TWiT 1003: CrabStrike - Delta Sues Crowdstrike, Hospital AI, Surge Pricing
This Week in Tech (Audio)
Deep Dive
- Hay más interferencia extranjera en esta elección que en cualquier elección estadounidense anterior.
- Rusia está involucrada en la mayor guerra que ha librado desde la Segunda Guerra Mundial y tiene un propósito estratégico real para su desinformación.
- China está recopilando información y participando a nivel del Congreso, donde pueden tener más influencia.
Shownotes Transcript
It's time for twice this week and take great panel for your own Thomas here, managing editor of the sanford go business times and former director of the stanford internet observer. Tory currency so at seven, no one alex Stevens will talk about deltas half billion dollar lawsuit against crowd strike surge pricing coming to a wall mart near you and why elon muck has been talking to vladimir putin all the time. It's i'll come up next .
on twit podcasts .
you love from .
people you trust.
This is sweet.
This is twit this week and take episode one thousand three, recorded sunday, october twenty seven, twenty twenty four, crab strike.
It's time for twice this week in tech, the show. We covers the week's tech news with the smartest people in the business. I've got a great panel for a very important show because we've got election coming up.
And I thought, you know what if you're going if you going to get a actually coming up, we should probably get some somebody was into a disinformation. And of course, alex demos is my go to guy for all of that currently. see.
So chief information security officer has sent no one. We first became aware of alex when he was at yahoo, and then a facebook covering security. Zoom brought him in as a probe from dover.
T when they were getting a lot of heat over their kind of soda encryption, not end, end and scription. You helped fix that. I know alex.
And for a long time at stand. And this is the reason I wanted to talk to at stanford internet observe tory, which was watching this information for the last a few years. Alex, great to have you back on our so yeah.
thanks for me.
Could have you also with this from the symbolism of business times good friend. Oh, thomson, his Thomas. I'm sorry he's managing editor there.
Thomson's the english muffins. You're Thomas. It's great to see .
you and welcome you. Don't call me the .
actor Wilson. Wilson.
I understand the confusion.
good. I don't know. I be I be Wilson yeah what's to talk about ah this week and I see that we actually have something that kind of right up your ally but before we got too far along, I didn't want to talk about this information.
Do you follow this as much as you did? Probably not when you were sio, right. alex?
Oh yeah, more. I'm still plugged, and I am still teaching at stanford. Okay, to taua class on friday.
What's the class?
Uh, so in the fall, I teach a inta, a cybersecurity class for the masters in cyber policy, so you can do a masters in international policy is stanford. And there is a cyber specialty is the first class for those students. So it's basically teaching lawyers and political scientists had a hacked stuff.
Uh, it's great. You teach her lawyer how to use medicine. IT. It's a dangerous thing.
No kidding. Oh my god, how fascinating though um so you know it's funny. In twenty sixteen and twenty twenty we heard a lot about russian is information and you know russian troll farms and so forth.
This time around not quite as much, although we are starting to also hear about chinese involvement. I saw story that said the chinese are looking more downtown lot, yes, campaigns than at the presidential campaign. I thought that was kind of interesting.
why? What is china's interest? Do you think in our election? What would they like?
right? So overall, there is more foreign interference in this election than any american election before.
No kidding.
yeah. Including russia. So the russian activity is larger. And like you said, everybody that has gone involved, which we have this long history in the cyber world of some country, will do something big in spectacular.
And then everybody that will copy IT, right? You have the iranian attacks in the early two thousands, uh, and the two thousand and nine or attacks end up being copied by everybody else. You have stocks net getting copied. You have the snowden disclosures laying out a bunch of of surveilLance techniques that end up getting copied inserts. The same thing here that the russian, this information techniques from twenty sixteen, every bails around the world.
looked at them like, but I learned the lesson.
Things like like the U. S. Our team at at stanford is actually run up a number of cases where unfortunately, the pentagon has paid for trial farms to do the same thing for countries we don't like, which I think is actually really bad on a number of levels. One, it's like an incredible waste money, like the the people, the us.
Pace for this are incompetent um this is a big way to tech people dollars but it's also just inpatient with american ideals but get back to your point like that, the iranians in the chinese have been massively involved this time as well and they have very different geological interests than the russians. While while they are aligned in a lot of ways, their goals in the U. S. Election are quite different than russian goals.
The russians is my understanding. We wanted to flood the field with with garbage just to destabilize. Well.
I mean, there was a big goal in two thousand sixteen, right? Like the big difference between russian activity in and four is in twenty sixteen that they didn't have like a big strategic purpose. You you see kind of two themes in twenty sixteen, the internet research agency, their big thing was to flood this own garbage, that their goal was to drive division in the united states.
The number one thing they talked about was black life's matter. Actually, if you do an analysis of their content was just a put, divisive themes. And they want to elif y divisive content.
The G R U campaign was meant at harming hilary clinton, and that's really blad mer pu tin n does not like Hillary clinton. He personally blames her for he believes of the state department under her watch was trying to for mental revolution against him. And he wanted to weaken her.
Does that mean he wanted trump to be elected in two thousand sixteen? It's very hard to tell like what his purpose was, but he didn't like. But IT wasn't that big of a campaign in two thousand sixteen and twenty four, russia is involved in the largest war they have fought since world war two.
IT is now larger than afghanistan. They have lost more men than they lost lost in afghanistan the approaching probably one hundred thousand dead um they spent billions of dollars. They've lost a significant portion of, for example, their armored vehicles at a huge number of helicopters and planes.
A portion of sovereign n soil is being occupied by ukraine right now. I mean, like as big of a deal is the russia, ukraine in wars to us. It's a humongous deal for them. And so they have a real strategic purpose now for their disinformation that they did not have in twice sixteen.
And are they looking for a candidate who will surrender? Basically, I stop supporting ukraine. I think if .
you look at what they're trying to do, they really have two goals. One is they want Donald term to win, but that's not good enough.
The other thing they need is they need to build a base of support in the united states for the idea that ukraine is an enemy of the united states, in that surrendering this war and polling all support from ukraine is in the best interest of the united states, which is an idea that did not exist two, three years ago, right? Three, four years ago, nobody cared about ukraine, right? Like no american other than ukrainian or russian americans, with some kind of link to the region before, before the invasion, you say, before the invasion and before this russian campaign.
crimea wasn't enough for people to be upset. No.
no. Back during the criminal invasion, like people were not IT was not. Something was on people's are. And that is what if you look at the russian activity now, IT is about, is about supporting drop. Now explicit, in a way, was not in two thousand sixteen, where is much more diffusive? And if I was about trump, Hillary IT really wasn't about trump. IT was about just weakening hlw as a candidate, right? And now IT is explicit about inserting the idea in the populist right that is a good idea to cut off ukraine not just that is acceptable but that that is the right thing for amErica um and that is been incredible effective and that is why you see them spending millions of dollars if we have this indicated by the FBI of foreign agents who are taking russian money and giving them to american influencers millions of dollars as people are making.
you know, that story gets so undercover .
red because I felt like .
that was a huge story, yes, that there were podcasts ers. There were influencers who were IT turns out on the russian payroll.
Americans yes and but .
I feel like we mentioned got mentioned and then just kind of ah yeah and if you think .
it's just those guys I I have a bridge to sell you that .
we caught right .
are the one who have been caught so far right?
Why why do we lose interest?
I think it's you know I think it's kind of hard to trace the money trail. I think also um russia is shortly very good at exploiting this uh, this category. I believe the term of art is useful idiots yeah not like, you know, secret agents. These are not people who actually have any contact necessarily with with russian agents in an inform it's just russia is identified that if we boost the profile, the influence, the voice of this person, you know uh who has you know, who has these wacky ideas, then that will serve our larger goals. So clear.
the goal with those guys is they were already big. The goal was they were paying them to talk about ukraine, right? Is that those guys were big about talking about cultural issues, talking about schools, talking about trans issues in the olympics and like whatever.
But that Normal Normally people don't care about ukraine, right? Like it's just not something that is on the radar of the cultural right, Normally. And so by paying them that money, they could take IT from off the right are to making IT on the top five list of the things that they are going to get angry about in their podcast, in their video, in their newsletter. And that is what has been effective. Theyve been doing that for years.
And so that is you right now one of the big movies like, I don't know if you guys see IT, but like, yeah, when I open up IT is on prime, they're trying to show me, hey, there's a big biopic c of ronal reagan, right? And you can go and like, you know, one of the big scenes is this quake giving me up there and telling mico garbage off to bring down this wall. And so at the same time that we're celebrating one, regan, the party of reagan has become to russia. And so, like, you have just taken incredible a setback. Historically, the russian campaign has been incredibly effective, right, that a human gest chunk of the hubble ican party is now aligned and believes my putin over a big chunk of the american intelligence agencies and a bunch of american allies and and believes that russia is our ally and that the democratically elected president of ukraine is actually some kind of dictator and that the ukrainians deserve to lose a big chunk of their country and that that is why there they're paying.
These people been watching for all mankind um which is on apple T V. It's basic an alternate history of the space race. A great watch if you haven't watched but um it's it's fascinating how you know have removed from the kind of cold work conflict which is a very central part .
of that that TV the russians .
get to the moon first in the permanent ent. And like just watching IT is is a reminder of how how worried as you know, I think alex has pointed out the the the concept of russia as kind of a you a global um you know global opponent. I find that .
interesting that that they have been fairly nimble and taking advantage of new technologies. You know we are very concerned, for instance, about this information created by AI in this cycle. And russia has now been accused of being behind A A deep fake of of trump ballots being h destroyed yeah in the election they've jumped on the deep fakes, right? yeah.
I mean, they back in two thousand sixteen, they were taking videos and images and repurposing them. There's a little bit of photoshopping, and but for the most part, what they would do is to take a video of a riot and they would say, look at rights in america, you know? Yeah, yes, that but that was in was algeria right now look at the sign right.
There are no american experience. Yeah, right? yeah. It's so you deep fakes are now giving them the opportunity to make IT just a little bit harder to to to disprove things and also to generate lots of content when they used to have to have either fined content or they had to have a floor full of photo shoppers and and illustrators. It's just easier right now. It's a dude with a bunch of R, T, X, forty nineties in open source models .
is the international research corporate. That that tool farm is gone right?
It's gone well, eventually promotion sion's dead, right? So who, like.
I mean, one of he was the guy who went went up against putin and ended up by dying in a suspicious plane crash.
Yes, IT is amazing. The things like if you're again st putting there a number .
of things you should not do.
you fly private right?
There are some things yeah that pays Better not to um so here's the question actually as both of you, should we be concerned about this because I mean, we know it's happening and there are news headlines about IT is IT ask you first to and do you think americans are persuaded by this information from china, iran and russia?
I think I think the danger to society is is a little more subbed and pretty a little more corrosive, which is that people tend to people tend to just become percent and resistant to any kind of information. No, in my industry, they talk about news fatigue. People are just kind of tired of IT all you know they don't want to they don't want to hear about ukraine.
They don't want to hear about russia um you know they don't want to hear about this this information problem because it's like, okay, well, you're saying you're saying information is you know you're saying you can't trust anyone that kind of feeds into that feeds into people's previous physicians. And IT also serves probably russia and china's and iran. Schools is to just a road belief in institutions.
You agree, alex, is that I mean, certainly that's the case, although I think some of that is we're just overwhelmed with news legitimate and illegitimate. We're just sick of IT. I mean, at least I am from twenty four, our news channels and everywhere you mean you have you in your hand, you know this communicator even if you only on instagram, a tiktok is full of news so I think I understand why people are little done know I think they're people listening right now saying, do we have to talk about this? Isn't there a new iphone or something we .
can talk about ah on elections? There's no good quantitative social science evidence that this information is turn in the elections. Um so mentioned you you there has been a bunch of studies, unfortunately just it's quite hard people have tried to follow panels of people like the thing that that have been attempted in twenty, twenty, twenty two. And now that a number of groups are trained in two, in twenty four, as they will follow, individual voters look at their preferences and then also look at what their media content looks like, and then see whether or not IT altogether, right? Yes, because IT is very hard for social scientists to look at, like this big, diverse of things that you look at.
IT seems to be almost confirmation by us. Like if you believe something, then you will read the news and see the post that confirm what you already believe in. right? Does IT change people's minds is the question.
But for my perspective, I think if you just take a step back and you look at the big historical, the fact that a big chunk of one of the major political parties in the united states has now decided to back flat, or putin and his major geopolitical interest in getting the united six to abandon ukraine, IT looks like a the Victory. And outside of this massive political push, IT that seems less likely, right? Like a IT.
So he certain ly takes successful. And they have massive double down. Triple down like the investment the russians are putting in is much larger. And part of that is just the cost. Like if you spending ten, fifteen, twenty, thirty million dollars, forty million dollars, a hundred million dollars, it's nothing right like that's losing at the rate at which they're losing tanks and planes and men in this war, spending one hundred billion dollars to mess with america's elections, where that is one of the only ways that they might possibly have a Victory that is not negotiated. Settlement is absolutely cheap compared day outcome.
There is. And I will say this is a conspiracy theory, and I don't know how valid this is, but but there are data points. For instance, we've just learned that elon mosque seems to talk to putin somewhat regularly, as does Donald trump.
We've seen jd vans basically say that, you know, who cares if if you if russia wins in ukraine, we just need to end IT. And IT feels like this conspiracy theory is that Donald trump, because of his age and cognitive difficulty, will probably not be very interest. He wasn't that interested in twenty sixteen, very interest in running the country.
That jd vans will be kind of the defect president and jd vanes, we know, is Peter teals protege, as is elon mux. And there is this conspiracy theory, and I want to really say up front is this is a conspiracy theory that the technocrats see. This is an opportunity to essentially run the country that the Peter teo and elon musk of the world say, hey, here's an opportunity in a vacuum to kind of move in. And of course, blatter, mir putin is probably the richest person in the world. Lady lan, we don't know how wealthy he is, but he basically controls russian oil and gas interests, has the money to kind of, and he seems to be putting into all of this, is this is this nuts or is this this is where I feel like i'm so in a date .
with information, it's follow the money.
right? Follow the money and money runs our politics.
So interesting horns has declared american dynamism one of its big investment initials. What does that mean? That means defense contracting. So you've got an adventure capital firm saying, you know, hey, if we can get in good with the government um and dress and horwitz, the two cofounded ers of the firm had backed trump the cycle you know like we send money no well .
and then you have jeff basis telling the washing post not to endorse the candidate and then immediately there that day blue origin trump meeting with blue origin IT, just starts to feel a little back door, back room, smoke filled room, kind of cozy.
Set this .
information working on me.
I like in the stranger than fiction department, there is a private space firm in brow. Mankind started to go back to my my current favorite v show and it's just like you look at that and it's like nothing compared to the reality or in of space sex and blue origin being basically masses only only the options, right?
I mean, this is why you don't want to hear that that elon musk has been talking to flattery or putting on a regular basis because he essentially controls our our airspace, our space industry because space ex bowing, his has failed IT .
did not seem like the dr. j. Put a scare in him.
Yeah he he was paying a million dollars a day to people registering to vote, which is, turns out, illegal. I don't know though, you and the .
putting things gna be, if the musk clearance issue is a serious one.
No kidding .
like this.
A says they are gonna stigmas.
right? So you space does classified launches for national contest office in the air force. That means they have what's called the facility clearance. Here's the CEO of space ex.
I looked into this a little bit, doesn't look like they have a clear that looks like the space exploration uh, technologies elsy is actually the cleared orgues. They don't have a separate organization. Um so you way sometimes the way you do this, you have a separate company that does federal contract in in and IT doesn't look like they do this.
IT looks like it's the the master organization, which means s to have some kind of clearance. What i've heard as he has a secret which is not incredibly hard to get, it's probably the best to could do. He's foreign orn.
He has all these foreign text. But even then with a secret, I think you're still supposed to it's not as strenuous as with A S si. But you still want to do things like file forms when you have foreign contacts with representative of foreign governments.
Um I once had I went to I go to this conference with the mini security conference in most years um I was at a simulation with a bunch of people, including a guy who uh used to be in the K, G, B, which you're never really in X, K, G, B agent. Yeah for M, I filled out just from that. Being in that .
room was to go on.
So like it's fine, but that's what you have to do if you actually want to follow the rules.
You have a clearance.
At times i've had clearances yeah and so right means something that you do like if you work in cyber and you do this kind of work, is you appropriately .
approach propria. I think that's completely a great so why must doing this or so?
That's a question. I an if he was not filling out of foreign ent form every time he talked a library, putin, I think probably he's in violation. If he's been doing illegal drugs, he's certainly in violation. And so like this is becomes this becomes like a real issue for him in space x because uh they cannot maintain the facility clearance and then becomes a rural issue for the government because they put them in a very difficult position um because if he loses that, then they're gonna to have a difficult discussion of space acts of whether not he can say a CEO. I mean can .
Kitty stay in the united states? The revelations about his his lack of legal status when he started um his first company's zippo two, which then went. Allowed him to pay h bankroll what became pay out um you know like to his his whole current fortune I mean is .
a sister now, right so I don't think they can do naturalize him for like I mean he's .
outside the and probably can't prosecute him for what is really a minor. You have .
minimal due process when IT comes to clearances, which is something they tell you .
yeah it's interesting. You don't expect this is different. This is not the legal system.
right? You don't have any write what they what they tell you basically. And like you go to clearance jobs that come like there's forms about this of people like low level people who make tiny little mistakes and end up like having to lose their jobs.
That's by the way, the difference because they're low level people and IT seems to be in this country. If you're a billions area, you don't have to follow the same rules.
Yeah and it's it's game to the point of words. I mean, you talk about this or you talk about like trump taking the huge pilots of tsc I material into his bathroom in our logo and IT becomes difficult to like then go right tell people who work jobs is the pending on of like eo to give them these breaths of like you're going to go to eleven worth if you now take a file folder home right? Like it's it's becoming like, I think it's becoming a real problem for the security establishment because the obvious dull treatment of people here of is going to make IT very difficult to enforce the rules.
So we know russian what russians goals are. And I can imagine what irans goals are, right? Are they, are they pursuing kind of and he israeli policy or looking for candidate that would support that .
or so iran has been attacking trump, right? So like the a rand's al, iran is very eni trump. And so they went directly. Their activity has been much more like what the G R U activity was in two thousand sixteen. They've been using cyber enabled LED a hackling campaign. So they attacked first Roger stone um in his personal gmail once they had access to his personal account, they leverage that to spearfish the microsoft male boxes of members of the official term campaign, including lawyers who worked for his campaign. And then they got access to .
a bunch of content. Were they using the exchange flaw or that was just .
peer Spark shing, no peer specified ing. So this had nothing to do with any um anything more technical and spurious ing. And then relay, I believe my understanding is, was they had like a the kind of microsoft thenk atter push to authenticator. So it's the kind of thing that you can man the middle if you have A A reasonably advanced spare fishing set up.
So is as sophisticated as a rush, is pretty sophisticated. And this, I think.
right? So the way I would organize this, like the real scary people you really don't want to go against, is the S. V R, is the russian and forever intelligence service.
They are the real scape of the russians, but they're relatively small, right? They probably have a couple hundred people at that top level. The the largest and scariest is the chinese, like the chinese, have dozens and dozens and dozens of different groups that work for the people's person army.
The mystery says security about different people's verity bureau that worked for different cities in states. And those groups are in the thousands. So there is maybe one hundred, fifty, two hundred thousand people.
And they're good.
They're good. Only a couple of them are at that S V R. level. So the the average quality of the chinese hacks is less so .
they make IT up in volume.
but they make up my body, right? And so that is like from the an overall scope perspective, the chinese can go after way more targets at once, right, right? And they have way more breath of of attack .
the later reported day before yesterday that chinese, we're hacking the telecoms of the trump fans campaign, yes. And by doing so got the communications data from roughly forty people in the yes campaign and the dh justice reviewing that right now.
right? And so that's part of what people becoming the typhoon on attacks. So IT looks like this either pa or ministry security. We don't have direct attribution. Probably P, L, A people's libration army .
has a number of hacking units and said the typhoon was the group that invaded variant's call center. right?
Yeah, in this case, what are doing is they're going after the systems the telephones have used for lawful intercept. So if you're, yeah.
this is, this is kolia. This is the historical thing. And ron, I talked about this saying, look, we pass clear in what the nineties, right, to support wired lawful wiretapping. But unfortunately, this back door into the rise and att luman turned out to be hackable. Yeah, because any time you put a back door in something, guess what bad guys might get IT and they did.
And why? And saying this is exactly why we can't back door and and encysted because kolia we're li free was this had to the FBI the time said, oh no, no, no. This will be completely safe. We ve got discovered no IT IT means you have .
to build a back door that's wired into one place and also has to be easy enough to use that lawyers can use IT.
So there's your problem right there, right? I see. Yes.
yes. So the chinese, in this case have been breaking into the telecoms. And then, yes, they could go break into individual switches and routers and s seven equipment adverse .
in rt T S S seven is still broken isn't IT yeah it's still like IT will never .
be fixed with IT. Ah you not tell come next.
but I think it's in so many phones.
What's on your phone right? Like these things .
still .
have like full as a seven steps that they're emulating.
And IT has known vulnerabilities. It's right.
IT was never really meant, I mean, I was never meant to be expanded outside of like A N T, right? IT was meant for them to talk internally. I mean, my grandfather was like A T N T engineer, and you know, that's cool.
yeah. I mean, he was born a goat. Harder died in .
engineer.
a precol path, right? W.
A great .
migrant. H, T, H, T, yes. yeah. From the wrong side of the tracks, so to speak. But yes, he uh but yeah, he was used necessary by the end of his career so that to show you how older this in. And but anyway, so they they were using IT to spy in a number of cases. But you imagine how powerful a techne that is if you can get to verrion TNT internal interface, you can fire to tap anybody right? In the united states.
well, in fact, is not just the trump fans campaign. They also, according to wall street journal washington post, attack staffers to chuck humor and a majority leader and vice president. Accommodation is yeah.
if you have that capability, you're going to use IT.
So what's the chinese interest? I would imagine the chinese don't like Donald trump very much because of the terf.
So the chinese interest, as you mentioned before, is a lovable low. There's no good evidence of them getting directly involved in the presidential election this cycle. What they're doing is one, they're gathering intelligence, right? So they are providing intel up to their political leaders to get ready for whoever the president is so that that is just the norm.
Throw the election they are just try to is what the else going on?
Neither neither party is great for china right now. Yes, yeah, I don't. Rop .
recently said, well, let's get rid of the chip sect, which is one of the things that keeps us from exporting our technology to china.
right? He he also threw taiwan to the bus. He did.
He gave this crazy speech is like they stole our service industry and T. S. Stock dropped to like immediately.
Maybe what am I saying about terrify? It's really about taiwan in the long run. Isn't IT chinese? Want to know who's going to let us take tough tai one, right?
And they just want to know, but they are getting involved, the congressional level, which is, I think, whether they can have more influence, right? You've got instead of the .
lot ten of billions .
of people voting yes, you have hundreds .
of thousands people.
easier, easy, right? Some of these elections are a couple thousand people, a couple of hundred people maybe are are swimming IT and and you have a lotless people paying attention. So you know a couple hundred fake accounts are a couple influencers in a local election.
Um you maybe you have a member of congress, you have a really close election, but republicans and democrats either side, you might have somebody really entry china and somebody who is just neutral. And in that case, maybe they don't have to approve china. They just have to not care so much, right?
In in that case, you target the one whose anti china who is on. There's a couple of anti china committees. There's a couple of committees that have been pushing, uh, really looking in to chinese influence, really looking into microchips in the eye and such.
You target the person who's on the other side. If every year you can knock off one or two or three members of congress slowly, that would have significant impact. And I think that is the chinese model here around. They just want to they don't like down trump, and they are trying to black male trump and that that we you ask about iranian hacking, they are technically less sophisticated than russian china. They're very good at social engineering.
And that is how we've made up for IT, is that they know they cannot go build the old days in the same way the russian, chinese, they are not going to be building o day iphone kernel, exploited in the same way that israel or russia or china can. But what they can do theyve got very, very good at tricking people in the clicking links. They've built very good fishing campaigns. They've got very good at add building relationships of people in convincing them to give up their passwords to click yes on two factor prompts in the lake. And that's exactly how they gotten to the truth kept in.
I want to take a little break. We are this is interesting stuff and i'm glad we ve got john. Alex demos is here. He is currently see. So at second one, which is a great security firm, relatively new in the industry, but doing a great job protecting people all over the globe, also with his own Thomas of the san Francesco business times, have you voted yet on?
I actually have not. My ballot is sitting on my desk at home waiting to out. I i'm a voted home dropped IT off the the day of kind of a guy that is A N to go .
to the up the polling station yeah that way like that else that kind of .
best of both worlds. California is let you do that for for many years.
I really want, I do want, so I have voted by male. I really do want to switch. I could set on my phone that says, I revoted stop sending me text because I met this point. You know, give once, and you will, you will be hearing from them forever. So i've donated the campaigns and as a result, they have my phone number is public record, I guess.
and a lot of spam, I mean, a lot of so much like if you give to any campaign, I get a lot of like give for commuter and you look at the links and IT is not for commons is not well.
that's what I think a lot of IT might .
be might be raught.
It's fraudulent. Yeah yeah. I kind of suspect sometimes that that is right.
It's vote democrats start in nigeria is not IT turns out.
Hey, the nigeria's care. Okay, let's not anyway, will have more and just little, but actually want to talk about this is old news. But I I still want to get your take on this, alex, the beeper plot.
I thought that was the reason kit comes to mind. John federman, the senator from a pensylvania recently in an interview said that was great, that was really cool, putting plastic explosives in the beepers of hesba leaders. And when somebody said, you know, one of the people killed by IT was was a child, he said, well, as her father's fall for letting that evil into the house.
So and what IT does raise some real concerns about our supply chain. If this is possible, that is very scary. We'll talk about that.
And a lot more, we get some mother, some other stories too. We might even get to talk about, I don't know, new max, maybe we'll see. I know that's what you really turn in. You're watching this week in tech are showed they brought to you by actually speaking the security sharp fy. I love a sharp fy.
Let me tell you something my son has created and very proud to say A H sharp fy store, the salt lovers club that and and I should also say i'm an investor in the salt lovers club just for to disclaim ment where he sells salt and is going to sell pickles and some other stuff. And IT was so made so easy by shop fy. So I have a real soft spot for sharp fy.
When you think about businesses, big businesses who sales are just going through the roof, I don't know. Company is like an tucket. One of our sponsors said, all birds, and where in them right now you might be thinking it's an innovative product, is a progressive brand, brilliant marketing.
But what is often overlook, whether its salt hank, salt lovers club or on my all birds right here, is the businesses behind the business that makes selling and for shoppers buying easy. That technology is critical. And for millions of businesses, including, I might add, all birds saw hangs, all lovers club, oh, one tucket.
Yeah, yeah, yeah. They are all powered by sharp fy. I love shop fy was, look at the bell.
Nobody that sales Better than sharpie y home of the number one, check out on the plenty you want won't believe many companies, big and small, you shop of I and then not so secret secret was shop shop fies payment system that boost conversions up to fifty percent way fewer cards going to band, way more sales being made. Let's IT IT again. Yeah, it's the sound you want to hear.
So if you're growing your business or just getting started or you your commerce platform Better be ready to sell wherever your customers are scrolling or strolling yeah, that's right. Not just on the web, but breaking mother in the stores, in their fees and everywhere in between, it's powered. So many great businesses. Businesses is so more sell on shop.
If I upgrade your business and get the same check out that all birds uses that my son saw hank uses, sign up for you one dollar a months trial period right now shop pifer that com slashed with there's all lower case got a shoppy that com slash to IT upgrades selling today sharp fy that come slash to IT hit IT I love that sound shop fy. It's it's I like doing ads for a company that I really believe in. In boetius.
I'm just watching hank made the right choice when he started to go with sharp fy. Some very happy to be able to talk about them on the show. We are talking about the week's news with very smart people.
Alex wants, wants to get in that you want to get discord, alex, so you can talk to people. We should mention that we are streaming now. This is our new thing on eight different eight count, eight, eight different platforms.
So yes, discard, that's where a club twp members live. But youtube not come slash to IT slash live twitch, the TV flash to IT x dive. come.
And usually unless a gary venture chuck is streaming on eggs, usually we are the top of your x that come front page. Let me just see because we often have more people streaming than anybody else. Let me see. Well.
i'm going to all horble people are see.
people love you, are you can you it's the best .
way to feel like neurotic and real time.
Well, and with the thing is there's not just discard. We get chat from youtube, we get chat from twitch. We're on tiktok two, we get chat from tiktok.
We're on linked in. We're on facebook and on your kick. So I think that's all.
So yeah, people are watching in live. One thousand. See the number here, one thousand, one hundred thirty four people watching life. Now that's a fraction of the total. But I think it's cool to have live audience watching and commenting so well.
Chester, if I knew .
we button your shirt button, you will send both. I usually send everybody the the discord lank. We give you complimentary memberships.
Of course I gone really greek. I should have had .
chains and gone, yeah a little little so you're separate. I didn't .
know that yeah separating greek the stomach polis is from the companies. But my mom's size .
yeah I have good friends who he lived in size. A doctor lived in cyprus for some years and they love cyprus. They just love IT.
And they say, you've got to go. I say, isn't IT world touring? They said nothing more.
It's not worth work. But my family is from the side that yeah my family from the side that you can go to anywhere. I mean, I guess like I could visit, but my family was driven out by the.
yes.
I did. I do want to take my eldest is named after a monastery there. So and let's take him one day.
Yeah, yeah. He should see that the family, the family is state, where do the Thomas comes from?
H, yeah, absolutely. But my mom visited .
in one thousand nine hundred and sixty eight .
a little bit before the invasion. And they still, in one thousand nine hundred sixty eight, they had no running water, they no tri and you know, burning wood. So yes.
but where are they happy? But where are they happy? That's the question.
My grandfather, could he get the hell out there?
So yeah, that's a good point. That's a good point. I love his story. That's fantastic.
America, america.
america.
And know what I did that security clearance. So I had to go list every remember my family who wasn't worn in the us. And he remembered the day came to america, the day of his nationalization serial member from the u. army. Like, I mean, like I he didn't have to look up a single thing and like I didn't actually need all those things I didn't tell him and like he's always ready to IT because he knew IT off the said is probably proud really like i'm an american and like i'm going to prove to use so that you can tell people.
yeah well, that's yeah that's what I want. That's the thing I mean, you know, whoever you vote for, whatever you think of either candidate, we should be proud to be in this country, in the, in the right to vote and exercise that right to vote. yeah.
And and also kind of defend against this information and an attempt to subvert our democracy from other countries. Is is north korea a threat? And anyway.
not from the disinformation side, from the hacking side. They're quite good there. Probably the largest theists of bitcoin in the world.
really. yes. So 什么 is .
super unique about their state hacking? Near'd s is your most of the state hackers in the world are all l no p in the P L, right? Like the nsa cybermen.
We pay them with our taxpayer dollars to hack on behalf of the national interest. They are not meant to make money, but the north korean hackers are meant to be profitable. And in fact, they are humongous, sly, profitable. They generate billion dollars.
They need hard currency. But can they convert that bitcoin dollars? I mean.
is there is an interesting question of how do they spend a bit coin? And they do. Yes, they do. They do spend in their bit number of D O G entitles about both the theft and then the launder ing.
But they have been able to spend the the bitcoin directly to buy the eated, in some cases turning into dollars in euro and yen um and you on rates. So they spend some of vit in china. But yes, bitcoin has been fantastic for the north queens.
I thought bitcoin was illegal in china. You can't spend in china, didn't they ban bit coin?
yes. I mean, that is a Better thing. yes. This about .
the things that .
is illegal sales to deals from, i'm sure they're like chinese smugglers or not.
you know sure .
taking big right in smug lers. Yeah people who are like illegally crossing the L C. To bring south north amErica are taking whenever. Yl, probably Better taking bitcoin than like soggy. Yeah, whatever.
right? yeah. I don't know what the north korean currency is, but I doubt that is widely accepted world.
not something you can walk into a chase with. And the fascinating .
thing uh and alex, you can correct my teacher nal moloch here, but um you know people think of bitcoin as anonymous and untraceable and that's half correct. It's actually quite tractable through the transaction .
by transaction.
It's all in the black chain. That's the point.
And there there in fact, companies like chain alysa that make a whole business of this. And um you know I think you maybe north koa has gotten more, more sophisticate about this or maybe they're just kind of willing to pay this pay this coffee. Um their use of bitcoin has given um intelligence agencies that that exploit this blocking intelligence. Um you have some insight into those Operations and it's it's it's an interesting trade off, I guess, for north korea that you there are obviously vantages with using bitcoin, but I don't think they quite realize how much they're giving away by by using IT.
They know they just don't care .
OK what you do come get him.
Chanel is great. They give our students three ninety licenses. So my colleagues, stanford charbon growth man h shit, teaches a class and opens worse intelligence class. And SHE gets these licenses and teaches our students how to trace.
Just to be clear, you can trace all the transactions, but all you have from bitcoin is a long identify a long number that isn't necessarily tied. Any person, right?
right? So you have to do something else than the tired to a person.
Yeah I mean, if they create a custodial wallet somewhere on coin base and use their new real name, we know right .
title that is not where the software can be tied to a north and group and then you know what that wallet address is, where they're collecting .
collected that .
how out is a good way to kind describe how you make these connections right?
yes. So that's exactly right. So you that kind of tracing happens all the time for a ransom or actor doesn't ransom. IT gets moved into a temporary wallet, then gets moved into intermediate wallets and you trace IT until the final beneficial owner and then you assume that beneficial owner is a member of that runs m or crew um or yeah that's the kind of thing or yes, IT gets moved. IT gets tied into a self hosted bitcoin d that you can tie IT to. This was on a virtual machine, and you're able to tide virtual machine to somebody who actually physically had access to IT.
You see you guys watched the money electric documentary on Colin hobs document on on max about bitcoin and about the ported identity of satoshi camino.
No, I saw that the proof and the proof is like .
it's pretty weak.
Yeah because it's like a reply. Guy was just kind of a reply. However, people talk online.
watch the documentary because at the end he confronts Allen back and Peter todd. He thinks todd is satoshi. I I think the two of them are soshi. He confound them in A, I think, a creation and creation factory and taught us very clearly.
I mean, if you were a toshi, you would not want anybody to know that because the toshi, as far as we know, still controlled billions of dollars in bitcoin, the original coins that were mind, and that mean you would be prime for kidnapping. In fact, Peter taught the guy figured by holding is now in hiding. Yeah and what we're waiting for is any movement in those early coins, those early wallets because of, you know I guess he'd be smart not to touch them at any point yeah the irony of like.
know it's about fortune yeah, yeah, yeah. Could be worth .
trillions. If the big one gets to a million dollars, you would be worth .
a trillion dollars.
Massively drop. Well, you could take you could take a billion out. I wouldn't kill IT.
but if you touch IT, then IT effectively. I mean, is a bit coin is currently assumes that a bunch of that is .
so there an interest that how back makes, which is there? There is a way to burn bitcoin in public, to burn in on the block chain so that IT cannot be used. Yes, which knocking moto never did.
Either he died before he could do that or he doesn't. He's still around. And he says, maybe someday i'd like to take a little bit of that out, knowing that I would destroy his invention, right?
Only last keys, right? I mean.
there's a part lot. I mean that I mean, this was a theory like .
that people surround of like what if IT was like a government project or something like, let's say if I I don't I don't believe this, but let's say I was like a project to five people working at, you know, uh, A S D or or nsa or something and then they ve got found out by their government masters or like that's government property, right?
It's those people no longer with access to IT and in the government volt somewhere it's next to the of the yeah and and now nobody can touch IT. Um yes, that's a possibility. I think it's I mean, to me, IT is most likely I think it's very unethical to point out that it's any individual person unless you're one hundred and ten percent because you are putting that person's life at spectacular risk.
It's not a theoretical risk, right? No, no, people have been kidnapped. Ed, people have been a killed.
yeah. So in a way that would be uncomfortable on the other hand.
right? And if something happens to these .
guys .
like you did fall.
on the other hand, there is a reasonable interest in the bitcoin community over the to see if he'd still alive and whether he controls those coins and what he might do with them because he know he is the sort of demo ally hanging over the entire pitt coin Operation yeah so I don't know. United states supreme court declined to take on a case.
The government does have sixty nine thousand three hundred seventy bitcoin IT got from the silk road worth four point three eight billion dollars. The supreme court decided not to hear the case that could clear the government to sell that bit coin, which I thought was kind of interesting. In other cases, they have courts have said, yeah, the government can sell a bit coin.
Theyve actually sold a bunch. And they saw that pretty cheap IT holding on do IT would have been good.
told that man dimond hands. And I have lost the password of my wallet where my seven point eight five bittorrent reside in. I'm going to wait to, well, I figured software waller, it's a bitcoin core software wallet.
It's our, say, encrypt and I did not use robot form. Don't send. I get even on time. I mention this for me what .
kind of say I don't know .
what kind of encryption and there's strong encysted, obviously, but it's bitcoin core, but i'm figuring it's just a way of holding IT. And when quantum computing comes along, I cracked and then it'll be worth some. I might be dead long. Did what do you think what do you think console deep decrypt of a bitcoin passwords when you think that's gonna?
en? okay. So if it's I mean, if symmetrically, if you have a symmetrically derived key, I hate to break you, but quantum only gets you IT really is yeah yeah so IT .
doesn't really get you much yeah I think yeah so doesn't scree going .
to give you a lot for the emetrius c algorithms, which is why it's is a real problem .
actually a big chinese a researchers this week said all we were able to um you crack encryption with did they didn't IT was a bad headline. I think they were able to do some quantum computing factory, but I don't think was anywhere near enough. That was twenty two bits.
I don't think that was near enough to. We were talking about north korea. The other north korean story we've been talking a lot about on security now with Steve gibson is they have been planting hackers and american companies by persuading americans to lend them their identity yeah and then working in these companies as americans. But with the access, of course, to all of the company secrets.
Although most of IT does not seem to have been for access secret, it's just to make money, money because a lot .
of IT is not like the salary .
is to make the salary. And to the FBI is bus a couple of these people and you'll have an american whose I didn't have been used for ten, fifteen companies, and they'll like fifteen laptops in their apartment and each ones got like teen viewer on IT. And then there's fifteen people in north korea .
who are doing their mazing yeah and it's .
a lot of different jobs. So would be like some of them more graphic designers, some of them programmer, some of them they're all knowledge jobs and things that are like you never have to you don't have to be in a lot of means for right is that that's where you run in trouble. Um so IT will be things like uh or it'll be uh kind of temper stuff, data, Terry, things like that.
Yeah do they have the american a pretend to be the the market?
AmErica will do the interview, right? So the american will do the interview in one of the things you can look for is you can look for if IT looks like the person is game prompted, so they'll the interview in the north korean person, i'll be listening into the zone interview and prompting them with the answers, like if this a programming interview or something. So if somebody doing IT and looks like maybe they are reading off the screen or IT takes a while to answer IT if if it's like a weird back and forth, that's one of the the warnings you look for things technically you look for like if you're shipping laptops to somebody and then you get like a team viewer installed or any desk or something like that because they have to remote dest up tool if you you hopefully now allowing bring on device, right so if if they're on your if you you should not be allowed remote test top tools and solved on your your devices um but that's that's another there's a buddle things you could be looking for um but uh IT has been a actually real chAllenge and it's a good demonstration um of a bunch of different kind of uh control failures uh in a band of orange ation and a really big companies have been hit and not at liberty to say but you'd be shocked that the companies .
that have have .
been hit with this really .
yeah really .
big companies force and fifty cheese.
But it's funny. They're not trying to hack IT. They are not trying to to put in ransome where or x fill trade information.
They just want a job. They just want make a living. They are they quality? I mean, are they good employees?
Do they do a good job? In a lot of cases, yeah, they are actually very good job.
So no harm, no foul. Well, maybe there is okay. There's little hard. But you know, we do have an embargo, i'm sure against that.
But that seems like the problem would be getting the dollars of out out of the country and to you know whatever wants .
to get a speak point, right so that persons get paid, they're getting ten fifteen paychecks, uh and then they're they're using cyber currency to get the money of the country.
But I did said I was going to ask you about the supply chain attack. I mean, a brilliant, I mean, you have to admire the skill and the tenacity that IT took for the I don't know if that was the master or the idf, but for the israelis to put explosives in these pages and to get him distributed to the leadership of, and then to blow them up, killing hundreds, IT is a kind of a terrorist action, i'll be honest, in my opinion. John, senator john fetterman of pencil, I said good on them, but IT also scary because IT IT shows you that a determined opponent can really screw over with the by suborning the supply chain. One thing that .
played in israel's favor as as I understand that just reading the same reports that you probably have, is that um because of sanctions um you know hesba options for acquiring technology like these pages were kind of limited and IT makes them a little vulnerable to you bit this kind of action and the reason they went to .
pages is because they knew the israeli head cracked the phones using probably S S seven what and also .
because with the phone you have a two way connection, right? So with the pages it's like not not a modern pager. It's IT was like the old I think seven hundred megger hurts.
So broadcast only, right? They moved to a pages because those pages are sent out unencrypted everybody and that the pages never go up, they only receive. And so that's why they were using these pages because you could not be tracked with them in theory.
Yeah, they're not I P based. They were I didn't have like A G S M R lte connection. They're receiving these old, old style. They don't work in most countries, I think. So that's why they ordered them, which made IT also, I think, much easier for the supply chain attack to happen because the number of people who were ordered in this kind of pager is extremely small.
How worried should we be about a vulture mal supply? I mean, we talk all the time about the chinese being opponents, and yet almost everything we buy is made in .
china for cyber attacks. I think we should be very worried and and why .
that's why we forbid while away the equipment in the states, right? And so targeted cyberattacks.
those have happened. And I am aware of a number of there is a bunch of cases that have not been able zed, where um the it's generally the formal level, right? So a device that is being ordered by a company where IT is known by the O E M that is going to be a reserve company, right?
It's not being bought out of the and that's that's what's true here, right? So like the key thing you have to be thinking about if you're worried about this kind of level of emissary is you want to be buying out of the channel. So if you're going to cdw and they've got a warehouse's of computers that made in china, you're probably find right.
But if you're ordering drink from the factory and you look at the shipping manifest and it's like shipping started in shanghai, then you might have a problem, right? The problem could start with the company or IT could start with IT again intercepted and again the united tes doesn't have clean hands here there is in this noted documents there is a picture of with their faces blurred out of in the same employees and polo shirts very carefully on rapinas esco box and then changing up the firm where right that they knew yeah so um the the U S. Was doing this a long time ago.
I mean that was over a decade ago. Um so the odds of the chinese are doing IT is basically one hundred percent if the U S. Was doing in a decade ago.
So yes, I I think it's solute something we should be worried about. I think explosives probably not so much. Oh, but hardware hacks.
Remember the the super micro mother board story the bloomberg never was able to prove.
right? That's the problem, is that like they vote the bad story that you .
think he was a bad story at the time.
I mean, I was silly of like A A grain of rice thing. Like that's not how you would do IT, right? Like if you if you want the bacteria super micro motherboard, there's twenty or thirty places in that motherboard where state is stored. You don't need to add a new piece hardware, right? You replace one of those pieces of state that are exist in one of the e problems that are exist in the firm where that would exist.
And so that the say, somebody like super micro of perpetrating IT would be somebody some supplier, somebody who got a hold .
of the motherboards. I don't think it's like an official, somebody micro be an employee .
could be a Green employee, right.
right? Or IT could have been. It's got to go through a lot of hands when IT shows through. And every box that leaves china goes through customs, right and right.
You know this like when you order something, sometimes IT says waiting in customs, right? IT says there are like the fedex benefits. When you buy a double computer, you'll say waiting in customs maybe for a couple days and so is absolutely a concern.
And companies that really concerned about this kind stuff, that's why you buy IT from the channel. That's why you buy again from A C D W or somebody who bought five thousand and they put in the warehouse. Um I in fact at one of my previous employers, we bought a device that we were suspicious about that there are some weird about IT is that we ended up going to, um I think anger, Michael.
I like that and we ended up like going insane. Uh, we want that one we just pointed on like a pilot, like we just picked out a red one from a piles because that that way that nobody could have possibly know that that was the one that was coming to us. So if you were playing at that level where you you're being targeted by state actors, that's not an unreasonable .
thing to be thinking about.
But the explosive stuff like, yes, I mean, that's if that's .
all harder to do.
obviously is is harder to do in like the the level. Like if you're playing at that level lake, if you're a terrorist s group and people are willing to blow you up, then you actually worried about that. I think the the only people who are planning to that level, uh, who realistically have that threat are probably terrorist groups.
Well, oh, that's okay. Well, then I have to worry. So it's okay.
Do you will cheese?
So it's it's only terrorist groups and we can we can relax so we can sleep easy.
You know, I I do think we have to worry not about hardware but like the you know software spill over. Um you know I think there there have been examples of of now where that's been rated at. Sure sure I will come thinking of the incident were uh male that was hearted at um at the iranian nuclear program, got out in the wild and a lot equipment okay.
So no so I didn't directly effect equipment, right. So stocks net was actually very carefully built. One of that there's a quote by somebody like IT was clear that stocks that was an american malware because that was clearly mware built by lawyers and had lots of checked and make sure IT didn't damage you. Seams p lc were the final target and Simon p lc are used than everything.
Um so he was very carefully built to not break anything but that but the problem about releasing a piece of where like that is, is you the difference between a cyber weapon and Normal weapon is a cyber weapon can be repurposed and used against the person who shot IT, right? You should to rock IT at somebody. They can turn around and shoot that rocket back, but if you use a cyber al weapon against somebody, they can just taken apart and use IT against you.
And that's for a short period of time. The only people who had those, those exploited were the united states, maybe israel and the islamic republic. Public can ran they didn't know IT the iranians but if they had look closely, they had some really hot exploited that they could have used. If they had been a little more careful.
why did they not know they .
weren't looking carefully enough and they were not um they did not figure this out. They thought their gaping was enough. And that in that time frame that was kind of the conventional wisdom.
Those scattered devices were gift. But what do they use? They use USB ks. The Candy dropped them. There's a bunch of different theories.
One of theories is that they infected a they attacked a bunch of uh farrs A E language websites and infected them ah and so somebody got there like personal ipod or something infected took king. Implemented in locally. There's also discussion that that might be a cover and that the dutch actually had a human intelligence who plated IT that whole thing, which is to cover for the human intelligence.
Interesting wow, that's that's quite a story know .
about yeah I .
know yeah yeah really good, really good coverage yeah it's a fascinating story. We're going to take a break. We have alex demos with this formally of these stanford in the observers ory. Now he's to see.
So at certain no one, we will talk a little bit about certain no one later because we're going to get a crowd strike in a minute and they do kind of a similar thing. But what did you say? The ones the one that didn't destroy the airline industry is that IT? I think .
you said IT leo.
I said IT not you. I'm thinking IT when Thomas is you're thinking IT but you're not saying that because you good guy and Thomas is also here managing edited same school business times, which also has never heard the united states in line industry in any way, shape or form.
I not of you know I have some .
great stories actually from open. We'll talk about that in just a little bit. But first award from our sponsor theme, when I found out about theme, want to talk the guys of theme, I thought, why doesn't end? Everybody use theme to protect themselves from around somewhere.
You know, your data is the most important thing in your business. Without your data, your customers trust turns to digital dust. That's why themes, data protection and ransome, where recovery ensures that you can secure and restore your enterprise data wherever and whenever ver you need IT no matter what happens, we call this data resilience.
And as the number one global market leader in data resilience, theme is trusted by this is this is a telling statistic, over seventy seven percent of the fortune five hundred news feed to keep their businesses running when digital disruptions like grand somewhere strike and then the twenty three percent who don't, you're going to see them in the headlines, right? That's cause theme lets you back up and recover your data instantly across your entire cloud ecosystem. No matter where IT lives with them.
You can actually stop at someone before IT, but you proactively detect malicious activity also. And very important, you remove the guess work by automating your recovery plans and policies. You do have a recovery planning policy, right, right? Get real time support should the worst happen from ransome, where recovery experts data is the lifeblood of your business.
So get data resilient with the V W E A M. Go to theme dot com V E E dot com to learn more. We thank them so much for supporting the show. And do we thank you for supporting the show by by going there and visiting him? And if they ask, say, I saw on then we I like the race mware mobile lawyers and I might make that the title of this show, i've never heard IT quite described ducks that quite described that way.
But that's on my line. I don't know who says .
it's a good line. Well, that will steal IT. I don't mind. I take I still from the best, actually, I know one of the stories that been going on around this week is the expulsion of russian maintainers from linux and linus tor walls. This is from the registers defended that you know, saying, look there there, there's an embark.
If you haven't heard of russian sanctions yet, he writes, you should try to read the news someday and by news, I don't mean russian state sponsored spam um so he is as unfinished you think i'd be supporting russian aggression but there are quite a few people saying, you know those maintainers russian or not where contributors they contributed great stuff. They have now been handful. Linux developers have been removed from the maintainers file.
The explanation was removed. Some entries due to various compliance requirements. They can come back in the future.
Sufficient documentation is provided. Is this a fair move? There's been there's been some criticism of blindness and the maintainers.
I I mean, you know, if it's open source, you can inspect their contributions and I ree decide for yourself, right.
right? And just cause somebody y's russian doesn't mean that there you bad.
But when you bring up compliance, I think that means that that means that companies are looking through their software supply chain and maybe saying, you know, hey, free, free, open source or not, we can't have this right. We can't run our business on the software.
right, right? What do you say, alex? You agree agree with the move?
Yeah I don't really understand that. So yeah.
why now, for instance, why sanctions are two years old.
right? I I can't put my on a sanction to not allow russians to contribute to open source o so there's a bunch of sanctions that are very hard to apply to any kind of open source or free service um know IT in social media companies and other websites. Deal is all the time of there's a big kind of controversial conversation around can you provision free services to people under sanction um and the sanctions on russia are not the strict sanctions.
The unites the strate sanction. We ever like cuba in iran and some other north korea countries like that. The russian sanctions are pretty you could still fly russia right is legal to fly to russia is legal to go there.
It's not a good idea, but it's IT is legal um IT in a way that is not legal to say golden north korea and spend money. So um no, it's they're pretty porous. And I this is not set a specific legal requirement is a risk.
I mean, the linux corner is the most reviewed. He's an open service software in the world, right? And so compared to, like the S S H patch, that that really was scary, right? No king, that very possibly could have been russia. Like I actually I think that was probably S V R or interesting .
IT for some reason I thought I was korea, north korea.
That's everybody want you to think .
that's why the problem is very hard to do. Attribution isn't IT because yeah, there's always misdirection involved. This this is the case where there was code introduced by the maintainer. This is one where the maintainer kind of retired and a guy who would really spent some time establishing his reputation contributed malicious code. Yeah, that the one yeah yeah.
That's right. We haven't really had any good updates and IT was like IT was a library that went into a library that went into S. S.
right? That was very smart. Something spent a couple of years working on IT, and they worked very hard on making people think .
he was .
in asia name. And the work in the emails were all in a nation time zone. IT was just very obvious, which .
makes you think IT wasn't right.
Asia was russian time. russian.
So good. Do that.
Oh, hello from beijing.
Cover your track. exactly. But then there is circles within circles, because if they had, they really wear asian and then they thought, well, you wouldn't think he was an asian if we said I was asian. So we're going to say it's asian because.
oh my god, like like there's .
several other levels above that.
What's going from donal trump about attribution? You know could be could be the russians, could be the chinese.
could be a four hundred hacker, hundred.
four hundred and basement. Yeah, right.
Who knows that no one knows?
Could be barred. Are there no overweight hackers in russia? China is.
So, I mean, in this case, to our walls, like fins have no last love further russians um and I I get that uh I feel like you the some of the biggest victims in the world of Victory puttin or the russian people right and so I I once again feel A A lot of sympathy for Normal russians like they .
live under A I think they .
suffer much right ah and um .
inflation is twenty percent now in russia because of all the .
military spending right? And if you are a Young russian man, uh, you are being sense me grinder and even .
if you're an old russian man.
russian man, it's convict or not .
convicted like anybody don't .
think anybody right and uh, you will be interesting if they start taking women right like it's, uh yeah it's not exactly the most works society but like it's it's hard start justify twenty twenty four only drafted men that seems to me .
but anyway that's that's one area of feminism and women's women's liberation. I don't know if I .
support my question and being .
set to the .
front IT would be hard the U.
S. To have. We do do.
And like is is interesting that they're so desperate for that you'll take like like, oh, you got one leg, i'll take you don't take women right like it's just kind of interesting when you also like the rush like an incredible history of, you know women threw wing multa cocktails at at not season tank right like, but anyway, I just find this weird because IT IT does not seem legally require to me and the actual technical risk is quite low IT just mostly seems like torvalds kind of doing his thing um which I understand but H A little bit the people .
dropped to one of the register from the maintainer list. Oversee linux drivers that provide interOperability with hardware from vendors like asia and serious logic. So it's a their hardware drivers and you think maybe those companies said, hey, I don't know. Thing is, if a company doesn't want the open source maintainer to drive the drivers, they could just write the drivers .
themselves.
Thank you very much. Provide the drivers for linux. Thank you.
Yeah, I am russian and hard ware companies. Yeah, anyway, it's a little, I mean, it's fine. IT doesn't hurt me. I just don't stand the justification without there being a real proceedings. And it's quite possible they're something that happen that we're not we're not aware of, which is unfortunate because if something happened, he should be honest about IT. He should say we got this patch and it's I right and that should be something that we all know about.
So i'm sure you were paying attention. I know only one and I verb last july, when crowd strike pushed out in update the forced windows machine. This is a reboard over and over and over again.
We should mention sent. No one does something similar to crowd strike, right? Your monitor now where activity .
in a similar business, we didn't do that similar?
No, I don't do you. So the crowd strike make basically .
the same more the where where are they are biggest independent competitor. So in the biggest company in the space is microsoft, uh because .
their products for the .
right windows defenders, uh, is like the biggest product space because they gave them away for free like you by mail you defender um but it's not great. It's like the it's the free thing. It's what but .
every windows using has IT. So I never thought that that's why microsoft offers der puts the feder and all versus it's it's not a one way street. You're not just protecting you. You are also setting back telemetry. Well, they have an enterprise version.
so it's not exactly the same. So there's enterprise version. If you buy e five license or if you get e three with like a package that is E D R, so they have a basic version and then cross state can send a one, make products that we call E D R.
E D R .
right right. And point detection response. So IT looks for mware, but also what he does is basically record everything that .
happens on your computer.
It's a sensor system and I send IT up to the cloud yeah. And so you don't do this for a noral computers is like for enterprise. And so the enterprise security team can see hope, something ran on the other computer IT called in the D.
L. Els IT. Talk to these IP addresses. I can reverse engineer all of IT without even touching.
You could do all the forensics and such without even touching the machine, right? Because all all the day is worry up in the cloud. That's when you're playing against this level of adversary. If you're plane against the north koreans, iranians or you know really high end ransom actors in such, that's what you have to do because you can't just be looking for known mware that exist in signature files. You have to be recording everything that goes on and and be looking for new stuff.
But that's how you find out about zero days.
right? You need exactly yeah but yes.
to me, I one of the percinet things is that to defend in real time against these kind of threats creates a new kind of fragility in in the system. And I think that's what the crowd strike incident revealed.
They were running in ring zero. They are running at the lowest possible level.
And like you know, you don't always have the opportunity to kind of like stress test these updates that are set out. Well, you do. I mean.
this is the difference between crowds for everybody. Ask them in the market.
you should teach them.
Yes, yes. So this is where kind of like that the issues are arise. There is there .
is an emergency to pushing out these updates. Yeah but at the same time, there is a certain it's in combat on you to make sure if they had put IT on one one or two machines at work and noticed they were rebooting over and over again, they might say whole way, and we got a little problem. They actually was a chain of failures. And IT is an old story, I know, but the reason we're bringing in up is because delta airlines is higher.
David boys, yes, that David boys, to seek damages from crowd strike and microsoft member delta was the airline that was down for I think ten days suffer half a billion dollars in losses, canceled thousands of light stranding many, many people including many Christinia warn and others um and they say if if if crowd strike could just done their appropriate due diligence this wouldn't have happened this is this is delt is complete cross strike caused a global copec cast strophe because they cut corners took and circumvented the very testing and certification processes IT advertised for its own benefit and profit if crowds to get tested the faulty update, by the way, capitalized faulty update on even one of a computer before deployment, the computer would have crashed. Now again, we're going to say that you are alex and kind of a competitive work for a competitor. So take this in consideration in in response.
crowd strike said that IT was delt as fault for having antiquated infrastructure which me know like I don't know how you met that, but I would not shock me that an airline has antiquated. If you look at southwest, um you have they have struggled with this problem of technical det um for for some time. That's right.
And you know many, many people who were bit by this crowd strike thing got up running much more quickly. In some cases, instantly we had one listener email us saying we had cross strike running on our perimeter machines. So they crashed immediately, which kept all of the internal machines.
And we were able to fix that fairly, fairly quickly. We felt, you know, we had a lot of our listeners to spend long hours that weekend fixing the thing. So yeah, I mean, I have to say, does IT seems less credible that the deltas problem was crowd strike and microsoft problem and was more deltas problem?
To be clear, they didn't end up suing microsoft. So that was the reason microsoft the lawsuit was only against gravity you think is the right thing. Because in the end, microsoft didn't do anything wrong. So IT .
looks like, well, so microsoft has an API that crowd strike, could use certain of one, could use top right, not to ring zero with these sensors.
So every E, D R, every like I and and our .
product has .
a nal module.
So microsoft A P, S are an insufficient to do the job.
That's right. They are. What they have done is is after this incident, they held a summed up at red men, and they actually went up there. Cross was there trend micro so ofs um kind of everybody from the antimachus dusty was there. And they're talking about the future in which you don't have to run in the cornal.
I don't think it's going to happen for a quite a while, and it's because there's at least three reasons why you have to be in the corneal. The first is to see all the things you need to see. There's a bunch of telemetry ary you need together.
Uh, that is just not a made available to user mode. Now that could could be made available to user mode um but microsoft tecture just do a really good job of being comprehensive in doing that. They never have in the past.
The second is to, at a very fast rate, be able to let these pieces of software intercept and decide whether or not a piece of potentially malicious code can actually do something, right? So yeah, we don't just alert, oh, this thing is bad. We do things like stop file access, stop network access.
And doing that from user mode can cause human gest performance issues, right? So you're never going to have microsoft create a call out to user mode that then synchro sly blocks a file read that would be insane to have a one hundred and twenty eight core machine production windows server that is doing synchronous user mode calls to for individual file accesses. And so doing that from the kernel, from the kernel thread .
is really the only way have to be at that low level to monitor and to do this kind of need to get in.
The third reason that I don't see ever been fixed is if the bad guys get to the kernel, the only way we can protect ourselves from being killed by the bad guys is from being in the kernel. And it's only been a couple of months since microsoft had a massive kernel vulnerability, right? So IT turns out they had this I P V six cornal vulnerability that is exist in every version of windows, windows vista.
So it's been around for I over a decade. And if the bad guiding in the kernel and we're only in user mode, what would happen if they could just make us disappear? It's like you traveling back in time and killing your grandparents.
It's IT be impossible to protect themselves, and so that it's called enti temper. And so crowds like us trend microsoft mselnet have coral modules. Now the difference here is you don't have to put all of your code in the corneal.
And that's a engineering architectural decision. Cross track made was they have a bunch of dangerous code in the kern nel and they're pulling their signature files into the kernel and they're parts in him in the kern nel. In fact, they are doing regrets es in the kernel and they're not checking these rejects and they did out of bound rejects.
Oh, there was a rejects that they crashed IT.
IT was a reg X. I was looking for too many items and and and they are doing looking unbounded regrets.
And so just filled the buffer over.
right? And so what you need to do is like if you have a country module, you just minimize IT and IT does the minimal stuff and then you're all the dangerous of usual mode. That's what we've done the interview time. And so I think we will end up as microsoft, they have this dream of pushing a ail the coronal realistically, realistically think what they can do is that could push crowd strike to one test stuff so you know to um not to pulls everything all at one and do the minal .
and do the minimal amount in the corneal and do the same .
amount .
that you have to do.
Yes, which is which is this is the big argument now that delt is going to make right, is that everybody else in the industry pretty much was doing these things. And so the fact that crowd strike was not doing stage rollouts, ts was not doing to library and rollouts was not doing testing because, like he said, this instantly killed the windows machine as soon as a named pipe was created in part of dozens of times a second, even an idle windows machine.
So like.
think you should know immediately if you do any.
What they said was that their test harness was broken and the guy who pushed IT out didn't know that. So he did test IT. But but the test hadn't been updated. So the test had a stub that just said, yeah, yeah, you passed .
and even on windows visual machine.
yeah I mean, yeah, yeah, it's fine to have tests, but you should probably run at once on a machine.
And then you do stage rollouts right? You never rule something. And then that machines.
yeah, we've seen that apple does that microsoft is that they don't push out these things ones nobody does that. So so you think there is some capability on crowd strike part h.
absolutely. I think they absolutely screw this up. These are like basic engineering things, right? Like doing stage rollouts is how people have done this for twenty years having telemetry. And rollouts is how people have done this for twenty years, right?
I guess the tRicky question is um is delta going to be able to kind of prosecute that level of of technical argument?
And do you push for a jury trial? Oh when I guess you do right .
or know about twelve random people in falling county to them like the world out.
yes, that's the point. You just say they screwed us because they didn't do the right thing and look what happened. And the jury goes here. I was terrible.
Of course. I I mean, this is also probably what you do IT involved.
And county is, i'm guessing, delta airlines .
like a lovely in georgia yeah and David boy is no way he's doing right.
Like he's a good lawyer.
IT seems like this will settle. I mean.
yeah. Didn't though right? Like that's why they failed accept yet great.
Yeah that that IT has not settled so far is to just you know either crowd strike is digging their heels or delt is asking for too much.
We should just mention for people who don't know the named David boys, you should he was the guy who let the government's prosecution of microsoft back in the late nineties. And he also represented al gore in the election of two thousand. He's, he's been very active, represented sereno s not to his best. He.
he teamed with awesome and overturning on the making gay marriage legal. right? Yeah.
that's right. He overturned, propped, good for him. He also represented harvey weinstein as any attorney does you you play both side, but he's a very.
very up front.
yeah. He did also represent two Jeffery estan victims. So I think of an attorney job is to be an advocate and on both sides of IT, he's very, very good tourney. So they hired the best, i'm sure the most expensive anyway oh my god.
I mean, yeah this interesting questions. Like are they paying them .
money or did he in the fifty fifty tf a billion llys they they lost due to crowd strike? That's so long of money.
So I think what they have to do is the big test here is they have to share that crowd rack was negligent, right? Because like the way these contract work is right, under Normal circumstances, you are limited to the amount of money this often are cost.
Well, actually, that's another interesting topic, which will cover at some point, which is a software liability. The eu has now will be talked about this tuesday on a security. Now the eu is now saying companies will be liable for soft.
Remember, every time you opens a shrink crack package, he says, we make no, we make no assertion. This software is fit for purpose. We will do what he says IT does.
We make no promises that won't break your machine. It's not us, man. And the eo is decided no IT is on you.
And I think that there has been some move in the united states to do the same thing. I think president biden's national security initiative IT also involves software liability. Yeah the national cyber .
c director that's part of like the national cyber strategy is to create some level of liability like the details of that are.
The is very tRicky, right? And you can bet that there are quite a few suffer companies, including some of the richest st companies in the world, maybe the rich st compound in the world that don't want to be completely held liable for the failure of. There are software .
handle and source is like, oh.
that's a big one, right? Lose libel for open source. You could just carve IT, i'd say with sober source is not did not libel.
which which then creates all these interesting questions about like that will create a huge mental and sentence for people to quit, quit, open sort and then create these weird licensing things where you effectively, it's technically open source. Your selling the logo or something you i'm sure, like people would find like crazy things to to .
use that there's no law ever made that can be gained in .
some way yeah IT IT would be interesting to see if um you know if a future administration or future congress really takes action against click rap licences. Courts have generally found that that those are valid, even though no one is actually reading the terms.
Yeah, it's amazing. Isn't anyway, I want to take a little break. We will come back. We have more to about A I and the whole show. Can you .
believe in we rut IT?
We are.
We must almost made IT .
ah it's hard to do to show these days without talking about A I have to say I go back and forth at first I thought, oh, there's nothing to IT. Then I became a acceleration ist for a while. I took a walk on a beat.
Sure, the guy, he convinced me. Now, I don't know, but anyway, we will talk about A, I issue an reason that you might want to tell your doctor, not to you say, just a moment alone. Thomas is here. And for this, for business time, things go well. You still printing a paper, a newspaper .
away me throws, oh yeah, yes, we we still put out a weekly paper .
on paper on the actual picture.
And you know, I think it's a useful it's a useful exercise to kind of think about like what's what's the one big story we can give readers a week if you know IT forces news judgment um you know IT howes news judgment and and it's a good no, it's a good kind of marketing piece. Conversation piece is supposed .
to just every day we fall another story, every day ten more stores. You have to think what's this weeks headline going to be in the santa is a business you I love sanfords is coca bless IT. It's I lived there for quite a few years. I just my favorite one of my favorite cities, and it's gone through some bad times and i'm just written for IT.
Yeah, I think we're I think we're kind of shifting from doom loop to boom loop.
good. I hope this .
true at the at the very least, getting out of the gloom loop. And people are kind of trying to trying to think of ways to get downtown more active, actually. Well, I was, well, was walking downtown from north beach. Uh, there was a concert going on in the downs area on a sunday, which I think would have been unheard of. Pandemic.
yeah. Wow, I good. I just love IT and it's it's a wonderful city, our little fishing village by the bay and and i'm .
glad that yeah you can still buy dunch ous crab at pier forty five yeah .
but usually you have to wait until after the dungeons crab season because they keep blocking IT, putting IT off. And last year we couldn't get dangerous crab until after new year's.
What's the point? I mean, crap for Christmas.
For Christmas is a tradition. It's the best craft. By the way, i'm sorry, baltimore art. We'll have more than just a bit with with the great to and Thomas, of course, alex Thomas, from crowd strike from center or one. C, C.
Crab strike.
Crab strike. Hey, there's an idea for a product when .
your dungeons crab season is disrupted. Crab strike is you turn to crap strike.
I should try you. Here's another show title.
The generate logo makes itself.
oh yeah, get to major any kids, let's see a logo. I sure that they ve brought, you know, benee, can you send alex the access to the discord? Because i'm sure they'll be some animated logos popping up in our discord any minute now with crab strike you up there.
IT is, yeah, well, these caps clause just for attractive and mates. Okay, okay. Now it's a bunch of craps, animated crab gifts in our, in our discord.
Shouto brun, you by look out, I love, look, I love the name and I love what they do. Data protection from end point to the cloud to your happy place. Today, every companies in the business of managing data, we talk about that a lot of means.
Of course, every companies that increased risk of data exposure and data loss between cyber threats and breaches and leaks, and of course, cyber criminals aren't get getting dumper. They're more sophisticated everyday. Modern breaches happen now in minutes, not months.
At the time when the majority of sensitive court rate data is out there on the cloud, traditional boundaries no longer exist, and the strategies for securing that data have fundamentally changed, which is why you need look out from the first fishing text to the final data grab. Look out stops modern breaches as swiftly as they unable, whether it's on a device in the cloud across networks or as IT often is working remotely at the local coffee shop. Look out gives you clear visibility into all your data at rest and in motion, your monitor, your assess, and you'll protect without sacrificing productivity for security.
You can still go to the coffee shop with a single unified plan platform. Looking at as another advantage is simplifies and strengthens. One platform means one source of truth.
Not a lot of complexity, not a lot of cracks for things to fall through IT reimagine security for the world that will be today. visit. Look at the calm right now.
Learning had a safeguard data, had a secure hybrid work, had to reduce IT complexity. Look out dot com. Thank you so much for supporting our show, and we thank you for supporting the show by going to look out dot com.
We also thank our club twit members who make this show possible with are seven dollars a month at three versions of all of our shows and lots of other benefits. We had a great Stacy book club on friday, next one coming up in december. We've got some books.
You can vote. If you're in the club, pick the book that you want us to read and we'll get together and in a couple of weeks and talk about IT. This friday, it's our photo guide, Chris mark, work again. We strain these lives so everybody can see him. But if you want to watch him after the fact, you have to use a twit plus feed, and that's for club twit members.
We don't want to have A A complete impermeable pay wall, but we do want to encourage people to join the club that helps us baLanced the books, Frankly, doing go into my pocket IT IT helps pay for beneath and and all the all the people who do you are such a great job keeping this network are going. And so we've tighten the belt quite a bit, moved out of the studios you can see in the miami, but we also need your help check IT out, twit, that TV slash club to IT. And whether you're club twit member or not, I want to invite you to help us out with our best stoves, but, you know, says, help me.
But we do this at the end of every year. We take the best clips of the year. We runned IT as our holiday special. We're going to do IT for this shown and number of other shows.
If you've got a if you've been watching all year and you have got a moment, you really remember that you think would be great in the best of I invite you to contribute IT. It's easy to do. We have a page on the website, twitter, that TV slash best of give us as much information as you can.
If you don't know the exact date in time, that's fine. But whatever you know, dup fill at in and then i'll help and anyone, john Ashley and Kevin king and our great producers put together a best up for you for this holiday season. Oh, now or bert puts some delicious crab up on just score.
We're ducking a lot of crab in the club. yum. All right, on we go with the show, our great panel, alex stamas oin Thomas.
Let's talk about A I researchers say that OpenAI whisper that A I, its transcription you tool, is being used in hospitals. I know my doctor was at the doctor the other day, has a sign. He says i'm using a transcription tool so I don't have to type while you're talking, so I could pay more attention to you.
The problem is these tools, in fact, whispers specifically says, don't use this in high risk domains. But IT is unfortunately prone to making up chunks of text or even entire sentences. This is a story coming from the associated press.
They interviewed more than a dozen software engineers, developers and academic researchers. Experts said some of the invented text known in the industry, as fluctuates, can include, and this is really shocking racial commentary, violent rhetoric and even made up medical treatments. Unfortunately, whispers is being used in at many industry, including in hospitals and in doctors offices, to do transcriptions oops.
University machine .
and researcher conducting a study of public meetings, for example, said he found illustrations in eight of every ten audio transcript inspected a machine learning engineer city initially discovered a lucco ation about half of the hundred hours of whispers transcriptions do we use whisper .
beneath for our trip ripon?
We use mans podium point AI it's point AI.
Okay.
i've used whisper locally on my mac, and I thought I did a very good job, but I wasn't looking. I think if you few swiss pers on a pib guest, much less likely to harm somebody, then if you use IT in the medical setting.
yeah, White whisper of tpp is actually like a super optimized version that runs really well. K and review is that the version use .
I can't remember because he .
opened the other versions like python is .
actually quite slow and it's hard. It's did stall and so forth. It's on the APP store. There are a number of whispers on the mac APP store and they're all .
based on the same model. okay? There's a good one called whispers that tpp, which don't get up and .
pretty easy to OK compile.
I member recommend anything if you want.
This is very compact.
free. If you want to, just do IT from the command line but anyway, uh yeah works fine for that. This is I think actually brings up a good example of where we need a regulation and glad that you, uh, newsome vetoed the okay.
that's a good question. yes. So the governor of california video, the A I regulation yeah there was a mixed um you know there was a Nancy pelosi, for instance, lobbied hard for him to veto IT. Elon musk said, please pass IT so this kind of a mixed bag of people against and four yeah newson said it's too early for regulation and this is not the right regulation, but he would work next year with the california legislature to come up with something more appropriate.
Yeah, I actually wrote, and I bet in my old hometown newspaper, sc b, against IT. I bet you .
since you in sex of the state's capital, yeah, a lot of people, a lot of legislation might were your objections.
So a couple things, one that I was really driven by the tumor. I mean, for my perspective, like the A I regulatory conversation, too much of IT is driven by the size fide tumor folks, which is probably why elan.
elan is one of them.
That's right. Some of those people, I think legitimate mors, like they really do believe that a is going .
to I think Jeffery hinton, for instance, nobel prize, nobel law. Yet Jeffery hinton, who was the father of of neural networks, that's what he won the nobel prize for. He says, yeah, we're headed for doom, doom, gloom, right? So those of the speaks, right, I mean.
but I think IT doesn't do anything in that area, right? Because IT IT only applies to california IT only. Although.
as some have pointed, the fifty largest economy in the world, as california goes often so goes the right.
But like realistically, this was a law that was just going to push up about their companies out. This was the, this is the full employment for Austin software engineers act, right?
I think that's what newson was saying as well. And one of the things people in like was the so called kill switch. If you have a big enough company, you had to have a that's a very much sigh fight, right? You had a place unplugged the I so I and the other .
promise is like we're only really going to be able to do this one at the state level, right? I should do with the federal and and IT did not address what's going on right now. So what is going on the AI right now are things like this, right, that you have well meaning things that have been toys.
They're been free right over day. I put out this, this experiment, whisper that opens source that meant just for people to play with and to give feedback on and for fun. I use IT for you.
I use that for some academic research. I have used different fun things. And IT explicit says, do you not uses for anything important? right? And this bill would do absolutely nothing to discourage doctors from using IT. For people from using in life saving, in life critical situations, IT would do nothing to punish people who decide to use IT in situations where could actually have real impact. IT does nothing for the fact that people are using the eye to really cause really serious individualize harm. For the creation of deep big note, the creation of artificial child sex al obese material, the creation of uh this information and you know deep fake images to manipulate our election IT is nothing for any of that. And so like if we're going to pass a bill, you should address what's going on today and not just apply to when he was only going applied to models that aren't going exist for a couple years anyway from the baseline that I had and for risks that aren't to exist for years in years IT was this kind of silly.
And I had a much stuff in there around modeling risks that really can be model by companies and are made making your fundamental baseline models um i've like thinking about, oh, how could this thing take over the world and so all you're going to do is generate these are huge pdfs of how could this large language model possibly use to take over the world and they never actually address the bad things are happening and and all all that you're gonna is like people will be like, great, didn't we pass a regulation? And then the reading story after story after story of this kind of stuff that's that's actually hurting people day the day. And IT was really stupid for my perspective.
Yes, I think I think the risk with with any legislation is really the bigger rist for me is legislative capture, which is essentially that a dominant company like a OpenAI shapes the legislation um to kind of suit its business model and discourage uh, new entrance. You know one example I think is paypal. You know paypal early onset or we don't need to be regulated.
And then as they got closer to their IPO, they said, oh, you know what, we're going to register as a money transmitter in all fifty states and and get legal. And then that created a massive regulatory mode that new companies like, say, a like a square had to job over. To be sure .
you might even say that's why elon musk wanted california to pass that bill because he has his own AI grog and he he loves the idea of timing competition. He also signed that that letter that said as long with jeffrey hinton and that said we should pause AI development for six months as if the chinese would pause their a develop for six months.
But the part of the thing that worries, I think, a lot of people with A I is giving A I agency in the physical world. You know, giving wapper the computer for war game is the ability to launch nuclear missile. That seems like a bad idea and yet IT seems like the direction we are rapidly moving.
I mean, to take you back to the early or topic, isn't that essentially what's happening in in ukraine?
Yeah, it's become a test bed. Hasn't IT for autonomous weapons, including drones, which scares me a little bit. I think that there's a reason maybe to say don't give A S agency until they can stop illusionary .
at least well know the reality of the of the battlefield there is that um gaming has become kind of a know part of part of GPS jamming .
yeah yeah yeah .
and communications jamming has been A A very strong reality of the battlefield. So you know the answer to that is you create drones that can you know basically function while disconnected on their own. That autonomy .
that responded that right?
So that's where you know seems like where we are rapidly headed. Take you back to take you back to iwan. Taiwan is studying what's happening in in ukraine and kind of the a metrical um drone warfare that know ukraine is is smartly deploying against against the russian invade.
effectively very .
effect. They're basically looking at is there going to be a way to sink the chinese flotilla um before IT, before IT hit S A S not just taiwan that's .
watching what's happening ukraine, you know china is also watching with great just also to see how the us and the west respond, right? How hard is IT gonna be to take over time? Wan, one thing that concern a little.
This week, anthropic announced a tool that can take over the users mouse cursor. And in response, google said, oh yeah, actually google didn't say, but there is a report that google is expLoring a AI that could take over your web brows. Er project jarvis, which kind of make sense. The idea is that you tell the AI, hey, I wanted uber and the AI goes to the uber website and books the uber for you or does the shopping for you or or whatever.
You know, my first response to this as a consumer is inject this directly into my veins.
You are project servers.
You can wait. How how much time do I waste clicking on the button? That's yes. I accept your terms to connect to to the wifi like every day.
Just, you know, hey, you apple, you you claim to have apple intelligence, will apple intelligence that wifi just click IT for me, I just want to connect to the wifi. I don't care what I just agreed to because I don't have any choice. I wanna back to the wifi.
This is iron wooz story in the information. And the headline is a little bit maybe sensationalist, that google preps AI that takes over computers. But that doesn't are me. That's agency in the real world. I mean, if you can't trust IT, but this is a super ser this .
is super common in the enterprise like there you know it's a it's a whole field of automation um where you essentially computers are being trained to duce kind of some of the grunt you know ground war copy pace, click um and actually automate that after that stop level.
Well, good news. You'll be able to inject this into your veins. Mister Thomas, by the end of the year, project java, google. Funny, because they announced this stuff all the time.
Google, I, O is full of announcements for stuff that never really ships, but they are starting to inch closer and closer to, you know, right now you can have google, try to book a hair appointment for IT or a barber APP lolotte for you. A restaurant reservation I was at my barber is the other day, and she's, yeah, you've getting calls from google just staying up on IT. So I don't know with what success I keep waiting for the simultaneous translation that both OpenAI and google have a promised. I guess we're getting inching closer to that, although if it's using whisper AI, maybe that's something to be a little bit nervous about. Do you worry, alex, about AI getting agency getting getting actual agency in the physical world?
Not so much. I mean, I the thing that a number people talk about being the big gap is that AI doesn't want anything right. So um that that is still something for which there there's not a fundamental way about A I taking over the world. The real problem is in a doing bad things because human beings of investitures. So I do worry about these situations in which um people.
humans, the problem .
humans put putting A I in situations or a is making decisions that are life critical and we should not do so. Yeah that that is what the risk is and and we are doing that intentionally because it's cheaper, faster. We're more convenient .
for us yeah actually i've seen some say that one of the uses for AI is by companies like x confirm like twitter is because x created at as platform based on users contributions. But as users leave the platform, we have to turn to something else. We've mind all the user contributions next time for ai to fill in the gap based on the user contributions that the AI has scraped, right? Let's take a little break.
We've come back with the more we're talking to the smartest people I know, of course, alex demos from a certain on one he's a see so there and oin Thomas from the fantastic and fortis cope. So they brought you buy. And maybe after listening all this, you might want to use express VPN.
A few decades ago, before the internet, private citizens used to be in private. The internet changed. All that hasn't think about everything you've browsed.
You've searched for, you have watched, you've waited. Now imagine all that data being crawled, collected and aggregated by data brokers put into a permanent public record. Your record. They know everything about you.
We know this after the national public data breach, where hundreds of millions of people's social security numbers were bleached, their names, their addresses, having your private data exposed for others to see was once something only celebrities had to worry about. Now in an error where everyone's online, everyone's a public figure. That's why when I go online, especially when i'm out of the house, I keep my data private with express VPN.
This is a great, really great company doing a VPN that really works because they take the they go the extra mile. Now it's not a free VPN, and I would caution you against any free VPN because if they're not charging you, they're paying for the VPN somehow very likely by selling your data to data miners, right? They've got to pay for these servers somehow express VPN very reason lesson seven box a month when you are offer.
But but that seven box goes to supporting servers all over the world, rotating their IP addresses. So it's not even obvious you're coming from a VPN. So one of the ways they can to get around geographic restrictions very effectively, they also have enough bandwidth.
You can watch hd video. You can watch that netflix show out of the U. K. At home and still see a ng d video. They also really respect your privacy.
For instance, when you press that button on your express VPN APP IT launches the server. The default is the closest, fastest server, but IT could be anywhere in the world watches that server in RAM. It's sandbox, so cannot write to the hard drive.
So euro. And then as soon as you leave, as soon as you close the VPN connection, it's gone out of RAM and there is no trace of your visit at all. So that's one way.
Express VPN takes an extra step to produce, protect your privacy. They also run on a customer bond distribution that every time the server is revoted wipes, the hard drive starts completely from fresh from scratch. So even if I could somehow right to the drive every morning, it's gone.
That's what I call caring about privacy, going the extra steps everyone needs to use express VPN because you're not using your devices unique I P address. You're using their IP address. It's hiding your IP addressed arch makes IT much more difficult for data brokers to put together the information they get about you. Is the best V P N out there because IT encrypt hundred percent of your network traffic, of course, of strong encryption to keep your data safe from anybody on that public wifi network. That's really important too, because even if you're on an egypt site, you know, we now know, thanks to fire sheep, that unencrypted non HTTP s connections would be visible to that guy when the hoody sit next year in the coffee shop.
But even if you can see the content, you can see where you're going, you can see you've logged in, you can see your computer and in some cases, using simple hardware, he can identify the access points you regularly access, including your home access point impersonated, your computer goes, hey, where home joins his computer, you can tell because he's connecting you to the internet, but he's also watching everything that's happening. And there's all sorts of things that express VPN prevents. IT works on all your devices, your phone, your laptop, you're tablet.
And you can even put express VPN on your home router. They even offer reuters very good reuters for sale with express VPN building and you're protected. Everybody in the house is protected that way.
Protect your online privacy by visiting express VPN da comes slash to IT exp R E doubles VPN dot com slash to IT. And here's the deal. You get next to three months free.
When you buy a one, your package, bring the Price down below seven books a month, express VPN dot com slash to. And we think of so much for supporting this, we can tell, and we continue on with our fabulous panel. We've got alex demos here or in Thomas hello panel. Hello.
I was just demming that kind of interception for my students. Wifi pineapple.
oh, the wifi pineapple. You went up. I saw you get up. You ve got your pinnacle. yeah.
So that thing is like a hundred some box, right? Yeah, it's not expensive. Uh, you know, our dear friend darren kitchen sells IT on his side. What is the pineapple do?
Uh, there's a bunch of things, but that one of the cool things that does is that will listen for beacons from clients who are looking for their memorized list. Oh.
so that's how IT figures out what your what access points you've you've .
joined in the part.
right? Your device. I never knew that your device is sending out the names. The S S. Ideas of of, of.
of fi, of the wifi remembers.
yes, oh my god, all the time.
all the time. Yeah, yeah. So I was doing that in class is like, I was teaching wifi interception. I was running IT and then I popped IT up of like, oh, by the way, anything any of these look familiar and it's something of the friends they live .
in and oh my god, yeah and of course, the way to use that is to find the one that looks like home.
What right do you what you can do you can put I wasn't doing this, is that would be a violation world text um but you can set IT to a mode were automatically then for anything that gets out there and .
automatic advertise that accident and it's closer it's stronger than the the wifi .
access point you can set .
to be illegally loud yeah really .
you can tell you to to transmit at a level uh that the fcc is not happy with yeah but .
they're not in the coffee shop the moment, right?
And so you have in your backpack as you as you walk around on campus or wow.
So now you're impersonating the flats wifi access point. That laptop joints is saying, here i'm home, right?
You give A D, G, P. Address IT IT is descript.
T, L, S. Traffic though, right? That's still encysted.
No, IT should not be able to do that automatically. You'd have to do something tRicky there.
Da p, so one of things .
you can do is you can be, so if somebody y's begining out for an encrypted network, then you can mean the middle of W P A hand. You kidding? You can take, yes. So you can take that. One of things we do in the class that I actually have them crack A W P A can check to wp a one, two.
three.
That's why we use W P. A crack on here how you do IT on like a fast p or preferable GPU because .
you to collect enough packets.
No, just the.
just the handshake.
Yeah just the initial handshake. There's a nance and but IT uses a an old algorithm. Do that .
jealous of .
your students .
knowledge. So what is the name of that course?
It's called the hacked lab. It's international cybersecurity, international people. Six, eight.
That's not. That's the one where you're going teaching lawyers had to do that stuff.
Yeah, yeah. That's my inter ted cyber for non CS majors. And then I teach .
CS in this brain, you know, I think everybody should be, should what you just told us. I don't think people generally know that. And that pineapple is widely, but it's not an illegal device, right?
You can. This, I told my students, buying the device is illegal. Only the device is legal. Almost everything you can do with the device is illegal.
It's violation of .
the wireless law. Yeah right. But like actually buying and not in that is fine. But almost all the band you pushing IT are technical.
not legal. So when five cells IT, they're saying it's for pen testing, right?
That's right. yeah. I just be very hard to use IT in a way that's legal because if you ever even in a pta situation, if you're using a situation where you ever usually against somebody who did not consent technically .
be lego good friend. Russian shorts, of course, hosted flows weekly for years as a brilliant perl programme very well though working in in tel. And he noticed a vulnerability which he exploited and then revealed to intel and they prosecuted. And I me went to jail and he thought he was doing him a favor.
You can be careful.
Yeah, be careful. Don't don't do anybody any favors. Theyve mean that.
Take, well, other news, video game preservation ists have lost a legal fight with the U. S. Copyright office. I think this is really a shame.
The copyright office was asked, can libraries land games, particularly out of print games, old games for study, just as they would lend books? Kendra Albert, representing the software preservation network and the library copyright lines, said, preservation is sworn, asking for a lot. IT was the thing that basically exists for all kinds of special collections in the library.
The library reviews the best request. I I D like to look at this gutenberg bible, make sure it's not harmful, fully allows access to work. You cannot check out the gutenberg bible. Okay, I know I tried, but but they're plenty of old at a date, first editions, that kind of thing that you can check out, free research purposes, all forms of media, but currently not video game cartridges, because the entertainment software association argue that people would take advantage of this to liberate the games to to damage the market for classic video games and that the preservation ist didn't quote, have appropriately tailed restrictions to ensure that uses would be limited to teaching restriction of scholarship uses. And the library of congress agreed, which is said, I think because these video games are an artwork that without preservation ist will die, and most of these video games the publishers have no intent to resell, many cases they abandoned. It's funny because the library of congress just recently made IT legal to repair the mcclure I machines.
So at least they have the priority, right? Thank god.
But check out the video game cards original they so this this goes through the library of congress because it's part of the dmca, it's part of the copyright ate law. And the library of congress gets to rule on these, the e. sa.
said. We recognize the importance of preserving video games, protecting game hard work in their significance and cultural society. That sounds good.
That's good. With today's decision, the U. S. Copy office confirms that current level of video game preservation is appropriate.
We got enough preservation, okay? Okay, congratulations, esa. You have protected somebody in intendo. I guess I don't know .
atti whoever owns the who owns the atti IP 呢?
Yeah, there is a company. There is an attarian effect. I I bought a little. So this is the thing. There is a market for these games being reseed.
I bought a little mini atari four hundred was this big with all the games built into IT. So some of these companies are rereleasing them. I want you a classic game of this.
You know, I I was reminisce with my brother about a game we used to play, I think, on on an apple two called temple of up shine.
Oh yeah.
And apparently that is one that you can play online through a doss emulator. It's the really old games, you know, ever. I've kind of fAllen into that abandon where category were.
The publishers either have release them or aren't going after people but yeah it's sad that um you know abandon were sad. Um there's you know there are a lot of abandon works. Um you know i'd be very concerned also about what's happening with the internet archive.
which is fighting .
up of of copyright losses as well as a .
recent yeah .
tack yeah no that's a really important institution. And um you know if we you know I think people think of of IT as the way back machine, but IT preserves a lot of digital culture and content.
Steve gibsons was talking about the internet our time of the other day. This was an even this is an interesting he there's a new you ably know about this, alex, a new email standard called bimi bimi that allows you to embed your logo and email almost like A A verification set um it's kind of certificate back so that people know this really came from, know the internet archive for mcDonald are whatever.
And in the process of doing this, he went to his the certificate authorities are two certificate authorities that do this, one of which is digit. He went to digital t and they went through. The whole process is like getting in the eva search.
They call and make sure you're, you and all let's stuff. But the way they find out that you have legitimate acts, that your logo really has been your trademarking, you've been using IT for some years. They go to the internet archive to verify that you've been using this logo. And so this application has held up because they can't do that.
right? There are .
so many right now.
but it's that's where because you pl, you can search that .
want more than just the fact that you have the trademark they want for some reason to this, I think, is part of the bemi standard they wanted. Do us show that you've been using this for multiple more years?
I guess also what the U S, P, T, O is entire to would domain, right, so that they probably check usp t yeah. And then they also need tired to like something that com.
Yes, because I have the trademark for this little shiny logo behind me, but I, but I couldn't.
How do they tied to put TV exactly?
I couldn't prove and use them on the website or for my email without going back to the archives.
It's time to like see ah according to sp, yeah exactly.
Apple has this is interesting, the information, the way mow reporting. Apple has sharply scaled back production of the vision pro, to which john grubber replied, no, they've had exactly as many as they thought they would sell, which wasn't many. I don't know what the answer of this is.
October thirty first, apple will have its quarterly results for this quarter, but I don't think they will mention how many vision prose they're sold. But there really is some question about what the future holds. Oh, and I know you love your vision pro, right?
I am, I am A V R uh A R hard skeptic.
I just so I just don't .
think people I just don't think had sets and I don't think they get Better when they get lighter. I think that you know I think there's so much more promise and kind of um ambient technologies like airports, for example. And an apple has a huge growing business in airports.
I think it's uncovered, underappreciated. You the ability for syria to kind of politely interrupt you and let you know you've got a notification that's huge and you can like you only have to kind of distract one sense, keep your eyes and hand free. And you know V R kind of assumes that your eto, your eyes, ears, hands are all going to be focused on on a task. I just think of how people watch TV these days, which is generally with, you do have A I yeah happy and you know and you know another screen in the in their lap um you know how do you reconcile that with the idea of a of a vision pro or a metal quest?
Well, in the other thing people do is they watch usually with other people. It's not like daily drinking. You want to do IT alone.
And if you put on, you strap this computer, your face, you're now suddenly in your own world. Whoever is there with you is being ignored. I could I mean, I just, and also i'm of the opinion, nobody wants to strap a computer on their face.
Maybe I might disagree with you and on the idea of virtual, if these giant glasses that i'm wearing today, but heads up display in cameras and some AI built, and I have the meter ray band and it's kite, a cool. You can look at something and say, what is that and it'll give you kind of an area AI generic description of IT. Although I did do IT here in the studio and I said you're looking at several screens and you have the kind of setup that could be used to do a live video stream, but I thought was pretty impressive.
I mean, it's obviously early days, but I think that might be don't you think that might be kind of cool the oil you'd walked down the street? You go, who is that guy? IT says that's leal report he used to host to IT.
You know him I think you know I think glasses you know where it's .
see through yeah yeah you know .
it's something you know like I I have my sunglasses on most of the time but i'm outside it's california, right so that has potential. Um I I just very skettles al of immersive technologies yeah I think yeah .
because we life happens in multiple yeah multiple dimensions. How about you, alex? Are you a VR optimistic peers?
Yeah so I mean, I would love to have an A R. I think that the metal glasses, uh, with actual A R over late would be pretty cool.
There are pretty cool. Yeah, they're already halfway there. I think .
that the situations have enjoyed VR is when it's actually tied to my PC. Um and so you .
like the screens yeah .
like the full screens. But yeah I don't like being fully cut off from the outside world. I just I don't have a life where I can do that, where I can just cut off completely. I just children .
right about situation where A T mea situation .
just completely cut off myself in the world. So um and there's no none of the headsets would allow me to be in still have a full vision, still feel like I can be somewhat connected if somebody walks behind me, if my wife puts her hands on my shoulder um that you know like the fact that i've been sitting here with you for a couple hours .
and a kid has not bargee in is a we're almost done .
so let the the kids can run free in head on the swimmer like it's just crazy that .
like I was handled the .
couple text of like no, no, you can feed yourself. Amazing it's shocking. But like there's no way we could have done this in V R, right? Like something would definitely happened.
When I first started working at home, the kids were little like two and five or some. They used to come to the door. They know dads in there, and they would pound on the tour that so let me in, let me in. It's like IT did not work very well, did not.
But I really feel like, I mean.
if I could really have.
yes, I like fifty. I fifty seven Green right .
now or do you yeah, that's the super wide one.
the super wide yeah. And so lets me do three. I do the three screens. Yeah, right? That's cool. It's great.
But if I can get that level resolution and still be present and have perfect visions up, but that's not what you get right when you put them that, no, it's like you're looking through ridiculus right? And IT feels constructed to me IT IT feels weird. I I could not work in IT all day.
And also I I don't want to be in tethered and that's where everybody, oculus, apple, everybody wants to do the full computer. And so that makes IT too heavy in such. I would not mind having if they could give me the full thing and then have a connected to my computer. But people are moving away from that. I owned the original .
oculus ah and .
nobody wants to do the light. Wait goggle, that still has to be connected to a full computer.
right? Yeah, I I I think it's one of these things that is not improved by Better resolution, you know, Better battery life, Better technology. It's just a bad idea.
But they A R, I mean, that would be pretty ool. Like if I could have sunglasses, I can walk around with the facial recovery tion. Self is super creepy. And then also I always have, like my biggest problem I go in the conventions is recognizing people's faces.
right? So it's creepy .
and I am really convenient.
You sense .
bob oh my god, is to see maybe people opted in because we're linked in like we know each other are linked in. So they have said, just know who they are and that's a good idea. Like if I had a linton APP that's like, you know this for some .
linton maybe that's what marisa mayer is trying to do with sunshine yeah, just too early. You know SHE has a contact manager that nobody really seems to want, but maybe that's the whole idea that could be that up in thing. Oh, I like that idea that's really cool.
an existing social graph that are not doing stranger yeah .
so can't mak on some woman you meet on the subway.
Of course, other people to do that.
but we don't have harvard students have already figured out how to do that with the right baLance. I I actually speaking of isolated in yourself. Apple, one of the things apples pushing with the airpower ds, and they just I think you'll come out this week is IOS eighteen one.
There's going to be some limited artificial intelligence. Apple gonna have a big week. We'll cover IT all in that break weekly on tuesday, but including new mac mines is over, but they're going to push out this update.
I did try the public beta of eighteen one because I wear I my hearing aid where I wear. I warned residents and starkey and warning, go to on hearing aides these days, because I have, you know, after many years of being a DJ and listening iraq concerts, i've pretty much defined myself. I mild hearing was not real strong.
So I tried the apple airpower because they have a new hearing aid motors they touted, and I tried them. And would they do work very much like a hearing a, they will amplify voices around you. They have a lot of intelligence.
But one thing they do, and I don't know, apple realizes, is very similar to this whole vision pro issue, expensive Normal hearing aides don't seal your ear. There's a little thing goes behind your ear and there's a little dot that goes in your ear. But it's an amplifier.
You still hear ambient sounds, but IT amplifies the voices because that's what people have a hard time hearing. They want to hear people's voices. So IT amplifies just of a specific range where you're hearing loss is in in the human voice range.
You're not isolated is what i'm saying. And as soon as I put in the airports, that seals you off, all of the audio input has to come through its microphone and its speaker. You no longer here ambient sounds except through the computer.
And I think that's a mistake. I think that's very much like apple vision pro or your suddenly you're relying on the computer for your perception in the outside world. I was actually disappointed because my real hearing is, are thousands of dollars and the the airports poor two hundred fifty bucks.
This this is a really strong example of a productive uh, deregulation. Um absolutely.
O T C. Hearing is absolutely.
I mean, the idea that you need to have IT like fitted by a specialist, I mean, absolutely go to go to a doctor, go to A I.
I will lobby by for the use of analytic logic. But a lot of people can't afford IT. And as a result, that in the stigma of wearing hearing aides, so many people who should have hearing aides don't. And if this puts more hearing aides into the years of people who would otherwise not have them, I think that's great. I think .
that's great. IT is creating like a weird social issue that like if you see somebody with an with an airports and are you talking to them now.
are ignoring you yeah .
exactly. So are you assuming their heart ages now? Um I mean, I think it's great. I think um I think the blue heinies are actually pretty ool. It's sunday. My mom has benefit greatly that my dad here in age or pollute and so we have a cv set up that that football go straight and I could .
take phone calls and I even get serious saying you ve got a message in my hearing is no, it's great and you can do and newer hearing adds use their microphones so it's they're just like airports yeah but there are medical devices as a first so like you said.
I mean the fact that it's only a couple hundred box verses yeah let's say .
one more break and then a couple more stories. We're going to let your kids take you back. statement. Sis, here he is a seesaw at central one and I just love have you on alex, you're so smart and you know so much about these subjects, you've kindly agreed to come on kind of semi regular basis and I am really grateful to that .
for yeah thank you.
We just think the world of you and and your students, probably to two, also hear own and Thomas, he's managing either the san Francesco business times and also a dear friend of the network. And we always love having you on on and as well.
So I love here.
Yeah, it's fun. It's fun to talk this truly stuff over with smart people. That's how I learned. I just see here. go. Ohh, oh, wow.
Now let's talk about, are we talk about E D R there? There are some things that E D R does not solve. This episode of our show, twitter is brought to you by one password, which has kind of a new approach to all of this.
If your your end, let's let me give you a rhetorical question. Do your end users always work on company, on devices, right? All, of course, and IT approved depth.
They never use anything else, right? wrong. Wasn't the last past.
The guy, the the device guy was a running plex on his laptop. And the end patched IT in a long time. And that's how the bad guys got in.
No, people bring their own devices. How many iphones are in your enterprise? They do use their own apps. It's so hard to control them.
How do you keep your companee data safe? When is sitting on all those unmanaged devices and all those unmanaged dabbs? Well, that's where this new thing from one password comes in is so cool, called extended access management.
One password, extended access management helps you secure every sign for every APP on every device. Because IT solves problems. Traditional im and m dm cannot touch. If you think of your company security, we will try that. Sara Q S.
Says that beautiful quad drank le and a college campus with the Green sward and the perfect brick path leading from I V covered building, the ivy covered building. That's like your your company's network. If it's if you just look at the company own devices, the IT approved apps, the managed employee identities, but then every quad wrangle has IT those pants.
People actually use the shortcuts, warn through the grass that are the actual shortest distance from building a to building b. Those are the unmanaged devices, the shadow IT apps, the non employed in these, the contractors and others in your network. Most security tools work fine on those happy a little brick path.
Unfortunately, a lot of the security problems take place on the shortcuts, right, the way people actually use their hardware and their perhaps one password. Extended access management is the first security solution that brings all those unmanned devices and apps and identities under your control and ensures that every user credential is strong and protected, every device is known and healthy, and every APP is visible. Its security for the way we work today now generally available, the companies using octave and microsoft intra it's invade a for google workspace customers is really clever solution.
I want you to check IT out one password, duck com slash twitter as the number one P A S S W O R D one password dot com slash to IT. We thank so much for supporting the show. We thank you for supporting the show by using that address.
So they know he saw here one password that com slash to IT, wrapping things up a little bit on this episode of this. We can tech. I have to mention this, Roger and walmart is from a new york times story, are adopting digital Price tags.
You know, if you've ever worked in a growth, your story, you know, you like that Price gun that put us, remember, they used to put stickers on everything for the Price, and then they stopped doing that. They just put the Price on the shelf. Well, now those are going to be digital.
And there is a little concern that the reason they want to digital because they can change IT like that. And there's a little concern that there will be something called surge pricing on your groceries. Croker and walmart say, no, no, we would never do that.
But members of congress are are a little worried. Dynamic pricing. A lot of people buy an eggs this week.
Let's raise the Price twenty cents. Milk is and not selling. We got to get that milk off the shelf. Lets lower IT progress says that has no plans to implement dynamic pricing or to use facial recognition software.
Walmart says no plans for dynamic pricing and even though we use facial recognition, is not being used to affect pricing. I think about a time. Yeah, then what's the point exactly? And you can see, I mean, think of the horrible ways this could be used.
All those people look wealthy. All the Prices just went up twenty percent as they walked in the store. Hi.
this is me to there's s also a thing where like can you pick up something on the shelf and by the can you check out IT costs more?
Oh, well, there's no reason why that couldn't happen. You're right. Technically.
yes, but I think that would be you could uh so for the advertising, if you pick IT up off the shelf a being being shown a certain Price.
I would hope so. But you know that happens all the time where you go in and you got the coupon or whatever and they say, no, no, that doesn't apply .
here or you know or if you you got a maces where basically you pick something up and you have to .
you have to go to a scanner to figure, yeah yeah k mark, is that sometimes yeah they don't have any tag. Do you know pay attention though, as you're scanning, as you're doing your grocery shopping, their skin, you don't you don't see if the Price is the same. You don't even remember what the .
Price was in the shelf. Do you know like when I go to save what they've got, so many, so many deals, I kind of keep an eye to make sure you like smart.
a heavy shopper. I'm getting my safeway .
for you or whatever discount you.
I would be a terrible presidential candidate because you could ask me, well, how much is a gallon of milk? And I go, I buy IT every week. But I don't know .
I think why this story is getting some attraction is just know up inflation fatigue, right.
will also go to these stores. Here's a picture of the wallman grape vine taxes. You look at that, you go well that that could change by the by the minute there's no .
and part of what inflation has happened, this is not no way blaming consumers, but a reality is if businesses are able to push Price increases on consumers, then inflation will kind of unfold. If businesses try to push Price increases and consumers resist because they're feeling Frankly tapped out, they can't afford IT sales go down. Businesses will respond by reducing Prices to a inflation .
will slow yeah progress says the new Price tags are designed to lower Prices for more customers where IT matters most, which is the easier way of saying we could change Prices. The times didn't give you a professor of business at the olin business school of washington university, Lewis, who said they could do this anyway. They don't need the shot text. They could do this anytime they want, which is a properly, a good point.
Yeah, I think I do think there is some you know there is some push back to variability of Prices to I recently interviewed the sea of left David Richard here here.
because they do search pricing.
right? One, one of the things he wanted to do when he came aboard was do away with search rising altogether because he said, yeah, economists love IT is a great supplying demand thought experiment and consumers hate IT .
so know the and you know .
and IT turns out you still need surprising in like the new year, the environment, even on like A A saturday night in separate this, could you need IT to draw drivers out? Like drivers, drivers essentially kind of will be to kind of quit, quit and and not drive if they don't feel like they're making sure. So i'll .
never forget being in paris, we we are nowhere dumb and wanted to go home, go back to the hotel. And I started to snow, and we walked to cave. And the french cabin's written the newspaper smoking.
His goal was, he looked at us and he said, no, no, no. 因为他 就 实在 是非, i think he rolled up the window. No.
你 给我 这个 样子, i do not drive .
in the snow.
do you?
What do you enjoy your newspaper? What's going on there? I'll never forget that.
So so this response has been to introduce this, uh, Price lock feature where you can commute for essentially the same Price. So you know, if you use lift on on the regular, you paid this monthly subsidy tion fee and you get a locked Price for, you know, basically from your home to your work that ride and it's it's their way, kind of try to ease back on search rising.
Well, I can understand why you know if IT starts raining and safran ces go and their number of uber and lifts are limited because everybody's taking one. I can understand why they'd want to raise Prices, but is so offensive to me as a, as a passenger that there IT sounds to me like they're taking advantage of IT, right?
I understand the economics are well, it's a scarce resource and in order to to make IT more fair, we're going to raise the Price. But IT just feels like they're taking in the same thing with grocery stores changing their Prices in response to demand. IT just seems kind of sky zy, so let's hope they .
don't do IT. yes. I mean, I think the chAllenge you burn lift says its they're always walk in this line where it's not clear. Sometimes IT feels like it's a unified service and they want you to feel like you're again serve some uber again over some lift. So it's it's nice and clean and sometimes they want to to be what I really is, which is they're just introducing you two independent contractors, right um and that they need that they are A A bidding service that you are effectively biting on uh they're trying to find some kind of Price in which somebody you will provide that service to you at that moment um which is clear from airbnb right when you use R B B, you know you are getting the service from some individual who owns this place because they're clearly setting the Price they're clearly providing the service here here that they're showing you the face of that person before you buy IT.
You know that the review say before you get IT uh, sale's place was great, right um but you don't get that with so much uber and lift and I think that little game they play because they want you to feel the safety of the brain, because you gained some strangers car also bite them in the situation because you feel like uber the one rib in you off. Yes, they do get more money because they're taking a percentage of what you're pain. But realistically, they also do need to raise the Price because I go and said no boy's going to come out on fleet week. They're not going to go sit in traffic for forty five minutes to get you out of the city a hill um if you're not paying twice or three times the surprise well.
yeah.
it's it's tRicky. I mean.
no one you know makes IT just as you said, that makes .
sense from an economic an economist would say all this make sense but consumers go.
no, no, no one blames ebay when you know one of bny baby goes up in Price, right? But we're talking about everyday goods and services, talking about like a ride to work. We're talking about a milk. And people like to have predictability around their budget for that kind of thing. And so that is the fundamental tension.
right? Well, in this case, I mean, I think there's been all this talk about stores being the reason that Prices is going up. And I don't think people pay attention to the fact the the overall margin for these companies .
is like one percent, the .
crocus and alberson .
like they is the and nessy and pepco.
It's not the story, the chicken processors, the three companies that actually process wheat in this country. And so like the three companies that .
none of us can name, aren't you working to? And I only know that bar.
but aren't .
target and water in them all posting record .
profits destructive of people make IT? No, actually.
Well, maybe walmart is is.
is doing Better. That's a little different. Yeah, they have huge cloud and they all have .
record profits right now.
The grow the grocery store is actually that is different, right? That for the non durable goods for the right.
your local market is not recking. Think one last story, and I thought, owen, this would be a good one for you. There's a reason you don't see a lot of innovation in the eu, a lot of startups, a lot of a lot, they all seem to be headquarter, many of them their headquarter in the united states.
Of course, the e government just like that too much. But there's another reason for that is that it's hard to um be a VC in entrepreneur in the u because of the corporation regime. So founders and VC in the u are now backing a pan european sea corp.
They call A E U ink because it's kind of based on the incorporation in the united states, europe's answer to a deliver c corp. Already you have in each individual state, each other twenty seven states, they have something like that, but they don't have anything pan european. And so they but apparently this is gonna, a tough hall, according to tech ranch, a rocky road ahead they see, are you covering this at all? In the business times.
this is not hit our radar r but you you definitely see um you definitely see a strong interest in different kinds of corporations. Look at the scrutiny that to open a eyes wege .
that is really worth the profit slash, right? Not air.
But I can definitely see. I can definitely see. Even, even in the U. S. You have controversies over you.
Are you incorporated in delaware? Like most companies, rapper happens to be incorporated in california. I still have not figured out why that is.
Elon mosque has made a big deal about pulling his companies out of california and even out of even out of delaware registration because um he did not like A A deliver judge telling him he had to buy twitter after agreeing to buy twitter. So yeah he really hated that. So yeah so you know bottom line is IT does matter where your companies is incorporated and those rules do matter. Um you know elan musk, IDE, I think deliver is popular because their courts are really you are the .
change court. The court .
court is really gear towards business disputes and um remey .
efficient, extremely efficient and very predictable we .
when we are incorporated bullets and l lc, but I mean an la for twit. Back in the day two thousand, twenty years ago, I asked Kevin rose was only an entrepreneur. I know he said, yeah, do delle ware? His rational was if if you ever want to VC investment or go public, it's they prefer IT for that very reason. Exactly, alex, that it's efficient, it's fast and its business focused. But I have to say there's no tax benefit we end up having to make california.
No people think there's a text bit.
There's no he is .
going to interesting. I think you one is going to regret IT because what happens is, is where you where you're incorporated is where shareholder loss happened, right? And so he's going to have to end up with texas juries.
Oh, no, but you know he's IT.
He's moved .
all of the X A com arbitration and lawsuits to a to the east texas jurisdiction is very friendly a to his his just .
shopping. I think what you're suggesting is the there is, is this is a friendly. He's going to find out because we haven't really run this particular experiment.
Yeah if you're got a tailer, texas, that's where the patent tools go because there's one particularly court that's very friendly to a patrols.
I mean, saying like texas has had a history of plenty of attorneys actually doing well. So it's just just I think like it's an interesting history.
Not sure this. Yeah, I know. But elan is not necessarily always right. I know. But that was the rational for all the arbitration. See if I can find that story because we talked about earlier this week, I did not put IT on a right down.
But you know you know to the point of the european union thinking that this is going to be some kind of magic bullet to um to unlock start up creation. Now I think theyve got a lot of other a lot of other issues are that they need to deal with. First, I think I agree .
with there is a risk of version I member talking to log the and that's one of the reasons you don't get a lot of investment is because it's not good to fail. And so there's somewhat risk version. There's lots. And I can't .
imagine I mean about european obviously, I can't imagine this releases you from the local labor laws, which is one of the arrest problems there. Yeah to start a company is you end up like owing people thirteen months of .
severance and the ah yeah ah arted so okay great .
yeah i'll just started a company that if he fails, I to begin sued for more money owing people more money um for longer than my company he existed yeah like it's yeah mean, I understand why people want to have that kind of security, but it's just incompatible with like having an incredible dynamic .
start become look, if I could take every August off, I would and if I could go, no, I would, but I can. But you know, steers, this is from the guarding the elan steers x disputes to conservative texas courts. This is a service term update that this week there are a number of service changes of the exit drove people away, taking effect on november fifteenth.
Any lawsuits against x must be exclusively filed in the U. S. Distract for the northern district of texas or state courts and terrence county, texas, even though they don't do business there.
You know, maybe this points actually to the need for reforms here in the us. You the extent to which you can kind of shop from state to stay or port to court, who's got the friendly y's regime? I think that that raises some questions.
Hey, I know you probably want to go to dinner. I think the fifteen hours are playing football. There are reasons to get out of dodge.
So let's wrap this up and thank you so much for being here. Alan Thomas is managing editor at the san Francisco business times. Always a welcome.
A guest used to be, we could get you and tie you up to our studio. Not anymore. Nobody wants to come to my attic anymore.
Although I have a visitor from the past, i'm not introduce to in the thank you for being a hero and I really like to see soon alex Stevens, always welcome as well. See, so it's set. No one are you like in the new job you miss academy yeah .
I still to teach, which is the party like the most, was being a students i'm enjoying. And I do enjoy the new job back in to the sea. So sad. Tle, yeah, it's a lot of fun. Yeah, it's good to be back in the fight.
good. Well, it's great to have your knowledge and expertise on the show. Really appreciate. Thank you. Thank you to both of you. We do twit every sunday two pm pacific, five pm eastern, next week twenty two hundred UTC because we are finally going on summer time.
So you'll be able to, I used to say daylight savings time, but every time I would say that my friend john would yell at me, we I just wanted come over here, john, I just say, hi, we've been trying entice jb to join us in the studio. He's retired now from the twit family. Great to see you.
He lives on, though, through his contribution of a one twenty eight macintosh and the and the telephone the first thing in the last thing you gave me, john, that's so nice to have you and wish you born voyaged to your new life in the pacific northwest. Got a beautiful house up there and everything if you want to watch live. As I said, we're on eight different channels now.
I love that we have almost two, one hundred people watching live right now on discord that our club twit members get to watch their youtube twitch, x star com, kick a linked in facebook. And yes, we added tiktok so you can watch us in tiktok. Unfortunately, we are not vertical video and tiktok. So we have big black bars, the top in the bottom. But it's kind of nice to be here to do.
We all look Younger on tiktok.
A, we look Younger and hipper, and we can do these great dance moves. mostly. I get all these comments on tiktok. He's still alive, which is, which is always.
who are these people?
They know what they go. All I used to watch him on TV years ago. He's still alive anyway, i'm still alive and we still do great stuff here.
So we're glad you're watching after the fact you can see the show by downwind from our website with that TV. There's also a youtube channel dedicated the video. Great way to share a little clips if you want to share with friends.
Thank you for doing that. We really appreciated. Actually, we found out that's the best way to grow our network. And we really want to get IT out, get the word that everybody is through through sharing on youtube.
And if you're club twit member, we give you three months when you refer somebody when a friend joins club to IT, make sure they use your name so that you get a months free. Club twit, so you couldn't. I mean, in theory, you have enough friends, you will never have to pay again.
The information for that is that twitter, that TV slash club tweet, if you want to know more about that, you can also subscribe. And really, that's the best way to get our shows, is subscribing. Your favorite podcast client doesn't matter which one you use, you can choose from audio and video, choose the one you prefer, and make sure you subscribe.
That way. You'll have twit just in time for your monday morning commute. Thank you all for being here.
We will see you next week and on the oh, by. And as I ve always said for the last twenty years, another twit in the king. You on the train, the.