SN 1003: A Light-Day Away - Digital Epileptic Seizures, Tor Needs You, Zello Password Panic, Wireguard's Open Port Debate
Security Now (Video)
Deep Dive
- Microsoft denies using customer data for AI training.
- Connected experiences feature enables productivity tools but is not used for AI training.
- Customers have control over connected experiences settings.
Shownotes Transcript
Is ever security now Steve gibson is here. We're going to respond, or at least get microsoft response to Steve s episode last week. They say, no, we don't use your data to train A I.
What is a digital epileptic seizure and why does your self drive vehicle have fits when the approaches an emergency vehicle? Do you use hello time to change the password? And then we're going to talk a little more about our favorite ite friend, the farthest object humanity has ever put in space voyage, or one now nearly a light day away. It's gonna another great security now episode coming up next to.
Podcasts you love from people .
you trust. This is twit. There is a security now, as Steve gibson episode one thousand three recorded, tuesday, december third, twenty twenty four, a light day away.
It's time we're security now the show we cover your security, your privacy online, how things work. What's a great book to read when you're trying to get some sleep and you don't want to and I don't know all sorts of stuff? What's a good show to watch? What's a good vitamin that takes Steve gibson is a poly mass. He knows everything and tells all on the show.
He loves Steve. Great to be with you again for episode one thousand and three. And it's still I look at these four digits ts, and I think, wow, okay, we're get IT really doesn't like somehow a lot more than just three digits, which was a Cliff hanging, are there for a while but we made IT over the Cliff that we're still flapping um we've got a bunch of fun stuff to talk about.
Microsoft makes very clear what data they are not going to be using to train their AI models. Will we were revisiting that topic phone that we touched on last week also, what's a digital epileptic seure? What reduces them and why you don't want yourself driving car to have one? No, yes. Uh, we've got a public plea for help in the form of volunteer volunteer bridge servers being asked for by the tour network that we're going to talk on and explain. Also, if you're one of the hundred and forty million zero users, you should hear their notice to change .
your password zero later.
I had the double checked that too. And in fact, some of the reporting, I think I think the reporters are so used to typing cell G E L L E that some of the text was mixed up. So it's hello, which is it's a push to talk APP for smart phones.
They have users a one hundred forty .
million million. Now nobody wants a dialog. So you get parents, you just press the press the screen, and you get to talk to your mom.
I don't know. Anyway, the U. S. Federal trade commission opens. They brought anti trust investigation into whether microsoft has been naughty or nice, a new form of android smartphone scare ware, which is really sort of interesting at first.
Plants IT simulates a seriously male functioning crack and broken screen. And there's people like, oh no yeah, getting that support IT really is and when you see i've got a picture ever in in the show notes, it's like, wow, now okay, that would freak me out anyway. It's almost certainly positively and completely safe to leave wire guard open and listening for incoming connections almost is almost certainly positively and completely safe safe enough for you that's we're going to look at that.
Um if the internet fills with A I output, what happens when A I starts training on that? Oh IT seems that we know that some experiments have been done and it's not looking good and not you're going to lose some very popular dog breeds, among other things. Last week, australia passed the social media age restriction law.
No, what. And finally, we're going to talk about once again one of our sort of favorite side topics, boyer. One not only is IT now nearly an entire light day away, think about that takes a day that I like.
That's how far out IT is. IT is beginning to have some harder to remotely repair problems. There was so much interesting science and engineering shared in the last week that I thought, okay, this is just it's just cool stuff.
I mean, it's like, you know, we're beaming up and we're doing a work drive and all this crap that we can't feature beams. No, we don't have any that what we have is a shockingly well design piece of hardware from the seventies that is still going so. And of course, we do have our uh, a great picture of the week. I've already had some feedback from people I haven't looked and yeah uh and so I think a great show for everybody probably worth your time while you're mowing your lawn or coming to work or walk in your dog, whatever you're doing.
I always every time you do a voyage segment, I always call a viger. And I should clarify that. After the first one, I looked IT up. And the video from star trek is actually supposedly movie .
ever made.
Is that the one we spoke died? I can't remember.
No, no, that that was a good one. Think that might .
be was the .
first year and they had bad uniforms. And like, what happened, you know.
I remember watching them and being so thrilled when that elevator opens. And there are kirk and spock and mccoy, and I was just like, they're back. They're back.
yeah. Anyway, vision from that movie is theoretically voyage sixteen. There is no voyage sixteen. So the voyagers we're talking about one into are not feature just .
yeah and I I didn't say this and I may forgets you all say that. Now one does need to wonder like why they're expanding all this effort. I mean, it's it's done its job.
I mean, more is outside the helio pause. We are getting information, are getting science data we've never had before. But at this point, it's clearly just can let's see .
how it's a flex.
what we can do yeah exactly what you we can we keep this little sucker aimed at us.
They can. That's what's amazing.
yeah. Wait to you hear what they way. Wait to you hear what's happening. Now, all I can wait.
It's going to be a good one. Security now, one thousand, three in your ears, and we will get to the first bit in just a bit. But first, or for a sponsor of the show and the great folks at Melissa, we've been talking about Melissa for years, but they are even older than security.
Now is they are and have been the trusted data quality expert since nineteen eighty five that next year they're gna celebrate their fifth anniversary. That's that's really uncool. What's really actually even Better is as the years have gone by, malicious become more sophisticated, more powerful, more useful.
It's done so much more to keep your address book, your in business, your customer list, I should say, not really addressed, but the same thing right now or your supplier list accurate up to date a so that you save money, you save time. Personalization is as important ever during the holiday season. But you know, if you're offering visualization, I could kind of backfire because no one wants to be missing dentists.
Ed, that's what medica can help with. They have a fluid knowledge base of global names oh, and even as important naming conventions. So if you put in a name associated with a specific country, you can pass IT more accurately.
Origins as an example in eura is the first word in some countries uh and if IT is IT would be flagged they'll say, oh yeah, that's not the first name. We're not that's not the first. That's not on orrible c and molester knows that and much, much more.
This is database also as a large list of cultural names, also vulgarities. Because, you know, there's people out there. We will try to get an embryo done with some bad words.
Some names might be flag is valid, but need the extra checking because, for instance, of this is a celebrity name. Millican can do this with all of this with your business names, your customers and your suppliers. Be sure to check out a little marketplace to this is really cool.
That's where they offer premium third party data on demand to improve campaign performance. They have data visualization tools in there. They have business decision tools in there.
And here's a very good bit of news. Melissa now offers transparent pricing for every one of its services. So no more best work. When estimating your business budget, you will know exactly what it's going to cost to use molester day in, day out.
And of course, I I shouldn't even have to say this, but I want to reassure you, Melissa uses secure encryption for all your data for file transfers. Their information ecosystem is built on the IO twenty seven o one framework theyd hear to GDP r policy soc two compliant. So your data is safe, whether you need the full White love service or just the nuts involved.
Melissa is the best choice for your enterprise gets started today with one thousand records cleaned for free. Catch your address records in order with Melissa. Melissa, that comes lash to IT ml S S, A.
Melissa, that com slashed to what we thank you so much. You're supporting security now and you support us when you use that address that they know you saw here Melissa, that com slash twitter. All right, i'm ready for the picture of the week, mr. gibson.
So this one I gave IT the caption, and not for the first time we've had a few other ironic pictures. I, but that I call this when irony defined .
and throwing up. That's gotta that can be that's sterile.
IT is just too fun, too bad.
We read IT for us for those not watching the video.
That's right. So what I clipped out of the photo, this one of our listeners sent me what looks like his his camera screen. So this is real. I think it's real. So yeah. So what we have, we can, we're looking through a glass door into A A region behind which we learn is because of the headline on the sign that's been posted on this glass door. This is the mall maintenance shop, so at some sort of a like a large mall and IT looks often end.
You can see, you can see a very long latter, an extension later against the our wall there is some coiled up stuff in the foreground looks like an industrial um you know like tile cleaner kind of things. I mean, this looks like the real deal. This is clearly a more, you know like like some large retail mall maintenance shop.
And the sign brags about their capabilities, saying we can repair anything. But then he says, and put the sea below that, please knock hard on the door. The bill doesn't work. okay? They always .
have a good sense. We haven't gotten .
around to fix in the bell otherside other than our own bell. You know, if you've got sub broken, we'll fix IT. So yeah, I am IT would be really fun. I agreed with the oleo to to learn the actual back story here. As you know, they may I may just be a Christal guy who's got a great set of humor as you, but I have a feeling that the bill doesn't work.
No, I think it's true in that respect. Maybe there isn't even the bill, you know.
okay. So uh, microsoft felt the need to clarify what had become the widespread this apprehension that they would be training their AI models against the private and personal data of their office product users. And of course, we looked at that speculation behind that last week.
So the day after we did so last wednesday, bleeping computer did a great job of summing up the situation. So i'm just gonna quote A I i've edited what they said, but you would get the gist they they wrote. Microsoft has denied claims that IT uses microsoft three sixty five apps, including word, cell and powerpoint, to collect data to train the companies artificial intelligence A I models.
This comes after a tumbler blog post spread on social media, claiming that redmen used their connected experiences feature to scrape customers word and excel data for A I training. And by the way, paul was correct on windows weekly, the day after our last podcast, saying that nowhere did IT did any of microsoft's own documentation ever say that I didn't use the word AI training. So that was a presumption.
A microsoft spokesperson told bleeping computer quote, microsoft does not use customer data for microsoft 3 sixty five consumer and commercial applications。 Now I should just mention, I wish they that the person hadn't put that cavet in. They should have just said, microsoft does not use customer data from microsoft three sixty five applications.
Why, say, consumer and commercial applications you like a little? Are they hedging? I don't know anyway, to train large language models. Additionally, the connected services setting has no connection to how microsoft trains large language models. Okay, good.
So the company also told bleeping computer that this optional setting has been on by default since I was first made available in April of twenty and nineteen. So five years ago always been on that. The computer was also told, quote, the connected experiences feature enables features like co authoring, real time grammar suggestions and web debased resources.
And leo, this is precisely what the assumption you are making. Also last week, they said these features are on by default because their features people naturally expect in a cloud connected productivity tool. However, customers always have control, they wrote and can adjust their connected experiences settings at any time, i'm quote.
So as microsoft explains on its support website, the feature is used to first provide design recommendations, editing suggestions or data insights based on the office content through features like powerpoint designer or translator and IT also downloads online content template, ts images, 3d models, videos and reference materials, including, but not limited to, office template ts or powerpoint. Quick starter. To talk this feature off microsoft, three sixty five users have to open their office apps like water excell and choose whether to enable or disabled experiences the downed on, download online content, or analyze their content under connected experiences after going to the file account account privacy manage settings menu.
So as we said last week, so quoting them, the connected experiences setting enables cloud back features designed to increase your productivity in the microsoft three sixty five apps like suggesting relevant information and images from the web, real time c authoring and cloud storage, and tools like editor in word that provide spelling and grammar suggestions. Microsoft has been using their A I in microsoft three, sixty five, four years now. Maybe that's where some of this confusion comes in because they're calling spell check A I. This is them saying microsoft has been using A I in microsoft three, sixty five, four years. To enhances productivity and creativity through features like designer in powerpoint, which helps create visually compelling slides, and editor in word, which provides grammar and writing suggestions.
You know, that's not today's definition of A I and they and but they then then said these features do not rely on generative A I or large language models but rather use simpler er machine learning algorithms on quote so blippy computer says, uh at at the end, microsoft added that the setting has been available since April twenty nineteen, with enterprise admins having the option to choose if connected experiences are available to users within their organizations using multiple policy settings designed to manage privacy controls for microsoft three sixty five apps office for mac IOS and android devices. So okay, i'm certainly all of us, i'm sure glad for the clarification whatever microsoft is doing exactly. And unless anything has changed recently, it's been doing whatever IT is for the past five years.
It's always been on by default, you know like grammar and spelling suggestions and anyone who isn't comfortable with this is free to turn that off if they wish, if nothing else. IT seems very clear that this has nothing whatsoever ever to do with coal pilot plus and any of the recent concerns over microsoft AI being used to otherwise enhance their users experiences. Um and it's one thing to mean mistrustful and another thing to accuse them wrongly.
We can certainly have one without the other. Given what i've witnessed first hand of what they've done to windows start menu, tray and edge no, none of which enhances my own use of windows. I'm obviously not a big fan of the direction they're taking their consumer desktop.
Nevertheless, make no mistake, I love windows. So I got some feedback from people saying, well, you know, you're so unhappy with microsoft 的 windows, why are you still using IT? I love IT. No, I mean, for my purposes is far Better than any alternative um and i'm hopeful that when I set up my next windows, this top my microsoft developer access to the enterprise edition of windows ten, we will provide me with the cleaner experience experience that I look for in what I consider to be a tool rather than a toy.
I you know I just don't have any interest in windows being a toy with you know offering me campi crush soda and x box features out might start mind you, in addition to everything else they've done so anyway. Um you know microsoft is obviously very sensitive to all of this after the push back and concerned that the industry showed of with with their stumbling roll out of what they planned to do with with recall in coal pilot plus. So you know they're going to great pains to to calm people and there's every reason to believe this is just grammar and spelling checking IT IT is worth noting that in bleeping computers coverage, they they don't talk about the fact that microsoft does say whatever IT is they're doing with connected experiences.
There are those which where there they're collecting data over the lifetime of the users account. So so maybe that's just they're learning what spelling mistakes people always make or what they know, what they like, learning the grammar of the user and getting Better at helping them to correct themselves. You know, that's what I presume. But so but we did learn last week that from their own statements that there is something that, that continues to exist at their end in the cloud on a poor user account basis, presumably helping to do a Better job with those things that it's been doing for five years.
And unfortunately, if they call that A I which you know nobody else bothers to okay, so I was put on this a new research from our friends at the bagian university of the negative and the fuji to uh researched by both groups uh that by one of the researchers who is also one of our listeners by dancy, the title of the twenty one page paper is securing the perception of advanced driving assistance systems against digital epileptic seizures resulting from emergency vehicle lighting okay. Now I suppose it's unavoidable to answer promo fies driving assistance systems, but somehow calling this problem digital epileptic seizures rubs me the wrong way. You know, you know, the overlap in apparently this behavior is the flashing of lights, which, as we know, can trigger human actual epilepsy, epileptic seizure.
So they're say that ottawa driving systems don't like lights flashing either. Uh, anyway, I am not sure what bother me about IT, but something does in any event, IT turns out that driving a since assistance systems, do you have a problem with the flashing lights used by emergency vehicles? Wired has a nice summary of the very good research this group has just conducted and published under wired headline.
Emergency vehicle lights can screw up a cars, automate a driving system with the subhead newly published research finds that the flashing lights on police cruisers and ambuLances can cause, and here you go, you know, quotes, digital epileptic seizure, unquote in image based automated driving systems, potentially risking rex. And actually, apparently there have been sixteen instances that have been seen so far. Anyway, wired, we get to that wired road.
Car makers say they're increasingly sophisticated. Automated driving systems make driving safer and less stressful by leaving some of the hard work of knowing when a crash is about to happen and avoiding IT to the machines. But new research suggest some of these systems might do the virtual opposite at the worst possible moment.
A newspaper from researchers at bench ion university of an a gift and the japanese technology firm fujita demonstrates that when some camera based automated driving systems are exposed to the flashing lights of emergency vehicles, they can no longer confidently identify objects on the road. The researchers call the phenomenon a digital epileptic season epileptic car for short, where the systems trained by artificial intelligence to distinguish between images of different road objects fluctuate and effectiveness in time with the emergency lights flashes, the effect is essentially upside, is especially apparent in darkness, the researchers say. And that kind of make sense.
We know much greater contrast there. Emergency lights, in other words, could rights wired, could make automated driving systems less sure that the car shaped thing in front of them is actually a car. The research is right that the flaw quote poses a significant risk unquote, because that could potentially cause vehicles with automated driving systems enabled to crash near emergency vehicles and be exploited by adversity to cause such accidents.
It's interesting because a lot of testers have crashed .
into emergency vehicles.
Exactly mame, why exactly?
They said while the uh while the findings are alarming, this new research comes with several cavities. For one thing, the researchers were unable to test their theories on any specific driving systems, such as text less famous autopilot. Instead, they ran their tests using five off the shelf automated driving systems embedded in dash camps purchased off of amazon and wird said prints.
These products are marketed as including some collision detection features, but for this research, they functioned cameras. They then ran the images captured on those systems through four open source object detectors, which are trained using images to distinguish between different objects. The researchers are not sure whether any automobile auto makers use the object detectors tested in their paper IT could be that most systems are already hardened against flashing light vulnerabilities.
okay. Now I to mean to me, while this might appear to render the value of this research more questionable, there was at least some good reason to wonder. And the researchers findings bore this out. Wired says the research was inspired red to your point, lio, by reports that testers using the electric car makers advanced driver assistant feature autopilot collided with some sixteen stationary emergency vehicles between twenty eight and twenty twenty one.
Says ben nasi, a cyber security machine learning researcher at ben gurion ni university who worked on the paper quote, IT was pretty clear to us from the beginning that the crashes might be related to the lighting of the emergency flashers. AmbuLances, police cars and fire trucks are different shapes and sizes, so it's not the type of vehicle that caused this behavior. In other words, you know, this guy started by probably correctly inferred that you, okay, what is that? That is unique about these emergency vehicles that testers keep crashing into l, it's that got flashing lights.
So a three year investigation rights wired by the U. S. National highway traffic safety administration into the tesler emergency vehicle collisions eventually LED to a sweeping recall of tesla autopilot software, which is designed to perform some driving tasks like steering, accelerating, breaking and changing lanes on certain kinds of roads without a driver's help.
The agency concluded that the system inadequately insured drivers paid attention and were in control of their vehicles while the system was engaged, they said. Other auto makers advanced driving assistance packages, including general motors super crews and ford blue crews, also perform some driving tasks, but Mandates that drivers pay attention behind the wheel. Unlike autopilot, these systems work only in areas that have been mapped in a written statement and sending response to wireless questions.
Lucia sanchez, a spokesperson for the N. H. T, S. A, acknowledged that emergency flashing lights may play a role. He said, quote, we are aware of some advanced driving assistance systems that have not responded appropriately when emergency flashing lights were present in the scene of the driving path under certain circumstances.
Ungrown tesla, which disbanded its public relations team in twenty twenty one, did not respond to wires request for comment. The camera systems the researchers used in their tests were manufactured by hp, pl C S, dome image, bond and rexin. None of those companies responded to wires request for comment, although the N H, T, S, A acknowledges issues in, quote, some advanced driver system systems, the researchers are clear. They're not sure what is observed emergency light effect has to do with tesla autopilot troubles, but nasi said, I do not claim that I know why testers crash in emergency vehicles. I do not know even if this is still a vulnerability unquote the researchers experiments were also concerned solely with the image based object detection many auto makers use other centers, including radar and light, are to help detect obstacles .
in the road.
Um a smaller crop of tech developers tesler among them, argue that image base systems augmented with sophisticated artificial intelligence training can enable not only driver assistance systems but also here we go, completely autonomous vehicles. Boy ah last month tesla C E O elon musk e said the automatic ers vision based system would enable self driving cars.
Next year for twenty .
twenty five.
baby, next right.
indeed, they rope. How a system might react of flashing lights depends on how individual automatic ers design their automated driving systems. Some may choose to tune their technology.
To react to things is not entirely certain, are actually obstacles in the extreme. That choice could lead to false positives where a car might hard break, for example, in response to a toddle shaped cardboard box. Others may tune their tech to react only when it's very confident that what is seeing is an obstacle.
On the other side of the extreme, that choice could lead to a car fAiling to break to avoid a collision with another vehicle, because IT misses that. This is another vehicle entirely. The band guion university and forgets you researchers did come up with a software fix to the emergency flashing issue is designed to avoid the seizure issue by being specifically trained to identify vehicles with emergency flashing lights, the researchers say that improves object detectors accuracy.
Airline's fernando and a system professor of computer science and engineering at university of california, san ago, who was not involved in the research, said IT appeared sound. He said, quote, just like a human can get temporarily blinded by emergency flashers camera, Operating inside an advanced driver system system can get blinded temporarily. For researcher brian rama, who studies vehicle automation and safety at the MIT age lab, the paper points to larger questions about the limitations of A I based driving systems.
Auto makers need repeatable, robust validation to uncover blind spots, so to speak, like acceptability to emergency lights, he says. He worries some auto makers are moving technology faster than they contested. okay.
So my own take is that, you know, this sort of research conducted by independent researchers is vitally important that you know that needs to be done. Uh, it's obvious that the various car manufacturer are holding their you know their cards and their cars very close to their vests. They understandably consider their future auto driving technology to be ultra prieta.
And because they want the best and no one else's business yet, flesh and blood, human beings and pets are moving within the same space as these autonomous, high speed rolling robots. It's a recipe for disaster. And this has the feeling of being driven by the same sort of gold rush mentality as the as the push for general artificial intelligence.
So the headlines that these researchers have generated will doubtless, if nothing else, induce all of the developers of similar self driving technology that actually is, you know, being fielded to consider and test the effects of bright flashing lights on their driving. A I, you know, the lives of people and pets have probably been saved. So hats off to these guys.
And they have A, I have a links to their twenty one page paper where they really dig into the technology. They show the Operation of the of the A I learning neural networks and just how badly they are upset by flashing lights. So this is soup, you know, absolutely been useful for the long term safety of vehicles.
And again, I just think that because the the proprietary interests of auto makers is to keep their stuff, you know, proprietary, not open, this limits what researchers are able to test. But but this kind of research is, I think, vitally important. And leo, I know that you've had a tesla ff for quite a while .
and why we got rid of IT ra used to call IT Christine because I would driver into things and then do exactly what they were talking about, which is just stop randomly. You screeched to a halt as if he had seen something, you know, and I think that that's the same. You know, the are foot side of that coin, right?
Yeah, I have I finally replaced by twenty one year old bmw and I have a car d that got sensors too. And what I am backing up.
I have .
garage in both locations or there's not a lot of space and it's going doing and dogging and buzzing and and IT actually creates anxiety in me because i'm thinking it's seeing something I don't know about.
Lisa says, SHE, literally I have a bmw I, five, which is a very highly technical advanced machine. N, E, V. And he wants a SHE says back at the garage before I get in, because IT makes me crazy. All the beats in the books. And I ve heads up display from two thousand, one, a space, otto sy, showing me the the different vectors and synthetic.
Imagine just .
generate overlays, all sorts of stuff on top of that. But i've learned what to pay attention to. And you know, you can see why, you know, at least for now, AI is not good enough to replace a human.
It's a nice pal. yes. And the problem is everybody, there is clearly a rush to the promise of this year. Car can drive itself and IT doesn't feels like they know they're always gonna be pushing ahead of the envelope that they should stay in. And it's no researched like this that this is is the only place we get an independent reality check. And so even though they weren't able to actually train on on in field self driving technology now, they were able to look at similar systems and say, ah guys, there seems to be a problem with flash and lights over here.
Well, I hate to say IT, but any time I hear the words in line, musk said, I discount most of what follows because he is as a marketer.
He's said we we too have been trained by elan musk to discount to do everything he does at the same time. You know, he land, he captures returning rocket boosters with chopsticks and, you know and folding fold out legs and you know and here you know starlink is providing internet connectivity to me, otherwise never have IT.
Yeah I mean, this is our backup when comcast goes down, which they do sadly a little more often than a pcs network we would like um if the auto ubiquity fills over to the satellite dish on the roof right up here yeah and it's it's by the way, it's very reliable even in rain, and it's it's really pretty amazing how well that works. So i'm not saying that iran's companies don't produce good products. I'm just saying he is like most marketers prone to overstating yeah, thanks.
okay. where? Thirty five minutes? Let's take a break. And then we're going to talk about the tour network and how they need you.
They need me to Operate a tour note, i'm guessing, but we'll see. All right. First though were from our sponsor and this segment of security number or two by big ID. I really like this company. They are the leading dsp m solution. What is dsp m? You want to know actually data security posture management that if you're in business, if you're run an enterprise shop, you know you need dsp m big ideas.
The first and only D, S, P, M solution, uncover dark data to identify and manage risk to remediate the way you want doesn't tell you what to do, gives you the options to scale your data security strategy through unmatched data source coverage. And IT becomes especially important. The AI era.
When you have and your company training your own AI on data from the company, you want to make sure that you train IT on the data that's appropriate to train IT on and not train IT on the data you don't want IT to be trained on. Big I D helps with that. Big I D seamlessly integrates with your existing text tck.
IT allows you to coordinate security and remediation workflows. Because with big ID, you could take action on data risks. And as I said, you decide and I take delete quarantine, whatever you want based on the day to all all maintaining an audit trail, which is so important for compliance.
Big ID has some of the biggest companies in the business using its service now uses big ID, palo alto networks, microsoft, google, AWS, and on and on and on. With big ideas, advanced AI models, you can reduce risk, accelerate time to insight, and gain visibility and control over all your data. Think about companies, you know usually legacy companies.
Companies have been business for a long time to have data, enough variety of different places. No one probably in the world has dated in a brought of variety places in the united states army, right? They use.
Big idea. Yeah, the army does to illuminate dark data to accelerate cloud migration. That's, by the way, a Mandate right throughout our entire military infrastructure get up into the cloud.
They help the army minimized redundancy. They help you with automated data retention. Here's a quote.
This comes this. This is gold from the U. S. Army training and doctor command. The first wall moment with big I D.
Came with just being able to have that single interface, that invitation ies a variety of data holdings, including structured and unstructured data across emails, zip files, share point database and more, to see that mass and be able to corporate across all those completely novel. I've never seen a capability that brings us together like big guide does. But you got to do something special to to get us to get U.
S. Army training a doctor and command to say something that nice, that that is high, high praise. Cnbc recognized big ideas.
One of the top twenty five startups for the enterprise named to the ink five thousand and delayed five hundred for two years in a row. They are a leading modern data security venture in the market. In fact, when you think the sbm, you should really be thinking big.
I D, the publisher of cyber defense magazine, says, big idea bodies, three major features, we judges, look forward, become winners, understanding tomorrow, threats today. That's one providing a cost effective solution course that's always important and innovating an unexpected ways that can help mitigate cyber risk and get one step ahead of the breach. You ve gotta know where your data is.
You gotta know what's going on out there, right? Big idea will help you start protecting your sensitive data wherever your data lives. Very important in this AI age as well.
Go to big ID. That comes Sally security now. Bg ID docomo, slash security. Now you get a free demo.
See how big ID can help your organization reduce data risk and accelerate the adoption of generative A I. That's big I D B I G I D, big I D 点 com slash security。 Now they actually have a number of reports.
If you go to that website that are free, that you can download White papers, including one that provides insight and key trends on and issues on AI adoption chAllenges the overall impact of generative AI across organizations. Very helpful. And IT is right into big ID mission, big ID dot com slash security.
Now we thank you so much for your support, big ID. And we invite all of our listeners and views to support us by going to that address. So they know you saw here big ID dot com flash security. Now, Steve.
okay. So last thursday, the tour network posted their plea for volunteer help. They wrote recent reports from tour users in russia indicate an escalation in online censorship with the goal of blocking access to tour and other circumvention tools.
This new wave includes attempts to block tour bridges and plugged transports developed by the tour project, which I explain the second removal of circum invention apps from stores and targeting popular hosting providers, shrinking the space for bypassing censorship. Despite these ongoing actions, tour remains effective when alarming trend is the target targeted blocking of popular hosting providers. By no other than ross come. Not sure i'll .
put deco on IT for the next time .
as many circumvention tools are using them. This action made some tour bridges inaccessible to many users in russia. As ross come, not all the internet service providers and russia are increasing their blocking efforts. The need for more web tunnel bridges has become urgent.
Okay, so they say why web tunnel bridges are explain a little bit about what they are in a second, they wrote, web tunnel is a new type of bridge that is particularly effective at flying under a sensors radar. Its design blends itself into other web traffic, allowing a user to hide in plain site. And since it's launch earlier this year, we've made sure they wrote to prioritize small download sizes for more convenient distribution and simplified the support of micro T, L, S.
integration. Further mimic the characteristics of more widespread browsers. This makes web tunnel safe for general users because IT helps conceal the fact that a tool like tors being used, we are calling on the tour community and the internet freedom community to help us scale up web tunnel bridges. If you've ever thought about running a tour bridge, now is the time. Our goal is to deploy two hundred new web tunnel bridges by the end of this december twenty twenty four to open secure access for users in russia.
So a bridge is not the same as tour node.
correct? OK correct. A IT is literally a bridge to a node. So it's is not itself a node. IT is an end point, which, and this is what's so cool, which is which uses technology, uh, they they call the plugging protocol technology to hide the fact that what the user is doing that connects to the bridge is using tour.
So anyway, that their posting goes on to explain how to set up and run a web tunnel, among other things, IT can be as straightforward as just hosting a docker image. Um so i've gonna link to this posting in the show notes blog that tour project at org slash call hyphen four hyphen web tunnel hyphen bridges. Since we haven't looked closely at tors web tunnel technology, I want to share a bit about IT from their description where I was introduced just last march.
IT was titled hiding in plain sight, introducing web title. Then they wrote today, march twelve, on the world day against cybersex ship. The tour projects anti censorship team is excited to officially announce the release of web tunal, a new type of tour bridge designed to assist users in heavily censored region to connect to the tour network available now in the stable version of tour browser, which is we know is based on firefox web tunnel joined our collection of censorship circumvention tech developed and maintained by the tour project.
The development of different types of bridges are crucial for making tour more resilient against censorship and stay ahead of adversity in the highly dynamic and ever changing censorship landscape. This is especially true as we're going through the twenty twenty four global election. Make a cycle the role of censorships or convention tech becomes crucial in defending internet freedom.
If you've ever consider becoming a tour bridge Operator to help others connect to tour, now is an excEllent time to get started. And this was their posting back in march. You can find the requirements and instructions for running a web tunnel bridge in the tour community portal.
So what's the web tunnel and how does that work? Web tunnel is a censorship resistant, plug able transport designed to mimic encrypted web traffic. H, T, T, P, S IT works by wrapping the payload connection into a web socket like H T T P S connection, appearing to network observers as an ordinary H T T P S connection.
So for an onlooker, without the knowledge of the hidden path, IT just looks like a regular HTTP connection to any web server, giving the impression that the user is simply browsing the web. In fact, web tunnel is so similar to ordinary web traffic that IT can coexist with a website on the same network and point, meaning the same domain, I, P, address and port. This co existence allows a standard traffic reverse proxy to forward both ordinary web traffic and web title to their respective application serves.
As a result, when someone attempts to visit the website at the share network address, they will simply perceive the content of the website address and won't notice the existence of a of a secret bridge, the web tunnel, and explain a little bit about that second. They said, web tunnel approach, a mimic known and typical web traffic, makes IT effective in scenarios where there is a protocol allow list and they deny by default network environment. In other words, russia can put up A A firewall that only allows web traffic, not tour, not anything I know that is that they deny by default.
But we, after all, we need that to let people visit websites, right? This is in distinguish from someone visiting a website. And in fact, these sensors can can go to the site that they observe russians going to, and they see a website, whether the people using this really cool tour technology, c tour, they said, consider a network traffic censorship mechanism as a coin sorting machine with coins representing the flowing traffic.
Traditionally, such a machine checks if the coin fits a known shape and allows IT to pass if IT does, or discards IT if IT does not, in the case of fully encysted unknown traffic, as demonstrated in the published research, how the great firewall of china detects and blockers fully encrypted traffic, which doesn't conform to any specific shape, IT would be subject to censorship, meaning, you know, being discarded. In our coin analogy, not only must the coin not fit the shape of any known block protocol, IT also needs to fit a recognized aloud shape, otherwise, I would be dropped web tunnel traffic resembling H, T, T, P, S web traffic, a permitted protocol will be allowed to pass. So this is, this is so cool.
Again, what this means is that any regular website and you don't have to be hosting website, you can be can also be hosting a tour web tunnel at the same I P and same port side by side. And no one would ever be the wiser since in this case, russia or any other censoring regime would be unable to detect that someone is not just visiting a website. The traffic would not be blocked.
But this also makes IT clear that the more suda websites are available, the Better. So if any of our listeners is moved to help the tour project and specifically russian citizens who are unable to see out past their country censorship and presumably chinese uh citizens as well, which is being enforced, of course, for propaganda purposes, the tour project needs you to make following up on this easier. I created A G R C shortcut link.
So it's just G R C D S C slash tour T O R G R C S C slash tour. And that will take you to the recent posting that has updated resources, uh, including just a docker container that you can download if you're in expLoring this and getting going. But if you you got you know a linux system, you can install of stuff.
And so for so probably not A A very heavy process either, right? I mean, that probably doesn't use a lot of CPU.
right? And they band, oh yeah exactly band with only very little CPU because it's just a forwarding traffic through, 嗯, very cool. So zero Z E L L O is a mobile push to talk service used by one hundred and forty million first responders, hospitality services, transportation and family and friends to communicate via their mobile phones using a simple push to talk APP.
The news is over the past two weeks, starting on november fifteen, s cellos. Customers have been receiving legitimate notices from zelo because, of course, everything is just back these days, asking them to change their passwords. The notice reads yellow security notice.
As a precaution, we are asking that you reset your yellow APP password for any account created. Before november second, twenty twenty four. We also recommend that you change your passwords for any other online services where you may have used the same password. Ww doesn't take a rocket scientist, nor anyone who's been to following this podcast podcast for more than a few months to know what must have happened over at yellow headquarters, uh and is not good news. But yellow is also not saying blippy computer is reached out to zero o and been rebufat customers who received that notice to lippi computer that they have not received any further information from yellow and bleeping computers.
Repeated attempts to contact the company have gone unanswered, so at this point, it's unclear whether yellow may have suffered a data breach or a credential stuffing attack, but the notice certainly does imply that threat actors may have access to the passwords of any users who had accounts before november second. Bleeping computer noted in the reporting of this that zell o had previously suffered a data breach in twenty twenty, which also required users to reset their passwords after great yeah I know it's yeah after thread actors stall, create customers email addresses and hash passwords. In any event, one hundred and forty million users is a substantial user base.
Because you know that leo is like a big chunk of the U. S. yes.
So of course, if global ah if our listeners are ready when they know maybe expected by IT, IT would be a good idea to hear this notice. Um and just a short note that um the U. S.
Federal trade commission has opened an anti trust microsoft probe, announcing a broad anti trust investigation in the microsoft business practices. The investigation will cover the companies software licensing practices, cloud computing, cyber security and A I business units. The ftc allegedly received complaints that microsoft was locking in customers g, perhaps like the U.
S. Government, uh, preventing them from moving to competitors. In september, google filed an official anti trust complaint against microsoft cloud business in the eu.
So do so be seen to keep an iron and we don't know what the fate will be. Uh, you know nothing much will happen right this month and we get new administration in early january. So we don't know what approach that administration you know the the second trip administration will take. So we'll see there's .
been so much activity from the ftc and other and fcc in the c fpb. In the last few weeks, and I really feel like they're going last get everything done before before .
january twenty years, but you can't .
get anything done right? Three weeks and then january twenty, who knows what's happen? I mean, uh, there are plenty of people in in the trump administration. I don't like big tech, but there are people like you on and others who do.
And so who is big and .
who is big tech. So it's really kind of an interesting it's really uncertain what's going to happen, right? I don't know if this microsoft case will go past january twenty years.
IT might not like I just could get dropped, be in favor or put on the backburner in favor of what the administration this as more urgent priority .
yeah and it's unpredictable. You trump s said, I hate google the way they're too big, their big tech but he's also said, but on the other hand, china is afraid of him so I love google so .
you don't know.
you know know what? They are all gonna and it's going to be a interesting .
few years that I will add the truth. Okay, so check out this screen. Leo, i've got a picture of in the show.
This is unbelievable. Yeah.
under the headline, you mean this actually convinces someone, actually, my headline security researcher, lucas stone co. Has identified a new form of android scare where that he refers to as convincing full screen images that resemble cracked or male functioning screens, which trick users into calling tech support numbers or downloading malware on their devices. Now I include the photo.
This smells in this, uh, in action, in the shots. Now I can see how a nea fight might be LED to believe that something has gone very wrong with their phone because the screen looks like it's no longer even remotely able to display an image. Except the only problem exactly the only problem with this is, is at the same time having no problem whatsoever. Apparently despite the correct in male functioning screen of displaying the malware warning pop up notice claiming that a virus has been detected on the handset. So I suppose we'll give them points for coming .
up with something new. IT gets your attention.
I mean, I initially you look at down there and O N looks like like, oh, shoot, something bad has happened in my phone that gonna is that that notice telling me to click here to remove the virus is still visible, right? wow.
I'm curious because if you click remove this, is that sufficient? I would think that would put a phone number in there or something. I mean, yeah, maybe it's just a click to IT will run the virus because .
you click IT right.
That's off in the case.
If I said i'm a virus, click me. You'd be disciplined to do that.
That's good at one point. Point will take and see. Bit I looked .
that I don't think so. Okay, so matt Warner said high, Steve, regarding your comment about wire guards, static ports in episode one thousand two. So last week he said, I run via guard by guard on an O P N sense firewall with seure securicor a and crowd sec watching my van in her face.
Neither shields up nor any other ports scanner could find an open port. Even when I specify the port number. I don't have wire guard mapped to a specific allowable IP because that changes depending on my location.
I'm happy to leave this as IT is for now, but will certainly change my set up if a new vulnerability services in any other tools I use. Love the pad podcast. I look for two every week. okay? So there is no reason to believe that IT is not completely safe to leave a wire guard V P N server running on a fire wall, such as O P N sense listening for incoming connections from a wire guard client.
There's no reason to believe that a problem, until there is everything we know, tells us that this could flip from absolutely safe to, oh my god, within a single heart beat of a skilled hacker who, while studying wire guards, open source code, notices something no one else has. That's one of the ways these things happen. Or perhaps the hacker is throwing nonsense packets at wired guards listening service port, and one of them suddenly crashes the wire guard server.
That's another way this could happen. The specific packet that crashed the server is an examined, and the source of the crash is reverse engineer to create a repeatable working exploit. But it's every bit is true that none of this may ever happen.
It's also true that perhaps IT can't. The conundrum of security is that could happen does not necessarily mean could happen. Perhaps I really can't. The travel is today's systems have become so complex that is no longer possible for us to be absolutely and mathematically provably certain about the behavior of anything above a distressin ly low level of complexity today.
We just can't know that one of the things i'm hoping future A I might be able to help us with, my intuition suggests that this is the sort of thing that ought to be right in A S backyard. But we don't have that today. What we have today is hope.
Hopes Better than nothing. But hope is not enough for me. I fully respect math decision and position. It's one that shared by tens of thousands of other other.
But my network is not the typical residential network is both the development and production arms of G, R. C. So the stakes for me are higher. I'm not suggesting that my network is utterly impervious to attack, but it's as utter ly in previous as i've been able to make IT without exception.
So deliberately exposing a wire guard process, no matter how safe I hope IT is to the public internet, would be an exception I will not make another listener identifying himself as an on reminds us why we trust and should trust wire guards design. He wrote high Steve regarding the discussion of wire guard and port knocking on this week security now episode. I just wanted to let you know that it's not really necessary with wire guard.
The server will not respond to client connection requests at all. He has at all caps and he's right. Unless the client provides a public key that the server nose and trusts this in addition to the fact that the protocol is udp based, means that is not possible to even know if there is a wide guard server listening on a specific I P and port unless you already have public key credentials to connect.
While IT technically would still be possible to have a bug where this can be bypassed, this is very unlikely because this is the first thing the server checks, so the code surface for bugs is minimal. This technicality would also apply to any port knocking techniques, which can have their own bugs in implementation. Regards, none.
okay. So none is one hundred percent correct. And this is why wired guard represents the best of the best today. Is that good enough? Almost certainly. And his point about the possibility that adding port knocking to introduce an additional layer of prey, red guards security, might itself introduce a new vulnerability is also a keen observation that could happen.
My defense of the use of port knocking is that, from an implementation standpoint, unlike anything like wire guard, that necessarily invokes a huge amount of complexity in order to validate egypto graphic certificate, port knocking adds an appealingly trivial layer of complexity while providing virtual absolute protection. In other words, what might be termed as its security gain is nearly infinite, and the port knocking service is inherently sitting behind the firewall, which is monitoring. So it's much more difficult to see how its failure could do anything other than fail to open a port.
And all of this is, of course, what makes the study of security so interesting. So great points from our listeners and as always, great a incoming feedback to security now at G. R.
C. Dot com. Thank you, everybody, for that. One of our listeners, Richard craver in clemens, north CarOlina, pointed me at something that was so interesting in needed sharing.
First of all, here's what Richard wrote. He said, high Stephen leo, I just finished the A G I episode. Interesting to ponder.
I personally am not a particular fan of A I and general. As I see IT as crowd sourcing knowledge, the mayor may not be correct. Science is based on chAllenging and testing prevAiling assumptions and thought.
A, I, in my humble opinion, discourages critical thinking, but for good or bad, it's here, he said. Below is a link to tom fishburn the marketplace ist with a thought provoking cartoon and short viewpoint message. And I have the cartoon, uh, in the show notes.
It's got two frames on the left. One guy is saying to someone else, once we train our A I, I can't wait to see the wide variety of no idea as IT comes up with. And in the foreground we see a convey built uh with all different shapes and sizes and brightly colored bottles and containers of different sorts.
And this convey belt is sending them into a box in the middle that divides the two frames labelled ai. On the right hand side we see this guy with his hand up to his chin as if thinking, and what's coming out is A A nearly identical set of almost the same shape and size and color bottles. So the A I has sort of generalized everything.
okay. So the the interesting information is, uh, that tom fishburn shares, he writes, is still early days with A I generation tools. We're all still learning potentials and limitations. One watchout is the bias tored unity. The tendency for A I results to look alike as A I predicts what to generate the path of least resistance is an averaging of the content in its source material.
E and whitworth once referred to this as the great same thing writing coop, ChatGPT, jasper and all the rest are powered or powerful conformity machines, giving you the ability to turn out bible length material about yourself and your business. That's exactly the same as your competitors. Unquote and tom continues. A couple months ago, oxford and cambridge researchers illustrated the risk of homogenous in a study of A I generated content in nature magazine, and is from one who doesn't. Nature magazine is a serious magazine.
Laura and I was subscribing to IT for a while, but the articles were so dense that I was like, okay, well, let's what's wasting our time on this uh, so minutes the real deal, uh, he says the risk increases as A I get trained not only on human created content, but on other A I generated content. As an example, the researchers studied an A I model trained on images of different breeds of dogs, the source material included in naturally wide variety of dogs, french bulldogs, domine, corgis, golden retriever s etta, lords. But when asked to generate an image of a dog, the AI model typically returned the more common dog breeds golden retrievers, and less frequently, the rare breeds french bulldogs.
Over time, the cycle forces and compounds. When future generations of A I models are trained on these outputs, IT starts to forget the more obscure dog breeds entirely, soon only creating images of golden retrievers. Eventually, the researchers found there's model collapse.
And I love that term model collapse, where the LLM is trained so much on A I generated golden retriever images that the results turn nonsensical and stop looking like dogs at all. Now, he writes substitute g breeds for whatever you're trying to create, new products, new packaging, new advertising, communication. And the risk is that all outputs devolve to look the same.
A related study from the university of exeter found that A I generation tools have the potential to boost individual creativity, but with a loss of collective novelty. The good news is that this baseline situation creates opportunities for those who can push against this new status. Cool homogenic is ultimately at odds with distinctiveness.
As with all tools, it's all in how you use them. You can break through the clutter by adding to IT. So I know what I love that you know these conclusions feel intuitively correct to me, and the research cited above supports that intuition.
Also, it's certainly true that there's an unrealized danger as the internet content becomes more and more A I generated while our AI models are being continuously trained against the internet content. Future historians may wonder what happened to all the french bulldog. I know that. Leo, let's take another break. And then we're gna look at some more questions and feedback from .
our listeners you want to secure. Now with mr. J, this episode brought you bike, delete me, a tool that we use actually at twit, uh, and IT became a very useful tool when our CEO started being targeted by hackers who are using her name and phone number to try to scare her direct reports.
How do they know her name, her phone number or her direct reports? It's all out there on the internet. If you ever searched for your name online, I do not recommend IT, but if you do, you'll see a surprisingly large amount personal information is available.
Maintaining your privacy is, by the way, not just your own concern is a family affair too. That's why delete me offers family plants. Actually, they offer variety of plants, corporate plans, individual plants, check IT out and joined delete me outcome slash to IT delete me helps reduce risk, identity theft from cyber security, threats from harassment and more.
I mean, there really is a cyber security side of this because the more information that's out there about you, about your company, about your employees, the more unlikely bad guys will get that data. It's easily available to them for a very small cost. Actually, if you go to a data broker and use that data to impersonate us.
Was watching the morning news, and IT was alert, you know, local woman scammed by a bad guy, five thousand dollars. I thought, well, what's new, right? That's happening all the time.
Why is IT news that and actually is probably good that they showed this because the woman was received a call from a person. Who said he was her grandson? The person knew her grandson's named, knew some basic information meter.
Grandson said, i've been arrested. I'm in jail. I need bail. SHE wired bail to the bad guy. Note grandson, grandson wasn't in jail.
But this is a perfect example of how hackers can use the information online about you to take advances of you or your family members, your grandma. That's why you need to lead me. That's what grandma needs delete.
I have to say, we, of course, as soon as that hacker attacked lisa, we got to let me and it's a funny thing because a couple of months ago, we were talking about the the data broker breach that um showed so much information, including social security numbers. Turns out, by the way, that's legal. The ftc is just not maybe we shouldn't make that legal anyway that it's another thing.
It's not going to change. But we were talking about this and I did a little search. My data was in that breach, as was your Steve. My social was in that breach. Laces wasn't. And I realized that because we've been using delete me and the personal data brokers didn't have her data because the me had made them delete IT.
That's what delete me.
Does they actually the leaving experts go around, they know all the data brokers. And by the way, that's not that's not an easy job because there's no one's it's so profitable. There's no one's everyday they keep track of this.
They find and they remove your information from hundreds of data brokers. So they did that for the least. That's why her data was not in the breach.
IT had been removed. And if you want to do with family members like grama, you can assign a unique data sheet. Every family member tailed to them, so you can say, you know, grandma hasn't in the account.
SHE doesn't never twitter account, that kind of thing. You can manage privacy settings for the whole family. But by the way, it's more than just going to those data brokers and saying get rid of that stuff and they do they are require to so they deleted.
But here's the thing that they're not required to never start over. So they just start requiring that data and building a doa almost instantly. That's why they let me will continue to scan and remove your information regulator. They go back again and again i'm talking addresses, photos, emails, relatives, phone number, social media, property value, all this stuff is online. You know.
IT is it's a shock.
right? It's it's completely legal, at least IT is for now. So this is why you need delete to delete me.
You need IT as an individual. You need IT as a family. And by the way, you need IT is a business. Protect yourself. We claim your privacy is a join to lead me that comes slash to IT.
If you use the offer code to IT, you'll get twenty percent off join delete me that comes slash to IT IT was IT was a real owner to see that least a social was not in there. Her address is not in there. He had been removed before the breach.
Join play too late for you and me, right? But but let's do IT now before the next breach joined to lead me to come slashed to IT. And it's not even breaches. They sell that anybody was IT. The hackers have to wait for a breach.
They just say, here, here for a book fifteen, can you tell me who runs that company? What's your phone number? What are all our direct reports? Is all in there? Join to let me to come slice to do we have some sort of national privacy protection? At least we've got to lead me join to lead me to sleep.
And please use the africa to IT for twenty percent off. We thank join to late me for their support. You support us too, of course, if you use that special address and the offer code because then they know he saw out here join to let me to come slashed to IT offer code T W I T on we go with the .
show is to g yes. So um our listener greg haslets has an interesting problem. He said, Steve, I have an edge writer know that was that rather that we were loving for love?
I still.
yeah yeah.
I've i've upgraded now to the full ubiquity system that impressed me so much.
oh, well, and I was so inexpensive and so powerful about what you know that like in turn, the way I could be configured so is that I haven't edge router and created an IoT network. My problem is I cannot reach my issues. R, T, sixty six, update the firm where that's on the IoT network, know.
So we created isolation, and that was isolated, he said. Any quick ways to allow temporary access to the issues router, my last ditch answer would be to back up the add oughter, meaning that its config and reset to original settings, hopefully find the I P address of the issues and update the firm where then restore the edge router from back up with I O T. Long time listener and met you at the squirl take in irvine.
So that's very cool. So okay, i'm not one hundred percent certain that I completely understood graves problem and question, but I think I do. But my first thought is that maybe he's making things too complicated. Leave the edge router alone and just temporarily arrange some wires.
take exactly rather .
than get fancy with reverting the edge raters configuration to its original simple switch, why not plug the aces R T sixty six into the land where a PC is located and updated firm where, you know, I suppose if great doesn't have a spare old wired either at switch lying around, and I know i've had to think he would know who doesn't if they make great door stops, no, then that could be a problem. But it's also possible to plug the issues R T sixty six directly to point into a PC land socket. So if I understood greg question, IT would appear that being less fancy and going old school might be the right solution.
That is the issue with the lending off your IoT and creating IoT network. If the I O T device is done in control through the cloud, right, then it's not a problem because you're going to be on one v and contacts back. Yeah yes, but more and more. And actually for security, this is probably a good thing. And for long term survivability ties thing, these guys are talking directly talking directly to the city device, which of course isn't gonna of us on separate unless you create some rules, that's the other way around IT.
I am not just giving up um our solution is to have because we because we also want to have guests over who are bringing untrusted equipment. We have two radios. So we have we have our network and then we have and then on the IoT network is is a different access point. And so if I need to talk to something there, I just quickly switched my wifi over to that. We were doing that.
But it's a pain. The butt, if you want to print, switch to the feet, the secure, insecure villa, print and and switch back.
you know? And printing is a good example, because boy, printing is so security riddled .
and right, you want to put A R on your network if you can help me. Yes so this is tough really. Yes that's the that's the .
truth of IT um oh and what are on the topic of old school solutions that are in this case obvious and retrospect CT our list your toy was responding to something to what we're talking about last week about my having a problem typing on this horrible keyboard you know, screen of my IOS device are wondering about a solution for reversing that dongle the the the blue tooth keyboard don GLE that you put into your computer he said, Steve, congrats on security. Now hey, regarding typing long messages on the iphone, I hope you know that you can connect a bluetooth keyboard to your iphone and this is where the use of the expression go comes in.
I confess I had completely forgotten that, and I should have remembered IT because one of my first reactions to the loss of the wonderful physical click button keyboard of my beloved blackberry, which I all, I loved you so much, but I had to switch to an iphone because, you know what has to um I added that little ad on keyboard that you could stick on to the bottom of the phone which did indeed link the phone via bluetooth and IT worked perfectly so, uh, may I have a cute little blue tooth keyboard now, thanks to, uh, choice note, which allows me to quickly type on my iphone so thank you. Joy or rod in north canton, ohio, shared some facts about social media, uh, age restrictions. He said the recent book by JoNathan hate titled anxious .
generation okay, I know he loves IT and you're going to read his praise o not widely accepted. He not said that it's it's not true. So go head so so.
so who who who said .
so I will send you the article by the name coaches who is an expert and filoni than hate is a polymerization and he's a social psychology logy yeah and A A lot of what he claims in the book is highly disputed by experts in the field. So it's convincing if you read the book as a lot of a lot of stuff, you know, when people are politics, they write convincing books. Mark m glad IT too, that aren't true, but they sound right.
And a lot of people come away with with this conviction as a result. This is why there is an australian law. There is a widespread thought that social networks are causing major mental illness issues with our kids, but experts disagree. Now to say that now go and you can read his note.
Well, I am a okay 啊。
I just wanted to note late people, against what you're about .
to say is about to say. Okay, okay, so I, I, I will, because IT gives me the context for my reactions to IT. So he said the recent book by JoNathan hate anxious generation has extensive discussion of the age limit issue. The main theme of the book is rather convincing evidence to your point lio, that the dramatic one hundred, two hundred percent increase in mental uh, and teen mental health problems, which corresponds to the introductions smart phones is in fact cause he has in all caps by the use of those phones.
And in particular social media hates argument rests on his work as a social psychologist, combining knowledge of the vulnerability of early teens due to brain development happening at the at the time of life, with research on how social media is carefully designed to hook Young adolescence if hate is right. And and our our listener says, and I think he is, the problem is very severe. We make a huge mistake equating our older adults who grew up before the smart phone era use of various apps and how we handle IT with adolescence during critical brain development years.
And he says, parents note, my adult children have been telling me this for years that I cannot transfer how I use social media for just a few things. I want to the experience of Youngsters. And he says, the book has the extensive discussion of what to do in that section.
JoNathan discusses some technical ideas, not at the technical depth of security now, but also the social factors like parental role, the problem appears, having more access, and how some methods can be neutralized. The book has references to extensive discussions of both social scientists like hate and technical sources by people who have thought through a lot of the issues. While I share some skepticism of the effectiveness of age verification, I think the combination of laws requiring age verification, more parents al awareness and CoOperation between schools and parents can have a very positive impact.
So my response was, I did to say that you know, in our recent discussion, I I happen to also touch on a number of the same potential pitfalls of age restriction, such as parents being pushed by their own children to make exceptions for them, which is then followed by other kids complaining to their more strict parents that their peers have been given access by their by their parents so why can't they have the same you know and saying after all, how bad gonna be if sixteen year old are able to have access you know um uh I I know also that, among other things, my wife, Lorry, is an accomplish therapist and while SHE rigorously honors the privacy of her clients, she's noted on a number of occasions that many of today's parents appear to be afraid of their own children, whom they appears by giving them anything they want. So how are such parents not going to capital late to their children's demands, especially having previously established that pattern? So anyway um point you now that .
we've talked about IT to this is a great place to start my bassi s article in which he took quotes canas oders who is an actual expert on this stuff and has been this kind of research for years and in his podcast about this esseni C2Bumping hat e. Hate is a polymeric he .
is not an expert period so do you not think do you not conclude that um there is something age related or that there is not damage or that kids are not did or what?
Yeah so the research shows is not the case period. He's saying something that makes sense. And this is the problem with a lot of these just so stories oh yeah, that makes perfect sense.
That makes a lot of sense. But if you actually look at the research, by the way, you can read your article in nature, your favorite magazine all about this. Ah the issue is, is there increasing mental health issues with kids? Because it's more reported, there are a lot of correlation is not equal causation, as you will know.
And because this because the iphone came out two thousand and seven and they're correlation that to rise in mental health issues are many other issues involved in this, including covet and isolation of kids. Stranger danger from the eighties, which made a lot of parents keep their kids at home instead of living out to play because they were so afraid of. By the way, this was also a specious argument.
There were strangers in neighbor od about to abduct them. We know perfectly well that the real danger to kids is people they know, people at home, their relatives. But the stranger danger actually prompted a lot of parents to say, no, no more playing outside for you.
That could be one of the cases. There are many things going on. Correlation does not equal causation.
And as we've said many times.
and when you do the actual research with many have done, including candis, oders, IT is in fact under it's problematic because it's very easy, say our social media, we put an age limitation social media, we limit iphones. We keep parent, we give parents the power to stop doing all this stuff. It's all going to get Better. And what you're not addressing, for instance, is the fact that schools no longer have mental health professionals, little on nurses in the school. There are a lot of other issues you're not addressing because you up all fixed.
If you found the problem.
you found the problem. So I would recommend people look at my mike magnic. I think our audience trusts and likes had did an excEllent podcast with her about useless tal health talking about JoNathan hates book before the problem is become a political issue.
So do you think the actual driver is mental health or the people don't want kids so stuck on their phones stay if you remember when you were Young .
and your parents to stop listening that rock and roll and cut your hair ah do you member, when new ton mino, the chairman of the fcc, said that television was a vast westland and ruining the brains of our Young people.
then we have the whole video game a phenomenon.
Do you remember when tip gore said video games are ruling our children? It's happened again and again. The problem is, with that kind of moral panic is you can be miss, you can focus on the wrong problem and not really address the issues.
So there is a huge replication crisis, a problem with the data that hate quotes. It's not been replicated. The actual experts who are working in this field in the workings field for decades say we'd actually don't see that.
Um if you're interested and everybody should be watched, this podcast is a great starting point. Um it's a texture dot com. It's the detector podcast with cameras augers od grs titled making sense of the research on social media and youth mental health. Actually, I think hates on IT. So that would be a kind of interesting.
Well, of course, our interest for the podcast is just the idea that that legislation is going to impose a new a new technical right.
Require was nonsense that the australia has said, no, nobody understand a new social media besides the ice. The, I mean, you can make the case that social media is how kids socialized today. IT may and well isolate a great many kids and cause worse problems. How do you do IT? How do you and so there's no good technical way without violating human private own privacy to identify who's an adult who's not in the all.
yes. And and that is the interest of this podcast is what are they going to do like, you know, something is going to happen unless the law gets overturned and or or isn't implemented. The the fines are thirty five, the equivalent of thirty and fifty million australian dollars equivalent about thirty two and a half million us.
which makes me think companies like meta and others will just pay the fine.
You think it's a one time fine. And the other thing that I thought was odd was that youtube is excluded. It's not consider perfect ample yes .
perfect example. Um it's nonsense. And by the way, the campaign in australia IT was started by rupert murdoch and Robert murdoch's newspapers, who in the spring of this year, watched a massive campaign convinced the australia legislature do this .
well from the technologies stamp. It's gonna fascinating to see what they come up with.
We talk about on sunday, and I think the consensus of the panel was, this is really mostly just kind of saying fix IT that because it's a year more than a year away, right?
Yes, takes effect on november twenty of twenty twenty five yeah.
So um I we think it's mostly just sabor rattling and try to convince them I do something so that we can sit back on the slaw. But if not.
we've got a problem. We got we we have a need for some technology. Yeah, that isn't this violent. Dawn appreciates our picture of the week for audio only listeners, SHE says, hello, Stephen leo, i've listened to your show for a while now, and I really enjoy IT. I love all things, computers, technologies, etta.
And there is one thing I can definitely say, with one thousand percent assurance, there will always SHE has in all caps, be a need for this podcast and experts such as yourselves to cover and explain at all with the added chAllenge of putting the cookies on the bottom shelf where the kids can get them, which you are very good at doing. I wanted to write you email, thanking you for describing the pictures of the week. I have to admit, I got quite a bit of laughs from the one last week where the little troubles to some were finding a way to get upstairs even now as I write this, i'm struggling IT means a lot to me that you guys describe the pictures of the week because i'm completely .
blind um interesting .
without your descriptions I would not be able to get any enjoyment out of them. Very good, SHE said. Sometimes I think we do things like this without a second thought and without knowing the impact that we have and will have on someone when we do those things.
This is one of them. Please keep the picture descriptions coming before you ask. I think one of my favorite picks of the week was the one that said, treat your passwords like you're underwear, SHE said I daily.
She's that I remember. I just couldn't stop laughing for a long time after that one that had to rein the podcast a couple of times just for the laughs. I must admit, I had never heard password safely put that way before.
Thank you, you once again for the podcast and image descriptions and please keep on coming dosson. Don, I hope you're listening. Thank you for your note. And I can promise that we will keep the picture of the weak .
descriptions coming. Yeah, you're very good about IT. You realized that we have audio listeners and they aren't seeing and so you're always very good about that. IT does remind us though, also when you post images on mind, you should always use the all tags and HTML. The blind viewers who are using screen readers will actually know at that picture.
Yeah, and I forget sometimes I actually have a little thing on my master, an account that pings me when I post a picture without malt teg and says, you didn't put your own text and it's not too late. Go back and edit and I and I always do thank you do is nice to have you. okay.
Um our last break and then we're going to catch up on the current status of voyage jone as uh continues its well endless journey because it's a way outside the the the sun gravity field at this point. So and .
just along the australia thing, you remember that I was the australian parliament parliamentarian in australia who said, uh, we don't have to worry about mass math does from my point of view, there's no need to pay attention .
that matter and and this .
is .
another one of those examples where of legislators ignoring to technology even though they're legislating technology yeah saying that saying social media companies like some and subset of social media companies have to do something and what we don't know how but you can do IT is like the E. U saying, well, we want you to to block uh you know c sam and we don't know how you're going to do IT, but you have to do IT without breaching anyone else privacy like ah you mean you know this .
is the IT was the australian prime minister said the laws of mathematics don't .
apply here.
He's no longer friend.
Minister was pei, was pey mathematicians.
How dare they? Yeah, governments do that. They say we'll figure IT out.
Yeah, yeah. You guys.
guys are the smart big brain. You figured out a tremble is no longer. I don't think MC rumble is no longer the prime minister, but math but math is lives on, which is kind of winter love math yeah math makes that is a channel math less longer even than .
if you didn't have math, we wouldn't have void or .
one that's for sure. There you go. yeah. I often say when people say all science, you know, sciences and always perfect. Dude, you listen to technology podcast, all technology is, is science applied, right? Give me a break.
That's all we got. Yes, we have. We live in a noisy world, and yet the digital bits get from point to point b perfectly somehow.
Well, math doesn't apply here. This site, no, I don't know what that is. Anyway, I showed were very glad.
Have you listening? We're going to, guy, you very excited about talking about vigia. I can't wait. Lots of really cool information. yeah.
But before we do that, I want to talk a little bit about our sponsor, bit warden, the open source password manager that will drastically improve your chances of staying safe online. We love bit warden. It's open source.
It's trusted by thousands of businesses like all password managers, the basic functionality to generate an auto fill, strong long passwords. You don't have to remembers them IT remembers them for you in an encysted volt. That is part one of why I think it's really important that bit warden is open source when you're talking egypt.
I've always been of the opinion it's got to be open source because you have to be able to fit, you have to be able to look at IT. And or some expert doesn't say there's no back doors is properly implemented. In fact, bit working does that.
Only that they post, they are gpl. As Steve you pointed out a couple episodes ago, uh, they are fully open source. They post their source code on github.
Anybody can read IT, but they also engage every year. In fact, every times a year, third parties to look at the source code, edit, validated, say, this is what he does, this is what IT doesn't do. And they also go one step more.
A lot of companies do that, but then they go once that more bit word promises to publish in full the reports from these third parties. So i'm saying this is the only way you can really be sure it's doing exactly what IT says IT does. So what's reason number one, I love bit and bit warden for business.
Reason number two, businesses bit warden is is a lifesaver in business. It's not just simply a passer manager. IT integrates with all of your existing software to support seamless Operations and elevated security and every part of your enter Price. I'll give you some examples to use microsoft in tune bit warden works with microsoft to on to enhance the device security and use your management IT enables secure bit warden act deployment on any intu managed entering that destroys mobile devices everywhere.
Do you use rippling for your hr? You'll love IT rippling integrates with bit warden to simplify employee off boarding and on boarding your IT team can assign a revoke access as your employees join or leave can push button simple maybe use vta one of our sponsors, we love fanta vta combines compliance audit and reporting with secure password management. IT says, look, they're using secure passage management is using being used effectively.
IT helps our organizations meet their sock to I saw twenty seven o one and other standards. Here's a really interesting one. Rapid seven. Rapid seven, which is an E R solution insurer, improve threat detection and response.
And how does IT work with bit warden by correlation credential usage with the security events? So bit warden says, yes, this password was used on this device on this APP at this time, and rapid seven then can correlated with a security issue, strengthening proactive monitoring and intelligence for enterprise security teams. That's really cool.
Bit warden is really focused on these integrations, the increase flexibility to centralized security management across existing technology, stax and employee devices so that you can maintain contact rol over sensitive information. There's a really great story itself for bit word in both for individuals and for businesses. In business, bit wear n users can seamlessly connect tools for IT management, compliance, security to improve and standardize the employment of enterprise credential management throughout your organization, and your employees will love IT.
It's easy to use its effective your business deserves a cost effective solution that can dramatically improve its chances in your chances of thing, safe on lines, very easy to switch to a bit more and only takes a few minutes. They can import quickly from most passenger management solutions. It's open source.
Bit warden's fantastic bit words is also very affordable. You get started right now with a free trial of bit warden teams or enterprise plan. And the thing I always tell folks, H, I told everybody thanksgiving, make sure you, I hope you did this, talk to your relatives, asking about their password system.
They are security. And if they don't have any security or they are reusing the same bassford heaven for fan, tell em, get award. Very important, free forever for individuals because it's open source, free forever for individuals as unlimited passwords, unlimited device, mac, windows, IOS, android, linux.
And that includes package, unlimited package and the use of hardwork kies like ubiquity, all that in the free plan. Now I pay ten box a year because I want to support them. I have the premium plant ten bux a year, so that even then is very affordable.
I just and by the way, with a bit warning for the individual plans, you can even host your own know there's some real T N O people out there. Trust no one people. That's one way you can really do IT is to host of all.
Personally, I trust that were not fault. I feel fine about that bit. Warden gets started for free across all devices as an individual user free trial of a teams or enterprise plan for your business.
A bit warden that comes slash to IT. This is the one really is. And if you're not using a passer major, by all means I know if you listen a security now course you're using one. Tell your friends bit warden, that calm slash to a thank you bit warden for supporting security now and thank you for supporting IT about using that addresses know you saw here viger okay.
So our listener, rob width ft, brought this bit of news to my attention. A nasas posting was titled nasas voyage one resumes regular Operations after communications pause um and i'm i'm going to share IT because as I said, IT contains a budget of interesting and amazing science and engineering information and then we're going to even dig down a little deeper so they wrote nasas voyage one has resumed regular Operations following a pause in communication last month.
The probe yeah the probe had unexpectedly turned off primary radio transmitter called an expand transmitter and turned on the much weaker s band transmitter there to the spacecraft's distance from earth, about fifteen point four billion miles, twenty twenty four point nine billion kilometers. This switch prevented the mission team from downloading science data and information about the spacecraft's engineering status. Earlier this month, the team reactivated the x band transmitter or and then resumed collecting data the week of november eighteen from the four Operating science instruments.
Now engineers are completing a few remaining tasks to return voyage one to the state IT was in before the issue arose, such as resetting the system that synthesizes its three on board computers. The expand transmitter had been shut off by the spacecraft's fault protection system when engineers activated a heater on the spacecraft. Okay, historically, if the fault protection system sensor that the probe had too little power available, IT would automatically turn off systems not essential for keeping this spacecraft flying in order to keep power flowing to the critical systems.
But the probes have already turned off all non essential systems, except for the science instruments. So the fault protection system turned off the x band transmitter and turned on the s band transmitter because IT uses lower power. Unfortunately, that also means that transmitted at lower power, which means you can get the data through, which is why they have stop collecting data, they said.
The mission is working with extremely small power margins on both voyager probes powered by heat from decaying plutonium that is converted into electricity. The spacecraft lose about four watts of power each year. About five years ago, after some forty one years after the voyer spacecraft launched, the team began turning off any remaining systems not critical to keeping the probes flying, including headers for some of the science instruments to the mission team surprise, all of those instruments continue to Operate despite reaching temperatures lower than what they've been tested for.
The team has computer models designed to predict how much power various systems such as heaters and instruments are expected to use, but a variety of factors contribute to uncertainty in those models, including the age of the components and the fact that the hardware doesn't always behave is expected, with power levels being measured to fractions of a what. The team also adjusted how both probes monetary voltage, but earlier this year, the declining power supply require the team to turn off a science instrument on void two. The mission shot off multiple instruments on voyage jone in nineteen ninety to conserve energy, but those instruments were no longer in use after the probe flu passed.
Sad and jupiter of the ten science instruments on each spacecraft for are now being used to study the particles, plasma and magnetic fields in interStellar space, which is where both probes are. Void, just one and two, have been flying for more than forty seven years and are the only two spacecraft to Operate in inter Stellar space. Their advanced age has meant an increase in the frequency and complexity of technical issues and new chAllenges for the mission engineering team.
Okay, so reading that, the article said the x band transmitter had been shut off by the spacecraft's fault protection system when engineers activated the heater on the spacecraft. What I didn't tell us is why the J, P, L, engineers turned on that heater. And there's even more fascinating information about that.
Our listener, jeff root in santiago, supplied the link to a story in the register, of all places, titled best job at J. P. L.
What it's like to be an engineer on a voyage project. This was posted two days later on the U. S.
Is thanksgiving thursday. And IT, too, is truck full of interesting science and engineering insight. So the register wrote, the voyager probes have entered new phase of Operations.
As recent events have shown, keeping the vulgar spacecraft running is a chAllenge as the end of their mission nears. And of course, end of the mission just means which we don't know what happened, right? I mean, it's like its way past.
It's it's design and of mission. And IT keeps getting extended. So they wrote, as with much of the voyer team nowadays, korean barrot, a thirty year veteran of masses jet propulsion laboratory, divides his time between the twin voyager spacecraft and other flight.
He describes himself as a supervisor of chief engineers, but leaped at the chance to fill the role on the voyage of project Susann. Dod jpl, director for the inter planetary network, director IT, is the project manager for the voyage of interStellar mission. Bata ruden told the register.
SHE knew that the project was sort of entering a new phase where there was likely to be a lot of technical problems. And so chief engineers, that's what they do. They solve problems for different flight projects.
Dd needed that support for voyager battle run would typically have found someone from his group. But he said, I was just so excited about boyer gar. I said, you know, look no further, right? I'm the person for the job. In other words, this was one he did not want to delegate. He said, i'm your engineer, you know, please pick me.
So batter ruin has spent the past two years on the voyage project after decades of relatively routine Operation, following plans laid out earlier in the mission when the team was much larger, the twin voyage spacecraft had begun presenting more technical chAllenges to overcome as the vehicles age and power dwd dle. The latest problem occurred when engineers warmed up part of the spacecraft, hoping that some degraded circuits might be healed by an annealing process that run explained that cold. There's these junction field effect transistors, j vets in a particular circuit that have become degraded through radiation.
We don't have much protection from radiation in an inner stolar medium. Remember where this thing was never designed to function, right? Because IT wasn't expected to live this long.
We don't have much protection in an inner Stellar medium because we're outside the heliosphere where a lot of that stuff gets blocked. So we've got this degradation in these electronic parts, and it's been proven that they can heal themselves if you get them warm enough long enough. And so we knew we had some power margin, and we were hopeful that we had enough power margin to Operate this heater.
And as I turned out, we didn't IT was a risk we took to try to imitate a problem that we have with our electronics. So now the problem is still there, and we realized that we can't solve IT this way. And so we're going to have to come up with another creative solution, unquote. So the register says the problem was that more power was demanded that the system could supply a volt regulator, might have smooth things out, but the voyage no longer, or have that luxury. Instead, engineers took a calculated risk and ran a fall of the then innovative software on board the spacecraft.
The undervote ted routine of the fault protection software shuts down loads on the power supply, but went, but since the voyage, your team had already shut down anything that's not essential there is a much left for IT to shut down batter route, explained he said, so quote, under the the undervote tage response doesn't do much except turn off the x band transmitter and turn on the x band transmitter. And that's because the s band transmitter uses less power, making IT the last safety net to save you, he said, and save the mission IT did. While the s band is great for Operations near earth, such as the moon, it's almost useless at the distance of the voyer spacecraft.
However, by detecting the faint Carry your signal of the expand transmission, the team was able to pinpoint that the problem had been the act of turning on the heater even without expand telemetry from the spacecraft. The chAllenge for engineers isn't just the time IT takes to get a command to the voyagers and receive a response, but also checking and rechecking every command that gets sent to the spacecraft, he said. The waiting is apparently not as frustrating as we might think, batta rudden said.
This is the rythm we work in. We grow a custom to IT. IT used to be a very small time delay, and it's gradually grown longer and longer through the years with the public physical hardware london, the team now works with an array of simulators, batta rudin said.
We have a very clear understanding of the hardware. We know exactly what the circuitry is, what the computers are and where the software runs. And as for the software, it's complicated.
There have been so many twists and changes over the years. Remember forty six years, forty seven years that working out the exact revision of every part of voyagers code has become tRicky batter, rudin said. It's usually easier to just get a memory read out from the spacecraft to find out what's going on out there.
The chAllenge for the void your team is that the spacecraft are nearing the half century mark. As as is the documentation, he said, we have documents that were type written in the seventies that describe bed the software, but there are revisions and so build the simulators. We feel really good about the hardware, but we feel a little less good about understanding exactly what each instruction does.
The latest bit of recoding occurred with the failure of one of voyagers. Integrated circuit manifests itself as meaningless data last year. And of course, we talked about that on the podcast at the time.
Bad rude reminds us the basic problem was figuring out what was wrong with no information. We could see a Carrier signal we knew we were transmitting in the expand. We knew we could command the spacecraft because we could tweet that signal slightly with commands.
So we knew the spacecraft is listening to us, and we knew the spacecraft was pointing at earth because otherwise we wouldn't get a signal at all. The engineers went further down the faul tree and eventually managed to get a minimum program to the to get a memory read out. That read out could be compared to one retrieved.
When the spacecraft t was healthy, two hundred and fifty six words were corrupted, indicating a specific integrated circuit code was in written to relocate instructions around that failed area. And and I remember this is, this is almost a light day away. At that point a year ago, the problem there is the code was very compact.
There was no free space that we could take advantage of. So we had to sacrifice something so that, you know, they're patching on the fly on an Operating machine. What is fifteen billion miles away? That's something that needed sacrificing was one of the voyagers.
Higher data rate modes used during planetary fly buys that make sense, right? Just like, hey, no, what do we need? Well, we don't need the high data rate mode used during planetary fly eyes because we're not going to be flying by any planets.
So now back to the present. The current chAllenge in both. If you part of the fun involves dealing with the probes, oh, thrusters. And here's the problem, leo, silicon from blatter inside the fuel tanks has begun to leach into hydrogen propellant.
Since silicon doesn't ignite like hydrogen, meaning IT doesn't get burned off a tiny amount, gets deposited in the thrusters and slowly builds up in the thruster capitalists bata ruden uses the analogy of clogging arteries. Eventually, the block gage will prevent the spacecraft from firing its thrusters to keep IT pointed at earth. However, the pitch and your thrusters, each of which have three branches, are clogging at different rates.
The current software works on the basis that branch one, two or three will be used, but could not be Operated in mixed mode, where a branch two is used for the pitch ruster, but branch three is used for your battle ode notes. So that's a creative solution. IT would be very complicated.
This would be another modification in interStellar space to the software and getting IT right the first time. It's not just nice to have. It's almost central. By the time the results of a cabin come back from the void of spacecraft, IT might be impossible to deal with the fallout of a failure.
What do they write? IT in what is the semble?
Which of all individuals that they they invented their own processor are not using any commercial processor. They invented A A computer that reads this code. And that's where he's saying.
Sometimes we are not sure what an instruction does because somebody typed IT in nineteen seventy and may have said, oh, it's lunch time. I get back to you later. Wow.
wow. This is amazing.
This is just incredible. He said the voyage spacecraft are unlikely to survive another decade. The power will eventually windle to the point where Operations will become impossible.
Is IT a nuclear .
power plane? Yeah, ah, yeah. IT is a nuclear power IT. IT is using decaying plutonium to the heat generated from the particle decay to heat a dermal couple, which generates the electric current to drive all of this. So it's a tiny bit of and it's bit exponentially decaying for forty seven years. This thing was .
first a long time yeah so he .
says high data rates, which is to say one point for killing bits per second, will only be supported by the current deep space network until twenty, twenty seven or twenty eight. After that, some more creativity will be needed to Operate voyager one's digital tape quarter. Baturin speculates that shutting off another heater, the bay one heater used for the computers, would free up power for the recorder.
But the I, I, I should mention that, that we were only able the deep space network, as I recall, is only out of australia. And so it's it's only during A A, A brief time window once a day as the earth rotates that the the deep spaces network antenna is able to point at voyage june. And so a one records its data during the dark period and then dumps IT to us when IT knows we're able to receive so he says, um turning off the bay, one heater used for the computers would free up power for the recorder.
According to the thermal model, but it'll be a delicate balancing act. And of course, the reason a kelling attempt demonstrated the limitations of modeling and simulations on earth. So does battle run have a favorite out of the two spacecraft? He replies, well, voyage two is the one that's been flying the longest, and voyage one is the one that's further shed from earth.
So they both have a claim to fame. He, to use another knowledge there, essentially twins. They're basically the same person, but they live different lives, and they have different medical histories and different experiences.
Ces, a great line battery .
in hopes to stick with a mission until the final transmission from the spacecraft. He said, I love voyager. I love this work. I love what i'm doing is so cool. IT just feels like i've got the best job at gpl.
And he's, i'm sure, in his sixties, if not seventies, been there for thirty years with J. P. L.
yes. wow. So I just a status, which is what gave me the title for today's podcast, that entry pid little spacecraft is now so far away that light and radio signals take more than twenty three hours to travel in each direction, not round trip each direction.
So two days round trip. So it's nearly an entire light day distant yet. Voyage your wet.
This is what bog is. My mind is managing to keep itself pointed at our earth across all that distance. And we still have working by directional communication with IT. This entire endeavor has been an astonishing example of incredible engineering.
The original design, or, and this is this, this to the original design, was flexible enough that and software controlled enough that even though IT was designed in the nineteen seventies and launched on september fifty, nineteen seventy seven, all well before the internet and all the technology that we now take for granted, this machine has endured and has exceeded everyone's expectations many times over. The story does make one principle absolutely clear. No pure hardware solution could have ever done this.
No pure hardware solution would still be alive, functioning and communicating after forty seven years of space flight, nor even could any fixed firm where hybrid hardware, software solution. The reason is that none of what has transpired since voyage ones original mission was redefined and extended after IT continued to perform so brilliantly could have been anticipated by masses, brilliant engineers in mid seventies. The soul key to void once success today is that, to an extremely large degree, the original designers of the spacecraft put the machines hardware under software control.
The reason they did that way back in the seventies was different from the reason they're now glad they did that. They created a deeply software based control system back then, because software doesn't weigh anything and the spacecraft didn't have an outs of weight to spare. So the engineers of the seventies put their faith in software, and that faith, and the inherent dynamic redesign flexibility is enabled, has given the spacecraft a far longer life than he could have ever otherwise enjoyed because software doesn't .
weigh anything.
And all of that said, yesterday's and today's software is ultimately at the mercy of hardware. You know, if the attitude control systems ultimately become gug with leached and deposited silicon, the spacecraft ability to manuvers and keep itself pointed at the earth will eventually be lost. At some point in the not too distant future, IT will still be alive out there, but will have lost contact, uh, with one another. You know, what an amazing accomplishment, leo, I mean, that make you proud.
And also there's another lesson, which is sometimes constraints force the kind of creativity that's Better than if you have unlimited hardware and software, unlimited memory.
unlimited storage, is why i'm pointing at that P D P A behind me yeah it's what you know IT came with four k words of memory and I was expandable to sixteen I think for twelve um it's it's when I miss about the old days where where there you you really there was there was creativity and engineering.
Instead of just asking ChatGPT for a program, right, you know which you know which is split out from having injured ted the internet, right? IT is a different world. Yeah fascinating.
Well, as know we've covered the story for a couple years now and have as it's been .
that a chapter little probe has been out there.
And there are i've mentioned already, there are some documentation is one fairly recent one that covers the old folks.
And I wasted after recommendation. IT was fantastic.
So great, good. This is their life work, just really need amazing. Thank you still once again for a great show. As always, Steve hits IT out of the park each, every time. I hope you listen.
We do the show live on tuesday's after mk break weekly, which usually the big some are between one thirty and two P M pacific, let's say five P M E string time, uh, twenty two hundred UTC. You can watch us live at eight different platforms. Thanks to our club twit members.
Of course we are on the discourse. That's where our club twit members live, but were also on youtube twitch, we're on x tot comer on facebook, were on linked in, we're on kick or even on tiktok. So you can watch live there if you're round of a tuesday evening.
If not, of course, is on demand versions of the show. We have a sixty four killed bit audio version and a full video version. You can watch IT with that TV slash sn.
Steve has the sixty four cubit audio, but he also has the sixteen killed bit audio, which he makes handcraft himself every week so that you can listen if you're band with impaired. And one of the band with paired folks is our own a lane fair, who does the transcripts? So SHE downloads that, and literally by hand transcribes everything we say. There's a beautiful job of that.
It's actually why we had the sixteen bride. IT was for a lane that I could. I started .
doing that and so nice. So if you want to read along as you listen or use IT for searching, that's also on a side, of course, the full shown out. And Steve does a really nice, Better shows ws than anybody i've ever seen.
I mean, it's all write out there, lots of images, links. And you can also get that from Steve so you can get in the email to you. Well, Steve has a couple of newsletters, one of which is the security now newsletter, the shown notes.
And all you have to do to get on his meltings is go to G R C dot com. That's this website, grc docotor slash email. What you're actually doing is validating your email, so that gives you the opportunity.
Email him, you have to validation at first because he doesn't want spam is very effective technique against that. But you'll see there are two boxes that you could check. They are unchecked by default, but you could check them if you want to get those newsletters, grc docs slash email while you're a grc pick up a copy of spin, right? That step's spread and butter the world's best mass storage, maintenance, recovery and performance enhancing utility six point once the current version at grc that come lots of free stuff there too. It's really a fun that I just a brows around the site looks like IT was came out right about the same .
time as void your one. Yeah.
it's but you know what? IT waves. nothing. So that's that I could say G R C dot com. There's a youtube chain dedicated to the video if you want to watch. Better yet, that's the place you can use to share clips.
Youtube makes that fairly easy and and heard something and said, all, you know, my friend want to hear that you can clip IT send to them. That helps us two ways. One is, of course, you know you're sharing IT, but to your friend might say, here I want to hear that show again.
I want to hear more of that and subscribe and we like that. We appreciate that. We especially appreciate all of our club members who are watching and listening tonight um we couldn't do IT without you.
And increasingly, as the times get tougher and tougher for independent podcast like hours, we are relying on club members to keep the lights on. It's seven bucks a months. You get at three versions of this show and every other show.
You also get access to the club, to the discord. You get special shows. We're do we're i've been streaming every night for the first three nights. The advent of code solving that is so much fun, Steve.
I IT was really scary for me the first time I say i'm going to let somebody watch me right code because i'm that i'm not pro and even i'm sure even somebody like you, there's false starts. There's there's done like you all, I like that a coma or something like that ah so we're doing to alive. You can watch me do dumb things.
But fortunate I have from our own club, three really accomplished codes. They wait till they've solved the event of code themselves, which IT takes about ten minutes. And then they come in, dial in.
So sights h din OK, whose australian are canadian friend paul holder, you know very well, who helps on your forms. They helped me on last night. actually.
They helped me quite a bit doing some regular expression stuff. They were very helpful there. So please, john, I think I want to do IT again. And I think what of my plan is i'm going to keep doing until I hit that wall where I go.
I can or IT passed two .
in the morning. You know, I don't want to stay up all night doing IT, so but let's try. And again, so far, it's so good.
It's taken a couple hours. It's been really fun. So i'll be streaming that on my youtube chal. Uh but that's another club event.
So join the club because that's what that's where the fun happens and it's what really supports the works. Steve does an and the entire team twitch that TV slash club to its seven box a month. That's all the costs right now.
One and a half percent of our audience is a member. I would love to get that doesn't have to be one hundred percent, four five percent that, that would make IT. So we didn't have to worry about what we're going to do next year. Right now. We're quite worried. Twitter TV slash .
club twitter.
If you have a wonderful week.
we'll do. We'll be back next week for one thousand and four.
Oh moly, who knows .
what's gonna go on between now and then?
Whatever IT is. Look up. M, I V, episode. M, V. Coming up. Thank everybody will see the next time on security now.
Security now.