Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:04):
Welcome to tech Stuff, a production from iHeartRadio. Hey there,
and welcome to tech Stuff. I'm your host, Jonathan Strickland.
I'm an executive producer with iHeartRadio and a love of
all things tech. It is time for the Tech News
per Tuesday, September twenty eight, twenty twenty one. And first,
(00:27):
let's follow up on one of the recent Facebook stories,
specifically the one about how Facebook researchers conducted an internal
study that linked Instagram use with potential negative effects on
mental health, particularly for teenage girls. Now, the head of
Facebook's research department has posted on Facebook Newsroom that the
(00:50):
conclusions that were drawn by the Wall Street Journal, which
reported on all this, are inaccurate and do not reflect
a proper interpretation of Facebook data. But really, the post
mostly is an indictment against her own department's research practices.
Because she stated that the study in question only had
(01:13):
forty participants. That means that that sample size was way
too small to allow for any kind of broad generalizations. Now,
I actually agree with that, because forty is an incredibly
small sample size for any kind of study. One might
even argue that it really doesn't make any sense to
conduct a study that has that small of a sample size,
(01:36):
particularly if you are a company that has a platform
with more than a billion users, more than two billion users. Now,
that does not mean that the findings are necessarily inaccurate, right,
I mean those findings might be accurate, But rather than that,
you can say, well, you can't be sure of that
(01:56):
because a sample size is way too small. It may
be that you just happen to have outliers and that
if you did a larger sample size, any effect would disappear.
And you know, you just can't really say for sure
to what if any degree Instagram contributes to negative mental
health outcomes based on a study like that. But I
will also say that her post feels a lot like
(02:19):
Facebook is doing kind of a tight rope routine of
saying the data doesn't show that, but also saying the
study isn't sufficient to draw conclusions from, like unless there's
other data that Facebook has, and there may well be,
but they haven't shared it, then it's impossible to say.
And because Facebook hasn't shared any extra information, there's no
(02:40):
way to validate whether or not you know, the arguments
that this is inaccurate are true. This Thursday and Tigany Davis,
the head of safety at Facebook, will appear before the
Senate Commerce Subcommittee to answer questions about the company and
its research on Instagram's effects. And I am sure that
(03:01):
there will be some senators with some pretty pointed questions.
We will have to see if Davis answers those in
a straightforward way or if we get more of what
we've seen in the past, where Facebook kind of dances
around answering things when it comes to accountability. In related news,
Facebook has announced that has put a temporary hold on
(03:22):
its plans to launch an Instagram app aimed at kids
under the age of thirteen. According to the head of Instagram,
Adam Massari, the decision to do this was in response
to the public backlash that the company has faced, particularly
in light of those Wall Street Journal stories I mentioned.
He also took the time to lament that you know,
(03:43):
we all just have it all wrong. This new Instagram
app isn't meant for little kids, he explained. It's meant
for kids that are between the ages of ten and twelve.
Now I'm going to spare you my personal reaction to
that particular response, because I think you could probably guess
what it is. But he also tweeted out that kids
are getting smart folks like younger ages, and then they
(04:06):
go around and download apps and they misrepresent their ages
in order to use those apps. So clearly it would
be better to make apps for the kids. I would say,
this doesn't explain how that stops kids from just continuing
to download adult apps and to misrepresent their ages. Like
that doesn't seem to solve that problem. It's really just saying, hey,
(04:28):
they're already on there, so what harm could we do
by introducing more of what they're already on. If anything,
this is really a call both to companies and to
parents to take more steps to protect kids. And I
think parents need to have a lot of that responsibility.
But how you know, we can't give companies a get
out of jail free card just because they have a
(04:51):
token age verification system that doesn't actually verify ages. In
my mind, that's just a type of se purity theater, Right,
You've got the appearance of security, but it's not actually
making anything more secure. Now that's my own personal opinion.
I could be way off base. Mossi argues that the
(05:13):
app that was planned for younger users would give parents
more oversight into what their kids are doing. But I
don't know. I mean, with every story that I cover
in this vein, I am tempted to just go move
into the woods and become a hermit, except I know me,
I would die of exposure within like two days. I'm
(05:33):
a soft city boy, but the urge to retreat is
definitely there. The Chinese government is taking some pretty extreme
steps to curb energy consumption and carbon dioxide emissions within
the country. More than half of all China's electricity comes
from coal power plants, something like sixty three percent of
it does, and while the country has committed to never
(05:55):
building another coal power plant, it doesn't change the fact
that right now China largely runs on coal. The price
of coal in China has been on the rise lately,
and so energy costs have subsequently been going up, and
of course we have the carbon dioxide emissions issue. So
to deal with these problems, China has started to cut
(06:16):
off power to some major manufacturing centers in certain regions
of the country, with the plan to potentially have a
schedule in place for when those regions will be allowed
to power these manufacturing centers and when those centers are
going to go without power. Now, the hope is that
doing all this will allow energy companies to get hold
of some more commodities to offset production and stabilize prices,
(06:40):
though there are some analysts who say that at best
that would be like a temporary band aid. But in
the meantime, it means that it's not always going to
be business as usual in China's manufacturing centers, and since
a lot of the world's leading electronics companies depend upon
Chinese factories, this could mean that some companies experience some
production lays. Coupled with the ongoing semiconductor shortage, this could
(07:04):
mean that we're in for some tough times when it
comes to consumer electronics. However, I should add that the
semiconductor industry in particular will be allowed to continue to
operate throughout this process, so China's not going to shut
off power to facilities that are making semiconductor chips. Also,
a lot of companies have facilities in different regions of China,
(07:26):
and some regions are not affected by this. Some regions
will continue and not be cutting off power to manufacturing centers,
so those companies might just shift operations around as much
as they can to offset any delays they would face
due to the downtime. This next story needs a little
bit of a lead in, all right, So have you
ever tried to log into a service but you couldn't
(07:48):
remember which password you used for it? So you try
a few of your old standbys, and after three or
so attempts, you get shut out and told that you
can't try and log in again for several minutes. Well,
that kind of system is in place to protect against
a type of password attack called brute force, and with
that name you probably have a pretty good idea of
(08:09):
how this works. Someone trying to access a system you
know they don't have authorization will end up submitting guests
after guests in the password field, perhaps using a dictionary
of common passwords to start off, and then moving beyond
that to other guesses should the dictionary fail to score
any hits. This is all done automatically. By the way,
(08:31):
There are computer programs that are just meant to do
this kind of attack. This is not a quick way
to gain access to a system, but with a sufficiently
powerful computer system behind it, you can get it done.
It just takes time. So these protection systems are in
place in order to prevent that. Right, the brute force
attack would take a lot longer to do because the
(08:52):
attacker would regularly get shut out after giving a few
incorrect passwords. Another way that you can protect systems is
to require two factor authentication. So a password is one factor,
it represents something you know. A two factor authentication process
would require either that you also submit something that you own,
(09:15):
like your phone. So this is like when you try
and log into something and a system sends you a
text message with an access code that you need to
put in an addition to your password, or maybe it
requires something that you are like your biometric data like
a fingerprint scan, and it's used in connection with the password.
These systems also protect against brute force because the attacker
(09:37):
needs more than just the password in order to access
the system. All right, now we've got all that. Other
way we can get to the actual story. Microsoft has
a product called Azure Active Directory or Azure a D,
and apparently it has neither of those protections in place.
It is a single factor authentication system, so you just
need a password and you can submit password to your
(10:00):
heart's content, and apparently, in at least some versions, the
system doesn't log the password attempts, so there's no record
kept that someone is trying and failing to submit a password. Now,
consider for a moment that Azure Active Directory is a
way for corporate users to sign into a corporate account
(10:22):
and then connect to all integrated corporate systems and devices.
It's a one login solution in other words, so you
might use it to log into your corporate email, but
then it also logs you into the corporate HR system
or maybe like a project management system that all of
these different things. Because they have the one login approach,
(10:44):
you already have authorization, so you're not frustrated by the
fact that you have to authenticate every single time you
try to access any company system. It's meant to make
things more streamlined. Right, As long as you were able
to authenticate that one gateway, you can access everything. So
(11:05):
that means that this is a potential huge security vulnerability,
right if a hacker targets and Azure ad log in
and they have a user name and they're just submitting passwords,
and those failed passwords aren't getting logged, So no system
administrators are aware of this because there's no you know,
(11:25):
notification popping up saying hey, so and so has submitted
five seven eighty three incorrect guesses for their password. Maybe
you need to look into this. Then you could just
keep on attacking until you got a hit and managed
to get into the system. If you would like to
learn more about what scenarios this would work in and
(11:45):
what you need to be on the lookout for, I
really recommend reading As Sharma's post on Ours Technica. It
is titled new Azure Active Directory password brute forcing flaw
has no fix. That headline kind of as it all.
All right, We've got some more news stories to cover,
but before we get to that, let's take a quick break.
(12:13):
If you are in the United States, you might remember
that a couple of years ago, the Chinese telecommunications company
Huawei fell under a lot of scrutiny here in America,
and in part this was because then President Trump had
engaged in a trade war with China, and so at
least some of that motivation for the pressure on Huawei
was political trade pressure, but there was also a growing
(12:36):
concern that a Chinese company, one that presumably has important
and tight connections with China's communist government, might not be
the best fit when it comes to building out telecommunications infrastructure. So,
in other words, if you're worried about potential Chinese spies.
Maybe it's better not to hire a Chinese communications company
(12:57):
to install critical infrastructure components within your own communications network.
It's like opening the door for potential spies. In other words,
so the US moved to push American communications companies to
scuttle Huawei systems and to replace them with other systems. Now,
the Federal Communications Commission, or FCC, says it has created
(13:19):
a nearly two billion dollar program to reimburse telecom carriers
that are going through the process of removing and replacing
Huawei network hardware from their systems. These telecom companies are
largely in rural areas in the United States, and I'm
sure that that relief is a literal relief to them.
These are not necessarily your gigantic coast to coast companies.
(13:44):
In other words, video game company Activision Blizzard has entered
into a settlement agreement with the US Equal Employment Opportunity Commission.
This was in response to a lawsuit that the EOC
brought against the company following multiple allegations of issues ranging
from a hostile work environment to sexual harassment, to pay
disparity and discrimination. As part of the settlement, activision. Blizzard
(14:07):
will create a fund that will compensate employees who claim damages.
So it Plays will submit a claim, it will be
evaluated and then determined whether or not that employee merits
getting money from this fund, and the total amount in
that fund is in the neighborhood of eighteen million dollars.
Any unclaimed funds after a certain period of time end
(14:28):
up going to nonprofit organizations dedicated to attracting more women
to enter into the video game development industry. Bobby Kodik,
the CEO of the company, says that he and the
executive team are dedicated to putting an end too the
toxic work environment, which I really hope is a sincere statement.
I mean, the cynical part of me says, well, of
(14:48):
course you want to bring an end to that, because
it's costing you money. As long as it wasn't costing
you money, there was no real incentive. But the hopeful
part of me says, we're trying to get better, and
people genuinely want to make workplaces a more positive environment.
So the optimist will continue to hope and the cynic
(15:10):
will continue to mistrust. A researcher at the Ethereum Foundation
named Virgil Griffith has pled guilty to charges that he
helped the country of North Korea get around US sanctions
that aimed to prevent North Korea from using blockchain technology.
And that needs some explanation. So, first of all, Ethereum
is a type of cryptocurrency, and when we talk about cryptocurrency,
(15:33):
a lot of people just think Bitcoin, or maybe if
they're in it for the means, they might think dogecoin.
Ethereum is another big popular cryptocurrency that is currently trying
to switch from a proof of work approach, which is
what Bitcoin uses. That's where you're using very fast computers
to try and solve a very hard computer problem before
(15:56):
anyone else can, and it's the reason why these systems
end up consuming so much energy and as a result,
contribute to things like carbon emissions and energy spikes and
all that kind of stuff. Ethereum is trying to move
to a proof of stake approach, which does not require
that kind of computational processing power in order to mine
(16:19):
new coins. However, it does mean that you have to
have a sufficient stake in ethereum in order to earn
interest more ethereum. And so some people point out that
that approach means that you already have to be wealthy
in order to even enjoy that potential payout, so upside
(16:41):
and downsides anyway, Like bitcoin, Ethereum uses blockchain to track
transactions and to prevent people from spending the same ethereum
unit twice. You know, if you have something that's digital,
then arguably you could just copy it a billion times,
so now instead of having one dollar bill, you have
a billion dollar bills. Block Chain prevents that kind of
stuff from happening. Well. Back in twenty nineteen, Virgil Griffith
(17:04):
attended a blockchain conference in Pyongyang, and the US government
alleges that Griffith's presentation at the conference was in effect
an instruction manual for how North Korea could make use
of blockchain technologies, despite US sanctions meant to prevent that
very thing from happening. Griffith was arrested upon returning from
the conference, and his trial was set to begin next week,
(17:25):
but he decided to plead guilty to the charges, which
could mean he could face up to twenty years in prison.
We'll have to follow up on this as we learn more.
No once we get to sentencing, Tesla has started to
open up its full self driving or FSD program to
a larger number of Tesla drivers, prompting them with a
(17:47):
request feature that appears on the dashboard touchscreen, so you
select it and then you can put in your request
to be part of the program. So now if you
have a Tesla that's capable of supporting FSD, you can
ask to have that feature enabled on your Tesla. Except
there is a catch. The company will run a safety
check on each driver, checking their driving against five criteria
(18:10):
to be certain that the drivers are responsible and safe.
Those criteria include instances in which the driver prompted a
forced autopilot disengagement. So autopilot is a driver assist feature
that some Tesla owners have famously abused by treating it
more as like a fully autonomous vehicle mode. And this
(18:30):
particular feature asks drivers that they keep their hands on
the wheel and they maintain their attention on the road,
and if a driver does not do this, then the
mode is supposed to alert the driver and disengage and
thus force the driver to take over manual control of
the car. So if that had happened, that would be
a strike against you, would that would knock points off
(18:52):
your safety score, but other criteria include stuff like how
frequently the car had to engage features like a forward
collision warning, which might indicate that you're following too closely
or not paying enough attention, or how frequently the driver
had to use hard breaking. Again, maybe you were traveling
too fast or you break too late when you're coming
up two stops. So you have to accrue a sufficient
(19:15):
safety score before you will be given access to subscribe
to FSD, But Tesla is not actually saying what that
score threshold is. Only the drivers will be judged out
of a total possible one hundred points, and most folks
will land somewhere around eighty points. The FSD product requires
a monthly subscription of one hundred ninety nine dollars a month,
(19:38):
which is a princely sum. Tesla also offered a version
where you could just buy it outright for the life
of the car for ten thousand dollars. And I've got
a lot of thoughts about this, and one of those
is that the name of it full self driving is
just as misleading as the name autopilot is, because it's
(19:59):
really just more features that augment autopilot, so it can
do stuff like in at least some cases have a
car navigate out of a parking space on its own,
so you can have it pull out of a space
and then you get into the car. You don't have
to squeeze by and that kind of stuff. But it
doesn't always work in every situation, and it can also
do things like obey traffic signals and stop signs, so
(20:21):
it can travel on surface streets in this mode, and
not just on highways. It can navigate from one highway
to another. But it is not true self driving, or
at least it's not truly fully self driving. It can't
autonomously operate the car in all situations and scenarios, and
many critics, including myself, have argued that the name doesn't
(20:43):
reflect what the product actually does. Also, I find it
somewhat telling that the company refers to the system as
full self driving, but it is requiring drivers who are
applying for this to pass a safety test before they
get access to the features, because if it were really
a full self driving feature, you would want bad drivers
(21:07):
to get that, right, I mean, if the vehicle is
capable of driving itself, which I argue full self driving
at least heavily implies, presumably it will do so safely
without the risk of an accident, and it makes more
sense to give bad drivers that service and thus remove
their human error from the road. But the fact that
(21:29):
Tesla requires drivers to meet a minimum safety requirement tells
me that that's not really what FSD does, right, Like,
if it really did that, then you wouldn't need the
safety check. If you need a safety check, you need
to make sure that the person who's driving the car
is going to be responsible, which tells you that FSD
is not really FSD. It's an augmentation system, not a
(21:53):
truly autonomous system. And I've got a lot of really
critical thoughts about Tesla doing this kind of stuff because
I feel that they set an unrealistic expectation in their
customer base, and then people have an overreliance on technology
that is not able to measure up to what the
people are putting it to, Like they're putting way too
(22:15):
much responsibility on the tech, and the tech just isn't
up to the challenge, and part of that is fueled
by the way Tesla markets it's technology. So yeah, I
think it's reprehensible. If I'm being you know, blunt, all right,
I'm gonna I'm gonna take a break and I'm gonna
(22:35):
find a way down off this high horse. But we'll
be back with some more news in just a second. Okay,
we're back now. By the time you hear this episode,
Amazon will have held a hardware event and revealed some
(22:58):
new products, potentially a bunch of new ones. The event
was invitation only. I did not get an invite. It's hurtful,
so I have no idea what it is that they revealed.
In fact, as I record this, the event has not
yet happened, but it will within like twenty five minutes
of me saying the sentence. The Verge has made some
(23:21):
guesses as to what could be revealed, so I thought
I would share with you what the Verge is guessing,
and then you can compare and see if the Verge
got it right. And I hope they did because I really, actually,
I really like that site a lot. Anyway, the Verge
predicts that Amazon will likely have a wall mounted echo device,
so you know, another smart speaker screen device that you
(23:43):
could actually mount on your wall. They also are predicting
that there's probably going to be a sound bar system
with Alexa integration in it. I mean We're already seeing
sound bars that have Alexa integration incorporated into them, but
this would be an official, like Echo soundbar type thing.
There's also the possibility that the company will have a
dash cam for cars that has Alexa integration built into it.
(24:06):
That seems to be, you know, a pretty safe bet.
But one thing that the Verge says we probably will
not see is more information about a robot that Amazon
has had in development for several years. It's a home
assistant robot that was called Vesta, but apparently there have
been some concerns within the company that there might not
(24:29):
be sufficient demand for Vesta and that if Amazon released
it as a product, it could just be a total flop,
and that they would end up costing the company more
because not enough people would buy it. So it's possible
that the company is actually backing away from that project.
We will have to wait and see what it is,
they said, or you won't have to wait and see, because,
(24:49):
like I said, by the time you hear this, they've
already had that event. Anyway. Amazon is also facing some
opposition in the state of California, and it's not the
only one. Governor Knewsome signed a bill into law last
week that will require companies that employ more than one
thousand warehouse workers that they will have to disclose how
(25:11):
they judge worker productivity, including how they set productivity quotas.
Amazon and other companies that meet that criteria will then
have thirty days after the bill becomes an actual law,
which will happen on January first, twenty twenty two. At
that point, they will have to disclose how they measure
(25:31):
productivity and how they collect that information. And this law
gives employees the right to sue their employers for unsafe quotas.
So if a company is like working people beyond reason,
if the quotas are so stringent and so restrictive that
people can't you go to the bathroom, or they can't
(25:52):
take a reasonable number of breaks, or they run the
risk of injuring themselves because they have to work so
hard in order to meet very high quotas. Well, now
those employees could potentially sue their employers, and the employers
would be held accountable for that in a court of law,
at least in California. Now it will take quite a
bit of effort on the part of workers in this process.
(26:14):
It's not like a worker can just step forward and
say I don't like working here and I'm going to
sue the company. The law will demand that workers who
assert that the company they work for has unsafe quotas,
they will be required to provide ninety days so three
months worth of documentation on productivity quotas that they have
to meet in order to be considered you know, successful
(26:34):
or failing at their job. In addition, California regulators will
also be authorized to investigate work sites that have an
injury rate that is one and a half times or
greater than the industry average. If you remember from a
previous Tech News episode, I talked about how Amazon delivery
centers have an unusually high injury rate compared to other
(26:57):
Amazon facilities and others within the delivery and warehouse industries.
That might be a case where a state regulator would
have the authorization to go in and conduct a full
investigation to get to the bottom of why is that
happening and to hold the company accountable for it down
UNDA in Australia, and I apologize for that. I know
(27:20):
I can never do an Australian accent. Australian and Scottish
are two that I will never ever ever be able
to do anyway down in Australia, citizens can rest assured
that nature, which as I understand it is eighty percent
more deadly in Australia, is prepared to fight the robot uprising.
Now I say that because the drone company Wing, which
(27:42):
is part of Google's parent company Alphabet, so this is
like Google and Weymo, part of the Alphabet family, Wing
has put its delivery service, which uses drones to deliver packages,
on pause following a few cases of bird attacks on
their drones. Google has been conduct tests of home delivery
via drone in Canberra, Australia, which has been particularly useful
(28:06):
during the pandemic where a lot of Australia is on
lockdown and there are very stiff restrictions on when, if
at all, people are allowed to leave their homes. But
ravens have taken to attacking the drones, presumably out of
concern that the drones are a predator. It is nesting
season and so there's a fear from these ravens apparently
(28:27):
that the drones are predators. Not predator drones, those are different.
That's kind of a pun. So the ravens are just
sort of protecting their nests. In other words, at least
one of the attacks has downed a drone. So I'm
very glad to hear this news because I would worry
that the drones could potentially cause harm to the birds.
And obviously I also worry that the birds could cause
(28:49):
some packages to go undelivered, and if those packages are
like critical, like maybe it's medication or something, that could
be a really bad thing. And also, I bet it's
weird to fill out a port saying you never got
your package because birds were roughing up the delivery person. Anyway,
Wing is studying ways to work around this issue, including
learning more about bird behavior and any measures that the
(29:11):
company could take to make certain their drones cause no
environmental harm. And finally, on Monday, TikTok said it had
passed the one billion monthly user mark that would be
active users. The installed base is actually quite a bit
larger than that. Of course, some people have TikTok installed
on more than one of their own devices, so it's
(29:32):
not apples to apples thing. TikTok launched in August twenty eighteen,
so it took a little more than three years to
reach one billion monthly users. Let's Compare that to Facebook,
the king of social network platforms, reached one billion users
eight years after the company launched. TikTok did it in
less than half that time. TikTok is really a true
(29:54):
beast of a player in the social networking space. Its
parent company byte Dance reported it's revenue doubled in size
from twenty nineteen to twenty twenty thanks largely to TikTok.
Now I'm behind the times on TikTok. I am thankful
that the app reminded me of that great Mika song
Grace Kelly. You know, it's the one where everyone's going
(30:14):
to I could be Brown, I could be blue, I
could be Violet Sky. Great song, great album. Actually went
out and bought that album on vinyl after being reminded
of that song that I hadn't thought about in years.
So thank you TikTok. I appreciate it. As for myself,
I have only ever done one TikTok video. It is terrible.
That's all I have to say about that. But you know,
(30:36):
I'm also old, so there are other old people who
are way better at TikTok than I am. I just
don't think I'm ever gonna get there. Maybe I'll give
it another try at some point. Anyway, that's it. That's
the tech news that I have for you on Tuesday,
September twenty eight, twenty twenty one. I hope you are
all well. If you have anything you would like to
(30:57):
share with me, maybe a topic you would like me
to cover on tech Stuff, then reach out to me
on Twitter. The handle for the show is tech stuff
HSW and I'll talk to you again and really soon.
Tech Stuff is an iHeartRadio production. For more podcasts from iHeartRadio,
(31:18):
visit the iHeartRadio app, Apple Podcasts, or wherever you listen
to your favorite shows