SN 1003: A Light-Day Away - Digital Epileptic Seizures, Tor Needs You, Zello Password Panic, Wireguard's Open Port Debate
02:18:12 Share

Is ever security now Steve gibson is here. We're going to respond, or at least get microsoft sponsible Steve s episode last week. They say, no, we don't use your data to train A I.

What is a digital epileptic season and why does your self driving vehicle have fits when IT approaches an emergency vehicle? Do you use yellow time to change the password? And then we're going to talk a little more about our favorite friend, the farthest object humanity has ever put in space voyage, or one now nearly a light day away. It's gonna another great security out episode coming up next to.

Podcasts you love from people you trust.

This is quiet. There is a security now, as Steve gibson episode one thousand three recorded tuesday, december third, twenty twenty four, a light day away. It's time is security now the show we cover your security, your privacy online, how things work.

What's a great book to read when you're trying to get some sleep and you don't want to and I don't know all sorts of stuff. What's a good show to watch? What's a good value in to take? Steve gibson is a Polly mass. He he knows everything and tells all on the show.

Hello, Steve. Great to be with you again for episode one thousand and three. And it's still I look at these four digits and I think, wow, okay, we're going that really does feel like somehow a lot more than just three digits IT was a Cliff hungry are there for a while but we made IT over the Cliff that we're still flapping um we ve got a bunch of fun stuff to talk about.

Microsoft makes very clear what data they are not going to be using to train their AI models. Will we were revisiting that topic front that we touched on last week also, what's a digital epileptic season? What induces them and why you don't want yourself driving car to have one? No, yes. Uh, we've got a public plea for help in the form of volunteer volunteer bridge servers being asked for by the tour network that we're going to talk on and explain. Um also, if you're one of the hundred and forty million zero users, you should hear their notice to .

change your password .

zero later zero. I had the double checked that too. And in fact, some of the reporting, I think I think the reporters are so used to typing cell E L L E that some of the text was mixed up. So it's zero, which is it's a push to talk APP for smart phones.

They have many users, one hundred million million o nobody .

wants a dialog ers, so you get parents, you just press the press the screen and you get to talk your mom, I don't know. Anyway, the U. S. Federal trade commission opens.

They brought anti trust investigation under whether microsoft has been naughty or nice, a new form of android smartphone scare ware, which is really sort of interesting at first. Plants IT simulates a seriously male functioning crack and broken screen and cares people like, oh no yeah, getting tax support IT really is. And when you see and i've got a picture of in the show notes, it's like, oh, okay, that would freak me out anyway.

It's almost certainly positively and completely safe to leave wire guard open and listening for incoming connections almost is almost certainly positively and completely safe safe enough for you that's we're going to look at that. Um the internet fills with A I output. What happens when A I starts training on that? Oh, IT seems that we know that some experiments have been done and it's not looking good or not.

We're going to lose some very popular dog breeds, among other things. Last week, australia passed the social media a restriction law. No, what. And finally, we're going to talk about once again one of our sort of favorite side topics.

Boyard you one? Not only is IT now nearly an entire light day away, think about that takes a day that I may like. That's how far out IT is. IT is beginning to have some harder to remotely repair problems. There was so much interesting science and engineering shared in the last week that I thought, okay, this is just it's just cool stuff.

I mean, it's like, you know, we're beaming up and we're doing work, drive and all this crap that we can't feature beams, we don't have any what actually have is a shockingly well designed piece of hardware from the seventies that is still going so. And of course, we do have our a great picture of the week. I've already ready had some feedback from people I haven't looked and yeah uh and so I think a great show for everybody, probably worth your time while you're mowing your lawn or coming to work or walk in your dog, whatever you're doing.

I always every time you do a voyage segment, I always call a viger. And I should clarify that. After the first one, I looked IT up. And the video from start, rh, is actually supposedly movie .

ever made.

Is that the only poked died? I can't remember.

No, no, that that was a good one. I think that might have been was the first one. Yeah, I was the first.

And they had bad uniforms. And like, what happened? You know.

I remember watching them and being so thrilled when that elevator opens. And there are kirk and spock and coy, and I was just like, they're back, they're back. yeah.

Anyway, vision from that movies. Theoretically, voyagers sixteen, there is no voyage sixteen. So the voyagers we're talking about one into are not .

feature just yeah and I I didn't say this and I may forgets you all say that now one does need to wonder like why they're expending all this effort. I mean, it's it's done its job. I mean, more this is outside the helio pause.

We are getting information. We're getting science data we've never had before. But at this point, it's clearly just can't let's see how it's a flex, what we can do yeah exactly what you we can. We keep this little sucker aimed at us.

They can. That's what's amazing.

yeah. Wait to you hear what they way. Wait to you hear what's happening now.

Or I can wait. It's going to be a good one. Security now, one thousand, three in your ears, and we will get to the first bit in just a bit.

But first, for a sponsor of the show and the great folks at Melissa, we've been tagged with Melissa for years, but they are even older than security. Now is they are and have been the trust data quality expert since nineteen eighty five minutes. Next year, they're going to celebrate their fifth anniversary.

That's that's really uncool. What's really actually even Better is as the years have gone by, malicious become more sophisticated, more powerful, more useful. It's done so much more to keep your address book in business.

Your customer list, I should say, not really the same thing, right? Or your supplier list accurate up to date a so that you save money, you save time. Personalization is as important ever during the holiday season, but you know if you're offering personalization, that could kind of backfire because no one wants to be missing dentists.

Ed, that's what Melissa can help with. They have a fluid knowledge base of global names, oh, and even as important naming conventions. So if you put in a name associated with a specific country, you can pass IT more accurately origins as an example.

Neural is the first word in some countries are and if IT is IT would be flagged, they'll say, oh yeah, that's not the first name. We're not that's not the first. That's not on terrific and and Melissa knows that and much, much more.

This is database also as a large list of cultural names, also of vulgarities because, you know, there's people out there, we'll try to get an emeritus done with some bad words. Some names might be flag is valid but need extra checking because, for instance, of this is a celebrity name. Melissa can do this with all of this with your business names, your customers and your suppliers.

Be sure to check out melisa marketplace too. This is really cool. That's where they offer premium third party data on demand to improve campaign performance.

They have data visualization tools in there. They have business decision tools in there. And here's a very good bit of news.

Melissa now offers transparent pricing for every one of its services. So no more best work when estimating your business budget. You'll exactly what it's going to cost to use molick day in, day out.

And of course, I I shouldn't even have to say this, but I want to reassure you, malicious uses secure encryption for all your data for file transfers. Their information ecosystem is built on the ISO twenty seven o one framework. They're hear the GDP r policy, socks two compliant.

So your data is safe, whether you need the full White love service or just the nuts involved. Melissa is the best choice for your enterprise gets started today with one thousand records cleaned for free. Catch your address records in order with Melissa.

Melissa, that comes slash to a mel sa malicious, that com slashed to what we thank you so much. You're supporting security now and you support us when you use that address that they know you saw her moist a that come slash twitter all right, i'm ready for the picture of the week, mr. gibson.

So this one I gave IT the caption, and not for the first time. We've had a few other ironic pictures. I, but that I call this when irony define .

times growing up.

That's gotta that can be estero. IT is just too fun. IT is too bad.

I read IT for us, for those not watching .

the video that right. So what I clipped out of the photo, this one of our listeners sent me what looks like his his camera screen. So this is real. I think it's real. So yeah.

So what we have, we can we're looking through a glass door into A A region behind which we learn is because of the headline on the sign that's been posted on this glass door. This is the mall maintenance shop, so at some sort of a like a large mall and IT looks authentic. You can see, you can see a very long latter, an extension letter against the our wall.

There are some coiled up stuff in the foreground looks like an industrial um you know like tile cleaner kind of things. I mean, this looks like the real deal. This is clearly a more you like like some large retail mall maintenance shop.

And the sign brags about their capabilities, saying we can repair anything. But then he says in part the sea below that, please knock hard on the door. The bill doesn't work. okay? They always .

have a good sense here. We haven't gotten .

around to fixing the bell otherside, other than our own bell. If you've got substance broken, we'll fix IT. So yeah, I IT would be really fun. I agree with the idea to to learn the actual back story here. As you know, they IT may just be a Christian guy who's got a great set of humor, as you say, or, but I have a feeling that the bill does that work.

No, I think it's true that respect, maybe there isn't the even of bill, you know.

okay. So uh, microsoft felt the need to clarify what had become the widespread this apprehension that they would be training their AI models against the private and personal data of their office product users. And of course, we looked at that speculation behind that last week.

So the day after we did so last wednesday, bleeping computer did a great job of summed up the situation. So i'm just gonna quote A I i've edited what they said, but look at digest they they wrote. Microsoft has denied claims that IT uses microsoft 3 sixty five apps， including word, s cell and powerpoint, to collect data to train the companies.

Artificial intelligence AI models. This comes after a tumbler blog post spread on social media, claiming that redmon used their connected experiences feature to scrape customers word and excel data for A I training. 嗯， and by the way, paul was correct on windrows weekly, the day after our last podcast, saying that nowhere did IT did any of microsoft's own documentation ever say that I didn't use the word A I training.

So that was a presumption. A microsoft spokesperson told bleeping computer quote, microsoft does not use customer data for microsoft 3 sixty five consumer and commercial applications。 Now I should just mention, I wish they that the person hadn't put that cavet in.

They should have just said, microsoft does not use customer data from microsoft three sixty five applications. Why, say, consumer and commercial applications you like a little? Are they hedging? I don't know anyway, to train large language models.

Additionally, the connected services setting has no connection to how microsoft trains large language models. Okay, that's good. So the company also told bleeping computer that this optional setting has been on by default since I was first made available in April of twenty nineteen.

So five years ago always been on the the computer was also told, quote, the connected experiences feature enables features like cowering, real time grammar suggestions and web debased resources and real. This is precisely what the assumption you are making. Also last week, they said these features are on by default because their features people naturally expect in a cloud connected productivity tool.

However, customers always have control, they wrote and can adjust their connected experiences settings at any time on quote. So as microsoft explains on its support website, the feature is used to first provide design recommendations, editing suggestions, or data insights based on the office content through features like powerful point designer or translator and IT also downloads online content template, ts images, 3d models， videos and reference materials, including, but not limited to, office templates or powerpoint. Quick starter to talk le this feature off microsoft, three sixty five users have to open their office apps like water excell and choose whether to enable or disabled experiences the downside on download online content or analyze their content under connected experiences after going to the file account account privacy manage settings menu.

So as we said last week, so quoting them, the connected experiences setting enable cloud back features designed to increase your productivity in the microsoft three sixty five apps like suggesting relevant information and images from the web, real time c authoring and cloud storage, and tools like editor in word that provide spelling and grammar suggestions. Microsoft has been using their AI in microsoft three, sixty five, four years now. Maybe that's where some of this confusion comes in because they're calling spell check A I.

This is them saying microsoft has been using A I in microsoft three, sixty five, four years to enhance productivity and creativity through features like designer in powerpoint, which helps create visually compelling slides, and editor in word, which provides grammar and writing suggestions. You know, that's not today's definition of A I and they but they then then said, these features do not rely on generative A I or large language models, but rather use simpler machine learning algorithms on, quote. So blippy computer says, uh, at at the end, microsoft added that the setting has been available since apple two and nineteen, with enterprise admins having the option to choose if connected experiences are available to users within their organizations using multiple policy settings.

Design to manage privacy controls for microsoft three sixty five apps and office for mac IOS and android devices. So OK, I were certainly all of us, i'm sure glad for the clarification whatever microsoft is doing exactly. And unless anything has changed recently, it's been doing whatever IT is for the past five years.

It's always been on by default, you know like grammar and spelling suggestions. And anyone who isn't comfortable with this is free to turn that off if they wish, if nothing else. IT seems very clear that this has nothing whatsoever to do with coal pilot plus and any of the recent concerns over microsoft AI being used to otherwise enhance their users experiences.

Um and it's one thing to me mistrustful and another thing to accuse them wrongly. We can certainly have one without the other given what i've witnessed first hand of what they've done to windows start menu, tray and edge no none of which enhances my own use of windows. I'm obviously not a big fan of the direction they're taking their consumer desktop.

Nevertheless, make no mistake, I love windows. So I got some feedback from people saying, well, you know, you're so unhappy with microsoft 的 windows， why are you still using IT? I love IT. No, I mean, for my purposes, it's far Better than any alternative um and i'm hopeful that when I set up my next windows, this top my microsoft developer access to the enterprise edition of windows ten, we will provide me with the cleaner experience that I look for in what I consider to be a tool rather than a toy.

You know I just don't have any interest in windows being a toy with you know offering me campi crush soda saga and x box features out might start mind you, in addition to everything else they've done so anyway. Um you know microsoft is obviously very sensitive to all of this after the push back and concern that the industry showed of with with their stumbling roll out of what they planned to do with with recall in coal pilot plus. So you know they're going to great pains to to calm people and there's every reason to believe this is just grammar and spelling checking IT IT is worth noting that in bleeping computers coverage, they they don't talk about the fact that microsoft does say whatever IT is they're doing with connected experiences.

There are those which where they're collecting data over the lifetime of the users account. So so maybe that's just they're learning what spelling mistakes people always make or what know what like learning the grammar of the user and getting Better at helping them to correct themselves. You know that's what I presume. But so but we did learn last week that from their own statements that there is something that, that continues to exist at their end in the cloud on a poor user account basis, presumably helping to do a Better job with those things that it's been doing for last five years.

And unfortunately, they call that A I which you know nobody else bothers to okay, so I was put on this a new research from our friends at the benguet, an universe of the negative and the fuji to uh researched by both groups uh that by one of the researchers who is also one of our listeners bna I the title of the twenty one page paper is securing the perception of advanced driving assistance systems against digital epileptic seizure resulting from emergency vehicle lighting. Okay, now I suppose it's unavoidable to answer promotional es driving assistance systems, but somehow calling this problem digital epileptic seizure rubs me the wrong way. You know, you know, the overlap in apparently this behavior is the flashing of lights, which, as we know, can trigger human actual epilepsy, epilepsy res.

So they're say that ottaway driving systems don't like lights flashing either. Uh, anyway, I am not sure what boves me about IT, but something does in any event, IT turns out that driving since assistance systems, do you have a problem with the flashing lights used by emergency vehicles? Wired has a nice summary of the very good research this group has just conducted and published under wired headline.

Emergency vehicle lights can screw up a cars, automate a driving system with the subhead newly published research finds that the flashing lights on police cruizers and ambuLances can cause, and here you go, you know, quotes digital epileptic seizure unquote in image based automated driving systems, potentially risking rex. And actually, apparently there have been sixteen instances that have been seen so far. Anyway, wired, we get to that wired road.

Car makers say they're increasingly sophisticated. Automated driving systems make driving safer and less stressful by leaving some of the hard work of knowing when a crash is about to happen and avoiding IT to the machines. But new research suggests some of these systems might do the virtual opposite at the worst possible moment.

A newspaper from researchers at bench ian university of an a give at the japanese technology firm, fujita, demonstrates that when some camera based automated driving systems are exposed to the flashing lights of emergency vehicles, they can no longer confidently identify objects on the road. The researchers call the phenomenon a digital ealer pt season epileptic car for short, where the systems trained by artificial intelligence to distinguish between images of different road objects fluctuate and effectiveness in time with the emergency lights flashes, the effect is essentially upside, is especially apparent in darkness, the researchers say. And that kind of make sense.

We know much greater contrast there. Emergency lights, in other words, could rights wired, could make automated driving systems less sure that the car shaped thing in front of them is actually a car. The research is right that the flaw quote poses a significant risk unquote, because that could potentially cause vehicles with automated driving systems enabled to crash near emergency vehicles and be exploded by adversity to cause such accidents.

It's interesting because a lot of testers have .

crashed into emergency .

vehicles exactly.

they said. While the uh while the findings are alarming, this new research comes with several cavities. For one thing, the researchers were unable to test their theories on any specific driving systems, such as text less famous auto pilot.

Instead, they ran their tests using five off the shelf automated driving systems embedded in dash camps purchased off of amazon and wired said prints. These products are marketed as including some collision detection features, but for this research, they functioned as cameras. They then ran the images captured on those systems through four open source object detectors, which are trained using images to distinguish between different objects.

The researchers are not sure whether any auto auto makers use the object detectors tested in their paper IT could be that most systems are already hardened against flashing light vulnerabilities. okay. Now I to me, to me, while this might appear to render the value of this research more questionable, there was at least some good reason to wonder.

And the researchers findings bore this out. Wired says the research was inspired red, to your point, lio, by reports that testers using the electric car makers advanced driver assistant feature autopilot collided with some sixteen stationary emergency vehicles between twenty eight and twenty twenty one, says benny, a cybersecurity, a machine learning researcher at bangui on university who worked on the paper quote. IT was pretty clear to us from the beginning that the crashes might be related to the lighting of the emergency flashers.

AmbuLances, police cars and fire trucks are different shapes and sizes, so it's not the type of vehicle that causes this behavior. In other words, you know, this guy started by probably correctly inferring that you, okay, what is that? That is unique about these emergency vehicles that teslas keep crashing into l it's, they're got flashing lights.

So a three year investigation rights wired by the U. S. National highway traffic safety administration into the tesla emergency vehicle collisions, eventually LED to a sweeping recall of tesla autopilot software, which is designed to perform some driving tasks like steering, accelerating, breaking and changing lanes on certain kinds of roads without a drivers' help.

The agency concluded that the system inadequately insured drivers paid attention and were in control of their vehicles while the system was engaged. They said. Other auto makers, advanced driving assistance packages, including general motors super crews and forge blue crews, also perform some driving task, but Mandate that drivers pay attention behind the wheel.

Unlike autopilot, these systems work only in areas that have been mapped in a written statement and sending response to wired questions. Lucia sanchez, a spokesperson for the N. H. T, S. A, acknowledged that emergency flashing lights may play a role.

He said, quote, we are aware of some advanced driving assistance systems that have not responded appropriately when emergency flashing lights were present in the scene of the driving path under certain circumstances. On growth, tesla, which disbanded its public relations team in twenty twenty one, did not respond to wires request for comment. The camera systems the researchers used in their tests were manufactured by hp pl c, eeda e image, bond and relaxing.

None of those companies responded to wires request for comment. Although the N H T S A acknowledges issues in code, some advanced driver system systems, the researchers are clear. They're not sure what is observed emergency light effect has to do with tesla autopilot 的 bles， but Nancy said, I do not claim that I know why teslas crash into emergency vehicles.

I do not know even if this is still a vulnerability unquote. The researchers experiments were also concerned solely with the image based object detection. Many auto makers use other sensors, including radar and light, are to help the tech obstacles .

in the road.

Um a smaller crop of tech developers, tesla among them, argue that image base systems augmented with sophisticated artificial intelligence training can enable not only driver assistance systems but also here we go, completely autonomous vehicles. Last month, tesla C E O elon mask said the auto makers vision base system would enable self driving cars next year.

In that for .

twenty twenty .

five baby next right.

Indeed, they wrote, how a system might react of flashing lights depends on how individual auto makers design their automated driving systems. Some may choose to tune their technology to react to things is not entirely certain, are actually obstacles in the extreme. That choice could lead to false positives where a car might hard break, for example, in response to a toddler shaped cardboard box. Others may tune their tech to react only when it's very confident that what is seeing is an optical.

On the other side of the extreme, that choice could lead to a car fAiling to break to avoid a collision with another vehicle, because IT misses that this is another vehicle entirely the ban guion university and forgets you researchers did come up with a software fix to the emergency flashing issue is designed to avoid the seizure issue by being specifically trained to identify vehicles with emergency flashing lights. The researchers say that improves object detectors accuracy. Arlen's fernando and a system professor of computer science and engineering, a universal california sandia o who was not involved in the research, said IT appeared sound.

He said, quote, just like a human can get temporarily blinded by emergency flashers, a camera Operating inside an advanced driver system system can get blinded temporarily. For researcher brian rimmer, who studies vehicle automation and safety at the MIT age lab, the paper points to larger questions about the limitations of A I based driving systems. Auto makers need repeatable, robust validation to uncover blind spots, so to speak, like acceptability to emergency lights, he says.

He worries some auto makers are moving technology faster than they contested. okay. So my own take is that, you know this sort of research conducted by independent researchers is vitally important that, you know that needs to be done.

Uh, it's obvious that the various car manufacturer are holding their you know their cards and their cards very close to their vests. They understandably consider their future auto driving technology to be ultra prieta. And because they want the best and no one else's is business yet flesh and blood, human beings and pets are moving within the same space as these autonomists high speed rolling robots.

It's a recipe for disaster. And this has the feeling of being driven by the same sort of gold rush mentality as the as the push for general artificial intelligence. So the headlines that these researchers have generated will doubles and nothing else, induce all of the developers of similar self driving technology that actually is, you know, being fielded to consider and test the effects of bright flashing lights on their driving.

A I, you know, the lives of people and pets have probably been saved. So hats off these guys, and they have A, I have a links to their twenty one page paper where they really dig into the technology. They show the Operation of the of the A I learning neural networks and just how badly they are upset by flashing lights.

So this is soup you absolutely been useful for the long term safety of vehicles. And again, I just think that because the the proprietary interests of auto makers is to keep their stuff, you know, proprietary, not open, this limits what researchers are able to test. But but this kind of research is, I think, vitally important. And leo, I know that you've had a tesla ff for quite a while.

and we got rid of IT ra used to call IT Christine because I would driver into things and then do exactly what they were talking about, which was just stop randomly. You screech to a halt as if he had seen something, you know, and I think that that's the same, you know, the a foot side of that coin, right?

Yeah, I have A I finally replaced by twenty one year old bmw. And I have a car that's got sensors too. And what I am backing up, I have got in both locations or there's not a lot of space and it's going dinging and dogging and buzz and and IT actually creates anxiety in me. I'm thinking it's seeing something I don't know about.

lisa says SHE literally, I have a bmw, I, five, which is a very highly technically advanced machine. N, E, V. And SHE won't. SHE says back at the garage before I get in because IT makes me crazy all the beats in the books and I would a heads up display from two thousand and one of space, otto sy, showing me the the different vectors and synthetic .

tic imaging .

generate overlays, all sorts of stuff on top of. But i've learned what to pay attention to. And, you know, you can see why, you know, at least for now, AI is not good enough to replace a human.

It's a nice pal. yes. And the problem is everybody, there is clearly a rush to the promise of this year.

Car can drive itself, and you IT does. IT feels like they know they're always gonna be pushing ahead of the envelope that they should stay in. And it's little research like this that the sign is is the only place we get an independent reality check. And so even though they weren't able to actually train on on in field self driving technology, now they were able to look at similar systems and say, guys, there seems to be a problem with flash and lights over here.

Well, I hate to say IT, but any time I hear the words in line, musk said, I discount most of what follows because he is, he's a marketer. He, we.

we two have been trained by elan musk to discount to do everything he does at the same time. You know, he land, he captures returning rocket boosters with chopsticks and, you know, and folding fold out legs and you know and here, you know, starlink is providing internet connectivity to otherwise never have IT yeah I mean.

this is our backup when comcast goes down, which they do sadly a little more often than a podcast network we would like um if the auto ubiquity fills over to the satellite dish on the roof right up here yeah and it's by the way, it's very reliable even in rain and it's it's really pretty amazing how well that works. So i'm not saying that ell's companies don't produce good products. I'm just saying he is, like most marketers prone to overstating yeah thanks.

Okay, where thirty five minutes? Let's take a break and then then we're going to talk about the tour network and how they need you.

They need me to Operate a tour note, i'm guessing, but we'll see. All right. First, though, I were from our sponsor and this segment of security number or two by big ID, I really like this company.

They are the leading dsp m solution. What is dsp m? You want to know, actually data security posture management, that if you're in business, if you're run an enterprise shop, you know you need dsp m big ideas. The first and only D S, P, M solution, uncover dark data to identify and manage risk to remediate the way you want doesn't tell you what to do, gives you the options to scale your data security strategy through unmatched data source coverage. And IT becomes especially important.

The AI era when you have and your company training your own AI on data from the company, you want to make sure that you train IT on the data that's appropriate to train IT on and not train IT on the data you don't want IT to be trained on. Big I D helps with that, big I D seamlessly integrates with your existing text deck. IT allows you to coordinate security and remediation workflows.

Because with big idea, you could take action on data risks. And as I said, you decide and I take delete, quarantine, whatever you want based on the day to all all maintaining an audit trail, which is so important for compliance. Big ID has some of the biggest companies in the business using its service, now uses big I D, palo alto networks, microsoft, google, AWS, and on and on and on.

With big ideas, advanced AI models, you can reduce risk, accelerate time to insight and gain visibility and control over all your a data. Think about companies, you know, usually legacy companies. Companies have been business for a long time that they have data in a variety of different places.

No one probably in the world has dated in a brought of variety places in the united states army, right? They use big I D, yeah, the army does, to illuminate dark data to accelerate cloud migration. That's, by the way, a Mandate right through out our entire.

Military infrastructure get up into the cloud. They help the army minimized ed redundancy. They help with automated data retention.

Here's a quote. This comes this. This is gold from the U. S. Army training and doctor command.

The first ww moment with big idea came with just being able to have that single interface that inventories a variety of data holdings, including structured and unstructured data across emails, zip files, share point databases and more, to see that mess and be able to corporate across all those completely novel. I've never seen a capability that brings us together like big guy I D. As well.

You got to do something special to to get us, the U. S. Army training and doctoral command, to say something that nice, that that is high, high praise.

Cnbc recognized big ideas. One of the top twenty five startups for the enterprise named to the ink five thousand and delayed five hundred for two years in a row. They are a leading modern data security venture in the market today.

In fact, when you think the sbm, you should really be thinking big. I, D, the publisher of cyber defense magazine, says, big idea bodies, three major features we judges look forward to become winners, understanding tomorrow, threats today. That's one, providing a cost effective solution course that's always important, and innovating an unexpected ways that can help mitigate cyber risk and get one step ahead of the breach.

You ve gotta know where your data is. You ve gotta know what's going on out there, right? Big idea.

Help you start protecting your sensitive data wherever your data lives. Very important in this A I age as well. Go to big ID, that comes slike security.

Now bigger that comes slike security. Now you get a free demo, see how big ID can help your organization reduce data risk and accelerate the adoption of generative A I. That's big I D B I G I D, big I D 点 com slash security。

Now they actually have a number of reports. If you go to that website that are free, that you can download White papers, including one that provides insights and key trains on and issues on AI adoption chAllenges. The overall impact of generative AI across organizations.

Very helpful. And IT is right into big ID mission, big ID dot com slash security. Now we thank you so much for your support, big ID.

And we invite all of our listeners and viewers to support us by going to that address. So they know you saw that here. Big ID dot com flash security. Now, Steve.

okay. So last thursday, the tour network posted their plea for volunteer help. They wrote recent reports from tour users in russia indicate an escalation in online censorship with the goal of blocking access to tour and other circumvention tools.

This new wave includes attempts to block tour bridges and plugged transports developed by the tour project, which I explain in a second, removal of circumvention apps from stores and targeting popular hosting providers, shrinking the space for by passing censorship. Despite these ongoing actions, tour remains effective. One alarming trend is the target targeted blocking of popular hosting providers by no other than ross come. Not sure i'll .

put that go on IT for the next time .

as many circumvention tools are using them. This action made some tour bridges inaccessible to many users in russia. As ross come, not all the internet service providers and russia are increasing their blocking efforts.

The need for more web tunnel bridges has become urgent. Okay, so, so they say why web tunnel bridges and explain a little bit about what they are in a second, they wrote. Web tunnel is a new type of bridge that is particularly effective at flying under a sensors radar.

Its design blends itself into other web traffic, allowing a user to hide in plain site. And since it's launch earlier this year, we've made sure they wrote to prioritize small downloads sizes for more convenient distribution and simplified the support of micro tls integration. Further mimic the characteristics of more widespread browsers, this makes web tunnel safe for general users because IT helps conceal the fact that a tool like tors being used.

We are calling on the tour community and the internet freedom community to help us scale up web tunnel bridges. If you've ever thought about running a tour bridge, now is the time. Our goal is to deploy two hundred new web tunnel bridges by the end of this december twenty twenty four to open secure access for users in russia.

So a bridge is not the same as .

a torn node. correct? OK correct. A IT is literally a bridge to a node. So IT is not itself a node. IT is an end point.

Which and this is what's so cool, which is which uses technology, uh they they call the plugging in protocol technology to hide the fact that what the user is doing that connects to the bridge is using tour. So anyway, that their posting goes on to explain how to set up and run a web tunnel. Among other things, IT can be as straight forward as just hosting a docker image.

Um so i've got a link to this posting in the show notes blocked out tour project at org g slash call hyphen four hyphen web tunnel hyphen bridges since we haven't looked closely at tours web tunnel technology, I want to share a bit about IT from their description where I was introduced just last march. IT was titled hiding in plane site introducing web tunnel then they wrote today, march twelve on the world day against cyber censorship. The tour projects anti censorship team is excited to officially announce the release of web tunnel, a new type of tour bridge designed to assist users in heavily censored region to connect to the tour network available now in the stable version of tour browser, which is we know is based on firefox.

Web tunnel joined our collection of censorship circumvention tech developed and maintained by the tour project. The development of different types of bridges are crucial for making tour more resilient against censorship and stay ahead of adversity in the highly dynamic and ever changing censorship landscape. This is especially true as we're going through the twenty twenty four global election.

Make a cycle the role of censorships or convention tech becomes crucial in defending internet freedom. If you've ever consider becoming a tour bridge Operator to help others connect to tour, now is an excEllent time to get started. And this was their posting back in march.

You can find the requirements and instructions for running a web tunnel bridge in the tour community portal. So what's the web tunnel and how does that work? Web tunnel is a censorship resistant, plug able transport designed to mimic encrypted web traffic.

H T T P S IT works by wrapping the payload connection into a web socket like H T T P S connection, appearing to network observers as an ordinary H T T P S connection. So for an onlooker, without the knowledge of the hidden path, IT just looks like a regular HTTP connection to any web server, giving the impression that the user is simply browsing the web. In fact, web tunnel is so similar to ordinary web traffic that IT can coexist with a website on the same network and point, meaning the same domain, I P address and port.

This co existence allows a standard traffic reverse proxy to forward both ordinary web traffic and web title to their respective application serves. As a result, when someone attempts to visit the website at the shared network address, they will simply perceive the content of that website address and won't notice the existence of a of a secret bridge, the web tunnel. And I explain a little bit about that second.

They said web tunnel approach, a mimic known and typical web traffic, makes IT effective in scenarios where there is a protocol allow list and they deny by default network environment. In other words, russia can put up A A firewall that only allows web traffic, not tour, not anything I know that is that they deny by default. But we, after all, we need that to let people visit websites, right? This is in distinguish from someone visiting a website.

And in fact, these sensors can can go to the site that they observe russians going to, and they see a website, whether the people using this really cool tour technology, c tour, they said, consider a network traffic censorship mechanism as a coin starting machine with coins representing the flowing traffic. Traditionally, such a machine checks if the coin fits a known shape and allows you to pass if IT does, or discards IT if IT does not. In the case of fully encrypted unknown traffic, as demonstrated in the published research, how the great firewall of china detects and blocks fully encrypt the traffic, which doesn't conform to any specific shape, IT would be subject to censorship, meaning, you know, being discarded.

In our coin analogy, not only must the coin not fit the shape of any known block protocol, IT also needs to fit a recognized aloud shape. Otherwise, I would be dropped. Web tunnel traffic resembling H, T, T, P, S.

Web traffic, a permitted protocol will be allowed to pass. So this is, this is so cool. Again, what this means is IT any regular website and you don't have to be hosting website. You can be can also be hosting a tour web tunnel at the same I P, at same point, side by side. And no one would ever be the wiser since in this case, russia, or any other censoring regime would be unable to detect that someone is not just visiting a website, the traffic would not be blocked. But this also makes IT clear that the more seudre websites are available, the Better.

So if any of our listener's is moved to help the tour project and specifically russian citizens who are unable to see out past their country censorship and presumably chinese uh citizen as well, which is being enforced, of course, for propaganda purposes, the tour project needs you to make following up on this easier. I created A G R C shortcut link. So it's just G R C D S C slash tour, T O R G R C S C slash tour. And that will take you to the recent posting that has updated resources, including just a docker container that you can download if you're in expLoring this and getting going. But if you ve got, you know, a linux system, you can install of stuff.

And so for so probably not of a very heavy process either, right? I mean, that probably doesn't use a lot of cp user right? And they .

band oh yeah exactly band with only very little CPU because it's just is just forwarding traffic through, very cool。 So zero Z E L L O is a mobile push to talk service used by one hundred and forty million first responders, hospitality services, transportation and family and friends to communicate via their mobile phones using a simple push to talk APP. The news is, over the past two weeks, starting on november fifteen, s zelos.

Customers have been receiving legitimate notices from zelo because, of course, everything is us back these days asking them to change their passwords. The notice reads yellow security notice. As a precaution, we are asking that you reset your yellow APP password for any account created.

Before november second, twenty twenty four. We also recommend that you change your passwords for any other online services where you may have used the same password. Ww doesn't take a rocket scientist, nor anyone who's been to following this podcast podcast for more than a few months to know what must have happened over at yellow headquarters, uh, and is not good news. But yellow is also not saying blippy computer is reached out to zero and been rebufat customers who received that notice to lippi computer that they have not received any further information from yellow and bleaching computers.

Repeated attempts to contact the company have gone unanswered, so at this point, it's unclear whether yellow may have suffered a data breach or a credential stuffing attack, but the notice certainly does imply that threat actors may have access to the passwords of any users who had accounts before november second, bleeping computer noted in the reporting of this that zelo had previously suffered a data breach in twenty twenty, which also required users to reset their passwords. And I know after thread actors stall, create customers email addresses and hash to passwords in any event, one hundred and forty million users is a substantial user base. Because you note that leo is like a big chunk of the U S.

yes. So of course, if global ah if our listeners are ready when they know maybe expected by IT, IT would be a good idea to hear this notice. Um and just a short note that um the U.

S. Federal trade commission has opened an anti trust microsoft probe, announcing a broad anti trust investigation in the microsoft business practices. The investigation will cover the company's software licensing practices, cloud computing, cyber security and A I business units.

The ftc allegedly received complaints that microsoft was locking in customers g, perhaps like the U. S. Government, uh, preventing them from moving to competitors.

In september, google filed an official anti trust complaint against microsoft cloud business in the eu. So do so be able to keep an iron and we don't know what the fate will be. Uh, you know nothing much will happen this month and we get new administration in early january. So we don't know what uh, approach that administration know the the second trouble administration will take. So we'll see there's .

been so much activity from the ftc and other and fcc in the c fpb. In the last few weeks, and I really feel like they're going last get everything done before before january twenty.

but you can't get anything .

done right three weeks and then in january twenty, who knows what going to happen. I mean, there are plenty of people in in the trump administration. I don't like big tech, but there are people like you on and others who do.

And so who is big and .

who is big tech? So it's really kind of an interesting it's really uncertain what's gona happen, right? I don't know if this microsoft case will go past january twenty years.

IT might not like I just could get dropped in favor or or put on the backburner in favor of what the administration this as more urgent priority .

yeah and it's unpredictable. You trump s said, I hate google where they're too big, their big tech but he's also said, but on the other hand, china is afraid of him so I love google so you so no, you know know what the hal's gonna in this could be a interesting .

few years that will add the truth. Okay, so check out this screen. Leo, i've got a picture ever in the show.

This is unbelievable. Yeah.

under the headline, you mean this actually convinces someone that has actually my headline? Security researcher lucas stefano has identified a new form of android scare where that he refers to as convincing full screen images that resemble cracked or male functioning screens, which trick users into calling tech support numbers or downloading malware on their devices. Now I clear the photo.

This smells in this, uh, in action, in the shots. Now I can see how a nea fight might be LED to believe that something has gone very wrong with their phone because the screen looks like it's no longer even remotely able to display an image. Except the only problem, exactly the only problem with this is is at the same time having no problem whatsoever, apparently despite the correct in malfunctioning screen of displaying the male where res warning pop up notice claiming that a virus has been detected on the handset. So I suppose we'll give them points for coming up with something new.

IT gets your attention. I mean, if I initially you look at.

I mean, down there in the lower right, I mean, that looks like, look, IT really does look like, oh, shoot, something Better have in my phone. Then gone is that that notice telling me to click here to remove the virus is still visible.

right? wow. But i'm curious because if you click remove this, is that sufficient? I would think they put a phone number in there or something. I mean, yeah, maybe it's just a click to you will run the virus because you click IT, right that's off. In the case.

if I said i'm a virus, click me, you'd d be disinclined to do that.

That's good at one point will take and Steve bit and I like that.

I don't think so. okay. So a matt Warner said high Steve, regarding your comment about wire e guards, static ports in episode one thousand two so last week he said, I run war guard while guard on an O P N sense firewall with seure secreta and crowd sec watching my van in her face.

Neither shields up nor any other ports scanner could find an open port even when I specify the port number. I don't have wired guard mapped to a specific allowable IP because that changes depending on my location. I'm happy to leave this as IT is for now, but we will certainly change my set up if a new vulnerability services in any other tools I use, love the pad podcast I look for or two every week.

okay? So there is no reason to believe that IT is not completely safe to leave a wire guard V P N server running on a fire wall, such as O P N sense listening for incoming connections from a wire guard client. There is no reason to believe that a problem, until there is everything we know, tells us that this could flip from absolutely safe to, oh my god, within a single heart beat of a skilled hacker who, while studying wired guards open source code, notice something no one else has.

That's one of the ways these things happen. Or perhaps the hacker is throwing nonsense packets at wired guards listening service port, and one of them suddenly crashes the wire guard server. That's another way this could happen.

The specific packet that crashed the server is an examined, and the source of the crash is reverse engineer to create a repeatedly working exploit. But it's every bit is true that none of this may ever happen. It's also true that perhaps IT can't.

The construction of security is that could happen does not necessarily mean could happen. Perhaps I really can't. The travel is today's systems have become so complex that is no longer possible for us to be absolutely and mathematically provably certain about the behavior of anything above a distressin ly low level of complexity today.

We just can't know that one of the things i'm hoping future A I might be able to help us with, my intuition suggests that this is the sort of thing that ought to be right in A S backyard. But we don't have that today. What we have today is hope, hopes Better than nothing, but hope is not enough for me.

I fully respect math decision and position. It's one that shared by tens of thousands of other. But my network is not. The typical residential network is both the development and production arms of G, R C. So the stakes for me are higher.

I'm not suggesting that my network is utterly impervious to attack, but it's as utterly in previous as i've been able to make IT, without exception. So deliberately exposing a wire guard process, no matter how safe I hope IT is to the public internet, would be an exception. I will not make another listener identifying himself as an on reminds us why we trust and should trust wire guards design.

He wrote high Steve regarding the discussion of wired guard and port knocking on this week security now episode. I just wanted to let you know that it's not really necessary with wire guard. The server will not respond to client connection requests at all.

He has at all caps, and he's right unless the client provides a public key that the server nose and trusts this in addition to the fact that the protocol is udp based, means that is not possible to even know if there is a wide guard server listening on a specific I P and port unless you already have public key credentials to connect while IT technically would still be possible to have a bug where this can be bypassed, this is very unlikely because this is the first thing the server checks, so the code surface for bugs is minimal. This technicality would also apply to any port knocking techniques, which can have their own bugs in implementation. Regards, none.

Okay, so none is one hundred percent correct. And this is why wire guard represents the best of the best today. Is that good enough? Almost certainly. And his point about the possibility that adding port knocking to introduce an additional layer of prey regard security might itself introduce a new vulnerability, is also a keen observation that could happen.

My defense of the use of port knocking is that, from an implementation standpoint, unlike anything like wire guard that necessarily invoke a huge amount of complexity in order to validate a crypt to graphic certificate, port knocking adds an appealingly trivial layer of complexity while providing virtual absolute protection. In other words, what might be termed as its security gain is nearly infinite, and the port knocking service is inherently sitting behind the firewall, which is monitoring, so it's much more difficult to see how its failure could do anything other than fail to open a port. And all of this is, of course, what makes the study of security so interesting.

So great points from our listeners and as always, great. A incoming feedback to security now at G R. C. 点 com。 Thank you, everybody, for that.

One of our listener's, Richard craver in clemens, north CarOlina, pointed me at something that was so interesting in needed sharing. First of all, here's what Richard wrote. He said, high Stephen leo, I just finished the A.

G. I. episode. Interesting to ponder. I personally am not a particular fan of A I and general.

As I see IT as crowd sourcing knowledge. The mayor may not be correct. Science is based on chAllenging and testing prevAiling assumptions and thought.

A I, in my humble opinion, discourages critical thinking. But for good or bad, it's here, he said. Below is a link to tom fishburn the marketplace ist with a thought provoking cartoon and short viewpoint message.

And I have the cartoon uh in the show notes. It's got two frames. On the left, one guy is saying to someone else, once we train our A I, I can't wait to see the wide variety of new ideas IT comes up with.

And in the foreground we see a convey built uh, with all different shapes and sizes and brightly colored bottles and containers of different sorts. And this could var belt is sending them into a box in the middle that divides the two frames labelled ai. On the right hand side we see this guy with his hand up to his chin, as if thinking.

And what's coming out is A A nearly identical set of almost the same shape and size and color bottles. So the A I has sort of generalized everything. okay.

So the the interesting information is, uh, that tom fishburn shares, he writes, is still early days with A I generation tools. We're all still learning potentials and limitations. One watchout is the bias tored unity. The tendency for A I results to look a alike as A I predicts what to generate the path of least resistance is an averaging of the content in its source material.

E and whitworth once referred to this as the great same thing writing coop, ChatGPT, jasper and all the rest are powered or powerful conformity machines, giving you the ability to turn out bible length material about yourself and your business. That's exactly the same as your competitors. unquote. Tom continues a couple months ago, oxford cambridge researchers illustrated the risk of homogenous in a study of A I generated content in nature magazine.

And as friend who doesn't know nature magazine is a serious magazine, lord and I were subscribing to IT for a while, but the articles were so dense that IT was like, okay, well, let's is just wasting our time on this uh so minutes the real deal uh, he says the risk increases as a get trained not only on human created content, but on other A I generated content. As an example, the researchers studied an AI model trained on images of different breeds of dogs, the source material included in naturally wide variety of dogs, french bulldogs, domine, corgis, golden retriever s at seta lords. But when asked to generate an image of a dog, the A I model typically returned the more common dog breeds golden retriever s and less frequently, the rare breeds french bulldogs.

Over time, the cycle reinforces and compounds. When future generations of A I models are trained on these outputs, IT starts to forget the more obscure dog breeds entirely, soon only creating images of golden retrievers. Eventually, the researchers found there's model collapse.

And I love that term model collapse, where the LLM is trained so much on A I generated golden retriever images that the results turn nonsensical and stop looking like dogs at all. Now, he writes substitute g breeds for whatever you're trying to create, new products, new packaging, new advertising, communication. And the risk is that all outputs devolve to look the same.

A related study from the university of exeter or found that A I generation tools have the potential to boost individual creativity, but with a loss of collective novelty. The good news is that this baseline situation creates opportunities for those who can push against this new status. Cal home magi is ultimately at odds with distinctiveness.

As with all tools, it's all in how you use them. You can break through the clutter by adding to IT. So I know I love that, you know, these conclusions feel intuitively correct to me, and the research cited above supports that intuition.

Also, it's certainly true that there is an unrealized danger as the internet content becomes more and more AI generated while our AI models are being continuously trained against the internet content. Future historians may wonder what happened to all the french bulldog. I know that, leo, let's take another breaks and then we're going to look at some more questions and feedback from our .

listeners you're want to secure now with mr. J, this episode brought you bike, delete me, a tool that we use actually at a twitter, uh, and IT became a very useful tool when our CEO started being targeted by hackers who are using her name and phone number to try to scare her direct reports. How do they know her name, her phone number, her direct reports? It's all out there on the internet.

If you ever searched for your name online, I do not recommend IT, but if you do, you'll see a surprisingly large amount personal information is available. Maintaining your privacy is, by the way, not just your own concern, is a family affair too. That's why delete me offers family plants.

Actually, they offer variety of plants, corporate plans, individual plants, check IT out and join delete me outcome slash to IT delete me helps reduce risk for identity theft from cyber security, threats from harassment and more. I mean, there really is a cyber security side to this because the more information that's out there about you, about your company, about your employees, the more likely bad guys will get that data. It's easily available to them for a very small cost.

Actually, if you go to a data broker and use that data to impersonate us, was watching the morning news, and IT was alert, you know, local woman scammed by a bad guy about five thousand dollars. I thought, well, what's new, right? That's happening all the time.

Why is IT news? And actually is probably good that they showed this because the woman was received a call from a person who said he was her grandson. The person knew her grandson's name, knew some basic information meter.

Grandson said, i've been arrested. I'm in jail. I need bail. SHE wired bail to the bad guy.

Note grandson, grandson wasn't in jail, but this is a perfect example of how hackers can use the information online about you to take advantage of you or your family members, your grandma. That's why you need to delete me. That's what grandma needs delete.

I have to say, we, of course, as soon as that hacker attacked lisa, um we got delete me. And it's a funny thing because a couple of months ago, we were talking about the the data broker breach that um showed so much information, including social security numbers. Turns out by the way, that's legal.

The ftc is just mass. Maybe we shouldn't make that legal anyway that that's another thing. It's not going to change.

But we were talking about this and I did a little search. My data was in that breach, as was your Steve. My social was in that breach. Laces wasn't. And I realized that because we've been using delete me and the personal data brokers didn't have her data because the me had made them delete IT.

That's what delete me does .

they actually the living experts go around, they know all the data brokers. And by the way, that's not that's not an easy job because there's no one's it's so profitable. There's no one's everyday they keep track of this.

They find and they remove your information from hundreds of data brokers. So they did that for lesa. That's why her data was not in the breach.

IT had been removed. And if you want to do with family members like grama, you can assign a unique data sheet. Every family member tailed to them, so you can say, you know, grandma hasn't in the account.

SHE doesn't never twitter out that kind of thing. You can manage privacy settings for the whole family. But by the way, it's more than just going to those data brokers and saying get rid of that stuff up and they do they are require to so they deleted.

But here's a thing there, they're not required to never start over, so they just start requiring that data and building a doa almost instantly. That's why delete me will continue to scan and remove your information regularly. Ly, they go back again and again. I'm talking addresses, photos, emails, relatives, phone number, social media, property value. All this stuff is online, you know.

IT is it's a shock.

right? It's it's completely legal, at least IT is for now. So this is why you need delete to delete me.

You need IT as an individual. You need IT as a family. And by the way, you need is a business. Protect yourself we claim your privacy is a join to lead me dog comes slash to IT if you use the offer code to IT you'll get twenty percent off join delete me that come slash to IT IT was IT was a reliable and to see that least a social was not in there. Her addresses not in there.

He had been removed before the breach join probed too late for you and me, right? But but let's do IT now before the next breach joined to lead me to come slashed with IT. And it's not even breaches.

They sell that anybody wants IT. The hacker ers have to wait for a breach. They just here here for a book fifteen.

Can you tell me who runs that company? What's your phone number? What are all your direct reports? Is all in there? Join to lead me to come slash to IT.

Do we have some sort of national privacy protection? At least we've got to lead me join to lead me to come sit and please use the africa to IT for twenty percent off. We thank join to link me for their support. You support us too, of course, if you use that special address and the offer code because then they know he saw here join to let me that comes slash to IT offer code T W I T on we go with .

the show is to G K. yes. So um our listener greg haslets, has an interesting problem. He said, Steve, I have an edge writer know that was that rather that we were loving .

for loved why I still .

am one yeah .

ah i've i've upgraded now to the full ubiquity system that impressed .

me so much oh well and I was so inexpensive and so powerful about what you know that like in terms the way I could be configured. So is that I haven't edge router and created an IoT network. My problem is I cannot reach my issues.

R, T, sixty six, update the firm where that's on the IoT network? No, so he created isolation, and that was isolated, he said. Any quick ways to allow temporary access to the issues router.

My last ditch answer would be to back up the add oughter, meaning that its config and reset to original settings hopefully find the I, P address of the issues and update the firm where then restore the edge router from back up. With IoT long time listener and met you at the squirl take in ervine. So that's very cool.

So okay, i'm not one hundred percent certain that I completely understood graves problem and question, but I think I do. But my first thought is that maybe he's making things too complicated. Leave the edge router alone and just temporarily arrange some wires.

take exactly.

Rather than get fancy with reverting the edge raters configuration to its original simple switch, why not plug the assur t sixty six into the land where a PC is located and updated firm where, you know, I suppose that greg doesn't have a spare old wired etheric switch lying around. And I know i've had to think he would. You know, who doesn't? If they make great door stops, then that could be a problem.

But it's also possible to plug the issues. R, T, sixty six directly point to point into a PC land socket. So if I understood greggs question, IT would appear that being less fancy and going old school might be the right solution.

That is the issue with the lending off your IO and creating I O T. If the I O T device is done, you control through the cloud, right? Then it's not a problem because you're going to be on one .

van acg back.

Yeah yes, but more and more. And actually for security, this is probably a good thing. And for long term survivability ties thing, these guys are talking directly, talking directly to the t device, which of course isn't going to work with us on separate unless you create some rules. That's the other way around. IT.

I had not just giving up our solution is to have because we because we also want to have guests over who are bringing untrusted equipment, right? Uh, we have two radios, so we have we have our network and then we have and then on the IoT network is is a different access point. And so if I need to talk to something there, I just quickly switched my wifi. Yeah, over to that. We were doing that.

But it's a pain. The bug, if you want to print to switch, to defeat the secure, insecure valan print and then switch back.

No, and printing is a good example, because boy, printing is so security riddled.

And right, you don't want to a printer network if you can help IT. yeah. So this is tough IT, really? Yes, that's the that's the .

truth of IT um oh and what are on the topic of old school solutions that are in this case, obvious and retrospect CT our list your toy was responding to something to we're talking about last week about my having a problem typing on this horrible keyboard, you know, screen of my IOS device wondering about a solution for reversing that dongle the the the blue tooth keyboard don GLE that you put into your computer he said.

Steve, congrats on security now hey, regarding typing long messages on the iphone, I hope you know that you can connect a bluetooth keyboard to your iphone. And this is where the use of the expression go comes in. I could fess, I had completely forgotten that.

And I should have remembered IT because one of my first reactions to the loss of the wonderful physical click y button keyboard of my beloved blackberry, which I all I loved you so much but I had to switch to an iphone because you know what has to um I added that little ad on keyboard that you could stick on to the bottom of the phone which did indeed link the phone via bluetooth and IT worked perfectly so uh nearly to say I have a cute little bluetooth keyboard now thanks to uh, choice note, which allows me to quickly type on my iphone so thank you joy. Or a rod in north canton, ohio shared some facts about social media, uh, age restrictions. He said the recent book by JoNathan hate titled .

anxious generation okay, I know he loves IT and you're gone to read his praise o not widely accepted. He itself said that it's not true, so go head .

so so who who said so um I will .

send you the article by ethic what his name cougars who is an expert in the film athan hate is a polymer ist and he's a social psychology ology yeah and A A lot of what he claims in the book is highly disputed by experts in the field. So it's convincing if you read the book as a lot of a lot of stuff, you when people are politics, they write convincing books. Now come glad will does IT too.

That aren't true, but they sound right. And a lot of people come away with with this conviction as a result. This is why there is that australian law.

There is a widespread thought that social networks are causing major mental inness issues with our kids. But experts disagree. Now to say that. Now go and you can read his note.

Well, I am a okay I just wanted to note late people .

against what you're about to say this.

about to say. Okay, okay, so I I, I will because IT gives me the context for my reactions to IT, so he said the recent booked by JoNathan and hate anxious generation has extensive discussion of the age limit issue.

The main theme of the book is rather convincing evidence to your point, leo, that the dramatic one hundred, two hundred percent increase in mental uh, and teen mental health problems, which corresponds to the introduction smartphones, is in fact cause he has in all caps by the use of those phones and in particular social media hates argument rests on his work as a social psychologist combining knowledge of the vulnerability of early teens due to brain development happening at at the time of life, with research on how social media is carefully designed to hook Young adolescence if hate is right and and our our listeners is and I think he is, the problem is very severe. We make a huge mistake equating our older adults who grew up before the smart phone era use of various apps and how we handle IT with adolescence during critical brain development years. And he says, parents note, my adult children have been telling me this for years that I cannot transfer how I use social media for just a few things.

I want to the experience of Youngsters. And he says, the book, an extensive discussion of what to do in that section, john athan discusses some technical ideas, not at the technical depth of security now, but also the social factors like parental role, the problem appears, having more access, and how some methods can be neutralized. The book has references to extensive discussions of both social scientists like hate and technical sources by people who have thought through a lot of the issues. While I share some skepticism of the effectiveness of age verification, I think the combination of laws requiring age verification, more parents al awareness and CoOperation between schools and parents can have a very positive impact. So my response was, I did to say that you know, in our recent discussion, I I happen to also touch on a number of the same potential pitfalls of age restriction, such as parents being pushed by their own children to make exceptions for them, which is then followed by other kids complaining to their more strict parents that their peers have been given access by their by their parents so why can't they have the same you know and saying after all, how bad gonna be if sixteen year old are able to have access you know um uh I know also that, among other things, my wife, lorrie, is an accomplish therapist and while SHE rigorously honors the privacy of her clients, she's noted on a number of occasions that many of today's parents appeared to be afraid of their own children, whom they appears by giving them anything they want so how are such parents not going to capital late to their children's demands, especially having previously establish that pattern? So anyway, um I point you now that .

we've talked about IT to this is a great place to start my bassi s article in which he took quotes canas oders who is an actual expert on this stuff and has been this kind of research for years and in his his podcast about this essenic the banking hate hate is a polymeric st. He is not .

an expert period so do you not think do you not conclude that um there is something age related or that there is not damage or that kids are not did or what?

Yeah so the research shows is not the case period. He's saying something that makes sense. This is the problem with a lot of these just so stories oh yeah, that makes perfect sense.

That makes a lot of sense. But if you actually look at the research, by the way, you can read your article in nature, your favorite magazine all about this. Ah the issue is, is there increasing mental health issues with kids? Because it's more reported, there are a lot of correlation is not equal causation, as you will know.

And because because the iphone came out two thousand and seven and they're correlations that to rise in mental health issues are many other issues involved in this, including cove and isolation of kids, stranger danger from the eighties, which made a lot of parents keep their kids at home instead of leading out to play, because they were so afraid of. By the way, this was also a specious argument. They were strangers in neighborhood to abduct them.

We know perfectly well that the real danger to kids is people they know, people at home, their relatives. But the stranger danger actually prompted a lot of parents to say, no, no more playing outside for you. That could be one of the cases. There are many things going on. Correlation is not equal causation.

And as we've said many times.

and when you do the actual research with many have done, including candis, oders, IT is in fact under it's problematic because it's very easy, say our social media, we put an age limitation social media, we limit iphones. We keep parent, we give parents the power to stop doing all this stuff. It's all gonna get Better. And what you're not addressing, for instance, is the fact that schools no longer have mental health professionals, little on nurses in the school. There are a lot of other issues you're not addressing because you up all fixed.

you found the problem.

You found the problem. So I would recommend people look at mike magnic. I think our audience trusts and likes had did an excEllent podcast with her about youth mental health, talking about JoNathan notebook before the problem is become a political issue.

So do you think the actual driver is mental health or the people don't want kids so stuck on their phones stay?

If you remember, when you were Young and your parents to stop, listen that rock and roll and cut your hair, do you? Member, when newton mino, the chairman of the fcc, said that television was a vast wasteland and ruining the brains of our Young people.

then we have the whole video game a phenomenon.

Do you remember when tip gore said video games are ruling our children? It's happened again and again. The problem is, with that kind of moral panic, is you can be miss, you can focus on the wrong problem and not really address the issues.

So there is a huge republication crisis, a problem with the data that hate quotes. It's not been replicated. The actual experts who are working in this field, in the working in field for decades say we'd actually don't see that um if you're interested and everybody should be marches podcast is a great starting point.

Um it's a texter dot com. It's the detector pod casters with canda's augers odger s titled making sense of the research on social media and use mental health. Actually, I think hates on IT. So that would be a kind of interesting well.

of course, our interest for the podcast is just the idea that that legislation is going to impose a new, a new technical right.

Require was nonsense that the australia has said, no, nobody. And sixteen, a new social media, besides the ice, the, I mean, you can make the case that social media is how kids socialized today. IT may and well isolated a great many kids and cause worse problems.

How do you do? IT? How do you? And so there's no good technical way without violating human privacy, our own privacy, to identify who's an adult .

who is not the yes and and that that is the interest of this podcast is what are they going to do like you know, something is going to happen unless the law gets overturned and or or isn't implemented. The the fines are thirty five, the equivalent of thirty and fifty million australian dollars equivalent about thirty two and a half million us.

which makes me think companies like meta and others, i'll just pay the fine .

if you think it's a one time fine. And the other thing that I thought was odd was youtube is excluded. It's not considered far example yes.

perfect example. Um it's nonsense. And by the way, the campaign in australia, IT was started by rupert murdoch, ever pert murdoch's newspapers, who in the spring of this year watched a massive campaign convinced the australia legislature to do this.

Well, from a technology's stamp point, it's gonna be fascinating to see what they come up with.

We talked about on sunday, and I think the consensus of the panel was, this is really mostly just kind of saying fix IT that because it's a year more than a year away, yes.

takes effect on november twenty of twenty twenty five. yeah.

So um I we think it's mostly just sabor rattling and try to convince them I do something so that we can sit back on this lot. But if not.

we ve got a problem. We got we we have a need for some technology. Yeah, that doesn't exit.

Viola dawn appreciates our picture of the week for audio only listeners, SHE says. Hello, Stephen leo, i've listened to your show for a while now, and I really enjoy IT. I love all things, computers, technologies, eeta. And there is one thing I can definitely say, with one thousand percent assurance, there will always SHE has, in all caps, be a need for this podcast and experts such as yourselves to cover and explain at all with the added chAllenge of putting the cookies on the bottom and shelf where the kids can get them, which you are very good at doing. I wanted to write you email, thanking you for describing the pictures of the week. I have to admit, I got quite a bit of last from the one last week where the little troubles to some we're finding a way to get upstairs even now as I write this, i'm struggling IT means a lot to me that you guys described the pictures of the week because i'm .

completely blind um interesting .

without your descriptions, I would not be able to get any enjoyment out of them. Very good, SHE said. Sometimes I think we do things like this without a second thought and without knowing the impact that we have and will have on someone when we do those things.

This is one of them. Please keep the picture descriptions coming before you ask. I think one of my favorite picks of the week was the one that said, treat your passwords like you're underwear, SHE said.

I was day. She's that I remember. I just couldn't stop laughing for a long time after that one then had to rein the podcast a couple of times just for the laughs.

I must admit, I had never heard password safely put that way before. Thank you. You once again for the podcast and image descriptions, and please keep on coming dow, some done. I hope you're listening. Thank you for your note, and I can promise that we will keep the picture of the weak descriptions coming.

Yeah, you're very good about IT. You realize that we have audio listeners and they aren't seeing IT. So you're always very good about that. IT does remind us though also when you post images online, you should always use the all tags in HTML. The blind viewers who are using screen readers will actually know at that picture.

Yeah and I forget sometimes I actually have a little thing on my master, an account that pings me when I post a picture without malt teg and says, you didn't put your own text and it's not too like go back and edit and I and I always do thank you. Don is nice to have you. okay.

Um our last break and then we're going to catch up on the current status of voyage jone as continues its well endless journey because it's a way outside the the the sun gravity field at this point. So and .

just along the australia thing, you remember that I was the australian parliament parliamentarian in australia who said, uh, we don't have to worry about mass math this from my point of view, there is no need to pay attention .

but then I was a matter .

and this .

is another one of those examples where of legislators ignoring to technology even though they're legislating technology yeah saying that saying social media companies like some and a subset of social media companies have to do something and what we don't know how but you can do IT is like the E U. Saying, well we want you to to to block uh you know c sam and we don't know how you're going to do IT, but you have to do IT without break anyone else privacy like ah you mean you know this .

is the IT was the australian prime minister said the laws of mathematics don't .

apply here.

He's no longer friend .

minister is pei was pesky mathematicians.

How dare they? Yeah, governments do that. They say what you will figure IT out.

yes. Yeah.

you guys guys are the smart big and you figured out tremble is no longer, I don't think not. Tremble is no longer the prime minister. But math, but math is lives on, which is kind of love math. And math makes that is eternal math less longer even than .

if you didn't have math. We wouldn't have the one that's for .

sure there ago. Yeah I often say when people say all science, you know, sciences is always perfect. Dude, you're listen to technology podcast. All technology is is science applied, right? Give me a break.

That's all we got. Yes, we have we live in a noisy world and yet the digital bits get from point a to point b perfectly, somehow.

magically. Well, math doesn't apply here, this site. No, I don't know what that is.

Anyway, I showed work very. They have you listening. We're going to, guy, you very excited about talking about vigia.

I can't wait lots of really cool information.

yeah. But before we do that, I want to talk a little bit about our sponsor bit warden, the open source password manager that will drastically improve your chances of staying safe online. We love bit warden.

It's open source. It's trusted by thousands of businesses like all password managers. The basic functionality is to generate an auto fill strong long passwords.

You don't have to remembers them IT remembers them for you in an encysted volt. That is part one of why I think it's really important that bit warden is open source. When you're talking in encryption.

I've always been of the opinion it's got to be open source because you have to be able to vote, you have to be able to look at IT. And or some expert doesn't say there's no back doors is properly implemented, in fact, bit work does that? Not only they post, they are gpl.

As Steve pointed out a couple of episodes ago, they are fully open source. They post their source code on github. Anybody can read IT, but they also engage every year.

In fact, every times a year, a third parties to look at the source code veit validated, say, this is what IT does. This is what IT doesn't do. And they also go one step more.

A lot of companies do that, but then they go one step more bit. Word promises to publish in full the reports from these third parties. So i'm saying this is the only way you can really be sure it's doing exactly what IT says IT does.

So what's reason number one, I love bit warden, bit warden for business. Reason number two, businesses bit warden is is a lifesaver in business. It's not just simply a passer manager.

IT integrates with all of your existing software to support seamless Operations and elevated security and every part of your enter Price, i'll give you some examples to use microsoft tune bit warden works with microsoft tune to enhance device security and use your identity management IT enables secure bit warden APP deployment on any in tune managed endpoint that's that stops mobile devices everywhere. Do you use rippling for your hr youll love? IT rippling integrates with bit warden to simplify employee off boarding and on boarding.

Your IT team can assign and revoke access as your employees join or leave kind of push button simple, uh, maybe use va, one of our sponsors, we love van ta uh venta combines, combines audit and reporting with secure password management. IT says, look, they're using secure passage management is using being used effectively. IT helps organza meet their sock to, I saw twenty seven o one and other standards.

Here's a really interesting one. Rapid seven. Rapid seven, which is E R solution insurer, improve threat detection and response.

And how does IT work with bit warden by correlation credential usage with the security events? So bit warden says, yes, this password was used on this device on this APP at this time. And rapid seven then can correlated with a security issue.

Strengthening proactive monitoring and intelligence for enterprise security teams. That's really cool. Bit warden is really focused on these integrations. The increase flexibility to centralize security management across existing technology, stax and employee devices so that you can maintain control over sensitive information. There's a really great story itself for bit word and both for individuals and for businesses.

In business, bit wear n users can seamlessly connect tools for IT management, compliance security to improve and standardize the employment of enterprise credential management throughout your organza and your employees will love IT. It's easy to use its effective your business deserves a cost effective solution that can dramatically improve its chances in your chances of staying safe on lines, very easy to switch to bit ward and only takes a few minutes. They can import quickly from most password management solutions.

It's open source bit warden's fantastic. Bit is also very affordable. You get started right now with a free trial of bit warden's teams or enterprise plan.

And the thing I always tell folks, H, I told everybody thanksgiving, make sure you, I hope you did this, talk to your relatives, asking about their password system, their security, and if they don't have any security or they're reusing the same password, heaven for fans, tell him, get award. Very important, free forever for individuals because it's open source. Free forever for individuals as unlimited passwords, unlimited device, mac, windows, IOS, android, linux.

And that includes package, unlimited package and the use of hardworking ies like ubiquity, all that in the free plan. Now I pay ten bugs a year because I want to support them. I have the premium plant ten bugs a year, so even then is very affordable.

I just, and by the way, with a bit warden for the individual plans, you can even host your own. I know there's some real T N O people out there trust no one people. That's one way you can really do IT is to host all personally, I trust bit or not fault.

I feel fine about that bit. Warden gets started for free across all devices as an individual user free trial of a teams or enterprise plan for your business at bit. Warden, that comes slash to IT.

This is the one really is. And if you're not using a passer measured by all means, I know if you listen a security now course you're using one. Tell your friends bit warden, that calm slash to IT. Thank you bit warden for supporting security now and thank you for supporting IT about using that addresses. Know you saw that here s okay.

So our listener, rob width ft. Brought this bit of news to my attention. Uh, nasas posting was titled nasas voyage one resumes regular Operations after communications pause um and i'm i'm going to share IT because as I said, IT contains budget of interesting and amazing science and engineering information and then we're gonna dig down a little deeper so they wrote that s voyage one has resumed regular Operations following a pausing communication month.

The probe, yeah the probe had unexpectedly turned off its primary radio transmitter, call an expand transmitter and turned on the much weaker s band transmitter. After the spacecraft's distance from earth, about fifteen point four billion miles, twenty twenty four point nine billion kilometers, this switch prevented the mission team from downloading science data and information about the spacecraft's engineering status. Earlier this month, the team reactivated the x band transmitter or and then resumed collecting data the week of november eighteen from the four Operating science instruments.

Now engineers are completing a few remaining tasks to return voyager one to the state IT was in before the issue arose, such as resetting the system that synorix es its three on board computers. The expand transmitter had been shut off by the spacecraft fault protection system when engineers activated a heater on the spacecraft. Okay, historically, if the fault protection system sense that the probe had too little power available, IT would automatically turn off systems not essential for keeping the spacecraft flying in order to keep power flowing to the critical systems.

But the probes have already turned off all nonessential systems, except for the science instruments. So the fault protection system turned off the x band transmitter and turned on the s band transmitter. Or because IT uses lower power, unfortunately, that also means that transmits at lower power, which means you can get the data through, which is why they have stop collecting data, they said.

The mission is working with extremely small power margins on both voyer probes powered by heat from decaying plutonium that is converted into electricity. The spacecraft lose about four watts of power each year about five years ago, after some forty one years after the voyer spacecraft launched, the team began turning off any remaining systems not critical to keeping the robes flying, including headers for some of the science instruments to the mission. Teams surprise, all of those instruments continue to Operate despite reaching temperatures lower than what they've been tested for.

The team has computer models designed to predict how much power various systems, such as heat and instruments, are expected to use. But a variety of factors contribute to uncertainty in those models, including the age of the components and the fact that the hardware doesn't always behave is expected, with power levels being measured to fractions of a what the team also adjusted how both probes monitor voltage. But earlier this year, the declining power supply require the team to turn off a science instrument on voyage, too.

The mission shot off multiple instruments on voyage, or one in nineteen ninety to conserve energy, but those instruments were no longer in use after the probe flu passed. Sudden and jupiter of the ten science instruments on each spacecraft for are now being used to study the particles, plasma and magnetic fields in interStellar space, which is where both probes are voyage. Just one and two have been flying for more than forty seven years and are the only two spacecraft to Operate in interStellar space.

Their advanced age has meant an increase in the frequency and complexity of technical issues and new chAllenges for the mission engineering team. okay. So reading that, the article said the x band transmitter had been shut off by the spacecraft's foul protection system when engineers activated the heater on the spacecraft.

What I didn't tell us is why the jpl engineers turned on that heater. And there's even more fascinating information about that. Our listener, jeff root in santiago, supplied the link to a story in the register of all places, titled best job at J.

P. L. What it's like to be an engineer on the voyager project. This was posted two days later on the U. S. Is thanksgiving thursday and IT, too, is truck full of interesting science and engineering insight. So the register wrote, the voyage probes have entered new phase of Operations.

As recent events have shown, keeping the vulval spacecraft running is a chAllenge as the end of their mission nears and of course, end of the mission just means which we don't know what happened, right? I mean, it's like its way past. It's it's design and of mission.

And IT keeps getting extended. So they wrote, as with much of the voyager team nowadays, korean barrot, a thirty year veteran of masses jet propulsion laboratory, divides his time between the twin voyager spacecraft and other flight. He describes himself as a supervisor of chief engineers, but leaped at the chance to fill the role on the voyage of project.

Susan dod, J. P. L, director for the interplanetary network, director IT, is the project manager for the voyage of interStellar mission. Bata ruden told the register.

SHE knew that the project was sort of entering ing a new phase where there was likely to be a lot of technical problems. And so chief engineers, that's what they do. They solve problems for different flight projects.

Dd needed that support for voyager. Batter run would typically have found someone from his group. But he said, I was just so excited about voyager.

I said, you know, look no further, right? I'm the person for the job. In other words, this was one he did not want to delegate. He said, i'm your engineer, you know, please pick me.

So batter ruin has spent the past two years on the voyage project after decades of relatively routine Operation following plans laid out earlier in the mission. When the team was much larger, the twin voyager spacecraft had begun presenting more technical chAllenges to overcome as the vehicles age and power dwindles. The latest problem occurred when engineers warmed up part of the spacecraft, hoping that some degraded circuits might be healed by an annealing process.

Better run, explained that cold, there's these junction field effect transistors, j vets in a particular circuit that have become degraded through radiation. We don't have much protection from radiation in an inner Stellar medium. Remember where this thing was never designed to function, right? Because IT wasn't expected to deliver this long.

We don't have much protection in an inner del medium because we're outside the heliosphere where a lot of that stuff gets blocked. So we've got this degradation in these electronic parts, and it's been proven that they can heal themselves if you get them warm enough long enough. And so we knew we had some power margin, and we were hopeful that we had enough power margin to Operate this heater.

And as I turned out, we didn't IT was a risk we took to try to imitate a problem that we have with our electronics. So now the problem is still there, and we realize that we can't solve IT this way. And so we're going to have to come up with another creative solution and quote, so the register says the problem was that more power was demanded that the system could supply a volt regulator, might have smooth things out, but the voyage is no longer, or have that luxury.

Instead, engineers took a calculated risk and ran a fall of the then innovative software on board the spacecraft. The undervote ted routine of the fault protection software shuts down loads on the power supply, but went, but since the voyage, your team had already shut down anything that's not essential. There is a much left for IT to shut down batter route, explained, he said.

So cote, under the the other voltage response doesn't do much, except turn off the x band transmitter and turn on the x band transmitter. And that's because the s band transmitter uses less power, making IT the last safety net to save you, he said, and save the mission IT did. While the s band is great for Operations near earth, such as the moon, it's almost useless at the distance of the voyer spacecraft.

However, by detecting the faint Carry your signal of the expand transmission, the team was able to pinpoint that the problem had been the act of turning on the heater, even without expand telemetry from the spacecraft. The chAllenge for engineers isn't just the time IT takes to get a command to the voyagers and receive a response, but also checking and rechecking every command that gets sent to the spacecraft, he said. The waiting is apparently not as frustrating as we might think, batter ruden said.

This is the rythm we work in. We growing a custom to IT. IT used to be a very small time delay, and it's gradually grown longer and longer through the years.

With duplicate physical hardware long gone, the team now works with an array of mulatto. Bata rudden said. We have a very clear understanding of the hardware.

We know exactly what the circuit is, what the computers are and where the software runs. And as for the software, it's complicated. There have been so many twists and changes over the years.

Remember forty six years, forty seven years, that working out the exact revision of every part of voyagers code has become tRicky batter, rudin said. It's usually easier to just get a memory read out from the spacecraft to find out what's going on out there. The chAllenge for the voyage of team is that the spacecraft are nearing the half century mark.

As as is the documentation, he said, we have documents that were type written in the seventies that described the software, but there are revisions. And so building the simulators, we feel really good about the hardware, but we feel a little less good about understanding exactly what each instruction does. The latest bit of recoding occurred with the failure of one of voyagers integrate test circuit manifested itself as meaningless data last year.

And of course, we talked about that on the podcast at the time. Better rude reminds us the basic problem was figuring out what was wrong with no information. We could see a Carrier signal we knew we were transmitting in the expand.

We knew we could command the spacecraft because we could tweet that signal slightly with commands. So we knew the spacecraft is listening to us, and we knew the spacecraft was pointing at earth because otherwise we wouldn't get a signal at all. The engineers went further down the faul tree and eventually managed to get a minimum program to the space to get a memory read out.

That read out could be compared to one retrieved. When the spacecraft was healthy, two hundred and fifty six words were corrupted, indicating a specific integrated circuit code was in written to relocate instructions around that failed area. And I remember this is, this is almost a light day away.

At that point a year ago, the problem there is the code was very compact. There was no free space that we could take advantage of. So we had to sacrifice something so that, you know, they're patching on the fly on an Operating machine.

What is IT fifteen billion miles away? That's something that needed sacrificing was one of the voyagers higher data rate modes used during planetary fly buys. That makes sense, right? Just like, hey, no, what do we need? Well, we don't need the high data rate mode used during planetary fly eyes because we're not going to be flying by any planets.

So now back to the present. The current chAllenge involves your part. The pan involves dealing with the robes.

Oh, trusters. And here's the problem, leo. Silicon from batters inside the fuel tanks has begun to leach into hydrological propellant.

Since silicon doesn't ignite like hydrogen, meaning IT doesn't get burned off a tiny amount, gets deposited in the thrusters and slowly builds up in the thruster capitalists Better ruden uses the analogy of clogging arteries. Eventually, the block gage will prevent the spacecraft from firing its thrusters to keep IT pointed at earth. However, the pitch and your trusters, each of which have three branches, are clogging at different rates.

The current software works on the basis that branch one, two or three will be used, but couldn't be Operated in mixed mode where a branch two is used for the pitch trust, but branch three is used for your battery de notes. So that's a creative solution. IT would be very complicated.

This would be another modification in interStellar space to the software. And getting IT right the first time is not just nice to have. It's almost the central by the time the results of a cabin come back from the void of spacecraft. IT might be impossible to deal with the fallout of a failure.

What do they write? IT in what assembly language .

or individual that they they invented their own processor are not using any commercial processor. They invented A A computer that reads this code. And that's where he's saying some sometimes we're not sure what an instruction does because somebody typed IT in nineteen seventy and may have said, oh, it's lunchtime. I'll get back to you later. Wow.

wow, this is amazing.

This is just incredible. He said the voyage spacecraft are unlikely to survive another decade. The power will eventually dangle to the point where Operations will .

become impossible. Is IT a nuclear .

power plane? yeah. yeah. IT is a nuclear power IT. IT is using decaying plutonium to the heat generated from the particle decay to heat a third couple, which generates the electric current to drive all of this. It's a tiny bit of to and and it's bit exponentially decaying for forty seven years. This thing was first .

a long time. Yeah so he .

says high data rates, which is to say one point for killing bits per second, will only be supported by the current deep space network until twenty, twenty seven or twenty eight. After that, some more creativity will be needed to Operate voyager one's digital taper quarter. Baturin speculates that shutting off another heater, the bay one heater used for the computers, would free up power for the recorder.

But the I, I should mention that that we were only able the deep space network, as I recall, is only out of australia. And so it's it's only during A A, A brief time window once a day as the earth rotates that the the, the deep space network and tanna is able to point at voyage jone. And so one records its data during the dark period and then dumps IT to us when IT knows we're able to receive so he says, um turning off the bay, one heater used for the computers would free up power for the recorder according to the thermal model.

But it'll be a delicate balancing act. And of course, the recent a kelling attempt demonstrated the limitations of modeling and simulations on earth. So does battle room have a favorite out of the two spacecraft? He replies, well, voyager two is the one that's been flying the longest, and voyage one is the one that furthers s from earth. So they both have a claim to fame, is to use another knowledge there, essentially twins. They're basically the same person, but they live different lives and they have different medical histories and different experiences.

A great life battery .

in hopes to stick with a mission and the final transmission from the spacecraft. He said, I love voyager. I love this work.

I love what i'm doing. It's so cool. IT just feels like I got the best job at J. P. L.

And he's, i'm sure, in his sixties, if not seventies, right? Yeah, he's been with there for thirty years with jpl. yeah. wow. So I just .

checked on avoid your one mission status, which is what gave me the title for today's podcast. That entry pid little spacecraft is now so far away that light and radio signals take more than twenty three hours to travel in each direction, not round trip each direction. So two days roundtrip.

So it's nearly an entire light day distant yet. Voyage your wet. This is what bog is.

My mind is managing to keep itself pointed at our earth across all that distance. And we still have, working by directional communication with IT. This entire endeavor has been an astonishing example of incredible engineering.

The original design, and this is this, this to the original design, was flexible enough that and software controlled enough that even though IT was designed in the nineteen seventies and launched on september fifty, nineteen seventy seven, all well before the internet and all the technology that we now take for granted, this machine has endured and has exceeded everyone's expectations many times over. The story does make one principle absolutely clear, no pure hardware solution could have ever done this. No pure hardware solution would still be alive, functioning and communicating after forty seven years of space flight.

Nor even could any fixed firm where hybrid hardware, software solution. The reason is that none of what has transpired red since voyager ones original mission was redefined and extended after IT continued to perform so brilliantly, could have been anticipated by masses, brilliant engineers in mid seventies. The soul key to the ones success today is that, to an extremely large degree, the original designers of the spacecraft put the machines hardware under software control.

The reason they did that way back in the seventies was different from the reason they're now glad they did that. They created a deeply software based control system back then because software doesn't weigh anything and the spacecraft didn't have an outs of weight to spare. So the engineers of the seventies put their faith in software.

And that faith, and the inherent dynamic redesign flexibility is enabled, has given the spacecraft a far longer life than he could have ever otherwise enjoyed. Because software doesn't weigh anything. And all of that said, yesterday's and today's software is ultimately at the mercy of hardware. You know, if the attitude control systems ultimately become gug with leached and deposited silicon, the spacecraft ability to manuvers and keep itself pointed at the earth will eventually be lost at some point in the not too distant future, IT will still be alive out there, but will have lost contact, uh, with one another. You know, what an amazing accomplishment, leo, I mean, that make you proud.

And also there's another lesson, which is sometimes constraints force the kind of creativity that's Better than if you have unlimited hardware and software, unlimited member and related .

storage is why i'm pointing at that P D P A behind me yeah it's what you know IT came with four k words of memory and I was expandable to sixteen I think for twelve um it's it's when I miss about the old days where where you you really there was there was creativity and engineering.

Instead of just asking ChatGPT for a program, right, you know which, you know, which IT sprits out from having injured ted, the internet, right? IT is a different world. Yeah fascinating.

Well, as know, we've covered the story for a couple of years now and have as it's .

been that a cheaper little probe has been out there.

And there are i've mentioned already there are some documentation is one fairly recent one that covers the old folks.

And I wasted after recommendation. IT was fantastic.

So great, good. This is their life. Work just really need. amazing. Thank you to once again for a great show. As always, Steve hit out of the park each, every time. I hope you listen.

We do the show live on tuesday's red after mk break weekly, which usually the big some are between one thirty and two P M pacific, let's say five P M E stern time, uh, twenty two hundred UTC. You can watch us live at eight different platforms. Thanks to our club twit members.

Of course we are on a this course. That's where our club twit members believe we are also on youtube, twitch. We're on x tot, come on facebook were on linked in, we're on kick or even on tiktok.

So you can watch live there if you're round of a tuesday evening, if not of courses on demand versions of the show. We have a sixty four killed bit audio version and a full video version. You can watch IT twitter, TV sledge, sn.

Steve has the sixty four killer audio, but he also has the sixteen killed bit audio, which he makes handcrafts himself every week so that you can listen if you're band with impaired. And one of the band with impaired focus is our own, a lane fairs, who does the transcripts? So SHE downloads that, and literally by hand, transcribes everything we say. There's a beautiful job of that.

It's actually why we had the sixteen private, though IT was for a lane that I could. I started .

doing that and so nice. So if you want to read along as you listen or use IT for searching, that's also on a side, of course, the full shown notes. And Steve does a really nice, Better shown us than anybody i've ever seen.

I mean, it's all write out there, lots of images, links, and you can also get that from Steve so you can get the email to you as well. Steve has a couple of newsletters, one of which is the security now newsletter, the shown notes and all you have to do to get on his mAiling list is go to G R C dot com. That's this website, grc docotor slash email.

What you're actually doing is validating your email. So that gives you the opportunity to email him. You have to validating first because he doesn't want spam is very effective technique against that.

But you'll see there are two boxes that you could check. They are unchecked by default. But you could check them if you want to get those news letters.

Grc, that cup flash email while you're a grc, pick up a copy of spin, right that Steve spread ad and butter the world's best mass storage mainland recovery and performance enhancing utility six point once the current version at grc that come lots of free stuff there too. It's really a fan. I just a brows around the site looks like IT was came out right about the same .

time as void or one. Yes.

it's, but you know what? IT waste nothing. So that's that's a good thing.

G R C dot com. There's a youtube chanel dedicated to the video if you want to watch. Better yet, that's the place you can use to share clips.

Youtube makes that fairly easy and and heard something and said, all, you know, my friend want to hear that you can clip IT, send IT to them. That helps us two ways. One is, of course, you know, you're sharing IT, but to your friend might say, hi, I want to hear that show again.

I want to hear more of that and subscribe. We like that. We appreciate that.

We especially appreciate all of our club members. We are watching and listening tonight. We couldn't do IT without you.

And increasingly, as the times get tougher and tougher for independent podcast like ours, we are relying on club members to keep the lights on. It's seven box a months. You get add three versions of this show and every other show.

You also get access to the club, to the discord. You get special shows. We're do we've i've been streaming every night for the first three nights. The advent of code solving that is so much fun, Steve. I IT was really scary for me the first time.

Say i'm going to let somebody watch me right code because i'm that i'm not pro and even i'm sure even somebody like you, they're false starts. There's there's dumb like you all I lived at a comma or something like that ah so we're doing alive. You can watch me do done things.

But fortunate I have from our own clubs three really accomplished codes. They wait till they've solved the event of code themselves, which takes about ten minutes, and then they come in, dial in. So I faces a there in OK, who's australian, are canadian friend paul holder, you know very well, who helps on your forms.

They helped me. And last night, actually, they helped me quite a bit doing some regular expression stuff. They were very helpful there.

So please, Johnson, I think I want to do IT again. And I think what of my plan is i'm going to keep doing until I hit that wall where I go. I can or IT passed .

two in the morning.

You know, I don't want to stay up all night doing so, but let's try again. So far, it's so good. It's taking a couple hours.

It's been really fun. So i'll be streaming that on my youtube chal. Uh but that's another club event.

So join the club because that's what that's where the fun happens and it's what really supports the works. Steve doesn't and the entire team tweet that TV slash club to its seven box a month. That's all the costs right now.

One and a half percent of our audience is a member. I would love to get that IT doesn't have to be hundred percent, four five percent that, that would make IT. So we didn't have to worry about what we're going to do next year right now were quite worried. Twitter.

that TV slash club twitter.

You'll have a wonderful week.

We'll do. We'll be back next week for one thousand and four.

Oh my.

who knows what's going to go on between now and then? Whatever is, look up.

M I V episode, M I V coming up. Thank everybody will see the next time on security.

man.

Marketing is hard, but i'll tell a little secret IT doesn't have to be. Let me point something out. You're listening to a podcast right now and it's great.

You love the host. You seek IT out and download IT. You listen to IT while driving, working out, cooking, even going to the bathroom. Podcasts are a pretty close companion. And this is a podcast ad.

Did I get your attention? You can reach great lessons like yourself with podcast advertising from libs in ads, choose from hundreds of top podcasts, offering host endorsements or rn na reproduced ad like this one across thousands of shows. To reach your target audience in their favorite podcasts with libin ads, go to libin ads dot com. That's L I B S Y N. And that come today.