (have written) and test (have tested) content and CSS designs in many operating system environments, browsers, and UIs, I am usually very careful to note and document what kind of things get cut off; for example: "URL input field is not visible on app version because user is explicitly expected to assume trust on all links" kind of documentation. Yet another reason I very rarely use apps is the poor documentation for security protocols.
And yet, I will admit I almost did not read this warning from Mozilla's Firefox web browser before almost clicking forward to attempt logging in to one of these browers and OS environments, as the screencapture below shows. Both you and me can be so glad I caught this.
Yes, I did more than read. The extra detail of "where would a message like this come from" was surprisingly simple to find, and from a reputable source. To me, it's almost not shocking that the ethically bankrupt CEO targeted Moomoo's infrastructure with the same attack vector he used to hijack valuable traffic that only consenting $Snap Inc (SNAP.US)$ and $Amazon (AMZN.US)$ employees and customers should have. Once again: the guy who gets in the middle of every negotiation to attempt stealing 90 percent of the revenue clearly has no ethics; "ethically bankrupt" is accurate although I like the Hacker News description of "criminal" as well.
To me, it's almost not shocking that he sees Moomoo as a threat. He did not complete any University studies, relying instead on loans from his investors to fund his greedy dreams. When the advertisers bailed out in 2021 and he was doomed to fail, he lied and cheated his way into "relationships" with former users and investors that wanted nothing to do with him.
The E*TRADE' merger with Morgan Stanley must not be enough to prop up his failing company if he's stalking people here. We know historically he operates from a sociopathic and narcissistic mindset that laws and rules don't apply to him, and the word "criminal" does not get used enough.
If I were CEO of Moomoo Technologies Inc., I would take dozens of extra steps to protect clients and their data from his attack vectors. I might even write a nice thank you note / apology to the reporter of such exploit: "Asking a client to try logging in with Google Chrome would not be the correct reply to what she reported."
791 words
Disclaimer: Community is offered by Moomoo Technologies Inc. and is for educational purposes only.
Read more
Comment
Sign in to post a comment