WEBVTT

00:00:03.561 --> 00:00:07.102
Flock is targeting innocent people and

00:00:08.582 --> 00:00:16.504
WhatsApp is trying to sue NSO group.

00:00:16.724 --> 00:00:18.884
Apple is announcing new features that

00:00:18.923 --> 00:00:20.324
allow you to automatically change your

00:00:20.364 --> 00:00:22.524
compromised passwords and more.

00:00:22.945 --> 00:00:24.765
All this coming up this week on This

00:00:24.785 --> 00:00:27.245
Week in Privacy, so stay tuned.

00:00:49.917 --> 00:00:51.479
Welcome back to This Week in Privacy,

00:00:51.520 --> 00:00:51.920
everyone.

00:00:52.079 --> 00:00:54.262
This is our weekly series where we talk

00:00:54.301 --> 00:00:55.984
about what's happening in the Privacy

00:00:56.003 --> 00:00:58.646
Guides community and this week's top

00:00:58.686 --> 00:01:00.387
stories that we've seen in the data

00:01:00.427 --> 00:01:02.689
privacy and cybersecurity space.

00:01:03.090 --> 00:01:05.572
I'm Jonah and with me today is Jordan.

00:01:05.593 --> 00:01:06.352
How are you doing, Jordan?

00:01:07.353 --> 00:01:08.015
I'm doing good.

00:01:08.355 --> 00:01:09.996
Really excited to jump into some of these

00:01:10.016 --> 00:01:10.697
stories this week.

00:01:10.757 --> 00:01:12.438
We've definitely got a great lineup of

00:01:12.498 --> 00:01:13.540
stories to cover.

00:01:14.132 --> 00:01:14.793
I totally agree.

00:01:15.293 --> 00:01:16.914
Let's get right into the first one here.

00:01:17.534 --> 00:01:20.396
This was reported by Times of San Diego.

00:01:21.156 --> 00:01:23.718
They say a flock license plate reader

00:01:23.817 --> 00:01:25.718
linked a San Diego man to a violent

00:01:25.739 --> 00:01:26.138
crime.

00:01:26.459 --> 00:01:28.040
He was five miles away.

00:01:30.426 --> 00:01:32.968
Basically, the story starts out, well,

00:01:32.987 --> 00:01:33.727
I'll read the beginning.

00:01:33.968 --> 00:01:35.090
It kind of explains it.

00:01:35.590 --> 00:01:37.852
When Hugo Parra was arrested last year on

00:01:37.891 --> 00:01:38.632
felony charges,

00:01:38.671 --> 00:01:40.894
his pleas of innocence fell on deaf ears.

00:01:41.375 --> 00:01:43.275
San Diego police had a description of the

00:01:43.355 --> 00:01:45.418
Alfa Romeo car he was riding in and

00:01:45.438 --> 00:01:47.058
a witness who identified him during a

00:01:47.099 --> 00:01:48.900
curbside lineup as the man who brandished

00:01:48.921 --> 00:01:50.542
a handgun in Golden Hill.

00:01:50.981 --> 00:01:52.862
They had also checked the city's automatic

00:01:52.942 --> 00:01:54.843
license plate camera system run by the

00:01:54.862 --> 00:01:57.183
private company Flock and got a hit,

00:01:57.483 --> 00:01:58.704
substantiating the claim.

00:01:59.185 --> 00:02:01.525
The problem, says attorney Alex Kuhlman,

00:02:01.564 --> 00:02:03.445
was that Para was five miles away from

00:02:03.506 --> 00:02:05.027
Golden Hill at the time of the crime,

00:02:05.087 --> 00:02:06.227
and the so-called hit

00:02:06.686 --> 00:02:08.849
from license plate reader was captured

00:02:08.889 --> 00:02:11.211
before any police pursuit began.

00:02:12.032 --> 00:02:14.014
The flock hit was obviously the wrong car

00:02:14.116 --> 00:02:15.497
as it could not have been in both

00:02:15.717 --> 00:02:17.740
places simultaneously, said Kuhlman,

00:02:17.759 --> 00:02:19.320
who represents Para and the driver,

00:02:19.360 --> 00:02:21.264
twenty three year old Ariel Beltran.

00:02:22.264 --> 00:02:24.187
So basically the story

00:02:26.652 --> 00:02:27.853
coming from San Diego,

00:02:28.112 --> 00:02:31.313
is talking about this man who was accused

00:02:31.373 --> 00:02:34.314
of a crime while the Flock license plate

00:02:34.335 --> 00:02:37.175
reader system proved that he was nowhere

00:02:37.235 --> 00:02:39.975
near the scene of the crime at the

00:02:40.015 --> 00:02:40.316
time.

00:02:40.795 --> 00:02:42.876
The article says that Paris spent nearly

00:02:43.056 --> 00:02:45.717
one month behind bars missing Thanksgiving

00:02:45.836 --> 00:02:49.078
and other family events before the assault

00:02:49.098 --> 00:02:51.057
charges were dropped.

00:02:53.139 --> 00:02:54.538
We've talked a lot about

00:02:55.459 --> 00:02:57.800
lock and license plate readers on the

00:02:57.840 --> 00:02:58.159
show.

00:02:58.199 --> 00:03:00.820
So I think people who watch this regularly

00:03:00.860 --> 00:03:03.342
kind of know about all of the issues

00:03:03.361 --> 00:03:03.801
with flock.

00:03:03.822 --> 00:03:05.602
But I think we wanted to include this

00:03:05.641 --> 00:03:08.902
story because it kind of demonstrates how

00:03:09.022 --> 00:03:10.503
none of these tools are ever going to

00:03:10.524 --> 00:03:12.905
be used in your favor,

00:03:13.685 --> 00:03:16.026
even when they clearly prove that

00:03:16.765 --> 00:03:19.828
uh you've been nowhere near the scene of

00:03:19.848 --> 00:03:22.210
the crime or anything going on that you

00:03:22.250 --> 00:03:24.231
might have been accused of any of those

00:03:24.271 --> 00:03:26.554
results are going to be disregarded by

00:03:26.693 --> 00:03:29.596
police but if any shred of evidence can

00:03:29.635 --> 00:03:31.638
be gleaned from them that might place you

00:03:31.657 --> 00:03:32.739
at the scene of the crime they will

00:03:32.758 --> 00:03:33.639
be used to

00:03:34.460 --> 00:03:39.181
basically accuse you and ruin your life,

00:03:39.322 --> 00:03:42.143
or at least that part of it.

00:03:42.562 --> 00:03:44.524
So yeah,

00:03:44.544 --> 00:03:45.903
that was the only thing I really wanted

00:03:45.963 --> 00:03:47.405
to highlight.

00:03:49.686 --> 00:03:51.846
It's just the demonstration, I think,

00:03:51.866 --> 00:03:53.546
that all of this mass surveillance is not

00:03:53.627 --> 00:03:56.867
worth the cost because it's so unreliable

00:03:56.927 --> 00:03:57.628
in so many ways,

00:03:57.649 --> 00:04:00.509
whether it depends on AI or whether it's

00:04:00.629 --> 00:04:00.969
just

00:04:01.829 --> 00:04:05.151
a system that isn't reliable like this one

00:04:05.191 --> 00:04:06.012
and can't be trusted,

00:04:07.032 --> 00:04:08.993
we are placing a lot of faith in

00:04:09.054 --> 00:04:11.295
these automatic systems like license plate

00:04:11.316 --> 00:04:13.097
readers and other forms of mass

00:04:13.137 --> 00:04:17.019
surveillance in our society that don't

00:04:17.139 --> 00:04:19.060
have a very clear benefit and get things

00:04:19.120 --> 00:04:20.641
wrong a lot of the time.

00:04:23.552 --> 00:04:23.733
Yeah,

00:04:23.913 --> 00:04:25.776
that's basically what I wanted to cover.

00:04:25.875 --> 00:04:28.920
I think we've kind of done flock stuff

00:04:29.500 --> 00:04:31.101
to death maybe at this point,

00:04:31.242 --> 00:04:33.204
but just an update for you.

00:04:33.285 --> 00:04:33.564
Jordan,

00:04:33.584 --> 00:04:35.367
was there anything in this article that

00:04:35.427 --> 00:04:36.689
you saw that you wanted to highlight?

00:04:37.889 --> 00:04:41.391
I feel like the most surprising thing in

00:04:41.411 --> 00:04:42.853
this article for me was like,

00:04:43.653 --> 00:04:44.853
if you read like further down in the

00:04:44.894 --> 00:04:45.295
article,

00:04:45.454 --> 00:04:46.915
there's like stuff about how like the

00:04:46.975 --> 00:04:48.757
officers literally didn't even check any

00:04:48.797 --> 00:04:49.416
of this first.

00:04:49.497 --> 00:04:50.377
They were just like, oh,

00:04:50.718 --> 00:04:51.538
it's a hit on flock.

00:04:51.577 --> 00:04:53.579
And then they went and arrested this guy.

00:04:54.139 --> 00:04:55.841
And apparently they literally took him to

00:04:55.880 --> 00:04:57.461
like jail and everything.

00:04:57.482 --> 00:04:59.322
Like they literally jailed him based only

00:04:59.362 --> 00:05:00.182
on this information.

00:05:00.202 --> 00:05:00.564
Like it's...

00:05:01.264 --> 00:05:03.805
it is kind of ridiculous that maybe I

00:05:03.824 --> 00:05:05.725
feel like maybe police are relying a bit

00:05:05.745 --> 00:05:07.307
too much on this technology when,

00:05:07.487 --> 00:05:08.307
you know, like you said,

00:05:08.348 --> 00:05:10.488
it's not really that reliable in terms of

00:05:10.548 --> 00:05:13.589
like actually detecting things and

00:05:14.391 --> 00:05:15.490
correlating information.

00:05:15.990 --> 00:05:17.372
But yeah.

00:05:17.932 --> 00:05:18.031
Yeah.

00:05:18.052 --> 00:05:18.812
It's a great question.

00:05:18.833 --> 00:05:21.413
Like what they consider to be a hit,

00:05:21.473 --> 00:05:23.834
because if they're just basing it on like,

00:05:23.915 --> 00:05:25.975
is this car in the flock system?

00:05:26.836 --> 00:05:28.617
That's not exactly proof of anything,

00:05:28.677 --> 00:05:28.937
is it?

00:05:30.492 --> 00:05:31.274
Not really.

00:05:31.375 --> 00:05:31.656
Yeah.

00:05:31.737 --> 00:05:33.401
And especially because like, I don't know,

00:05:33.420 --> 00:05:33.620
the,

00:05:35.187 --> 00:05:36.569
if that's all they're going on to like

00:05:37.028 --> 00:05:38.550
actually arrest someone and put someone in

00:05:38.610 --> 00:05:40.932
jail, like just to,

00:05:40.951 --> 00:05:42.372
that's the only thing that they need.

00:05:42.432 --> 00:05:45.636
I feel like that's maybe a bit ridiculous

00:05:45.675 --> 00:05:47.776
that they're like relying so heavily on

00:05:47.836 --> 00:05:47.937
it.

00:05:48.418 --> 00:05:49.819
They even said like in the article,

00:05:49.858 --> 00:05:50.639
it even says like, Oh,

00:05:50.660 --> 00:05:52.440
we checked this guy's car.

00:05:52.480 --> 00:05:54.521
We like looked through all of his stuff.

00:05:54.541 --> 00:05:55.483
He had no weapons.

00:05:55.523 --> 00:05:56.483
Like there was,

00:05:56.803 --> 00:06:00.127
there was not really a whole lot of

00:06:00.226 --> 00:06:01.687
evidence that this person was

00:06:03.564 --> 00:06:05.485
like even immediately obvious evidence

00:06:05.504 --> 00:06:07.204
that this person was connected to this

00:06:07.245 --> 00:06:07.644
crime.

00:06:07.704 --> 00:06:10.826
So that's why it's kind of surprisingly

00:06:11.125 --> 00:06:11.745
ridiculous.

00:06:12.005 --> 00:06:14.367
And I think the San Diego Police

00:06:14.406 --> 00:06:16.968
Department is going to get sued pretty bad

00:06:17.007 --> 00:06:19.809
for this because I don't think they really

00:06:19.829 --> 00:06:23.670
had any evidence to arrest these two

00:06:23.689 --> 00:06:24.009
people.

00:06:26.029 --> 00:06:28.230
And apparently they're seeking at one

00:06:28.250 --> 00:06:29.971
point five million in damages.

00:06:29.990 --> 00:06:30.610
So I don't know.

00:06:33.483 --> 00:06:34.225
I mean, yeah,

00:06:34.245 --> 00:06:37.569
this has life-altering implications for

00:06:37.608 --> 00:06:39.451
sure when you're convicted of a crime and

00:06:39.471 --> 00:06:41.312
you're jailed for that long.

00:06:41.353 --> 00:06:42.915
I think that's one of the most ridiculous

00:06:43.396 --> 00:06:44.896
things to me.

00:06:45.757 --> 00:06:48.161
I think being wrongfully accused of a

00:06:48.221 --> 00:06:48.661
crime...

00:06:49.101 --> 00:06:51.423
in general is a terrible thing to happen

00:06:51.483 --> 00:06:52.483
to anyone.

00:06:52.583 --> 00:06:54.184
But in the heat of the moment,

00:06:54.543 --> 00:06:56.223
some of these things can happen with

00:06:56.283 --> 00:06:56.603
police.

00:06:56.644 --> 00:06:59.504
But to spend an entire month in jail

00:07:01.146 --> 00:07:03.386
because of a crime you didn't commit is

00:07:03.425 --> 00:07:04.065
ridiculous.

00:07:04.706 --> 00:07:06.526
Spending more than one night while they

00:07:06.567 --> 00:07:08.687
sort anything out is ridiculous because

00:07:09.548 --> 00:07:12.911
You really should be innocent until proven

00:07:12.951 --> 00:07:13.291
guilty,

00:07:13.331 --> 00:07:15.975
and that is just not what we see

00:07:16.136 --> 00:07:17.156
in a lot of cases,

00:07:17.177 --> 00:07:18.298
and especially in this one.

00:07:18.637 --> 00:07:20.901
That is quite a significant punishment,

00:07:20.940 --> 00:07:21.180
I think,

00:07:21.221 --> 00:07:23.783
spending an entire month or more in

00:07:24.524 --> 00:07:28.947
jail um that the police just kind of

00:07:29.007 --> 00:07:30.807
did arbitrarily this wasn't you know the

00:07:30.848 --> 00:07:32.269
result of any sort of conviction or

00:07:32.309 --> 00:07:33.930
anything it's it's too long of a waiting

00:07:33.970 --> 00:07:37.752
period for sure especially again at the

00:07:37.791 --> 00:07:40.834
hands of these very unreliable tech

00:07:40.853 --> 00:07:44.735
systems that that we just cannot push all

00:07:44.776 --> 00:07:46.576
of our judgment and accountability on

00:07:46.617 --> 00:07:48.898
because again they get things wrong so

00:07:48.918 --> 00:07:49.817
much of the time so

00:07:51.064 --> 00:07:51.624
Yeah,

00:07:51.824 --> 00:07:55.627
I hope his lawsuit goes through and he

00:07:55.666 --> 00:08:00.288
makes some money because usually hitting

00:08:00.309 --> 00:08:02.410
them where the money is might make them

00:08:02.449 --> 00:08:03.370
change their minds.

00:08:03.471 --> 00:08:05.271
But at the same time,

00:08:06.896 --> 00:08:08.377
Even that's a bit challenging with the

00:08:08.398 --> 00:08:10.740
police because they're taxpayer funded.

00:08:10.779 --> 00:08:12.961
So what do they care, right?

00:08:13.541 --> 00:08:15.742
But hopefully there's some accountability

00:08:15.882 --> 00:08:17.324
and some changes that are made here.

00:08:18.545 --> 00:08:20.305
And hopefully other places learn a lesson

00:08:20.326 --> 00:08:20.927
from this as well,

00:08:20.966 --> 00:08:22.168
because I think that we're going to be

00:08:23.108 --> 00:08:25.509
seeing more stories like this throughout

00:08:25.689 --> 00:08:30.012
the country and around the world as these

00:08:30.434 --> 00:08:32.735
license plate readers and other systems of

00:08:32.775 --> 00:08:33.975
mass surveillance like this get

00:08:34.056 --> 00:08:35.998
implemented more widely.

00:08:36.477 --> 00:08:38.019
So yeah,

00:08:38.139 --> 00:08:39.780
it's just super unfortunate stuff.

00:08:40.000 --> 00:08:41.682
And it's exactly the kind of thing that

00:08:42.283 --> 00:08:43.803
people who have been against flock or

00:08:43.844 --> 00:08:45.065
people who have been against mass

00:08:45.105 --> 00:08:47.245
surveillance in general for an even longer

00:08:47.285 --> 00:08:48.206
period of time have been

00:08:48.874 --> 00:08:50.914
warning against from the very beginning.

00:08:50.955 --> 00:08:52.595
It's a very predictable outcome, I think,

00:08:52.634 --> 00:08:53.434
of these systems.

00:08:56.056 --> 00:08:57.196
And, yeah,

00:08:57.275 --> 00:08:58.956
now we're seeing the results of that,

00:08:59.017 --> 00:09:01.836
which is crazy.

00:09:02.136 --> 00:09:03.317
Maybe for people that, like,

00:09:03.538 --> 00:09:05.258
aren't super familiar with what, like,

00:09:05.317 --> 00:09:07.639
who and what Flock actually is, like,

00:09:08.359 --> 00:09:09.658
how exactly is this, like,

00:09:09.719 --> 00:09:11.299
is it like a camera system that has,

00:09:11.340 --> 00:09:13.299
like, some AI detection, like,

00:09:13.379 --> 00:09:14.341
algorithm or something,

00:09:14.480 --> 00:09:15.880
or how exactly does that work?

00:09:16.421 --> 00:09:17.648
Yeah, so they sell these to...

00:09:19.969 --> 00:09:22.129
like cities and police departments as a

00:09:22.570 --> 00:09:24.730
camera system that you can put up pretty

00:09:24.750 --> 00:09:27.113
much all around your city to track cars

00:09:29.014 --> 00:09:30.254
basically wherever they go based on their

00:09:30.293 --> 00:09:30.894
license plates.

00:09:30.914 --> 00:09:33.836
So it kind of maps out people's specific

00:09:33.855 --> 00:09:36.417
locations where they traveled, et cetera,

00:09:36.677 --> 00:09:40.960
and gives that information to law

00:09:40.980 --> 00:09:45.322
enforcement or other people to basically

00:09:45.361 --> 00:09:47.163
trace people anywhere in the city based on

00:09:47.202 --> 00:09:48.602
where their car is going.

00:09:51.197 --> 00:09:53.558
The way that flock systems work in general

00:09:53.759 --> 00:09:56.279
is somewhat different depending on the

00:09:56.299 --> 00:09:57.179
jurisdiction.

00:09:59.181 --> 00:10:01.240
Law enforcement agencies or towns would

00:10:01.360 --> 00:10:03.422
have the option to, for example,

00:10:03.481 --> 00:10:06.523
share all of this data with a national

00:10:06.842 --> 00:10:08.403
database, so like with the FBI,

00:10:08.423 --> 00:10:09.144
for example,

00:10:09.203 --> 00:10:11.104
so that they can all be linked together

00:10:11.144 --> 00:10:13.245
and potentially trace people even outside

00:10:13.264 --> 00:10:14.745
of that one specific flock system.

00:10:15.265 --> 00:10:16.706
You can opt out of that, but

00:10:17.798 --> 00:10:19.221
All of these flock systems still kind of

00:10:19.562 --> 00:10:23.267
interconnect to the flock company's

00:10:23.447 --> 00:10:24.067
servers,

00:10:24.467 --> 00:10:28.413
and that potentially gives a lot of access

00:10:28.494 --> 00:10:30.176
to third parties to all of this

00:10:30.216 --> 00:10:30.716
information.

00:10:32.594 --> 00:10:34.215
Yeah, it's just a very popular thing.

00:10:34.315 --> 00:10:36.475
It's not the only solution.

00:10:36.495 --> 00:10:38.437
There are other automatic license plate

00:10:38.477 --> 00:10:41.879
readers systems that are being

00:10:41.960 --> 00:10:42.539
implemented.

00:10:42.799 --> 00:10:44.860
But Flock is kind of a big one,

00:10:44.900 --> 00:10:47.123
and it's the one that has been in

00:10:47.163 --> 00:10:49.583
the news the most recently.

00:10:50.164 --> 00:10:53.225
We've seen a lot of stories about either

00:10:53.265 --> 00:10:55.128
these systems being implemented in

00:10:55.168 --> 00:10:58.429
different cities or pushback from citizens

00:10:58.570 --> 00:10:59.289
of those cities

00:11:00.910 --> 00:11:03.514
getting those flock systems removed.

00:11:03.575 --> 00:11:06.159
We've seen a lot of examples where a

00:11:06.200 --> 00:11:08.143
lot of money has been spent on

00:11:08.744 --> 00:11:10.886
implementing these flock systems only for

00:11:11.148 --> 00:11:12.690
the public outrage to be so great that

00:11:12.730 --> 00:11:14.072
they have to go and undo all of

00:11:14.092 --> 00:11:14.613
those changes,

00:11:14.653 --> 00:11:14.854
which

00:11:15.491 --> 00:11:18.553
is of course not great for the taxpayers,

00:11:18.634 --> 00:11:21.235
but is important to keep in mind,

00:11:21.294 --> 00:11:21.534
I think,

00:11:21.575 --> 00:11:24.556
for any city council who is considering

00:11:24.635 --> 00:11:25.756
implementing such a system.

00:11:26.197 --> 00:11:29.359
The pushback against this sort of thing

00:11:29.438 --> 00:11:31.360
from the general population when people

00:11:31.460 --> 00:11:34.541
are aware of what's going on here is

00:11:34.861 --> 00:11:36.542
pretty significant and universal,

00:11:36.682 --> 00:11:39.163
that it's just not a great idea for

00:11:39.923 --> 00:11:41.725
this system to be implemented and

00:11:43.265 --> 00:11:47.272
we kind of need to avoid implementing such

00:11:47.351 --> 00:11:48.594
things in the future.

00:11:48.634 --> 00:11:50.236
And I think city councils need to take

00:11:50.256 --> 00:11:50.798
a lesson there.

00:11:51.599 --> 00:11:52.019
It's funny,

00:11:52.058 --> 00:11:53.721
I think a couple episodes ago we talked

00:11:53.741 --> 00:11:57.086
about a flock situation like that where

00:11:58.234 --> 00:12:00.315
One of the city council members had a

00:12:00.335 --> 00:12:04.758
very emotional reaction to their system

00:12:04.778 --> 00:12:06.078
being removed from the town.

00:12:06.119 --> 00:12:06.840
And they were like, well,

00:12:06.879 --> 00:12:08.600
we might as well just let crime be

00:12:08.660 --> 00:12:09.721
rampant in the area.

00:12:09.981 --> 00:12:12.363
And that he took it so personally,

00:12:12.464 --> 00:12:14.325
probably, I mean, to me,

00:12:14.985 --> 00:12:17.527
only kind of speculating is an indicator

00:12:17.567 --> 00:12:19.748
that he was probably getting some sort of

00:12:19.788 --> 00:12:22.289
kickbacks from Flock or something to get

00:12:22.330 --> 00:12:23.250
this stuff implemented.

00:12:23.291 --> 00:12:24.552
So I wouldn't be surprised if there's a

00:12:24.591 --> 00:12:26.413
lot of lobbying going on from Flock and

00:12:26.432 --> 00:12:27.653
these other ALPR.

00:12:28.274 --> 00:12:31.794
companies to get these systems implemented

00:12:32.394 --> 00:12:33.394
in a lot of different cities,

00:12:33.455 --> 00:12:34.115
unfortunately.

00:12:34.196 --> 00:12:36.176
But we have seen time and time again

00:12:36.235 --> 00:12:38.576
that local city councils are very

00:12:38.756 --> 00:12:40.636
responsive to people who actually show up

00:12:40.677 --> 00:12:41.037
and care.

00:12:41.076 --> 00:12:43.077
So if this is something that there's even

00:12:43.817 --> 00:12:45.438
a whisper about in your communities,

00:12:45.479 --> 00:12:48.099
I think it's super important to make your

00:12:48.119 --> 00:12:51.860
voice heard and voice your distrust of

00:12:51.940 --> 00:12:53.900
luck and your dissatisfaction with any

00:12:53.980 --> 00:12:54.360
sort of

00:12:55.061 --> 00:12:56.761
ALPR system because it's a massive

00:12:57.302 --> 00:13:00.602
invasion of your privacy being basically

00:13:00.682 --> 00:13:01.783
tracked wherever you drive,

00:13:02.203 --> 00:13:03.365
wherever you go in a city,

00:13:04.465 --> 00:13:07.046
potentially revealing a lot of personal

00:13:07.066 --> 00:13:08.067
information about yourself.

00:13:08.126 --> 00:13:12.948
So yeah, the flock system is not great,

00:13:13.068 --> 00:13:13.788
not great at all.

00:13:15.269 --> 00:13:16.830
I guess one thing that kind of crossed

00:13:16.889 --> 00:13:18.191
my mind talking about this,

00:13:18.270 --> 00:13:20.371
like more at like the government level is

00:13:21.152 --> 00:13:23.013
how does this even interact with like,

00:13:23.072 --> 00:13:23.332
you know,

00:13:24.225 --> 00:13:25.907
the fourth amendment and like all these

00:13:25.947 --> 00:13:28.549
laws to like you know have actual privacy

00:13:28.570 --> 00:13:30.630
does does privacy just not exist in public

00:13:30.671 --> 00:13:33.293
if if they're just allowed to record every

00:13:33.333 --> 00:13:35.054
place that they see your car like how

00:13:35.075 --> 00:13:37.397
does that work exactly yeah i mean i

00:13:37.437 --> 00:13:39.958
think this stuff specifically points to a

00:13:39.999 --> 00:13:42.841
larger problem that we have with the laws

00:13:43.022 --> 00:13:45.283
in at least in the us currently some

00:13:45.322 --> 00:13:47.905
countries have solved this but it's not

00:13:47.946 --> 00:13:49.346
super widespread but i think

00:13:51.208 --> 00:13:53.591
basically when you're in sort of a public

00:13:53.650 --> 00:13:56.714
space which would probably include any

00:13:57.173 --> 00:13:59.216
roads because that's government property

00:13:59.475 --> 00:14:02.178
they will say you have no expectation of

00:14:02.239 --> 00:14:04.701
privacy and they can basically track you

00:14:04.721 --> 00:14:07.964
or take your picture or do whatever sort

00:14:07.984 --> 00:14:09.924
of privacy invasive things they they want

00:14:09.946 --> 00:14:11.407
to do um

00:14:13.446 --> 00:14:15.006
And that's all perfectly legal because,

00:14:15.047 --> 00:14:17.349
again, you have no expectation of privacy,

00:14:17.469 --> 00:14:20.270
according to them, which is, I think,

00:14:20.291 --> 00:14:24.254
just a super unfortunate situation that we

00:14:24.293 --> 00:14:27.275
have with the current privacy laws.

00:14:29.918 --> 00:14:31.798
It's sort of related to this other problem

00:14:31.839 --> 00:14:33.279
that we have with the Fourth Amendment

00:14:33.480 --> 00:14:35.522
with the government.

00:14:37.514 --> 00:14:39.936
relying on third party companies like data

00:14:39.956 --> 00:14:40.636
brokers,

00:14:41.017 --> 00:14:43.698
but to gain this information without

00:14:43.739 --> 00:14:45.120
having to go through official channels

00:14:45.139 --> 00:14:45.960
like getting a warrant.

00:14:46.559 --> 00:14:47.480
But in this case,

00:14:47.740 --> 00:14:49.981
since the systems are kind of operated by

00:14:50.283 --> 00:14:51.743
these governments and law enforcement

00:14:51.802 --> 00:14:52.803
agencies themselves,

00:14:54.684 --> 00:14:56.946
that sort of like third party loophole

00:14:57.047 --> 00:14:59.067
isn't being used as far as I know.

00:14:59.128 --> 00:15:01.528
But I do think that accessing these

00:15:01.568 --> 00:15:02.269
databases

00:15:03.333 --> 00:15:05.815
should absolutely require a warrant.

00:15:06.215 --> 00:15:06.735
I mean,

00:15:08.035 --> 00:15:09.115
I think that even collecting this

00:15:09.155 --> 00:15:10.256
information in the first place should

00:15:10.317 --> 00:15:11.057
require a warrant,

00:15:11.096 --> 00:15:13.677
but that's kind of tricky with the privacy

00:15:13.717 --> 00:15:15.578
laws that I stated.

00:15:15.859 --> 00:15:17.418
There just aren't a lot of safeguards in

00:15:17.458 --> 00:15:19.740
place right now to protect people from

00:15:19.820 --> 00:15:24.341
being surveilled in a mass way like this.

00:15:25.461 --> 00:15:28.062
And I think that that's a big problem

00:15:28.102 --> 00:15:30.063
with all of these systems and mass

00:15:30.083 --> 00:15:31.544
surveillance systems in general.

00:15:33.654 --> 00:15:34.716
are kind of giving up a lot of

00:15:34.735 --> 00:15:36.576
privacy for dubious gains.

00:15:36.716 --> 00:15:42.100
And it's really just getting rid of like

00:15:42.140 --> 00:15:43.881
any sort of responsibility on law

00:15:43.922 --> 00:15:47.364
enforcement's end to perform their own

00:15:47.403 --> 00:15:48.144
investigations,

00:15:48.164 --> 00:15:49.625
they can kind of offload this to these

00:15:49.666 --> 00:15:51.986
computer systems who can trace anyone and

00:15:52.027 --> 00:15:55.690
kind of get give results based on whatever

00:15:55.789 --> 00:15:56.809
algorithms are in place,

00:15:56.870 --> 00:16:00.832
which is not a very targeted approach at

00:16:00.873 --> 00:16:02.394
all, which I think is really bad.

00:16:04.730 --> 00:16:04.970
Yeah,

00:16:05.129 --> 00:16:07.152
and I think also talking about this like

00:16:07.532 --> 00:16:08.994
massive database that's, you know,

00:16:09.053 --> 00:16:10.414
available nationally as well,

00:16:10.495 --> 00:16:12.015
like we can kind of move into this

00:16:12.056 --> 00:16:12.336
little,

00:16:12.355 --> 00:16:13.437
I don't kind of wanted to use this

00:16:13.476 --> 00:16:15.058
as backup to show that this is like

00:16:15.078 --> 00:16:17.441
a really bad idea, but cops are,

00:16:17.740 --> 00:16:20.043
they keep getting arrested for using this

00:16:20.082 --> 00:16:22.745
technology without people's consent for

00:16:22.804 --> 00:16:23.725
people that aren't,

00:16:24.986 --> 00:16:26.648
for people that aren't actually criminals,

00:16:26.708 --> 00:16:26.948
right?

00:16:27.568 --> 00:16:29.451
So this story here from four or four

00:16:29.490 --> 00:16:31.452
media cops keep getting arrested for using

00:16:31.513 --> 00:16:32.673
flock to stalk people.

00:16:33.354 --> 00:16:34.634
Who would have thought that that

00:16:34.855 --> 00:16:36.375
information could be used for that as

00:16:36.437 --> 00:16:36.716
well?

00:16:38.097 --> 00:16:38.298
Yeah.

00:16:38.337 --> 00:16:41.100
So basically there was a couple of police

00:16:41.139 --> 00:16:44.383
officers who were using this flock tool to

00:16:44.403 --> 00:16:46.544
basically track their ex-girlfriend's

00:16:46.625 --> 00:16:48.605
license plate through the flock automated

00:16:48.666 --> 00:16:51.427
license plate reader system database.

00:16:52.568 --> 00:16:55.291
And apparently this officer used it sixty

00:16:55.331 --> 00:16:55.971
nine times.

00:16:56.072 --> 00:16:57.092
So, you know, I think.

00:16:58.556 --> 00:17:01.557
This is data that is ripe for abuse

00:17:01.596 --> 00:17:01.976
as well,

00:17:02.057 --> 00:17:04.877
because all it takes is this data to

00:17:04.897 --> 00:17:06.397
get leaked or like, you know,

00:17:06.438 --> 00:17:08.138
for that to be like an API issue

00:17:08.199 --> 00:17:11.058
where someone's able to access this and

00:17:11.078 --> 00:17:12.500
they can basically find out where anyone

00:17:12.539 --> 00:17:13.099
lives, right?

00:17:13.140 --> 00:17:16.020
Because their cars are going to be driving

00:17:16.040 --> 00:17:16.381
around.

00:17:16.401 --> 00:17:18.181
I don't know.

00:17:18.201 --> 00:17:21.082
I just think it's too much data and

00:17:21.122 --> 00:17:23.323
it's centralized too much into like these

00:17:23.363 --> 00:17:24.363
massive databases.

00:17:24.522 --> 00:17:26.323
And yeah,

00:17:26.442 --> 00:17:28.324
it's almost too much power to give people

00:17:28.779 --> 00:17:30.101
And I feel like it's almost,

00:17:31.842 --> 00:17:33.323
it's obviously not the same level as

00:17:33.343 --> 00:17:34.943
facial recognition, right?

00:17:35.023 --> 00:17:38.046
But it's like still like a similar thing,

00:17:38.105 --> 00:17:38.326
right?

00:17:38.365 --> 00:17:41.307
It's like just tracking you based on your

00:17:41.367 --> 00:17:43.628
number plate instead of your face.

00:17:43.929 --> 00:17:44.388
So, I mean,

00:17:44.589 --> 00:17:46.151
it's definitely less invasive than that,

00:17:46.191 --> 00:17:46.770
but it's like,

00:17:47.391 --> 00:17:49.092
I feel like it could kind of segue

00:17:49.132 --> 00:17:50.732
into that eventually if they're like,

00:17:51.913 --> 00:17:53.454
you know, lobby hard enough or anything.

00:17:55.461 --> 00:17:55.681
Yeah,

00:17:55.882 --> 00:17:57.423
I think that that article is a good

00:17:57.483 --> 00:18:00.567
example of the dangers of there being no

00:18:01.087 --> 00:18:02.990
checks or accountability on these systems.

00:18:05.012 --> 00:18:05.212
I mean,

00:18:05.252 --> 00:18:07.836
you take a look at this sort of

00:18:07.895 --> 00:18:11.540
reporting and you read about what this cop

00:18:11.780 --> 00:18:13.323
was doing and his...

00:18:14.183 --> 00:18:16.644
behavior was so egregious uh this the four

00:18:16.664 --> 00:18:18.384
or four media article says it was so

00:18:18.444 --> 00:18:21.665
commonplace that uh his colleagues noticed

00:18:21.705 --> 00:18:23.267
him researching his ex-girlfriend's

00:18:23.287 --> 00:18:25.606
whereabouts while the officers were

00:18:25.626 --> 00:18:27.288
sitting in their police cruisers so he was

00:18:27.347 --> 00:18:28.827
being pretty open about it and i think

00:18:28.847 --> 00:18:30.828
that a lot of those cases which lead

00:18:30.868 --> 00:18:34.650
to arrests um are going to be completely

00:18:34.690 --> 00:18:37.611
ridiculous like that but a lot of cases

00:18:39.079 --> 00:18:41.461
I think almost certainly there are a lot

00:18:41.540 --> 00:18:43.281
more cases where this behavior is

00:18:43.321 --> 00:18:43.701
happening,

00:18:43.781 --> 00:18:46.623
but because they're not doing it in such

00:18:46.643 --> 00:18:48.762
a stupid way, like this guy,

00:18:49.443 --> 00:18:51.384
they're not being caught.

00:18:51.644 --> 00:18:53.825
And this kind of thing is just going

00:18:53.845 --> 00:18:57.086
to happen because there's really nothing

00:18:57.105 --> 00:18:58.586
in place to stop them besides...

00:18:59.574 --> 00:19:02.057
David Price- Maybe being reported by by a

00:19:02.096 --> 00:19:03.720
colleague or being caught up in some sort

00:19:03.759 --> 00:19:05.402
of manual audit at some point,

00:19:05.461 --> 00:19:06.663
but in the moment,

00:19:06.983 --> 00:19:09.567
all of these systems are just sitting

00:19:09.607 --> 00:19:11.329
there waiting to be used by anyone who

00:19:11.369 --> 00:19:12.672
has access to them so.

00:19:14.929 --> 00:19:15.789
Yeah, exactly.

00:19:15.809 --> 00:19:16.210
Like you said,

00:19:16.250 --> 00:19:17.511
I think just having this power in the

00:19:17.551 --> 00:19:19.994
first place represents a danger.

00:19:20.035 --> 00:19:22.877
I think that people in general just can't

00:19:22.938 --> 00:19:26.040
resist using this sort of thing if they

00:19:26.201 --> 00:19:27.242
if they have access to it.

00:19:28.044 --> 00:19:29.424
At least at least some people,

00:19:29.766 --> 00:19:33.490
which is just another way that people are

00:19:33.670 --> 00:19:35.451
put in danger by by these systems.

00:19:37.961 --> 00:19:39.000
Yeah, exactly.

00:19:39.781 --> 00:19:41.301
I guess we've kind of covered like that

00:19:41.362 --> 00:19:42.742
quite thoroughly now.

00:19:43.663 --> 00:19:44.844
I guess we can kind of dive into

00:19:44.864 --> 00:19:47.484
this next story here from this one here

00:19:47.525 --> 00:19:48.684
is about WhatsApp.

00:19:48.744 --> 00:19:50.465
So if you didn't know already,

00:19:50.705 --> 00:19:52.606
like it's kind of been an ongoing thing

00:19:52.646 --> 00:19:54.948
that for the last three years, I believe,

00:19:56.627 --> 00:20:01.089
WhatsApp has been suing NSO group because

00:20:01.170 --> 00:20:04.171
they keep using their technology to hack

00:20:04.191 --> 00:20:06.011
people's devices through WhatsApp.

00:20:07.367 --> 00:20:08.949
So basically this new story is basically

00:20:08.969 --> 00:20:09.710
an update to that.

00:20:09.789 --> 00:20:11.571
WhatsApp says it caught new spyware

00:20:11.612 --> 00:20:14.234
attacks linked to the NSO group in

00:20:14.275 --> 00:20:15.556
violation of court order.

00:20:16.057 --> 00:20:17.979
So basically there was a court order that

00:20:18.038 --> 00:20:22.884
specifically said that NSO group could not

00:20:23.044 --> 00:20:24.345
target people on WhatsApp.

00:20:24.806 --> 00:20:28.229
And basically it was found,

00:20:28.288 --> 00:20:29.691
WhatsApp found that there was

00:20:31.279 --> 00:20:33.059
evidence that they were still doing that

00:20:33.380 --> 00:20:35.260
um so here i'll just read straight from

00:20:35.280 --> 00:20:36.941
this article last year as part of a

00:20:37.000 --> 00:20:39.301
years-long lawsuit launched by whatsapp

00:20:39.362 --> 00:20:41.781
against nso a court ordered the spyware

00:20:41.821 --> 00:20:44.022
maker to stop targeting whatsapp and its

00:20:44.143 --> 00:20:46.022
users whatsapp claimed that the new

00:20:46.063 --> 00:20:48.002
phishing campaign revealed on monday

00:20:48.483 --> 00:20:50.824
violated this permanent injunction and as

00:20:50.864 --> 00:20:54.924
such filed a contempt order against nso um

00:20:56.075 --> 00:20:57.777
Yeah, so this injunction, I guess,

00:20:57.877 --> 00:21:00.520
stems from a twenty nineteen mass hacking

00:21:00.560 --> 00:21:02.944
campaign by NSO that targeted more than

00:21:03.005 --> 00:21:04.928
fourteen hundred WhatsApp users following

00:21:04.968 --> 00:21:05.628
the discovery.

00:21:06.068 --> 00:21:08.673
WhatsApp notified the victims and sued the

00:21:08.712 --> 00:21:09.334
spyware maker.

00:21:11.029 --> 00:21:12.711
And a jury ordered NSO to pay a

00:21:12.750 --> 00:21:14.011
hundred and sixty seven million in

00:21:14.051 --> 00:21:14.532
damages,

00:21:14.553 --> 00:21:16.413
which was later lowered to four million.

00:21:16.534 --> 00:21:17.214
Oh, my goodness.

00:21:17.255 --> 00:21:18.195
That is tragic.

00:21:19.436 --> 00:21:21.939
But, yeah, I think this this story,

00:21:22.499 --> 00:21:23.859
if you're not familiar with NSO,

00:21:24.740 --> 00:21:26.521
one of their basically the biggest

00:21:26.863 --> 00:21:27.323
victims.

00:21:28.723 --> 00:21:29.625
I wouldn't say the biggest,

00:21:29.644 --> 00:21:33.146
but like maybe the most prolific Pegasus

00:21:33.186 --> 00:21:33.686
spyware.

00:21:33.846 --> 00:21:35.867
That's like one of their biggest products,

00:21:35.948 --> 00:21:36.327
I guess.

00:21:37.009 --> 00:21:38.589
And you know,

00:21:38.650 --> 00:21:43.011
this is a company that is actually put

00:21:43.152 --> 00:21:45.534
on a block, like a block list in,

00:21:45.874 --> 00:21:46.013
in,

00:21:46.213 --> 00:21:47.815
in the U S and they've even had

00:21:48.115 --> 00:21:49.336
sanctions and stuff.

00:21:49.935 --> 00:21:50.715
So, you know,

00:21:50.756 --> 00:21:54.377
this is like a company that is not

00:21:54.419 --> 00:21:55.078
particularly

00:21:56.371 --> 00:21:57.652
good, I would say.

00:21:58.172 --> 00:21:59.932
So this is kind of not that surprising

00:22:00.314 --> 00:22:02.394
that there would be still trying to hack

00:22:02.414 --> 00:22:03.276
WhatsApp users.

00:22:04.757 --> 00:22:05.196
But I don't know.

00:22:05.217 --> 00:22:06.417
Do you have any thoughts on this one,

00:22:06.438 --> 00:22:06.718
Jonah?

00:22:07.097 --> 00:22:07.318
Yeah,

00:22:07.358 --> 00:22:09.200
so all of this kind of stems from...

00:22:11.623 --> 00:22:15.244
Some rulings that Meta got in their favor.

00:22:15.345 --> 00:22:17.586
It was back in just May of last

00:22:17.646 --> 00:22:18.007
year.

00:22:18.688 --> 00:22:21.068
They were awarded that, what was it,

00:22:21.088 --> 00:22:23.490
a hundred sixty seven million dollars in

00:22:23.510 --> 00:22:25.952
damages in the injunction against NSO

00:22:25.972 --> 00:22:28.634
Group being able to hack WhatsApp,

00:22:28.674 --> 00:22:29.115
basically.

00:22:29.474 --> 00:22:30.336
And then in October,

00:22:32.277 --> 00:22:34.538
the payment was reduced to four million,

00:22:34.578 --> 00:22:35.140
like you said,

00:22:35.240 --> 00:22:39.682
but that injunction against NSO Group

00:22:40.919 --> 00:22:44.019
basically blocking them from targeting any

00:22:44.519 --> 00:22:47.701
WhatsApp users was granted insulin effect.

00:22:47.862 --> 00:22:50.282
So the fact that they are continuing to

00:22:50.323 --> 00:22:52.403
do so anyways,

00:22:52.623 --> 00:22:55.744
is just a blatant violation of that court

00:22:55.825 --> 00:22:57.525
order, which is crazy.

00:22:57.565 --> 00:22:58.965
So I guess we'll just see.

00:23:01.527 --> 00:23:04.167
I guess we'll see what comes of this.

00:23:05.847 --> 00:23:09.130
they are basically seeking to hold NSO

00:23:09.150 --> 00:23:11.211
Group in contempt of court because they

00:23:11.230 --> 00:23:12.352
are violating that ruling.

00:23:12.751 --> 00:23:16.673
So will it make a difference?

00:23:17.454 --> 00:23:18.115
I guess I don't know.

00:23:19.695 --> 00:23:20.896
I kind of doubt it since it seems

00:23:20.916 --> 00:23:23.298
like NSO Group is going to be flagrantly

00:23:23.978 --> 00:23:25.578
violating all of this stuff anyways.

00:23:25.659 --> 00:23:29.321
And I don't know how much exposure to

00:23:30.741 --> 00:23:31.202
the U.S.

00:23:31.242 --> 00:23:34.203
jurisdiction that NSO Group even has

00:23:34.263 --> 00:23:34.765
because they...

00:23:36.255 --> 00:23:39.957
are putting a lot of pressure on them.

00:23:42.338 --> 00:23:44.940
This article, did you mention,

00:23:45.260 --> 00:23:46.560
they are going to continue with their

00:23:46.601 --> 00:23:48.522
plans to enter the American market.

00:23:48.583 --> 00:23:52.025
The US government hasn't removed NSO Group

00:23:52.065 --> 00:23:53.925
from that block list yet,

00:23:54.006 --> 00:23:57.788
but apparently they are lobbying to get

00:23:57.807 --> 00:23:58.189
that done.

00:23:59.925 --> 00:24:03.406
Hopefully this represents a gigantic

00:24:03.446 --> 00:24:06.528
hurdle for NSO Group to enter their

00:24:06.587 --> 00:24:09.969
operations here because I think,

00:24:09.989 --> 00:24:12.048
depending on who they're selling this to,

00:24:12.108 --> 00:24:15.069
I wouldn't be surprised if their end goal

00:24:15.150 --> 00:24:17.570
is to get these tools in the hands

00:24:17.631 --> 00:24:19.951
of law enforcement agencies or local law

00:24:19.971 --> 00:24:20.592
enforcement

00:24:21.869 --> 00:24:23.609
in a similar way to these flock cameras

00:24:23.650 --> 00:24:26.050
we were just talking about which would

00:24:26.851 --> 00:24:30.872
represent a huge danger in in the name

00:24:30.912 --> 00:24:33.173
of like supposed help with investigations

00:24:33.212 --> 00:24:37.294
and stuff like that so yeah i mean

00:24:38.834 --> 00:24:39.814
it's kind of all i have to say

00:24:40.013 --> 00:24:43.654
it's a it's a quick story but at

00:24:43.714 --> 00:24:47.056
least meta is not letting this go which

00:24:47.135 --> 00:24:48.175
is which is something

00:24:49.332 --> 00:24:52.755
Definitely a rare, rare meta W, very rare.

00:24:53.154 --> 00:24:53.816
Um, but like,

00:24:53.935 --> 00:24:55.478
I think this is also like,

00:24:55.837 --> 00:24:57.378
they did mention in this article as well

00:24:57.419 --> 00:24:58.760
that like, uh,

00:24:58.800 --> 00:25:00.402
this spyware maker NSO group,

00:25:00.422 --> 00:25:02.763
which is like an Israeli company, um,

00:25:03.164 --> 00:25:06.007
did get acquired by us investors.

00:25:06.386 --> 00:25:06.948
So like,

00:25:07.482 --> 00:25:09.744
that does raise kind of some questions if

00:25:09.805 --> 00:25:10.445
possibly, you know,

00:25:10.486 --> 00:25:12.867
that does mean maybe this technology might

00:25:12.907 --> 00:25:15.109
end up being implemented in the United

00:25:15.150 --> 00:25:15.549
States.

00:25:15.789 --> 00:25:16.371
But I mean,

00:25:16.911 --> 00:25:18.492
I think it's also too early to tell

00:25:18.512 --> 00:25:18.992
at this point,

00:25:19.053 --> 00:25:21.434
especially considering that they're still

00:25:21.474 --> 00:25:25.097
on the block list and they're still being

00:25:25.137 --> 00:25:25.578
sanctioned.

00:25:25.618 --> 00:25:29.001
So I think it's, yeah,

00:25:29.021 --> 00:25:30.383
it would definitely be really terrible if

00:25:30.403 --> 00:25:31.463
this did start rolling out,

00:25:31.503 --> 00:25:32.424
like this technology,

00:25:32.444 --> 00:25:34.486
because I feel like NSO Group has been,

00:25:35.788 --> 00:25:36.028
I mean,

00:25:36.348 --> 00:25:38.470
I think you could argue maybe that this

00:25:38.509 --> 00:25:40.412
technology is good when it's used against

00:25:41.452 --> 00:25:42.212
bad people,

00:25:42.273 --> 00:25:44.154
but I also think it does end up

00:25:44.194 --> 00:25:46.277
being used for bad things as well, right?

00:25:46.317 --> 00:25:49.118
Like when you have this much power to

00:25:49.420 --> 00:25:50.019
hack people,

00:25:50.099 --> 00:25:52.721
it is going to be used for something

00:25:52.781 --> 00:25:53.163
bad.

00:25:54.203 --> 00:25:57.747
I'm not really super familiar with who and

00:25:57.787 --> 00:25:59.167
what they use this technology,

00:25:59.248 --> 00:26:00.648
NSO Group's technology on,

00:26:00.769 --> 00:26:03.932
but I don't think that should be

00:26:06.201 --> 00:26:09.021
used on anyone if possible.

00:26:09.122 --> 00:26:09.342
I mean,

00:26:09.642 --> 00:26:11.143
I feel like it also could be targeting

00:26:11.182 --> 00:26:12.623
like journalists and all that sort of

00:26:12.682 --> 00:26:13.364
stuff as well.

00:26:13.384 --> 00:26:15.304
I'm not really sure though.

00:26:15.565 --> 00:26:15.744
Yeah,

00:26:15.765 --> 00:26:16.984
I think that's the main thing that we've

00:26:17.025 --> 00:26:17.305
seen.

00:26:17.404 --> 00:26:18.665
Journalists, activists,

00:26:19.205 --> 00:26:20.526
politicians especially.

00:26:21.326 --> 00:26:24.407
There's been, I mean,

00:26:24.928 --> 00:26:26.868
we've seen examples of this happening to

00:26:26.909 --> 00:26:29.309
politicians in Europe and other countries.

00:26:29.329 --> 00:26:30.089
We've also seen

00:26:31.673 --> 00:26:33.494
i believe we mentioned this in a recent

00:26:33.535 --> 00:26:38.278
episode but ron wyden has been warning uh

00:26:38.598 --> 00:26:40.220
senators and other congress people here in

00:26:40.240 --> 00:26:43.242
the us that they are being targeted by

00:26:43.323 --> 00:26:44.523
spyware on their phones and they need to

00:26:44.564 --> 00:26:46.786
switch to more secure systems so this

00:26:46.826 --> 00:26:49.387
stuff is pretty prevalent and a lot of

00:26:49.407 --> 00:26:52.510
people are impacted even at even at these

00:26:52.530 --> 00:26:55.252
higher levels uh by intelligence agencies

00:26:55.272 --> 00:26:56.954
and other people who are using this

00:26:56.994 --> 00:26:57.895
spyware so it is

00:26:58.891 --> 00:27:01.412
it is a danger and these spyware companies

00:27:01.451 --> 00:27:02.972
are basically developing all of this in

00:27:02.992 --> 00:27:06.795
the open and selling it, which shouldn't,

00:27:06.815 --> 00:27:07.654
shouldn't really be,

00:27:09.036 --> 00:27:11.396
shouldn't be allowed at all, honestly.

00:27:13.657 --> 00:27:14.519
Yeah, it is,

00:27:14.699 --> 00:27:16.519
it shouldn't really be happening,

00:27:16.579 --> 00:27:17.759
but unfortunately it is.

00:27:18.280 --> 00:27:19.881
I guess also kind of like a follow-up

00:27:19.921 --> 00:27:20.801
a little bit to the,

00:27:21.561 --> 00:27:23.022
to the story where we talked about like

00:27:23.042 --> 00:27:25.064
the Phlox, Phlox license plate readers,

00:27:25.104 --> 00:27:26.865
there's this new story here from

00:27:27.579 --> 00:27:30.080
massachusetts if you want to grab that one

00:27:30.641 --> 00:27:32.740
yeah so some good news in this case

00:27:32.760 --> 00:27:34.382
this was reported by tech crunch

00:27:34.521 --> 00:27:37.082
massachusetts votes to pass a new privacy

00:27:37.122 --> 00:27:39.282
rights bill that bans sale of precise

00:27:39.462 --> 00:27:42.723
location data massachusetts lawmakers have

00:27:42.923 --> 00:27:44.683
voted to pass privacy protections that

00:27:44.703 --> 00:27:46.384
grant the state's residents new rights

00:27:46.484 --> 00:27:48.625
over accessing and deleting their data

00:27:48.904 --> 00:27:51.266
held by big tech giants the bill also

00:27:51.306 --> 00:27:53.186
bans companies from selling their users

00:27:53.227 --> 00:27:54.626
precise location data

00:27:56.946 --> 00:27:57.827
Later on in the article,

00:27:57.867 --> 00:27:59.627
they say the move makes Massachusetts the

00:27:59.667 --> 00:28:00.288
latest U.S.

00:28:00.307 --> 00:28:02.348
state to push for stronger consumer

00:28:02.388 --> 00:28:04.670
privacy rights after years of documented

00:28:04.690 --> 00:28:07.070
abuses by the wider technology advertising

00:28:07.131 --> 00:28:08.412
and social media industries.

00:28:08.811 --> 00:28:10.692
While the United States does not have a

00:28:10.752 --> 00:28:12.212
nationwide privacy law,

00:28:12.333 --> 00:28:13.733
unlike many of the world's major

00:28:13.753 --> 00:28:14.894
democracies, U.S.

00:28:14.933 --> 00:28:16.714
states have filled the void of legislation

00:28:16.755 --> 00:28:19.115
by bringing their own patchwork of privacy

00:28:19.276 --> 00:28:21.676
rules that apply to their states.

00:28:23.859 --> 00:28:25.901
So I think at this point in time

00:28:25.921 --> 00:28:26.721
in Massachusetts,

00:28:27.001 --> 00:28:31.023
the lawmakers have passed this bill.

00:28:33.164 --> 00:28:36.067
The article says that their Senate has

00:28:36.247 --> 00:28:38.868
also advanced their own bill doing the

00:28:38.909 --> 00:28:39.489
same thing,

00:28:39.608 --> 00:28:42.211
and now those bills are basically going to

00:28:42.230 --> 00:28:43.371
be combined in the Senate,

00:28:43.431 --> 00:28:46.093
and then it'll be sent to the governor's

00:28:46.153 --> 00:28:46.532
office.

00:28:47.053 --> 00:28:50.194
So there is that whole process where the

00:28:50.234 --> 00:28:51.395
governor eventually has to

00:28:52.471 --> 00:28:53.035
approve this,

00:28:53.055 --> 00:28:54.982
but the article says that it's expected

00:28:55.404 --> 00:28:56.710
that they will sign it into law.

00:28:56.769 --> 00:28:57.653
It's just not clear

00:28:58.964 --> 00:29:00.865
when that will happen so there is a

00:29:00.905 --> 00:29:04.727
bit longer but the article says that the

00:29:04.767 --> 00:29:06.728
bill if it is passing the law is

00:29:06.768 --> 00:29:08.669
going to apply to companies that handle or

00:29:08.729 --> 00:29:10.829
process the personal data of more than one

00:29:10.869 --> 00:29:12.529
hundred thousand consumers which will

00:29:12.569 --> 00:29:15.290
mainly affect medium-sized startups as

00:29:15.351 --> 00:29:18.311
well as silicon valley technology titans i

00:29:18.352 --> 00:29:20.393
think in addition to the big tech

00:29:20.413 --> 00:29:21.993
companies that will be impacted by this

00:29:23.297 --> 00:29:25.259
Another major impact this is going to have

00:29:25.338 --> 00:29:27.519
is on cell carriers because they have been

00:29:27.559 --> 00:29:31.682
found to sell sort of this location data

00:29:32.163 --> 00:29:34.345
to data brokers and other parties as well.

00:29:34.525 --> 00:29:36.166
And hopefully this puts an end to that,

00:29:36.207 --> 00:29:37.307
at least in Massachusetts.

00:29:37.407 --> 00:29:39.888
I think that this is a really important

00:29:40.670 --> 00:29:41.651
issue because

00:29:43.119 --> 00:29:44.060
The data broker thing,

00:29:44.121 --> 00:29:45.863
as I alluded to in that flock story,

00:29:46.002 --> 00:29:48.144
is kind of a loophole around the Fourth

00:29:48.164 --> 00:29:48.566
Amendment.

00:29:48.865 --> 00:29:49.487
Basically,

00:29:50.067 --> 00:29:51.848
all of these private companies are selling

00:29:52.029 --> 00:29:53.230
data to data brokers,

00:29:53.270 --> 00:29:55.413
and then those data brokers in turn are

00:29:55.772 --> 00:29:57.634
selling all of that data to the

00:29:57.675 --> 00:29:58.115
government.

00:29:58.516 --> 00:30:00.038
And the government can say, basically,

00:30:00.818 --> 00:30:02.160
since they're getting this information,

00:30:03.507 --> 00:30:05.847
like a third-party company is voluntarily

00:30:05.887 --> 00:30:07.189
giving it to them they don't have to

00:30:07.489 --> 00:30:09.809
you know have a warrant in order them

00:30:09.849 --> 00:30:11.431
to give the handover that information

00:30:11.510 --> 00:30:13.050
they're saying that a warrant isn't

00:30:13.090 --> 00:30:15.192
required to obtain all of the sensitive

00:30:15.271 --> 00:30:17.813
information about people when normally if

00:30:17.833 --> 00:30:19.334
they wanted to obtain that information

00:30:19.433 --> 00:30:21.674
from the companies that process this

00:30:21.734 --> 00:30:23.415
information directly they would have to

00:30:23.455 --> 00:30:26.396
get a warrant in a court order to

00:30:26.616 --> 00:30:28.617
tell like google for example to hand over

00:30:28.637 --> 00:30:30.919
the data so the data broker thing is

00:30:30.959 --> 00:30:32.339
a gigantic loophole in

00:30:33.299 --> 00:30:34.141
Privacy laws,

00:30:34.221 --> 00:30:35.622
at least in the US right now,

00:30:36.001 --> 00:30:38.603
that definitely needs to be patched

00:30:38.644 --> 00:30:40.404
because there's really no oversight

00:30:40.964 --> 00:30:44.166
whatsoever when it comes to the government

00:30:44.626 --> 00:30:46.347
using all of this data that data brokers

00:30:46.388 --> 00:30:46.969
are collecting.

00:30:48.289 --> 00:30:50.090
This data broker data is also used by

00:30:50.111 --> 00:30:52.573
a lot of different companies for stuff

00:30:52.593 --> 00:30:54.012
like targeted advertising,

00:30:55.134 --> 00:30:57.336
which will lead to problems like

00:30:57.395 --> 00:30:58.395
surveillance pricing,

00:30:58.415 --> 00:31:00.438
which we've talked about in previous

00:31:00.478 --> 00:31:02.459
episodes where companies will eventually

00:31:04.030 --> 00:31:07.031
adjust prices for things based on all the

00:31:07.051 --> 00:31:08.492
stuff that they know about you.

00:31:09.093 --> 00:31:11.094
And geolocation data,

00:31:11.134 --> 00:31:12.734
like where you're traveling, reveals,

00:31:13.816 --> 00:31:15.375
again, a lot about where you're going.

00:31:15.435 --> 00:31:17.717
This is not just from where you're driving

00:31:17.777 --> 00:31:19.137
in your car, like with Flock,

00:31:19.157 --> 00:31:21.558
but this would be data from your phone

00:31:21.618 --> 00:31:23.359
and other technology sources that

00:31:24.214 --> 00:31:26.395
can reveal even more information about you

00:31:26.435 --> 00:31:27.477
than, than Flockwood.

00:31:27.656 --> 00:31:29.679
And all of that data is,

00:31:29.838 --> 00:31:32.800
is very revealing and very powerful.

00:31:32.921 --> 00:31:33.520
I mean, we,

00:31:34.221 --> 00:31:35.903
we know how revealing it is because we've

00:31:35.942 --> 00:31:38.964
seen the privacy policies of like car

00:31:39.005 --> 00:31:40.005
companies these days,

00:31:40.885 --> 00:31:42.767
like spelling out all of this data that

00:31:42.787 --> 00:31:44.127
they can get basically by,

00:31:44.367 --> 00:31:46.809
by tracking the computers in your car.

00:31:47.269 --> 00:31:48.550
And it's a ridiculous amount of,

00:31:49.330 --> 00:31:52.634
of information that they are able to have

00:31:52.874 --> 00:31:53.054
and

00:31:54.897 --> 00:31:55.038
Yeah,

00:31:55.137 --> 00:31:58.578
it's really just not something that should

00:31:58.598 --> 00:32:00.619
be in the hands of all of these

00:32:00.660 --> 00:32:02.300
companies kind of sharing it all around.

00:32:02.421 --> 00:32:05.561
So stopping that from happening is a huge

00:32:05.602 --> 00:32:07.001
win for people in Massachusetts.

00:32:07.021 --> 00:32:08.962
And hopefully more privacy laws are

00:32:09.002 --> 00:32:10.903
implemented or national privacy laws

00:32:10.923 --> 00:32:13.565
implemented that stops all of this even

00:32:13.605 --> 00:32:13.884
further.

00:32:16.493 --> 00:32:16.753
Yeah,

00:32:16.933 --> 00:32:18.194
I think this is like one of those

00:32:18.214 --> 00:32:19.315
things where we're seeing like,

00:32:19.714 --> 00:32:21.635
it feels like almost every year we're

00:32:21.675 --> 00:32:23.277
seeing like more and more states like

00:32:23.297 --> 00:32:25.116
adopting these privacy laws.

00:32:25.237 --> 00:32:25.998
And like, you know,

00:32:26.018 --> 00:32:28.578
maybe that does mean that there'll be a

00:32:28.618 --> 00:32:30.558
push towards something national because I

00:32:30.578 --> 00:32:31.960
feel like that is kind of like the,

00:32:32.599 --> 00:32:33.681
that would be ideal, right?

00:32:33.701 --> 00:32:34.921
It would be better if it was a

00:32:34.980 --> 00:32:36.682
national thing instead of just like state

00:32:36.701 --> 00:32:37.362
by state, right?

00:32:37.442 --> 00:32:39.123
Or is it better to have things like

00:32:39.163 --> 00:32:39.643
this or...

00:32:41.732 --> 00:32:42.834
Yeah, absolutely.

00:32:42.874 --> 00:32:44.835
It would be better to have a national

00:32:45.055 --> 00:32:47.076
law that's more uniform.

00:32:47.855 --> 00:32:49.856
That sort of thing is obviously harder to

00:32:49.916 --> 00:32:50.758
pass, I think.

00:32:51.337 --> 00:32:52.419
And in the meantime,

00:32:52.519 --> 00:32:54.720
more states adopting this is is super

00:32:54.740 --> 00:32:55.220
important.

00:32:55.240 --> 00:32:57.181
So hopefully this sort of legislation in

00:32:57.221 --> 00:32:59.201
other states gets passed forward.

00:32:59.281 --> 00:33:01.103
But yeah,

00:33:01.143 --> 00:33:02.703
having a minimum baseline across the

00:33:02.723 --> 00:33:05.085
entire country would be it would it would

00:33:05.105 --> 00:33:06.566
be a huge improvement because

00:33:08.015 --> 00:33:11.137
There's probably companies who aren't

00:33:11.157 --> 00:33:12.898
going to comply with state laws,

00:33:12.939 --> 00:33:16.241
especially if they have not a huge

00:33:16.301 --> 00:33:17.644
exposure to that state.

00:33:17.743 --> 00:33:22.647
So making it uniformly applied to all

00:33:22.688 --> 00:33:25.109
states in the United States would be a

00:33:25.150 --> 00:33:26.731
huge improvement as well.

00:33:29.210 --> 00:33:29.609
Definitely.

00:33:29.650 --> 00:33:31.010
I think one thing that was kind of

00:33:31.090 --> 00:33:32.231
surprising to me, though,

00:33:32.271 --> 00:33:34.794
in this specific law that the TechCrunch

00:33:34.834 --> 00:33:36.734
article talks about is the law would block

00:33:36.775 --> 00:33:38.336
the sharing or sale of sensitive

00:33:38.395 --> 00:33:41.018
information without a user's explicit

00:33:41.038 --> 00:33:41.637
consent.

00:33:42.199 --> 00:33:42.939
So you're saying, like,

00:33:43.420 --> 00:33:45.181
I don't know if I'm reading between the

00:33:45.221 --> 00:33:46.321
lines enough here, but, like,

00:33:46.382 --> 00:33:47.982
does that mean that if you consent to

00:33:48.002 --> 00:33:48.242
this,

00:33:48.282 --> 00:33:49.784
then they can technically go ahead and

00:33:49.804 --> 00:33:51.384
just sell the sensitive information?

00:33:51.464 --> 00:33:52.786
Is that kind of what I'm reading right

00:33:52.806 --> 00:33:52.865
now?

00:33:53.006 --> 00:33:53.286
Yeah,

00:33:53.385 --> 00:33:54.967
I'd be concerned about this a bit

00:33:54.988 --> 00:33:55.468
because...

00:33:57.780 --> 00:33:59.041
There aren't a lot of protections,

00:33:59.102 --> 00:33:59.363
I think,

00:33:59.423 --> 00:34:02.766
in place about people accepting terms of

00:34:02.806 --> 00:34:03.185
service.

00:34:04.027 --> 00:34:04.567
And like,

00:34:04.747 --> 00:34:06.689
could this be snuck in there into these

00:34:06.709 --> 00:34:08.851
things that people just kind of agree with

00:34:09.351 --> 00:34:10.873
or agree to without reading them?

00:34:10.913 --> 00:34:12.014
I think that's a concern.

00:34:13.547 --> 00:34:16.788
That hasn't, in a lot of court cases,

00:34:16.827 --> 00:34:17.768
really held up,

00:34:17.849 --> 00:34:19.590
that you can just hold people to these

00:34:19.730 --> 00:34:24.552
super lengthy terms of services that the

00:34:24.592 --> 00:34:27.813
companies know most people probably aren't

00:34:27.873 --> 00:34:28.713
reading in full,

00:34:28.813 --> 00:34:31.974
but it's certainly going to make any cases

00:34:32.014 --> 00:34:33.635
against these companies harder,

00:34:33.675 --> 00:34:35.396
so I wouldn't be surprised if that's a

00:34:35.436 --> 00:34:36.996
technique that they try to use here.

00:34:38.717 --> 00:34:41.438
I think there's also an issue with...

00:34:43.822 --> 00:34:46.023
A lot of the times when people consent

00:34:46.123 --> 00:34:49.804
to their data being collected in this

00:34:49.844 --> 00:34:51.264
manner or being sold in this manner,

00:34:51.284 --> 00:34:54.666
it's because they don't have maybe the

00:34:54.706 --> 00:34:57.327
context or the education about data

00:34:57.347 --> 00:34:58.266
privacy, for example,

00:34:58.306 --> 00:35:00.007
to understand all of the different ways

00:35:00.027 --> 00:35:01.728
that this data can be used.

00:35:01.768 --> 00:35:02.608
Because typically,

00:35:03.387 --> 00:35:05.208
if companies are going to ask you to

00:35:05.809 --> 00:35:08.050
opt into giving a permission on your phone

00:35:08.070 --> 00:35:10.530
or opt into participating in a program

00:35:10.570 --> 00:35:11.971
like this, they're going to highlight,

00:35:12.351 --> 00:35:12.530
like,

00:35:13.251 --> 00:35:15.333
the benefits and not highlight all of the

00:35:15.353 --> 00:35:16.514
downsides that are taking place.

00:35:16.554 --> 00:35:18.335
So then it becomes a question of like,

00:35:18.916 --> 00:35:23.057
can people provide informed consent in the

00:35:23.117 --> 00:35:24.699
first place when it comes to stuff like

00:35:24.739 --> 00:35:24.998
this?

00:35:25.159 --> 00:35:26.539
And I think in a lot of cases,

00:35:27.201 --> 00:35:29.541
that isn't really the case.

00:35:29.681 --> 00:35:33.324
These tech companies know far more about

00:35:33.764 --> 00:35:36.106
how to exploit the data that you're giving

00:35:36.146 --> 00:35:39.208
them than you know about what data you're

00:35:39.228 --> 00:35:39.728
giving them.

00:35:39.809 --> 00:35:41.869
So it is a huge imbalance

00:35:43.775 --> 00:35:46.599
in that whole dynamic that I think is

00:35:46.639 --> 00:35:47.099
dangerous.

00:35:47.139 --> 00:35:50.563
So yeah, I guess to answer your question,

00:35:50.623 --> 00:35:53.246
these laws do leave open a lot of

00:35:53.306 --> 00:35:53.887
questions.

00:35:54.108 --> 00:35:55.429
And again,

00:35:55.469 --> 00:35:57.030
it's sort of a situation where we kind

00:35:57.070 --> 00:35:59.132
of have to see how it all plays

00:35:59.193 --> 00:35:59.833
out, basically.

00:36:01.405 --> 00:36:01.585
Yeah,

00:36:01.625 --> 00:36:04.907
it did seem like this law in particular

00:36:04.927 --> 00:36:07.467
had people like Evan Greer from Fight for

00:36:07.487 --> 00:36:11.550
the Future and the ACLU also saying that

00:36:11.590 --> 00:36:13.030
this was a really good move.

00:36:13.331 --> 00:36:15.192
Even if there might be things that aren't

00:36:15.231 --> 00:36:16.072
super great about it,

00:36:16.092 --> 00:36:17.552
there's still a little bit of a loophole

00:36:17.572 --> 00:36:17.833
there.

00:36:19.211 --> 00:36:21.253
it's definitely still like cracking down a

00:36:21.333 --> 00:36:22.193
little bit, right?

00:36:22.233 --> 00:36:22.373
Like,

00:36:22.413 --> 00:36:23.632
I think we should try and get the

00:36:23.652 --> 00:36:24.534
wins where we can.

00:36:24.693 --> 00:36:25.653
Like if, if there's a,

00:36:25.733 --> 00:36:26.793
if there's something that goes through,

00:36:26.813 --> 00:36:29.494
that's like still offering some protection

00:36:29.514 --> 00:36:29.755
to people,

00:36:29.795 --> 00:36:31.215
that's better than something that's,

00:36:32.956 --> 00:36:34.797
you know, just wholesale allowing it.

00:36:34.936 --> 00:36:36.016
So that is still better.

00:36:36.056 --> 00:36:36.317
Right.

00:36:36.496 --> 00:36:38.637
Um, and I think this also, like,

00:36:38.838 --> 00:36:40.197
it kind of touches a little bit.

00:36:40.257 --> 00:36:41.239
If you look on this article,

00:36:41.278 --> 00:36:42.478
it also touches a little bit on,

00:36:45.623 --> 00:36:48.164
The author of this article mentions that

00:36:49.284 --> 00:36:51.925
data brokers have basically relied on app

00:36:51.965 --> 00:36:53.806
developers selling their users location

00:36:53.846 --> 00:36:54.146
data.

00:36:55.826 --> 00:36:58.067
People will just kind of allow access at

00:36:58.126 --> 00:36:59.927
all times to their location to apps and

00:36:59.967 --> 00:37:00.547
stuff like that.

00:37:00.586 --> 00:37:03.407
And that's also being used to aggregate

00:37:05.347 --> 00:37:06.789
into these data brokers as well.

00:37:06.949 --> 00:37:08.409
So I don't know.

00:37:08.429 --> 00:37:11.730
It would be interesting to see how that

00:37:11.849 --> 00:37:12.550
also plays.

00:37:12.590 --> 00:37:13.630
Because if someone...

00:37:14.608 --> 00:37:16.309
if all this means is that then those

00:37:16.369 --> 00:37:18.331
app developers just have to say like, oh,

00:37:18.471 --> 00:37:20.572
do you explicitly consent to us selling

00:37:20.612 --> 00:37:22.494
your location data?

00:37:22.534 --> 00:37:24.815
I'm sure most people might actually say no

00:37:24.835 --> 00:37:27.137
to that, but I don't know.

00:37:27.458 --> 00:37:29.179
It definitely does raise questions about

00:37:29.199 --> 00:37:30.519
that, but at least seems like,

00:37:32.400 --> 00:37:34.882
this might have some impact at least on

00:37:34.961 --> 00:37:35.922
larger companies.

00:37:36.922 --> 00:37:37.862
Is this something as well,

00:37:37.902 --> 00:37:39.483
like I see a lot of these laws

00:37:39.664 --> 00:37:42.045
apply only to like larger like

00:37:42.204 --> 00:37:42.804
organizations,

00:37:42.844 --> 00:37:45.445
like medium organizations where it's like

00:37:45.465 --> 00:37:47.226
a hundred thousand plus consumers.

00:37:47.927 --> 00:37:49.547
Is this like a concern as well?

00:37:49.588 --> 00:37:51.208
If it's like a bunch of small players

00:37:51.228 --> 00:37:52.728
that are just doing this as well,

00:37:52.748 --> 00:37:54.469
like is that kind of also a bypass

00:37:54.489 --> 00:37:55.130
for this or?

00:37:56.570 --> 00:37:58.271
Yeah, that's a great question.

00:37:58.391 --> 00:38:00.132
I don't really understand why,

00:38:01.730 --> 00:38:03.929
I guess I'm not really super familiar with

00:38:04.490 --> 00:38:07.710
the data broker or data exchange landscape

00:38:07.751 --> 00:38:11.492
when it comes to much smaller providers.

00:38:11.552 --> 00:38:13.132
I don't know how common that is or

00:38:13.172 --> 00:38:14.851
what kind of use cases they would be

00:38:14.931 --> 00:38:16.512
doing if you have less than a hundred

00:38:16.552 --> 00:38:19.552
thousand consumers worth of data.

00:38:19.632 --> 00:38:23.054
What are you realistically doing with that

00:38:23.114 --> 00:38:24.153
and who are you selling it to?

00:38:24.193 --> 00:38:25.474
I don't really know.

00:38:26.514 --> 00:38:29.335
I think a hundred thousand consumers is

00:38:30.858 --> 00:38:33.880
maybe a little like that bar is a

00:38:33.960 --> 00:38:37.204
bit higher than i would like it to

00:38:37.244 --> 00:38:38.565
be i think it should be a bit

00:38:39.085 --> 00:38:39.806
less but

00:38:42.463 --> 00:38:43.784
I think there is some danger,

00:38:43.804 --> 00:38:45.326
especially with small businesses,

00:38:45.945 --> 00:38:47.246
that they would want to balance this

00:38:47.306 --> 00:38:50.148
against because it's also very easy for

00:38:50.768 --> 00:38:53.731
small businesses to be kind of accused of

00:38:53.771 --> 00:38:55.172
violating all of these laws that they

00:38:55.192 --> 00:38:58.233
didn't necessarily even know about and

00:38:58.273 --> 00:39:01.215
then having to defend against that sort of

00:39:01.255 --> 00:39:01.554
thing.

00:39:02.235 --> 00:39:03.396
Even if they're not even doing this in

00:39:03.436 --> 00:39:05.697
the first place, I think that would be...

00:39:07.280 --> 00:39:08.661
that could be killer to a lot of

00:39:08.722 --> 00:39:10.902
small businesses just being involved in

00:39:11.003 --> 00:39:11.983
unnecessary lawsuits.

00:39:12.003 --> 00:39:13.204
So I think that that is the reason

00:39:13.264 --> 00:39:16.007
why we commonly see a lot of these

00:39:16.047 --> 00:39:18.568
laws have some sort of bar where it's

00:39:18.628 --> 00:39:20.389
only going to apply to larger

00:39:20.489 --> 00:39:23.070
organizations, even the GDPR and the EU.

00:39:23.572 --> 00:39:25.373
A lot of the provisions only are going

00:39:25.393 --> 00:39:27.193
to apply if you have, I think,

00:39:27.253 --> 00:39:28.655
more than like a certain amount of

00:39:28.974 --> 00:39:30.155
employees, if I remember,

00:39:30.195 --> 00:39:31.717
which is another way that this is commonly

00:39:31.757 --> 00:39:31.956
done.

00:39:32.898 --> 00:39:33.097
So

00:39:34.739 --> 00:39:36.840
Yeah, I'm not sure if I totally agree,

00:39:36.920 --> 00:39:40.202
but if you are not past that,

00:39:40.242 --> 00:39:42.684
a hundred thousand consumer threshold,

00:39:43.625 --> 00:39:46.306
you might not be doing mass surveillance

00:39:46.326 --> 00:39:46.947
in the first place,

00:39:46.987 --> 00:39:49.228
because when we're talking about mass

00:39:49.248 --> 00:39:49.708
surveillance,

00:39:50.148 --> 00:39:51.509
typically it's like this is going to

00:39:51.548 --> 00:39:53.271
impact everyone in the community or this

00:39:53.291 --> 00:39:55.972
is going to impact, you know,

00:39:56.052 --> 00:39:57.052
people nationwide,

00:39:57.072 --> 00:39:59.014
like millions of people are going to be

00:39:59.134 --> 00:39:59.673
impacted.

00:39:59.835 --> 00:40:02.016
So this does limit the impact of smaller

00:40:02.056 --> 00:40:02.576
situations.

00:40:02.596 --> 00:40:03.237
But I don't know

00:40:04.846 --> 00:40:05.726
How dangerous that is.

00:40:06.007 --> 00:40:07.889
I do think that the most prevalent cases

00:40:07.929 --> 00:40:10.291
of this are going to be these big

00:40:10.331 --> 00:40:11.913
tech companies, like the article says,

00:40:12.132 --> 00:40:13.474
and putting a stop to that.

00:40:15.356 --> 00:40:17.797
Regardless of what anyone else is doing

00:40:17.818 --> 00:40:18.297
with this data,

00:40:18.318 --> 00:40:19.760
that's still going to have a huge impact

00:40:19.940 --> 00:40:21.221
on people's privacy.

00:40:21.260 --> 00:40:22.202
So it's a good first step.

00:40:23.385 --> 00:40:26.525
I guess what you were saying about it

00:40:26.585 --> 00:40:29.106
being a good stepping stone,

00:40:29.146 --> 00:40:30.266
I think that that's totally true.

00:40:30.726 --> 00:40:32.306
We talked about that a bit when we

00:40:32.347 --> 00:40:33.867
talked about the Surveillance

00:40:33.887 --> 00:40:36.007
Accountability Act that Naomi Brockwell

00:40:36.047 --> 00:40:36.467
drafted.

00:40:37.148 --> 00:40:39.389
And I even asked Naomi Brockwell about

00:40:39.449 --> 00:40:40.369
this, like,

00:40:40.469 --> 00:40:41.728
do you think it's likely to get passed?

00:40:41.748 --> 00:40:44.050
And she said, no, probably not at all.

00:40:44.769 --> 00:40:46.811
And the reason is that this stuff is

00:40:46.831 --> 00:40:49.550
still super important because it gets the

00:40:49.570 --> 00:40:51.731
conversation going or it gives us...

00:40:52.552 --> 00:40:55.333
a base to build off of with more

00:40:55.373 --> 00:40:57.394
comprehensive privacy laws in the future.

00:40:57.454 --> 00:41:00.215
I think governments are just slow,

00:41:00.715 --> 00:41:03.358
whether that's because of bureaucracy or

00:41:03.378 --> 00:41:06.059
whether that's because it's by design or

00:41:06.079 --> 00:41:06.518
whatever.

00:41:06.619 --> 00:41:08.619
They are just slow to take action and

00:41:08.699 --> 00:41:09.760
prevent this sort of thing.

00:41:10.561 --> 00:41:13.842
But establishing some precedent helps with

00:41:13.882 --> 00:41:15.244
speeding things up in the future.

00:41:16.480 --> 00:41:19.442
And just making people more aware of this

00:41:19.481 --> 00:41:21.382
with laws I think helps with speeding

00:41:21.422 --> 00:41:22.284
things up in the future.

00:41:22.643 --> 00:41:24.304
A big reason that the Surveillance

00:41:24.344 --> 00:41:27.246
Accountability Act was so important was

00:41:27.306 --> 00:41:28.887
because it just gets things out in the

00:41:28.967 --> 00:41:29.748
news that like, oh,

00:41:29.768 --> 00:41:30.889
the government is doing this.

00:41:30.949 --> 00:41:32.389
There's some efforts to stop it.

00:41:32.909 --> 00:41:34.331
Even if those efforts aren't passed,

00:41:34.530 --> 00:41:36.472
it's a conversation that we need to have

00:41:36.492 --> 00:41:38.833
and that lawmakers need to have.

00:41:39.052 --> 00:41:40.114
And that sort of,

00:41:40.894 --> 00:41:42.494
just from an educational perspective,

00:41:42.655 --> 00:41:44.496
is super important to have.

00:41:45.918 --> 00:41:46.438
yeah,

00:41:46.599 --> 00:41:48.760
any sort of privacy law being passed is

00:41:48.920 --> 00:41:49.721
a huge improvement,

00:41:49.760 --> 00:41:52.382
but there's certainly still a longer,

00:41:53.121 --> 00:41:54.503
there's certainly still better paths that

00:41:54.523 --> 00:41:56.043
this could go and this could be improved

00:41:56.423 --> 00:41:57.083
pretty greatly,

00:41:57.143 --> 00:42:00.045
but hopefully this leads to that

00:42:00.065 --> 00:42:00.425
happening.

00:42:02.186 --> 00:42:02.867
Yeah, definitely.

00:42:03.086 --> 00:42:04.628
I think it's also important,

00:42:04.668 --> 00:42:06.168
like we've kind of been pushing for this

00:42:06.568 --> 00:42:07.588
for people to, you know,

00:42:07.628 --> 00:42:09.250
contact your local representatives,

00:42:09.329 --> 00:42:10.791
make sure you're doing like that

00:42:10.831 --> 00:42:12.711
grassroots action and trying to get people

00:42:12.751 --> 00:42:12.871
to

00:42:13.661 --> 00:42:15.182
actually take this stuff seriously.

00:42:15.922 --> 00:42:17.644
Um, because yeah,

00:42:17.724 --> 00:42:20.027
it is definitely does seem like it is

00:42:20.047 --> 00:42:21.668
a bit of an uphill battle, I guess.

00:42:21.969 --> 00:42:23.710
Um, because there is so much,

00:42:23.871 --> 00:42:25.373
like we've talked about it previously,

00:42:25.452 --> 00:42:27.655
like with flock and all this like mass

00:42:27.675 --> 00:42:29.237
surveillance stuff that's being rolled

00:42:29.317 --> 00:42:29.456
out.

00:42:29.657 --> 00:42:31.159
Um, so yeah,

00:42:31.179 --> 00:42:32.721
definitely is important to do that.

00:42:33.280 --> 00:42:33.320
Um,

00:42:33.340 --> 00:42:34.222
do you have anything more you want to

00:42:34.282 --> 00:42:35.664
add here or do you want to dive

00:42:35.684 --> 00:42:36.965
straight into some site updates?

00:42:38.469 --> 00:42:40.773
I think that's kind of it.

00:42:41.273 --> 00:42:42.056
Yeah,

00:42:42.076 --> 00:42:44.139
why don't you give us some updates on

00:42:44.179 --> 00:42:45.463
what you've been working on on the video

00:42:45.503 --> 00:42:46.284
side of things so far?

00:42:47.188 --> 00:42:47.447
Yeah,

00:42:47.507 --> 00:42:49.150
so I guess I'll also give an update

00:42:49.210 --> 00:42:50.931
on what Nate's been working on too,

00:42:50.972 --> 00:42:52.793
because we've kind of been also working

00:42:52.833 --> 00:42:53.414
together on it.

00:42:53.554 --> 00:42:54.775
But yeah,

00:42:54.815 --> 00:42:58.818
Nate put together a Jellyfin tutorial,

00:42:58.838 --> 00:43:00.619
because I don't know if everyone's seen,

00:43:00.679 --> 00:43:04.224
but Plex is now upgrading the cost of

00:43:04.264 --> 00:43:06.485
their lifetime Plex pass,

00:43:06.505 --> 00:43:08.146
which basically gives you unlimited access

00:43:08.166 --> 00:43:08.648
to all the

00:43:09.367 --> 00:43:10.929
features of the Plex Media Server.

00:43:10.969 --> 00:43:12.451
They're upgrading the cost to seven

00:43:12.471 --> 00:43:14.411
hundred and fifty dollars US dollars,

00:43:14.472 --> 00:43:14.911
by the way.

00:43:15.452 --> 00:43:17.653
And that is kind of expensive.

00:43:18.295 --> 00:43:20.215
It was like I think it's now two

00:43:20.235 --> 00:43:20.597
fifty.

00:43:20.657 --> 00:43:22.038
And before that, it was even less.

00:43:22.057 --> 00:43:23.918
It was like I swear it would drop

00:43:23.958 --> 00:43:25.059
down to like fifty before.

00:43:25.840 --> 00:43:27.181
So it is kind of wild that they've

00:43:27.242 --> 00:43:28.282
increased it so much.

00:43:29.103 --> 00:43:30.204
In fact, a little bit greedy.

00:43:30.643 --> 00:43:32.144
So we kind of wanted to, you know,

00:43:32.284 --> 00:43:33.686
cash in a little bit on that and

00:43:33.706 --> 00:43:35.146
put something out for people that are like

00:43:36.007 --> 00:43:37.289
very frustrated with

00:43:37.625 --> 00:43:40.606
plex doing all these silly things i think

00:43:40.686 --> 00:43:43.447
plex has also kind of done some strange

00:43:43.507 --> 00:43:45.588
stuff that's kind of diverged a little bit

00:43:45.628 --> 00:43:47.568
from the people that use their product

00:43:47.668 --> 00:43:49.750
like like including a bunch of streaming

00:43:49.809 --> 00:43:52.931
stuff um not really focusing as much on

00:43:52.972 --> 00:43:55.393
the media service stuff i think people are

00:43:55.413 --> 00:43:55.713
kind of

00:43:57.269 --> 00:43:58.331
looking for alternatives.

00:43:58.371 --> 00:43:59.592
So that's what we're trying to do is

00:43:59.652 --> 00:44:03.695
provide like a way for people to switch

00:44:03.735 --> 00:44:05.577
away to something that doesn't even cost

00:44:05.617 --> 00:44:06.077
any money.

00:44:06.257 --> 00:44:06.918
You should donate,

00:44:06.978 --> 00:44:08.760
but it doesn't cost any money.

00:44:08.800 --> 00:44:10.623
Jellyfin is like an open source project.

00:44:10.643 --> 00:44:12.664
There's no strings attached.

00:44:13.625 --> 00:44:15.327
It's definitely less expensive.

00:44:16.231 --> 00:44:17.353
of a good experience,

00:44:17.432 --> 00:44:20.474
but if that is okay for you,

00:44:20.514 --> 00:44:21.795
like if you can put up with that,

00:44:21.835 --> 00:44:23.157
then I think it's definitely a good

00:44:23.197 --> 00:44:25.097
alternative to Plex.

00:44:25.358 --> 00:44:26.458
Um, so yeah,

00:44:26.478 --> 00:44:29.521
Nate has recorded that this week and he

00:44:29.541 --> 00:44:31.001
shot that over to me the other day.

00:44:31.322 --> 00:44:32.922
So I've already started like doing some

00:44:32.963 --> 00:44:33.862
basic edits on it.

00:44:34.103 --> 00:44:34.204
Um,

00:44:35.494 --> 00:44:36.735
that should be an interesting video to

00:44:36.755 --> 00:44:37.315
look out for.

00:44:38.197 --> 00:44:40.737
And we've also been working on a video

00:44:40.878 --> 00:44:42.179
about passwords.

00:44:42.239 --> 00:44:44.500
So that is currently out to members on

00:44:44.539 --> 00:44:45.079
YouTube.

00:44:45.541 --> 00:44:46.800
And I think we're just waiting on,

00:44:47.681 --> 00:44:49.663
we've had like a lot of stuff going

00:44:49.742 --> 00:44:51.443
on behind the scenes this week.

00:44:51.523 --> 00:44:52.784
So we haven't had time to put that

00:44:52.824 --> 00:44:53.605
on peer tube yet,

00:44:53.684 --> 00:44:55.905
but that will be also up on peer

00:44:55.945 --> 00:44:56.907
tube at some point.

00:44:57.547 --> 00:44:57.786
Um,

00:44:57.806 --> 00:45:00.349
that that's a video kind of going through,

00:45:01.208 --> 00:45:02.070
I feel like there's a lot of

00:45:02.230 --> 00:45:04.190
misconceptions about passwords and,

00:45:04.815 --> 00:45:06.257
what is a secure password.

00:45:06.297 --> 00:45:09.079
So that video was written up by Nate

00:45:09.099 --> 00:45:10.641
with some help from Jonah as well.

00:45:11.101 --> 00:45:13.103
And we kind of went through a lot

00:45:13.143 --> 00:45:13.445
of the,

00:45:16.434 --> 00:45:16.693
I guess,

00:45:16.753 --> 00:45:18.735
misconceptions that people have and,

00:45:18.775 --> 00:45:19.657
you know,

00:45:19.677 --> 00:45:21.278
tried to give people good actionable

00:45:21.478 --> 00:45:24.322
advice on how to create good passwords.

00:45:24.842 --> 00:45:27.103
So that's definitely going to be an

00:45:27.123 --> 00:45:28.806
interesting video that will go public.

00:45:29.365 --> 00:45:31.228
I believe that will be going public on

00:45:31.648 --> 00:45:33.170
Saturday at ten a.m.

00:45:33.250 --> 00:45:33.990
Central Time.

00:45:34.731 --> 00:45:36.833
So definitely look out for that going

00:45:36.893 --> 00:45:37.313
public.

00:45:37.434 --> 00:45:39.215
But right now it's available to members.

00:45:41.516 --> 00:45:41.755
Yeah,

00:45:41.795 --> 00:45:43.536
that's sort of everything that I've been

00:45:43.556 --> 00:45:44.117
working on.

00:45:44.418 --> 00:45:45.478
What about you, Jonah?

00:45:46.039 --> 00:45:46.278
Yeah,

00:45:46.498 --> 00:45:48.179
I just want to say about the Plex

00:45:48.199 --> 00:45:48.840
stuff quick.

00:45:49.000 --> 00:45:50.960
I hope that that does convince a lot

00:45:50.981 --> 00:45:52.322
of people to switch to Jellyfin.

00:45:52.402 --> 00:45:55.304
I think that all the Plex stuff,

00:45:55.403 --> 00:45:56.485
especially the weird stuff that you

00:45:56.505 --> 00:45:57.885
mentioned about them adding streaming

00:45:57.925 --> 00:45:59.525
stuff and stuff like that is really

00:45:59.887 --> 00:46:03.309
indicative of the VC funding issues that

00:46:03.349 --> 00:46:03.608
we've seen.

00:46:03.668 --> 00:46:04.028
Obviously,

00:46:04.389 --> 00:46:05.730
Plex has taken on a lot of money

00:46:05.750 --> 00:46:08.271
and now investors are hoping to cash in

00:46:08.331 --> 00:46:08.652
on that.

00:46:08.871 --> 00:46:10.733
And Plex doesn't really have a clear path

00:46:12.032 --> 00:46:15.576
to doing so probably because you know,

00:46:15.695 --> 00:46:17.677
what is it it just serves files on

00:46:17.697 --> 00:46:19.318
your local server in theory,

00:46:19.378 --> 00:46:21.619
but now they've spent all this time and

00:46:21.679 --> 00:46:24.320
money on building features that nobody was

00:46:24.340 --> 00:46:25.181
really asking for.

00:46:25.362 --> 00:46:25.541
So

00:46:28.389 --> 00:46:31.492
I honestly think if Jellyfin is a bit

00:46:31.614 --> 00:46:33.755
too rough around the edges for people,

00:46:33.916 --> 00:46:36.378
it's probably also worth looking into MB,

00:46:37.960 --> 00:46:39.842
which an older version of that,

00:46:39.882 --> 00:46:40.983
which used to be open source,

00:46:41.003 --> 00:46:42.463
is what Jellyfin forked from.

00:46:43.405 --> 00:46:45.847
I've been using both Jellyfin and MB

00:46:46.568 --> 00:46:47.088
recently.

00:46:48.630 --> 00:46:50.052
just because i don't agree with the

00:46:50.072 --> 00:46:51.634
direction plex is going in at all and

00:46:51.693 --> 00:46:53.496
i will say that the experience right now

00:46:53.536 --> 00:46:57.300
on mb is significantly better they they

00:46:57.340 --> 00:47:00.744
charge some amount of money for either a

00:47:00.784 --> 00:47:02.706
subscription or a lifetime pass obviously

00:47:02.786 --> 00:47:06.269
significantly way less than plex but i

00:47:06.289 --> 00:47:07.271
think that it's a project

00:47:08.092 --> 00:47:11.733
that plex users who are willing to use

00:47:11.853 --> 00:47:15.052
these i guess proprietary alternatives

00:47:15.092 --> 00:47:16.673
because plex they're already using plex

00:47:16.693 --> 00:47:18.833
which is proprietary it's worth looking

00:47:18.893 --> 00:47:20.695
into because i think mb is doing what

00:47:20.735 --> 00:47:22.715
plex should be doing which is just being

00:47:22.815 --> 00:47:25.155
focused on serving your own media and not

00:47:25.215 --> 00:47:27.135
also adding in all of these other things

00:47:27.155 --> 00:47:28.576
or taking on a bunch of vc funding

00:47:28.615 --> 00:47:31.476
to add pointless features that nobody

00:47:31.556 --> 00:47:32.277
asked for so

00:47:33.719 --> 00:47:34.519
In the meantime,

00:47:34.820 --> 00:47:36.501
if Jellyfin isn't going to work for you,

00:47:36.561 --> 00:47:37.782
I do think it's worth looking into.

00:47:37.822 --> 00:47:39.141
But in the long term,

00:47:39.202 --> 00:47:41.043
I hope an open source solution like

00:47:41.083 --> 00:47:43.123
Jellyfin really takes off and gets a lot

00:47:43.143 --> 00:47:43.623
of attention.

00:47:43.664 --> 00:47:46.885
And hopefully these changes will make it

00:47:46.925 --> 00:47:48.746
so that more people are contributing to

00:47:48.786 --> 00:47:51.847
Jellyfin because now you kind of need to

00:47:51.867 --> 00:47:55.248
if you don't want to spend that absolutely

00:47:55.309 --> 00:47:57.789
insane sum of money that Flex is now

00:47:57.849 --> 00:47:58.349
demanding.

00:48:00.978 --> 00:48:02.458
Anyways, yeah,

00:48:02.498 --> 00:48:03.900
I'll share some other things that we've

00:48:03.940 --> 00:48:06.041
been working on.

00:48:06.701 --> 00:48:08.882
A lot of the time I've spent this

00:48:08.942 --> 00:48:12.043
week has been redoing our server setup,

00:48:12.184 --> 00:48:14.304
which is not super exciting,

00:48:14.445 --> 00:48:19.126
but I'm converting it all into scripts and

00:48:19.186 --> 00:48:21.788
code that we will publish on our GitHub

00:48:21.807 --> 00:48:24.829
so there's more visibility into what we're

00:48:24.889 --> 00:48:26.889
running and more people can make changes

00:48:26.909 --> 00:48:28.150
to all of that stuff if there's any

00:48:28.210 --> 00:48:28.510
sort of

00:48:29.175 --> 00:48:30.936
emergency because right now we just kind

00:48:30.956 --> 00:48:32.077
of have a lot of systems that we

00:48:32.117 --> 00:48:34.780
need to get unified so i don't know

00:48:34.800 --> 00:48:36.161
how many people are interested in that

00:48:36.201 --> 00:48:38.463
sort of thing but if you are for

00:48:38.503 --> 00:48:40.644
some reason probably hopefully by next

00:48:40.704 --> 00:48:43.706
week we'll have a repo on github that

00:48:43.726 --> 00:48:44.907
will be public that kind of

00:48:46.327 --> 00:48:47.789
has all of that stuff in it.

00:48:47.849 --> 00:48:49.768
So at least on my end,

00:48:49.809 --> 00:48:50.489
for me personally,

00:48:50.510 --> 00:48:51.849
that'll be cool because it simplifies a

00:48:51.929 --> 00:48:52.851
lot of the stuff that I have to

00:48:52.891 --> 00:48:53.030
do.

00:48:53.931 --> 00:48:55.291
The other thing I've been working on is

00:48:55.411 --> 00:48:59.072
more stuff for verified apps database.

00:48:59.152 --> 00:49:00.673
And the app that we have on Android,

00:49:00.693 --> 00:49:01.833
I've been improving that,

00:49:01.853 --> 00:49:03.775
working on getting it submitted to app

00:49:03.795 --> 00:49:04.195
stores,

00:49:04.235 --> 00:49:06.556
and also just going through submissions.

00:49:06.596 --> 00:49:09.197
So there's a few more apps in there.

00:49:09.496 --> 00:49:10.878
We have a lot of submissions open right

00:49:10.918 --> 00:49:11.057
now.

00:49:11.077 --> 00:49:12.398
People have been really contributing.

00:49:13.726 --> 00:49:17.309
I would definitely say if you would like

00:49:17.349 --> 00:49:18.750
to help improve our services,

00:49:18.769 --> 00:49:20.992
it would be really appreciated to submit

00:49:21.172 --> 00:49:22.393
the apps that you have on your phone

00:49:22.793 --> 00:49:24.114
as well so we can kind of expand

00:49:24.134 --> 00:49:24.813
this database.

00:49:25.355 --> 00:49:27.856
We are expanding it right now with apps

00:49:27.876 --> 00:49:30.197
that we can basically verify from

00:49:30.898 --> 00:49:31.860
different app stores,

00:49:32.039 --> 00:49:34.221
but eventually we'll move on to verifying

00:49:34.981 --> 00:49:37.563
stuff like APK files that you download

00:49:37.603 --> 00:49:40.565
from websites directly or from GitHub or

00:49:40.626 --> 00:49:41.146
what have you.

00:49:42.900 --> 00:49:43.081
Yeah,

00:49:44.041 --> 00:49:45.242
I'm just excited about that project

00:49:45.262 --> 00:49:48.262
because I think it's a pretty useful

00:49:48.282 --> 00:49:49.902
feature for people on Android,

00:49:49.922 --> 00:49:53.224
especially if you're downloading apps from

00:49:53.304 --> 00:49:55.244
the internet or maybe untrusted sources

00:49:55.284 --> 00:49:56.585
because, for example,

00:49:56.606 --> 00:49:58.947
you don't have access to Google Play

00:49:58.967 --> 00:49:59.487
yourself,

00:49:59.646 --> 00:50:01.106
either because it's not available in your

00:50:01.126 --> 00:50:02.367
country or because you just don't want to

00:50:02.507 --> 00:50:02.688
use

00:50:03.407 --> 00:50:05.228
Google Play services in a Google account.

00:50:05.929 --> 00:50:08.831
And you have to get your apps elsewhere.

00:50:08.871 --> 00:50:10.213
This is a good way to check whether

00:50:10.333 --> 00:50:12.596
those apps are legitimate, in my opinion,

00:50:12.916 --> 00:50:15.579
and hopefully other people agree and find

00:50:15.599 --> 00:50:16.079
it useful.

00:50:16.278 --> 00:50:17.820
So yeah,

00:50:17.840 --> 00:50:19.422
basically working on building that.

00:50:20.382 --> 00:50:24.347
In other site news, mostly Fria,

00:50:24.547 --> 00:50:27.369
but also the team in general have been

00:50:27.409 --> 00:50:27.951
publishing

00:50:28.451 --> 00:50:30.791
more news stories to privacyguides.org

00:50:30.811 --> 00:50:33.092
slash news so a lot of the stuff

00:50:33.112 --> 00:50:34.632
that we've seen that we don't have time

00:50:34.672 --> 00:50:36.472
to talk about here on this show typically

00:50:36.492 --> 00:50:39.112
gets published at privacyguides.org slash

00:50:39.152 --> 00:50:40.572
news so that is a good place to

00:50:40.612 --> 00:50:43.713
really keep up with a lot more news

00:50:43.773 --> 00:50:46.193
stories in this space that we're aware of

00:50:46.733 --> 00:50:48.635
in addition to what we post on the

00:50:48.735 --> 00:50:50.434
forum and stuff of course from the

00:50:50.454 --> 00:50:54.155
community so yeah definitely check out the

00:50:54.215 --> 00:50:55.615
articles there if

00:50:57.079 --> 00:50:58.320
That is something that's interesting to

00:50:58.340 --> 00:50:58.440
you.

00:50:58.500 --> 00:50:59.641
I would definitely recommend it.

00:51:00.402 --> 00:51:01.663
All of the stuff that we work on

00:51:02.023 --> 00:51:02.704
at Privacy Guides,

00:51:02.744 --> 00:51:04.905
it's made possible by our supporters.

00:51:05.306 --> 00:51:08.228
So if you like all the stuff that

00:51:08.248 --> 00:51:09.670
we're doing and want to support the

00:51:09.690 --> 00:51:10.050
project,

00:51:10.070 --> 00:51:11.853
you can sign up for a membership or

00:51:11.873 --> 00:51:14.275
you can donate at privacyguides.org slash

00:51:14.635 --> 00:51:15.016
donate.

00:51:15.436 --> 00:51:16.976
You can also pick up some swag at

00:51:17.016 --> 00:51:19.719
shop.privacyguides.org if you want

00:51:19.760 --> 00:51:20.280
something there.

00:51:21.061 --> 00:51:22.181
Privacy Guides, of course,

00:51:22.282 --> 00:51:24.003
is a nonprofit project,

00:51:24.063 --> 00:51:26.304
we research and share privacy related

00:51:26.344 --> 00:51:26.846
information.

00:51:26.945 --> 00:51:28.646
And we facilitate that community on our

00:51:28.706 --> 00:51:31.168
forum and matrix where people can ask

00:51:31.188 --> 00:51:32.791
questions, get advice,

00:51:33.030 --> 00:51:36.112
learn about staying private online and

00:51:36.713 --> 00:51:39.356
preserving your digital rights.

00:51:39.416 --> 00:51:39.835
So yeah,

00:51:40.016 --> 00:51:41.177
I think with all those updates out of

00:51:41.197 --> 00:51:41.458
the way,

00:51:41.557 --> 00:51:43.739
let's talk about our next story about a

00:51:43.820 --> 00:51:45.081
new Apple feature,

00:51:45.440 --> 00:51:46.942
which is automatically going to change

00:51:46.961 --> 00:51:49.043
your compromised passwords.

00:51:53.197 --> 00:51:55.617
if I could pull it up here.

00:51:55.637 --> 00:51:58.018
This was reported by Bleeping Computer.

00:51:58.719 --> 00:51:59.898
The headline is, just as I said,

00:52:00.059 --> 00:52:01.320
there's a new Apple feature here.

00:52:01.840 --> 00:52:04.239
They say, at WWDC,

00:52:04.340 --> 00:52:05.380
Apple announced an Apple

00:52:05.420 --> 00:52:06.800
intelligence-powered feature that can

00:52:06.920 --> 00:52:09.322
automatically fix weak and compromised

00:52:09.342 --> 00:52:09.822
passwords.

00:52:10.262 --> 00:52:10.581
Right now,

00:52:10.621 --> 00:52:12.842
Safari and the built-in Apple Passwords

00:52:12.902 --> 00:52:15.423
app can automatically flag weak duplicate

00:52:15.563 --> 00:52:16.784
or compromised passwords.

00:52:17.784 --> 00:52:21.206
Now, this is an AI-powered feature.

00:52:22.585 --> 00:52:24.465
Apple says that the built-in password app

00:52:24.887 --> 00:52:28.186
and Safari can now use AI to agentically

00:52:28.487 --> 00:52:30.547
take action based on your behavior and

00:52:30.608 --> 00:52:33.068
secure your passwords automatically.

00:52:34.148 --> 00:52:36.768
This feature will launch with iOS for the

00:52:36.809 --> 00:52:37.929
passwords app in Safari,

00:52:37.949 --> 00:52:40.610
which can automatically update eligible

00:52:40.630 --> 00:52:42.951
accounts to strong passwords.

00:52:44.476 --> 00:52:46.398
I think that this is a cool development.

00:52:46.798 --> 00:52:48.599
There's a lot of concerns about AI and

00:52:48.639 --> 00:52:49.400
how this will be used.

00:52:49.440 --> 00:52:50.121
For example,

00:52:50.400 --> 00:52:54.083
I would certainly hope that this feature

00:52:54.103 --> 00:52:57.425
in particular is going to be done entirely

00:52:57.465 --> 00:52:57.905
locally.

00:52:58.367 --> 00:53:00.947
Apple says in a blog post that the

00:53:00.989 --> 00:53:03.449
latest models that they have run on device

00:53:03.530 --> 00:53:05.251
and on servers using private cloud

00:53:05.711 --> 00:53:06.192
compute.

00:53:06.552 --> 00:53:09.514
But I would imagine something like this is

00:53:09.554 --> 00:53:11.576
going to work on device.

00:53:11.715 --> 00:53:12.155
It doesn't

00:53:13.717 --> 00:53:18.039
specify very concretely in this article

00:53:18.099 --> 00:53:19.021
from what I've seen how,

00:53:19.420 --> 00:53:20.501
how this feature is going to work.

00:53:20.902 --> 00:53:23.123
But so yeah,

00:53:23.143 --> 00:53:24.204
that's something to look into.

00:53:24.925 --> 00:53:27.126
But hopefully it works well,

00:53:27.306 --> 00:53:28.186
and is reliable.

00:53:28.927 --> 00:53:30.829
Because I do think this is a big

00:53:30.869 --> 00:53:32.590
problem that people have when they when

00:53:32.610 --> 00:53:34.371
they switch to password managers, it's,

00:53:35.010 --> 00:53:36.251
they import all of their passwords,

00:53:36.271 --> 00:53:37.632
and they're usually like all the same

00:53:37.652 --> 00:53:38.052
passwords,

00:53:38.072 --> 00:53:39.074
and then they have to go through and

00:53:39.134 --> 00:53:39.733
update them all.

00:53:39.773 --> 00:53:40.315
And that is

00:53:41.567 --> 00:53:42.067
difficult.

00:53:42.347 --> 00:53:47.251
So a one button way to fix all

00:53:47.271 --> 00:53:49.172
of your passwords or to fix passwords that

00:53:49.333 --> 00:53:52.074
are compromised in a data breach would be

00:53:52.235 --> 00:53:54.635
actually helpful for a lot of people and

00:53:54.697 --> 00:53:56.038
hopefully would improve their security.

00:54:00.144 --> 00:54:01.525
I guess the main thing is I hope

00:54:01.565 --> 00:54:06.909
this doesn't stop websites from adopting

00:54:07.389 --> 00:54:08.851
even more secure alternatives like

00:54:08.891 --> 00:54:09.391
passkeys.

00:54:09.431 --> 00:54:11.393
I think that that's the ultimate fix

00:54:11.432 --> 00:54:14.554
probably is to get much more passkey

00:54:14.594 --> 00:54:15.074
support

00:54:16.148 --> 00:54:17.449
implemented across websites.

00:54:17.889 --> 00:54:19.809
We've seen a lot of passkey adoption so

00:54:19.849 --> 00:54:20.030
far,

00:54:20.050 --> 00:54:22.630
which has been super great because it kind

00:54:22.670 --> 00:54:24.271
of guarantees all of the security by

00:54:24.351 --> 00:54:24.791
design.

00:54:25.371 --> 00:54:27.590
So I'm glad to see a lot more

00:54:27.731 --> 00:54:30.052
sites adopting that than had adopted like

00:54:30.092 --> 00:54:31.351
security keys, for example,

00:54:31.411 --> 00:54:33.431
even mainstream consumer sites are adding

00:54:33.472 --> 00:54:35.452
passkeys now because it's just an easier

00:54:35.472 --> 00:54:37.733
and more secure way to secure your

00:54:37.753 --> 00:54:38.213
accounts.

00:54:38.733 --> 00:54:41.673
So yeah, overall,

00:54:43.197 --> 00:54:44.818
I don't think this is a terrible idea.

00:54:45.097 --> 00:54:47.259
I think for people who are using the

00:54:47.318 --> 00:54:48.918
Apple Passwords app, it's pretty cool,

00:54:49.458 --> 00:54:50.880
which I would imagine it's a lot of

00:54:50.920 --> 00:54:52.239
people because it's by default.

00:54:52.280 --> 00:54:53.940
It's not a password manager that we would

00:54:54.681 --> 00:54:56.981
probably recommend at all.

00:54:57.501 --> 00:54:59.282
We have password manager recommendations

00:54:59.322 --> 00:54:59.922
on our website,

00:55:00.603 --> 00:55:03.784
mainly open source ones like Bitwarden and

00:55:03.804 --> 00:55:04.965
KeePass are the big ones.

00:55:06.400 --> 00:55:07.581
And I don't know how likely it is

00:55:07.601 --> 00:55:08.942
that they'll be able to add a feature

00:55:08.981 --> 00:55:09.902
like this anytime soon.

00:55:09.961 --> 00:55:11.722
But for a lot of people who are

00:55:11.762 --> 00:55:14.144
just using the built in password manager,

00:55:14.224 --> 00:55:16.326
I think that this will improve kind of

00:55:16.346 --> 00:55:19.547
the baseline security for all of those

00:55:19.568 --> 00:55:21.369
people.

00:55:21.409 --> 00:55:21.708
Jordan,

00:55:21.728 --> 00:55:24.570
did you have anything to say about that

00:55:24.610 --> 00:55:24.871
change?

00:55:26.063 --> 00:55:26.282
Yeah,

00:55:26.322 --> 00:55:28.443
I think this is kind of indicative of

00:55:28.583 --> 00:55:30.985
Apple's, like, control over this, like,

00:55:31.005 --> 00:55:32.045
whole ecosystem, right?

00:55:32.065 --> 00:55:32.224
Like,

00:55:32.585 --> 00:55:34.346
it feels like not many other companies

00:55:34.365 --> 00:55:35.525
would really be able to do this.

00:55:35.585 --> 00:55:36.726
And, like, maybe if there's...

00:55:36.746 --> 00:55:38.686
I don't know.

00:55:39.007 --> 00:55:40.728
It's just that they have such, like,

00:55:40.867 --> 00:55:41.788
ultimate control.

00:55:42.307 --> 00:55:43.869
I think one thing I have seen is

00:55:44.369 --> 00:55:45.809
a lot of people will have, like,

00:55:45.829 --> 00:55:47.869
a bunch of passwords in Apple Passwords

00:55:47.889 --> 00:55:49.829
because it literally will ask you to save

00:55:49.849 --> 00:55:51.690
your passwords in there automatically and

00:55:51.791 --> 00:55:52.891
people just do that, right?

00:55:53.592 --> 00:55:53.791
And...

00:55:55.777 --> 00:55:57.097
I imagine a lot of times,

00:55:58.139 --> 00:55:59.880
at least the people that I've seen in

00:55:59.940 --> 00:56:00.400
my life,

00:56:00.460 --> 00:56:02.141
they'll have the passwords app and it will

00:56:02.161 --> 00:56:03.882
just be a list of compromised,

00:56:03.922 --> 00:56:05.425
compromised, compromised.

00:56:06.144 --> 00:56:09.327
So I think if this just updates those

00:56:09.367 --> 00:56:11.730
passwords automatically in the background,

00:56:12.090 --> 00:56:13.951
it's not super clear how this works yet.

00:56:15.271 --> 00:56:17.534
And I think a lot of things when

00:56:17.574 --> 00:56:18.954
it comes to AI and Apple,

00:56:19.034 --> 00:56:21.016
I think we need to definitely hold our

00:56:21.036 --> 00:56:22.197
breath a little bit because

00:56:22.943 --> 00:56:24.844
They don't seem to be super good at

00:56:24.905 --> 00:56:26.045
rolling out this sort of stuff.

00:56:26.065 --> 00:56:28.286
They'll promise something and then it

00:56:28.327 --> 00:56:29.268
won't really happen.

00:56:29.288 --> 00:56:30.429
I don't know.

00:56:30.489 --> 00:56:32.309
I don't think this,

00:56:32.389 --> 00:56:35.152
it was kind of frustrating looking at WWDC

00:56:35.431 --> 00:56:37.353
last week or this week, I guess,

00:56:37.733 --> 00:56:40.315
because there was such a focus on like

00:56:40.414 --> 00:56:41.215
AI stuff and,

00:56:42.934 --> 00:56:44.677
And we didn't really see that many

00:56:44.757 --> 00:56:46.418
security improvements or anything like

00:56:46.458 --> 00:56:46.699
that.

00:56:47.940 --> 00:56:50.983
So this was one of the few things

00:56:51.463 --> 00:56:54.507
that was able to be positive, I guess.

00:56:56.009 --> 00:56:56.730
I'm not really sure.

00:56:56.829 --> 00:56:58.030
I feel like as soon as you start

00:56:58.070 --> 00:57:00.333
assigning tasks to an AI agent,

00:57:00.614 --> 00:57:02.596
it starts to become a little bit sus.

00:57:03.036 --> 00:57:04.498
They were saying on here that it was...

00:57:05.293 --> 00:57:07.134
an agentic password manager.

00:57:07.313 --> 00:57:08.934
Like, I don't really like that idea.

00:57:09.074 --> 00:57:09.514
I don't like,

00:57:09.574 --> 00:57:10.514
I don't like the sound of that.

00:57:10.534 --> 00:57:10.695
Like,

00:57:10.755 --> 00:57:13.135
I feel like that could possibly end up

00:57:13.155 --> 00:57:13.615
being, Oh,

00:57:13.835 --> 00:57:15.376
we changed your password to something

00:57:15.436 --> 00:57:17.257
that's really bad.

00:57:17.297 --> 00:57:18.536
Or we submitted your information

00:57:18.577 --> 00:57:18.936
somewhere.

00:57:19.056 --> 00:57:19.338
I don't know.

00:57:19.358 --> 00:57:22.157
I'm not really super convinced by this,

00:57:22.338 --> 00:57:23.998
but if it does just do what they're

00:57:24.018 --> 00:57:25.358
saying and it's kind of, they just,

00:57:25.900 --> 00:57:26.159
you know,

00:57:26.280 --> 00:57:28.360
plugged on a bunch of AI buzzwords,

00:57:28.440 --> 00:57:31.061
maybe it's a good thing for those people

00:57:31.081 --> 00:57:32.342
that are using Apple passwords.

00:57:32.422 --> 00:57:33.242
But yeah,

00:57:34.340 --> 00:57:34.661
Yeah,

00:57:35.623 --> 00:57:37.284
Apple's definitely been making quite a big

00:57:37.324 --> 00:57:38.264
fuss about like...

00:57:39.577 --> 00:57:39.836
oh,

00:57:40.317 --> 00:57:41.978
Apple intelligence is going to be very

00:57:42.038 --> 00:57:44.818
private and secure and not sending your

00:57:44.838 --> 00:57:45.498
data anywhere.

00:57:45.617 --> 00:57:47.338
So that still remains to be seen.

00:57:48.059 --> 00:57:49.378
I think most people on our team are

00:57:49.438 --> 00:57:51.780
definitely more against this technology

00:57:51.820 --> 00:57:52.760
than for it.

00:57:52.900 --> 00:57:56.181
But if this technology has to get

00:57:56.240 --> 00:57:57.661
implemented on people's devices,

00:57:57.701 --> 00:58:00.021
because of the trends in the industry,

00:58:00.061 --> 00:58:01.842
I'd rather it gets implemented in a way

00:58:01.862 --> 00:58:04.882
that isn't sharing it with massive AI

00:58:04.902 --> 00:58:05.643
corporations.

00:58:07.731 --> 00:58:08.552
So yeah, I don't know.

00:58:09.092 --> 00:58:09.833
Yeah,

00:58:09.873 --> 00:58:12.635
definitely a lot of questions that need to

00:58:12.675 --> 00:58:15.557
be answered here, I think.

00:58:15.617 --> 00:58:16.259
Yeah, definitely.

00:58:19.862 --> 00:58:20.702
I think that's kind of all I have

00:58:20.722 --> 00:58:21.083
to say, though,

00:58:21.302 --> 00:58:22.945
if you want to take our next story

00:58:22.985 --> 00:58:23.144
here.

00:58:24.106 --> 00:58:24.847
Yeah, sounds good.

00:58:24.907 --> 00:58:26.728
So this is a story...

00:58:28.117 --> 00:58:29.759
from Canada.

00:58:29.838 --> 00:58:32.860
So signal DuckDuckGo among firms weighing

00:58:32.940 --> 00:58:36.561
Canada exit over lawful access bill.

00:58:36.722 --> 00:58:39.503
So I don't know if people have been

00:58:39.543 --> 00:58:39.963
following,

00:58:40.043 --> 00:58:43.425
but basically there's been a bill called

00:58:43.505 --> 00:58:44.746
Bill C-二,

00:58:44.925 --> 00:58:48.367
which basically would force companies

00:58:49.047 --> 00:58:52.090
inside Canada to retain metadata for up to

00:58:52.110 --> 00:58:55.972
a year and allow basically for police to

00:58:57.139 --> 00:58:59.621
access that information and obviously when

00:58:59.661 --> 00:59:01.023
we talk about stuff like Signal and

00:59:01.043 --> 00:59:03.686
DuckDuckGo that technology is not

00:59:03.706 --> 00:59:06.128
particularly compatible with this right

00:59:06.228 --> 00:59:09.811
it's uh these are technologies that are

00:59:10.313 --> 00:59:12.675
that work on the least metadata collection

00:59:12.715 --> 00:59:15.117
possible right and as soon as you start

00:59:15.137 --> 00:59:17.300
like forcing these companies to retain

00:59:17.340 --> 00:59:19.541
this metadata and to do this sort of

00:59:19.601 --> 00:59:20.222
stuff it's

00:59:21.637 --> 00:59:24.318
it sort of breaks the entire like privacy,

00:59:24.539 --> 00:59:25.918
like aspect of these tools.

00:59:26.280 --> 00:59:27.480
So quoting from the article,

00:59:27.539 --> 00:59:28.380
in its current form,

00:59:28.440 --> 00:59:30.280
Bill C-Twenty-Two would convert the

00:59:30.360 --> 00:59:32.362
everyday tools Canadians rely on into

00:59:32.402 --> 00:59:32.862
sprawling,

00:59:33.382 --> 00:59:35.842
insecure surveillance apparatuses.

00:59:38.454 --> 00:59:41.456
signals vice president of strategy and

00:59:41.496 --> 00:59:43.818
global affairs told the house of commons

00:59:43.938 --> 00:59:47.061
public safety committee on tuesday if we

00:59:47.101 --> 00:59:49.103
are ever forced to choose between

00:59:49.242 --> 00:59:51.204
betraying the people who rely on us and

00:59:51.264 --> 00:59:54.307
leaving a market we will leave which i

00:59:54.347 --> 00:59:56.108
think is really good that these like

00:59:56.530 --> 00:59:58.210
companies are actually making a stand on

00:59:58.231 --> 00:59:59.771
this um i think we've seen this before

00:59:59.831 --> 01:00:01.554
especially like in the uk we've seen

01:00:02.074 --> 01:00:03.795
people saying they're going to leave um

01:00:05.376 --> 01:00:07.402
Similar things in other countries that are

01:00:07.422 --> 01:00:08.905
trying to pass these like metadata

01:00:08.945 --> 01:00:12.416
retention stuff, which is good.

01:00:13.251 --> 01:00:15.032
And basically the argument for this is

01:00:15.431 --> 01:00:17.733
adding these metadata retention things and

01:00:17.853 --> 01:00:20.394
adding backdoors for the good guys can

01:00:20.434 --> 01:00:23.635
always be exploited by cyber criminals and

01:00:24.277 --> 01:00:26.577
expose a bunch of this metadata to people

01:00:26.617 --> 01:00:29.378
that shouldn't have access to this.

01:00:29.838 --> 01:00:32.300
And the solution here is don't.

01:00:32.800 --> 01:00:33.501
No metadata.

01:00:33.661 --> 01:00:34.521
Don't collect it.

01:00:34.541 --> 01:00:35.922
It doesn't need to be collected, right?

01:00:37.083 --> 01:00:38.244
That's why it's so frustrating when

01:00:38.264 --> 01:00:39.943
there's these politicians that are trying

01:00:39.983 --> 01:00:42.246
to get this stuff pushed through.

01:00:44.679 --> 01:00:46.239
So yeah, another quote here, effectively,

01:00:46.260 --> 01:00:47.701
the government through this legislation

01:00:48.322 --> 01:00:50.143
seeks to insert itself into the networks

01:00:50.182 --> 01:00:51.903
and devices of various providers.

01:00:52.704 --> 01:00:53.746
So yeah,

01:00:53.806 --> 01:00:55.887
it's kind of a bit of a problematic

01:00:55.927 --> 01:00:56.186
bill.

01:00:56.268 --> 01:00:58.768
I've seen this definitely popping up a lot

01:01:00.971 --> 01:01:02.152
as being basically a

01:01:04.797 --> 01:01:05.278
Pretty much,

01:01:05.358 --> 01:01:07.159
it's basically a mass surveillance bill.

01:01:07.920 --> 01:01:09.583
As far as mass surveillance goes,

01:01:09.603 --> 01:01:11.083
this is basically a mass surveillance

01:01:11.103 --> 01:01:11.364
bill.

01:01:11.804 --> 01:01:14.427
Even companies like NordVPN said they

01:01:14.447 --> 01:01:16.449
would basically remove service from the

01:01:16.469 --> 01:01:17.409
country this past.

01:01:17.429 --> 01:01:19.851
This is going to affect the VPN services

01:01:19.891 --> 01:01:20.213
too.

01:01:21.853 --> 01:01:22.594
Windscribe,

01:01:22.614 --> 01:01:24.717
which is a Canadian-based company,

01:01:25.557 --> 01:01:27.358
that would be interesting to see how that

01:01:27.378 --> 01:01:28.981
would affect them because they are

01:01:30.518 --> 01:01:32.818
based in Canada as well.

01:01:32.918 --> 01:01:33.338
So like,

01:01:33.438 --> 01:01:35.059
would they have to move countries?

01:01:35.119 --> 01:01:35.239
Like,

01:01:35.259 --> 01:01:36.539
would they have to change jurisdiction if

01:01:36.579 --> 01:01:37.159
this passed?

01:01:37.858 --> 01:01:39.260
That is not entirely clear.

01:01:39.840 --> 01:01:41.500
Well, I did see, I like this quote.

01:01:42.119 --> 01:01:43.360
It's later on in the article,

01:01:43.420 --> 01:01:45.601
but Windscript did have a quote here.

01:01:45.820 --> 01:01:47.221
Apparently they wrote on X,

01:01:47.780 --> 01:01:49.702
we pay an ungodly amount of taxes to

01:01:49.742 --> 01:01:51.641
this corrupt government and in return,

01:01:51.681 --> 01:01:53.422
they want to destroy the entire essence of

01:01:53.461 --> 01:01:55.463
our service to basically spy on its own

01:01:55.503 --> 01:01:55.922
citizens.

01:01:56.422 --> 01:01:57.063
Not happening.

01:01:57.164 --> 01:01:59.085
We'll move HQ and take our taxes

01:01:59.186 --> 01:01:59.646
elsewhere.

01:01:59.965 --> 01:02:01.967
So it seems like they are definitely on

01:02:02.027 --> 01:02:02.288
board.

01:02:03.088 --> 01:02:05.331
They get out of Canada train if such

01:02:05.351 --> 01:02:06.612
an invasive bill like

01:02:06.831 --> 01:02:20.543
C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C-C

01:02:24.201 --> 01:02:25.041
I think that is one of,

01:02:25.260 --> 01:02:26.661
that's always been one of those sticking

01:02:26.702 --> 01:02:28.021
points for people in our community is

01:02:28.041 --> 01:02:29.402
like, oh, you're based in Canada.

01:02:29.442 --> 01:02:32.103
Like Canada doesn't have the best track

01:02:32.143 --> 01:02:33.443
record when it comes to this sort of

01:02:33.483 --> 01:02:33.762
stuff.

01:02:33.782 --> 01:02:34.864
And now I guess we're kind of seeing

01:02:35.204 --> 01:02:37.063
this hasn't passed yet, but you know,

01:02:37.083 --> 01:02:38.485
there's definitely a possibility that it

01:02:38.525 --> 01:02:38.844
will.

01:02:39.885 --> 01:02:41.324
And it's good to see that companies,

01:02:41.684 --> 01:02:42.985
especially even ones that are based in

01:02:43.025 --> 01:02:45.025
Canada are like literally saying,

01:02:45.166 --> 01:02:46.786
we're going to just get up and leave.

01:02:48.067 --> 01:02:49.507
That should be the response to this,

01:02:50.307 --> 01:02:51.527
this sort of law passing.

01:02:52.771 --> 01:02:53.931
Um, yeah,

01:02:53.972 --> 01:02:55.452
there was some more people just saying

01:02:55.492 --> 01:02:58.632
like, there was also the, uh,

01:02:58.652 --> 01:02:59.833
there's also tail scale,

01:02:59.853 --> 01:03:01.414
which is also based in Canada.

01:03:01.574 --> 01:03:01.773
Um,

01:03:01.813 --> 01:03:03.114
they were also saying that they would have

01:03:03.153 --> 01:03:04.293
to think about, you know,

01:03:04.313 --> 01:03:06.414
maybe moving jurisdictions as well.

01:03:06.835 --> 01:03:08.275
Um, I think when,

01:03:08.335 --> 01:03:10.056
when you start having all these companies

01:03:10.115 --> 01:03:11.115
coming out saying that they would

01:03:11.175 --> 01:03:11.835
literally have to,

01:03:11.936 --> 01:03:14.175
they would rather move jurisdictions than

01:03:14.235 --> 01:03:15.436
stay in your country, that,

01:03:15.476 --> 01:03:17.777
that is kind of a clear sign that

01:03:17.916 --> 01:03:20.498
what you're trying to propose is very much

01:03:20.617 --> 01:03:21.577
not a good thing.

01:03:22.135 --> 01:03:23.956
yeah i mean all of these backdoor

01:03:23.996 --> 01:03:27.579
proposals are just fundamentally flawed

01:03:28.099 --> 01:03:29.360
there's because there's no way to

01:03:29.440 --> 01:03:32.282
implement these securely and i think you

01:03:32.322 --> 01:03:35.605
quoted this earlier but um exactly like it

01:03:35.625 --> 01:03:38.385
says in the article these companies have

01:03:39.487 --> 01:03:42.228
like not only do they should they like

01:03:42.489 --> 01:03:44.949
not do this for security reasons but they

01:03:44.989 --> 01:03:47.612
have an obligation to all of their

01:03:47.652 --> 01:03:48.492
consumers that

01:03:49.748 --> 01:03:51.951
They're going to protect this data from a

01:03:52.030 --> 01:03:53.432
cybersecurity perspective.

01:03:53.773 --> 01:03:56.016
All of these companies have an obligation

01:03:56.036 --> 01:03:59.119
to protect people from data breaches,

01:03:59.760 --> 01:04:04.045
and this basically prevents them from

01:04:04.306 --> 01:04:04.806
doing that.

01:04:06.489 --> 01:04:08.630
It's not very clear to me why governments

01:04:08.650 --> 01:04:09.990
don't really understand this when it comes

01:04:10.010 --> 01:04:11.431
to certain tech companies,

01:04:11.552 --> 01:04:14.974
but it seems obvious that this is going

01:04:14.994 --> 01:04:19.257
to impact companies far beyond just tech

01:04:19.297 --> 01:04:21.300
companies or VPN companies or whatever.

01:04:21.400 --> 01:04:23.722
If there has to be a backdoor into

01:04:24.541 --> 01:04:26.864
encryption like HTTPS, for example,

01:04:26.884 --> 01:04:28.786
that's going to impact the security of

01:04:28.826 --> 01:04:30.766
your bank account transactions.

01:04:31.086 --> 01:04:31.206
Yeah.

01:04:32.208 --> 01:04:34.889
not just like from the government,

01:04:35.009 --> 01:04:37.710
but from hackers.

01:04:38.971 --> 01:04:40.831
We have said this before and I'll say

01:04:40.851 --> 01:04:41.150
it again.

01:04:41.931 --> 01:04:44.572
All of these back doors are going to

01:04:44.612 --> 01:04:46.333
be exploited because there's no way to

01:04:46.413 --> 01:04:48.974
implement them in a way that only one

01:04:49.054 --> 01:04:52.115
person like the government can access and

01:04:52.815 --> 01:04:53.695
nobody else can.

01:04:53.876 --> 01:04:56.996
So people will eventually,

01:04:57.677 --> 01:04:58.677
maybe not immediately,

01:04:58.717 --> 01:05:00.818
but there will always be some sort of

01:05:02.159 --> 01:05:04.204
exploit or way that people can use these

01:05:04.324 --> 01:05:06.447
back doors outside the government to get

01:05:06.507 --> 01:05:07.389
access to all this data.

01:05:08.472 --> 01:05:12.193
Even if in like a perfect fantasy world

01:05:12.213 --> 01:05:14.034
that these governments seem to believe in

01:05:14.074 --> 01:05:14.795
for some reason,

01:05:14.875 --> 01:05:16.615
if we imagine that there's a backdoor that

01:05:16.735 --> 01:05:17.615
only they can access,

01:05:18.155 --> 01:05:20.016
I think the flock story that we talked

01:05:20.036 --> 01:05:21.737
about earlier also demonstrates that the

01:05:21.757 --> 01:05:23.617
government can't be trusted with this data

01:05:23.637 --> 01:05:25.739
because we'll see government agents,

01:05:25.838 --> 01:05:27.920
law enforcement officers, et cetera,

01:05:28.719 --> 01:05:31.121
use their access to these systems to track

01:05:31.141 --> 01:05:34.541
people unlawfully and completely abuse

01:05:35.242 --> 01:05:37.043
the type of backdoor that a law like

01:05:37.063 --> 01:05:37.864
this would implement.

01:05:37.943 --> 01:05:40.166
So it's just an incredibly dangerous

01:05:40.186 --> 01:05:43.208
situation that Bill C-二 is creating for

01:05:43.248 --> 01:05:44.228
Canadians right now.

01:05:44.929 --> 01:05:47.672
And it's something that anybody in Canada

01:05:48.032 --> 01:05:51.355
needs to really take a step to take

01:05:51.394 --> 01:05:53.016
steps to prevent from happening.

01:05:53.036 --> 01:05:54.777
You need to make your voice heard once

01:05:54.818 --> 01:05:55.077
again.

01:05:55.878 --> 01:05:58.579
because this sort of thing again public

01:05:58.641 --> 01:06:00.981
outreach and kind of these grassroots

01:06:01.501 --> 01:06:03.222
efforts to block bills and other stuff

01:06:03.242 --> 01:06:05.023
from happening it can be effective but

01:06:05.043 --> 01:06:07.605
people really do need to get out there

01:06:07.625 --> 01:06:09.525
and make their voices heard and this is

01:06:09.686 --> 01:06:13.989
a particularly dangerous form of of these

01:06:14.188 --> 01:06:17.250
of this kind of back door that should

01:06:17.289 --> 01:06:20.391
not be be put in the law so

01:06:22.833 --> 01:06:27.094
yeah canada watch out one really important

01:06:27.114 --> 01:06:28.536
thing like you were talking about with the

01:06:28.556 --> 01:06:31.217
grassroots like organizing of people this

01:06:31.257 --> 01:06:34.038
has already been uh knocked back i believe

01:06:34.077 --> 01:06:35.559
like there was already a previous bill

01:06:35.579 --> 01:06:37.300
that was tried they tried to pass that

01:06:37.340 --> 01:06:39.360
was like similar to this i believe it

01:06:39.400 --> 01:06:43.422
was bill c-two i believe um the strong

01:06:43.461 --> 01:06:45.503
borders act which also included a bunch of

01:06:45.623 --> 01:06:47.903
like mass surveillance stuff and that was

01:06:47.945 --> 01:06:50.146
also knocked back because of public outcry

01:06:50.206 --> 01:06:50.606
so like

01:06:51.286 --> 01:06:53.067
it does actually work in this case,

01:06:53.106 --> 01:06:54.407
it a hundred percent does work.

01:06:54.467 --> 01:06:57.947
So this article itself is saying,

01:06:57.987 --> 01:06:59.068
you know, at the end of it,

01:06:59.128 --> 01:06:59.768
it's saying like,

01:07:00.289 --> 01:07:03.369
they're going to make a amendments to the

01:07:03.389 --> 01:07:05.251
spill to make it so that it's not

01:07:05.291 --> 01:07:06.331
going to break encryption,

01:07:06.731 --> 01:07:09.371
which I think is a little bit ridiculous.

01:07:09.391 --> 01:07:11.213
So what, what does that exactly mean?

01:07:12.853 --> 01:07:13.092
You know,

01:07:13.152 --> 01:07:14.574
they're saying that they wouldn't shorten

01:07:14.594 --> 01:07:15.853
the retaining of metadata.

01:07:15.974 --> 01:07:17.335
They would still keep it for a year.

01:07:18.014 --> 01:07:20.096
so you know I think this is a

01:07:20.115 --> 01:07:22.637
little bit ridiculous it's it shouldn't be

01:07:22.677 --> 01:07:25.277
it shouldn't be passed definitely get get

01:07:25.318 --> 01:07:26.938
in contact with your representatives if

01:07:26.958 --> 01:07:28.519
you're in Canada and try and make sure

01:07:28.539 --> 01:07:31.001
that you let them know that this is

01:07:31.041 --> 01:07:32.882
a really bad idea and you know the

01:07:32.902 --> 01:07:35.762
government has not really it sounds like

01:07:35.802 --> 01:07:37.543
they might be talking a lot to law

01:07:37.563 --> 01:07:39.945
enforcement which you know of course they

01:07:39.965 --> 01:07:41.545
want more data to to be able to

01:07:41.905 --> 01:07:43.186
you know do police work but

01:07:44.938 --> 01:07:46.179
kind of flies in the face of you

01:07:46.199 --> 01:07:48.521
know individual freedom for people in the

01:07:48.661 --> 01:07:50.902
country and like access to these tools so

01:07:52.083 --> 01:07:54.565
um yeah it's just a kind of an

01:07:54.664 --> 01:07:56.905
unfortunate situation but if you're in

01:07:56.965 --> 01:07:59.447
canada definitely try and get in contact

01:07:59.467 --> 01:08:02.949
with your representatives there's a good

01:08:03.030 --> 01:08:07.632
uh article from citizen lab in canada that

01:08:07.672 --> 01:08:10.315
kind of analyzes this law in more detail

01:08:10.355 --> 01:08:11.376
and explains why

01:08:12.949 --> 01:08:15.610
This stuff is fundamentally flawed.

01:08:16.652 --> 01:08:19.552
That's a quote from them, and it's true.

01:08:19.972 --> 01:08:22.354
If you open up this Global News article

01:08:22.394 --> 01:08:24.194
from our newsletter where we have all the

01:08:24.215 --> 01:08:24.774
sources,

01:08:26.136 --> 01:08:27.716
this analysis is linked at the bottom of

01:08:27.775 --> 01:08:28.277
the article.

01:08:28.296 --> 01:08:29.936
So I would definitely check that out as

01:08:29.997 --> 01:08:30.157
well,

01:08:30.197 --> 01:08:31.618
especially if you're in Canada and you

01:08:31.637 --> 01:08:35.840
need to find more reasons to tell

01:08:35.960 --> 01:08:37.961
lawmakers about why this sort of...

01:08:38.802 --> 01:08:40.903
bill is absolutely unacceptable and can't

01:08:40.962 --> 01:08:45.264
work and will really endanger everyone in

01:08:45.304 --> 01:08:48.104
Canada, their privacy, their security,

01:08:48.305 --> 01:08:51.466
their... Yeah, I mean,

01:08:51.485 --> 01:08:53.126
their security online in general.

01:08:55.546 --> 01:08:57.527
So give that a look if you're in

01:08:57.546 --> 01:08:57.947
Canada.

01:08:58.266 --> 01:08:58.667
And again,

01:08:59.287 --> 01:09:01.467
you got to take action because this kind

01:09:01.507 --> 01:09:02.828
of stuff is super,

01:09:03.648 --> 01:09:06.048
super dangerous if it gets passed.

01:09:11.243 --> 01:09:12.123
Anything else to add, Jordan?

01:09:12.184 --> 01:09:14.605
I think I kind of... Yeah,

01:09:14.685 --> 01:09:16.087
I think that's everything I've got to add.

01:09:16.127 --> 01:09:17.467
We can dive into the next story here,

01:09:17.688 --> 01:09:18.068
I guess.

01:09:18.429 --> 01:09:18.948
All right.

01:09:19.288 --> 01:09:21.390
This one is reported by Bleeping Computer

01:09:21.411 --> 01:09:21.711
again.

01:09:22.351 --> 01:09:22.872
Headline is,

01:09:22.992 --> 01:09:25.493
over four hundred Arch Linux packages

01:09:25.554 --> 01:09:28.595
compromised to push a rootkit in

01:09:28.697 --> 01:09:29.417
InfoStealer.

01:09:30.238 --> 01:09:31.639
More than four hundred packages in the

01:09:31.738 --> 01:09:33.800
Arch user repository are distributing a

01:09:33.881 --> 01:09:35.981
Linux rootkit in InfoStealer malware

01:09:36.021 --> 01:09:37.863
targeting credentials and access tokens.

01:09:38.524 --> 01:09:40.725
A report from the open source intelligence

01:09:40.765 --> 01:09:42.626
community Independent Federated

01:09:42.706 --> 01:09:45.266
Intelligence Network notes that a new

01:09:45.306 --> 01:09:47.728
maintainer is spoofing a trusted publisher

01:09:47.887 --> 01:09:51.328
on the AUR platform to push infected

01:09:51.930 --> 01:09:52.569
packages.

01:09:55.820 --> 01:09:56.921
Later on in the article,

01:09:57.542 --> 01:09:59.521
they say that the Linux binary that's

01:09:59.561 --> 01:10:02.243
being distributed through all of these

01:10:02.802 --> 01:10:06.103
package build files has InfoStealer

01:10:06.122 --> 01:10:06.743
functionality,

01:10:06.783 --> 01:10:08.623
which targets the following types of

01:10:08.663 --> 01:10:09.604
sensitive information.

01:10:09.963 --> 01:10:11.923
GitHub credentials, SSH artifacts,

01:10:11.963 --> 01:10:13.984
HashiCorp, Vault tokens, browser,

01:10:14.045 --> 01:10:15.625
cookie databases, Slack data,

01:10:15.685 --> 01:10:17.925
Discord data, Microsoft Teams data,

01:10:18.426 --> 01:10:19.206
Telegram data.

01:10:22.435 --> 01:10:24.795
They say AUR maintainers are working to

01:10:24.895 --> 01:10:27.956
identify and remove all malicious commits,

01:10:28.376 --> 01:10:31.296
but obviously this has a pretty widespread

01:10:32.417 --> 01:10:35.717
impact on the entire Arch ecosystem.

01:10:37.618 --> 01:10:38.938
In a message to the community,

01:10:39.177 --> 01:10:41.238
in Arch Linux Package Maintainer,

01:10:42.439 --> 01:10:46.000
urge users to report any malicious package

01:10:46.020 --> 01:10:46.399
they find.

01:10:46.739 --> 01:10:47.619
As a general rule,

01:10:47.680 --> 01:10:49.439
it's recommended to only trust projects

01:10:49.479 --> 01:10:51.320
with frequent updates and an active

01:10:51.360 --> 01:10:52.180
community around them.

01:10:54.101 --> 01:10:56.384
I think overall, in my opinion,

01:10:56.423 --> 01:10:58.886
this is kind of indicative of the danger

01:10:58.905 --> 01:11:00.827
that the Arch user repository has if

01:11:00.867 --> 01:11:01.648
you're using it.

01:11:02.448 --> 01:11:06.171
There are quite a few warnings on the

01:11:06.251 --> 01:11:08.051
site and throughout their wiki that you

01:11:08.192 --> 01:11:11.614
shouldn't just kind of blindly trust the

01:11:11.734 --> 01:11:14.716
AUR with packages and what's being

01:11:14.737 --> 01:11:15.858
installed because they are

01:11:16.037 --> 01:11:18.960
user-contributed and really anything could

01:11:18.979 --> 01:11:19.661
be in them.

01:11:19.820 --> 01:11:21.561
And if there isn't any oversight because

01:11:21.601 --> 01:11:21.823
it's a...

01:11:23.010 --> 01:11:25.051
not a super popular package, for example,

01:11:26.452 --> 01:11:28.354
this kind of stuff can break through.

01:11:29.375 --> 01:11:31.336
But at the same time,

01:11:31.735 --> 01:11:34.818
I think the Arch community and many Arch

01:11:34.917 --> 01:11:36.899
users do kind of blindly install a lot

01:11:36.920 --> 01:11:37.600
of these packages.

01:11:37.640 --> 01:11:40.082
And there's even a lot of programs that

01:11:40.783 --> 01:11:43.163
you can install that kind of treat the

01:11:43.264 --> 01:11:45.605
AUR as just a normal package manager.

01:11:45.626 --> 01:11:47.367
And you can install things without really

01:11:47.386 --> 01:11:48.087
taking a look at them.

01:11:48.108 --> 01:11:49.127
And I think a lot of people...

01:11:50.069 --> 01:11:51.229
think it's easy for a lot of people

01:11:51.250 --> 01:11:52.752
to kind of fall in this trap of

01:11:52.811 --> 01:11:55.753
just treating the aur as a package manager

01:11:56.414 --> 01:12:00.037
instead of um instead of really looking

01:12:00.097 --> 01:12:01.500
through the scripts that they're

01:12:01.539 --> 01:12:04.983
installing because it's just a matter of

01:12:05.002 --> 01:12:07.045
time i think it's it's the reason that

01:12:07.064 --> 01:12:09.886
a lot of people will agree to using

01:12:09.987 --> 01:12:11.668
apps without reading the terms of service

01:12:11.689 --> 01:12:13.329
or reading the privacy policy it's just

01:12:14.664 --> 01:12:17.188
overly complicated setup for a lot of

01:12:17.207 --> 01:12:18.609
people that they're just not going to do

01:12:18.649 --> 01:12:20.871
in favor of an easy solution but in

01:12:21.131 --> 01:12:25.475
the case of arch it will will cause

01:12:25.515 --> 01:12:26.777
problems like this that i think will

01:12:26.817 --> 01:12:31.442
impact a lot of people so one of

01:12:31.462 --> 01:12:33.123
the reasons i'm not really a fan of

01:12:33.163 --> 01:12:34.225
arch is kind of what i'm trying to

01:12:34.265 --> 01:12:36.287
say a lot of other distros have

01:12:37.555 --> 01:12:39.695
Real package managers and maintainers,

01:12:41.317 --> 01:12:43.979
any Linux distro is kind of going to

01:12:44.019 --> 01:12:46.960
be susceptible to this sort of problem,

01:12:47.000 --> 01:12:49.261
but we definitely see it to a lesser

01:12:49.301 --> 01:12:51.682
extent on distros that have

01:12:52.698 --> 01:12:56.300
a more trustworthy and more locked down

01:12:56.340 --> 01:12:58.840
system like the Debian package manager,

01:12:58.880 --> 01:12:59.600
for example,

01:13:00.119 --> 01:13:02.940
has maintainers who are who are more

01:13:02.980 --> 01:13:04.701
trusted than just like anybody being able

01:13:04.720 --> 01:13:07.381
to upload a package to the Debian,

01:13:07.402 --> 01:13:08.002
for example.

01:13:08.702 --> 01:13:10.922
So yeah,

01:13:11.483 --> 01:13:14.203
kind of I think that's kind of my

01:13:14.243 --> 01:13:15.182
thoughts on this.

01:13:16.064 --> 01:13:16.944
Was there anything you wanted to

01:13:16.963 --> 01:13:17.844
highlight, Jordan?

01:13:19.395 --> 01:13:19.534
Yeah,

01:13:19.574 --> 01:13:21.655
I think I just agree in general with

01:13:21.695 --> 01:13:22.957
like your analysis there.

01:13:22.976 --> 01:13:25.717
Like this is like the Arch user repository

01:13:25.797 --> 01:13:28.158
is literally just packages that people

01:13:28.259 --> 01:13:28.698
uploaded.

01:13:28.738 --> 01:13:30.600
Like anyone, like literally anyone,

01:13:30.640 --> 01:13:31.980
when we say like actually anyone,

01:13:32.440 --> 01:13:33.860
it's anyone can do that, right?

01:13:33.921 --> 01:13:36.122
So like it definitely increases the

01:13:36.162 --> 01:13:37.842
chances of something like this happening.

01:13:37.882 --> 01:13:38.923
And then, you know,

01:13:38.944 --> 01:13:41.164
having all these packages that people have

01:13:41.204 --> 01:13:43.706
installed that have got like maybe

01:13:43.746 --> 01:13:45.606
thousands of downloads and, you know,

01:13:45.686 --> 01:13:46.546
some maintainer,

01:13:46.948 --> 01:13:48.069
in quotation marks,

01:13:48.128 --> 01:13:50.869
comes and takes over this package build,

01:13:51.750 --> 01:13:53.390
they can insert malware.

01:13:54.110 --> 01:13:56.912
You are putting a lot of trust in

01:13:56.952 --> 01:13:57.152
that.

01:13:57.252 --> 01:13:59.573
And I think if you are using the

01:13:59.653 --> 01:14:02.613
Arch user repository because you need to

01:14:02.953 --> 01:14:03.514
for some reason,

01:14:05.314 --> 01:14:07.675
I would definitely check every single time

01:14:07.715 --> 01:14:09.775
you update packages through the Arch user

01:14:09.796 --> 01:14:10.315
repository,

01:14:10.395 --> 01:14:12.216
make sure you actually check to make sure

01:14:12.235 --> 01:14:14.657
that the package build file is not

01:14:17.192 --> 01:14:17.832
compromised,

01:14:18.153 --> 01:14:19.795
which is not always super easy,

01:14:19.954 --> 01:14:22.556
but I think at least having some vigilance

01:14:22.577 --> 01:14:23.018
is better.

01:14:23.677 --> 01:14:24.559
And like Jonah said,

01:14:24.840 --> 01:14:26.720
it's better to use platforms like

01:14:26.942 --> 01:14:28.662
different distros that have more

01:14:29.363 --> 01:14:34.068
restriction on who can actually apply for

01:14:34.127 --> 01:14:36.350
package maintainers and do this sort of

01:14:36.390 --> 01:14:36.730
stuff.

01:14:37.190 --> 01:14:38.912
You don't actually need to use the Arch

01:14:38.993 --> 01:14:40.954
user repository on Arch Linux either.

01:14:41.135 --> 01:14:42.055
So you could just

01:14:43.032 --> 01:14:44.672
not but i mean i can kind of

01:14:44.712 --> 01:14:46.372
understand those sometimes as packages

01:14:46.393 --> 01:14:50.015
that you really need um yeah i think

01:14:50.034 --> 01:14:51.935
that because it does have an official

01:14:52.095 --> 01:14:54.515
package manager but i think that just the

01:14:54.555 --> 01:14:56.356
scope of it on on arch is much

01:14:56.396 --> 01:14:59.518
smaller than on like debian or fedora for

01:14:59.578 --> 01:15:01.679
example and so a lot of people do

01:15:01.738 --> 01:15:04.439
end up relying on the user repository as

01:15:04.539 --> 01:15:06.421
well um for even like

01:15:06.961 --> 01:15:09.061
some larger applications that you would

01:15:09.101 --> 01:15:10.984
expect to just be included in an official

01:15:11.024 --> 01:15:11.804
package manager.

01:15:12.685 --> 01:15:14.485
It's also worth noting that this is hardly

01:15:14.525 --> 01:15:16.527
the first time this has happened with the

01:15:16.606 --> 01:15:17.768
Arch user repository.

01:15:17.967 --> 01:15:20.628
We talked about this on the show back

01:15:20.708 --> 01:15:23.171
in July of last year, I believe,

01:15:23.591 --> 01:15:25.872
where malicious packages that were

01:15:25.891 --> 01:15:28.314
impersonating different web browsers on

01:15:28.373 --> 01:15:31.315
the Arch user repository were infected

01:15:31.355 --> 01:15:32.957
with a different sort of malware.

01:15:35.668 --> 01:15:37.689
Yeah, it's the I mean, these kind of,

01:15:38.430 --> 01:15:39.811
I guess you could call them supply chain

01:15:39.851 --> 01:15:40.832
attacks in general.

01:15:41.353 --> 01:15:44.414
Or just this sort of malware distribution

01:15:44.435 --> 01:15:46.536
thing on these user contributed

01:15:47.136 --> 01:15:50.498
repositories of packages is a it's a it's

01:15:50.519 --> 01:15:51.198
a big concern.

01:15:51.500 --> 01:15:56.103
And it's probably one of the bigger issues

01:15:56.143 --> 01:15:59.965
that's facing Linux on desktop users at

01:16:00.005 --> 01:16:00.386
the moment.

01:16:00.445 --> 01:16:02.646
So definitely something to be aware of.

01:16:03.448 --> 01:16:03.728
And

01:16:05.185 --> 01:16:05.305
Yeah,

01:16:05.345 --> 01:16:07.228
hopefully that gets cleaned up and

01:16:07.268 --> 01:16:08.630
hopefully not too many people are

01:16:08.649 --> 01:16:10.792
impacted.

01:16:11.212 --> 01:16:15.819
I didn't see an analysis of like...

01:16:17.534 --> 01:16:19.636
which packages were included I believe

01:16:19.655 --> 01:16:20.975
there's a list somewhere but I don't know

01:16:20.996 --> 01:16:23.617
like how popular the packages used were

01:16:23.858 --> 01:16:24.938
like how many people this could

01:16:24.957 --> 01:16:27.899
potentially impact so yeah if you're an

01:16:27.979 --> 01:16:30.840
Arch user I would definitely look at the

01:16:30.899 --> 01:16:35.002
list of effective packages they also um

01:16:37.179 --> 01:16:40.260
They've provided a report linked to in

01:16:40.279 --> 01:16:40.979
this article,

01:16:41.140 --> 01:16:42.979
which has some indicators of compromise.

01:16:43.000 --> 01:16:44.180
So you could use that to look at

01:16:44.201 --> 01:16:45.480
your system as well and see if you

01:16:45.520 --> 01:16:46.081
were impacted.

01:16:46.461 --> 01:16:49.981
But definitely something to worry about if

01:16:50.021 --> 01:16:52.082
you've used the Arch user repository

01:16:52.122 --> 01:16:52.483
lately.

01:16:52.542 --> 01:16:54.523
So yeah, Arch users, I would say,

01:16:54.682 --> 01:16:57.844
should look into this for sure.

01:16:57.863 --> 01:16:58.283
Definitely.

01:17:02.649 --> 01:17:02.828
I mean,

01:17:02.849 --> 01:17:04.050
if that's everything we have to add on

01:17:04.069 --> 01:17:04.570
that story,

01:17:04.610 --> 01:17:06.953
I guess we can dive into some forum

01:17:07.012 --> 01:17:07.752
updates.

01:17:08.293 --> 01:17:08.673
In a minute,

01:17:08.694 --> 01:17:11.055
we'll start taking viewer questions.

01:17:11.076 --> 01:17:12.117
So if you've been holding on to any

01:17:12.157 --> 01:17:13.837
questions about any of the stories we've

01:17:13.877 --> 01:17:14.838
talked about so far,

01:17:15.319 --> 01:17:16.720
you can go ahead and start leaving them

01:17:16.841 --> 01:17:18.341
on our forum thread or in the comment

01:17:18.362 --> 01:17:20.064
section on the live stream.

01:17:20.323 --> 01:17:21.545
It's been kind of quiet this week,

01:17:21.604 --> 01:17:23.145
so maybe we may not have any.

01:17:23.185 --> 01:17:24.247
But if you do have something,

01:17:24.287 --> 01:17:26.068
do leave it soon so we can see

01:17:26.108 --> 01:17:26.208
it.

01:17:27.989 --> 01:17:28.529
For now, though,

01:17:28.570 --> 01:17:30.811
let's check in on our community forum as

01:17:30.851 --> 01:17:31.172
always.

01:17:31.693 --> 01:17:33.173
There's a lot of activity there,

01:17:33.675 --> 01:17:36.396
but there was one interesting thread I saw

01:17:36.436 --> 01:17:36.896
this week,

01:17:37.377 --> 01:17:42.002
which was basically a discussion on using

01:17:42.261 --> 01:17:45.104
Tor instead of Molvad Browser with Molvad

01:17:45.123 --> 01:17:45.524
VPN.

01:17:52.274 --> 01:17:53.916
So basically the discussion on that

01:17:54.475 --> 01:17:55.737
specific thread was like,

01:17:55.796 --> 01:17:57.698
if you're just browsing clear net sites,

01:17:58.238 --> 01:18:00.001
does Tor really add that much more

01:18:00.041 --> 01:18:00.541
protection,

01:18:00.621 --> 01:18:02.483
especially if the VPN is paid for

01:18:03.363 --> 01:18:04.145
anonymously?

01:18:07.247 --> 01:18:08.247
Do you want to kind of dive into

01:18:08.268 --> 01:18:09.229
this one a little bit, Jonah?

01:18:10.654 --> 01:18:13.177
yeah so and i believe we cover a

01:18:13.217 --> 01:18:15.279
lot of this on like the page about

01:18:15.761 --> 01:18:17.922
mullved browser for example and also just

01:18:18.002 --> 01:18:20.345
our vpn overview and how it differs from

01:18:20.605 --> 01:18:22.908
tor i think for a lot of people

01:18:22.969 --> 01:18:24.650
you know using mullved browser with

01:18:24.711 --> 01:18:26.733
mullved vpn is probably a perfectly

01:18:27.817 --> 01:18:29.278
safe setup to use.

01:18:30.118 --> 01:18:32.279
Whenever you're using a VPN,

01:18:33.500 --> 01:18:35.980
you do have to trust that VPN provider,

01:18:37.020 --> 01:18:37.681
of course,

01:18:38.521 --> 01:18:42.724
which can be a problem or cannot be

01:18:42.743 --> 01:18:44.484
a problem depending on your specific

01:18:44.524 --> 01:18:45.765
situation and threat model.

01:18:46.085 --> 01:18:47.926
I think a lot of people do use

01:18:47.966 --> 01:18:50.568
VPNs and trust them and using mobile

01:18:50.608 --> 01:18:52.547
browser in conjunction with that VPN is

01:18:52.568 --> 01:18:53.309
going to provide

01:18:54.345 --> 01:18:57.467
Good fingerprinting protection,

01:18:57.568 --> 01:18:58.529
if that's the sort of thing you're

01:18:58.548 --> 01:18:59.810
concerned about with the websites you

01:18:59.850 --> 01:19:03.052
visit, especially, I think,

01:19:03.212 --> 01:19:05.595
as Mulved Browser continues to become more

01:19:05.614 --> 01:19:08.396
and more popular and you're using Mulved

01:19:08.417 --> 01:19:08.976
VPN,

01:19:09.117 --> 01:19:11.998
you do have a decent crowd to fit

01:19:12.020 --> 01:19:14.261
in with where at least you have some

01:19:14.301 --> 01:19:16.403
protections in place, which is good.

01:19:17.984 --> 01:19:19.324
Tor, on the other hand,

01:19:20.466 --> 01:19:21.367
there's pros and cons to it,

01:19:21.386 --> 01:19:22.868
but the biggest advantage is that

01:19:24.047 --> 01:19:28.369
you don't have that trust model you there

01:19:28.390 --> 01:19:30.109
because there's clear separations with the

01:19:30.170 --> 01:19:32.890
three hops you have you know your guard

01:19:32.951 --> 01:19:34.311
node at the beginning which is going to

01:19:34.372 --> 01:19:36.412
know your identity but not what you're

01:19:36.453 --> 01:19:38.033
accessing and then you have the exit node

01:19:38.052 --> 01:19:39.474
which will see what you're accessing but

01:19:39.514 --> 01:19:41.734
not who you are and the middle node

01:19:41.774 --> 01:19:42.034
which

01:19:43.882 --> 01:19:46.445
separates those two and keeps the data

01:19:46.485 --> 01:19:49.729
separate so they don't know who the other

01:19:49.810 --> 01:19:51.150
node in the chain is.

01:19:51.912 --> 01:19:54.095
So from that perspective,

01:19:54.135 --> 01:19:55.856
it does provide a lot more

01:19:57.167 --> 01:20:00.171
protection of your anonymity, for example,

01:20:00.252 --> 01:20:01.793
than a VPN would provide.

01:20:02.774 --> 01:20:03.996
On the other hand,

01:20:04.917 --> 01:20:08.242
Tor notably is much slower than using a

01:20:08.261 --> 01:20:08.622
VPN.

01:20:08.641 --> 01:20:10.264
I think that's a big problem that Tor

01:20:10.283 --> 01:20:10.585
has.

01:20:11.204 --> 01:20:12.867
Another problem that Tor has,

01:20:13.427 --> 01:20:15.310
which is maybe a bit less talked about,

01:20:15.369 --> 01:20:15.470
is

01:20:17.073 --> 01:20:20.475
Unlike generally VPN providers,

01:20:21.056 --> 01:20:23.719
since anybody can contribute in exit node

01:20:23.798 --> 01:20:25.800
and that exit node is kind of responsible

01:20:25.859 --> 01:20:30.203
for your connections to websites and your

01:20:30.283 --> 01:20:31.965
DNS lookups and things like that,

01:20:32.465 --> 01:20:35.127
there have been cases where Tor exit nodes

01:20:37.716 --> 01:20:40.318
uh either hijack your connections or

01:20:40.399 --> 01:20:43.420
redirect you to malicious sources this is

01:20:43.460 --> 01:20:45.701
especially the case if you're pretty much

01:20:45.761 --> 01:20:49.662
downloading anything over http instead of

01:20:49.823 --> 01:20:54.945
https there's kind of general uh i guess

01:20:55.006 --> 01:20:56.846
malware running on these exit nodes which

01:20:56.886 --> 01:20:58.787
will hijack that just because they can be

01:20:58.847 --> 01:20:59.828
contributed by

01:21:01.225 --> 01:21:01.766
any users.

01:21:01.806 --> 01:21:03.789
So we've seen attacks, for example,

01:21:03.869 --> 01:21:05.493
against people who are downloading

01:21:05.893 --> 01:21:07.895
cryptocurrency related applications where

01:21:07.917 --> 01:21:11.021
these exit notes will serve malicious

01:21:11.061 --> 01:21:13.185
copies of those downloads for you to

01:21:14.420 --> 01:21:17.162
for you to download and get hacked as

01:21:17.202 --> 01:21:17.603
a result.

01:21:17.622 --> 01:21:19.384
That's probably less likely on a VPN,

01:21:19.404 --> 01:21:21.246
especially a trustworthy VPN,

01:21:22.386 --> 01:21:23.627
in our opinion, like Movad.

01:21:24.828 --> 01:21:26.949
HTTPS, of course, prevents that,

01:21:26.970 --> 01:21:28.171
so that's something you should always look

01:21:28.190 --> 01:21:29.311
at when you're using Tor Browser.

01:21:29.631 --> 01:21:31.814
If you are using HTTPS everywhere and

01:21:31.833 --> 01:21:33.534
you're blocking HTTP connections,

01:21:33.555 --> 01:21:36.318
then that is much less of a concern.

01:21:36.337 --> 01:21:37.738
You don't have to really be worried about

01:21:37.779 --> 01:21:40.261
it because in that case,

01:21:40.341 --> 01:21:42.101
your connection really is end-to-end

01:21:42.141 --> 01:21:42.582
encrypted.

01:21:45.713 --> 01:21:47.337
There is still the case where like exit

01:21:47.377 --> 01:21:50.520
notes can get some metadata about your

01:21:50.541 --> 01:21:50.942
connections,

01:21:50.962 --> 01:21:52.904
which may or may not be an issue

01:21:53.244 --> 01:21:56.369
typically that impact is very small,

01:21:56.390 --> 01:21:57.811
but it is something to keep in mind

01:21:58.412 --> 01:22:01.318
if you're accessing clear net sites so.

01:22:02.662 --> 01:22:02.902
Yeah,

01:22:03.061 --> 01:22:05.382
I think that kind of covers what I

01:22:05.403 --> 01:22:05.802
have to say.

01:22:05.823 --> 01:22:06.363
Does that make sense?

01:22:06.422 --> 01:22:08.222
Yeah, that makes sense.

01:22:08.302 --> 01:22:09.363
No, I think you covered that great.

01:22:09.644 --> 01:22:10.163
I think, yeah,

01:22:10.184 --> 01:22:11.863
there's definitely benefits, right?

01:22:11.904 --> 01:22:13.104
But I think this brought up a really

01:22:13.144 --> 01:22:13.965
interesting discussion,

01:22:13.984 --> 01:22:15.185
which you didn't touch on yet,

01:22:15.204 --> 01:22:17.585
which is multi-party relays.

01:22:17.625 --> 01:22:18.645
Because like you were saying,

01:22:18.845 --> 01:22:21.145
there is the risk of a Tor exit

01:22:21.206 --> 01:22:23.726
node being compromised and

01:22:24.895 --> 01:22:25.154
you know,

01:22:25.194 --> 01:22:27.536
being able to maliciously redirect

01:22:27.576 --> 01:22:28.395
connections, right?

01:22:28.435 --> 01:22:29.935
When we talk about like a multi-party

01:22:29.997 --> 01:22:30.337
relay,

01:22:30.396 --> 01:22:32.636
like I think the one that most people

01:22:32.657 --> 01:22:34.578
think of is like iCloud private relay,

01:22:35.297 --> 01:22:37.998
where there's two trusted parties,

01:22:38.118 --> 01:22:40.199
but both of those trusted parties don't

01:22:40.800 --> 01:22:41.020
like...

01:22:42.159 --> 01:22:43.801
uh share the information right like

01:22:43.820 --> 01:22:46.021
there's an ingress proxy an egress proxy

01:22:46.082 --> 01:22:48.922
and then it goes to the website um

01:22:48.943 --> 01:22:50.283
so instead you're not trusting like a

01:22:50.384 --> 01:22:53.824
random operator of a server right um which

01:22:53.864 --> 01:22:56.945
is definitely an interesting i i don't

01:22:56.966 --> 01:22:58.546
think it offers the same privacy

01:22:58.587 --> 01:23:01.287
protection like as tor right but it's

01:23:01.307 --> 01:23:03.269
definitely like a little bit of a

01:23:03.309 --> 01:23:04.989
interesting middle ground which offers

01:23:05.050 --> 01:23:07.411
decent performance and also offers some

01:23:07.430 --> 01:23:08.771
additional privacy compared to a

01:23:08.992 --> 01:23:09.671
traditional vpn

01:23:10.176 --> 01:23:13.257
yeah i the only two that i'm aware

01:23:13.318 --> 01:23:15.257
of is icloud private relay that you

01:23:15.297 --> 01:23:18.960
mentioned and also obscura vpn and obscura

01:23:19.760 --> 01:23:21.579
staff members and their ceo are on our

01:23:21.640 --> 01:23:23.220
forum so there's some threads if people

01:23:23.240 --> 01:23:25.541
have questions about it you can ask there

01:23:25.640 --> 01:23:29.181
but that one works with mullved an obscure

01:23:29.202 --> 01:23:30.863
vpn might be a very good option to

01:23:30.983 --> 01:23:32.643
use in conjunction with mobile browser

01:23:32.662 --> 01:23:34.564
because your exit node is going to be

01:23:36.211 --> 01:23:38.273
and so you're going to be blending in

01:23:38.292 --> 01:23:41.135
with even regular Molved users as well as

01:23:41.175 --> 01:23:43.136
obscure users on Molved browser.

01:23:43.496 --> 01:23:47.279
So it is an improvement in the trust

01:23:47.319 --> 01:23:48.038
model for sure.

01:23:48.479 --> 01:23:51.541
It lacks the middle relay that Tor has,

01:23:51.582 --> 01:23:53.443
which kind of separates your identity from

01:23:53.523 --> 01:23:56.104
the ingress node and the exit node,

01:23:56.524 --> 01:24:01.387
which basically comes down to you deciding

01:24:01.448 --> 01:24:04.029
whether you trust the ingress node and the

01:24:04.109 --> 01:24:04.649
exit node

01:24:05.951 --> 01:24:07.131
collaborate with each other.

01:24:07.570 --> 01:24:08.511
In the case of iCloud,

01:24:08.692 --> 01:24:11.853
you have to trust that Apple and either

01:24:11.932 --> 01:24:14.592
Cloudflare or Fastly or whatever,

01:24:14.913 --> 01:24:16.354
they have multiple providers on the other

01:24:16.394 --> 01:24:16.573
side.

01:24:16.594 --> 01:24:18.134
You have to trust that they're not going

01:24:18.154 --> 01:24:19.774
to be sharing data and kind of linking

01:24:20.335 --> 01:24:21.375
your traffic together.

01:24:22.055 --> 01:24:23.155
In Obscura's case,

01:24:23.176 --> 01:24:25.457
you have to trust that Obscura and their

01:24:25.497 --> 01:24:28.818
servers aren't going to collaborate with

01:24:28.898 --> 01:24:32.578
MOLVAD and share data with each other to

01:24:32.618 --> 01:24:33.738
kind of correlate that.

01:24:35.002 --> 01:24:37.463
I think these are reasonable assumptions

01:24:37.524 --> 01:24:42.907
to make, even if Obscura,

01:24:42.926 --> 01:24:44.587
which is a much smaller, newer company,

01:24:44.627 --> 01:24:47.189
for example, wanted to get this data,

01:24:47.229 --> 01:24:49.350
which I really don't think that they do.

01:24:49.711 --> 01:24:52.332
But the other side of that would also

01:24:52.372 --> 01:24:53.432
have to agree to collaborate,

01:24:53.472 --> 01:24:55.873
so that would also assume that Malvad also

01:24:55.913 --> 01:24:58.395
wants to conspire to get your data,

01:24:58.414 --> 01:24:59.695
and I think that's very unlikely.

01:25:01.420 --> 01:25:02.779
I think it's definitely a good a good

01:25:02.859 --> 01:25:03.159
option.

01:25:03.239 --> 01:25:04.940
But again, compared to torts,

01:25:06.020 --> 01:25:07.582
it's still a trust based model,

01:25:07.902 --> 01:25:13.162
even if it's relatively safe to put your

01:25:13.182 --> 01:25:13.603
trust in it,

01:25:13.842 --> 01:25:16.144
whereas tours model is kind of

01:25:16.243 --> 01:25:17.564
untrustworthy by design,

01:25:17.604 --> 01:25:21.024
and you have that technical separation

01:25:21.064 --> 01:25:22.845
that makes it harder to tie all of

01:25:22.885 --> 01:25:23.945
that together.

01:25:24.546 --> 01:25:24.706
So

01:25:26.470 --> 01:25:26.671
Yeah,

01:25:27.091 --> 01:25:28.693
I think the multi-party relay stuff is

01:25:28.733 --> 01:25:29.253
interesting.

01:25:29.993 --> 01:25:31.496
I believe Free has written an article

01:25:31.576 --> 01:25:32.756
about multi-party relays,

01:25:32.777 --> 01:25:35.538
and it's something that we are, I think,

01:25:35.599 --> 01:25:37.020
generally still looking into,

01:25:37.039 --> 01:25:38.100
but there's a lot of threads on the

01:25:38.161 --> 01:25:41.203
forum about that sort of thing that I

01:25:41.224 --> 01:25:42.585
would definitely recommend people take a

01:25:42.604 --> 01:25:44.787
look at if they are concerned about any

01:25:44.806 --> 01:25:45.307
of this stuff.

01:25:45.587 --> 01:25:46.969
Because, yeah,

01:25:47.088 --> 01:25:47.930
I think at the end of the day,

01:25:48.029 --> 01:25:48.631
I do consider...

01:25:50.159 --> 01:25:52.842
mall-led browser and a VPN to be a

01:25:52.882 --> 01:25:54.904
very good option for a lot of people.

01:25:55.005 --> 01:25:56.826
And there are inconveniences of Tor

01:25:56.865 --> 01:25:58.967
browser that I think are resolved by

01:25:59.028 --> 01:26:00.390
mall-led browser for a lot of people,

01:26:00.430 --> 01:26:00.829
which is good.

01:26:02.867 --> 01:26:03.067
Yeah,

01:26:03.167 --> 01:26:04.807
and also I don't feel like you can

01:26:04.887 --> 01:26:05.648
use both.

01:26:05.667 --> 01:26:07.247
You don't have to use only Tor or

01:26:07.389 --> 01:26:08.208
only Molvad.

01:26:08.248 --> 01:26:09.548
You can actually use both of them.

01:26:10.930 --> 01:26:11.770
And I think we also,

01:26:11.909 --> 01:26:13.149
you've talked about this quite a bit,

01:26:13.189 --> 01:26:13.490
Jonah,

01:26:13.530 --> 01:26:16.492
but having a VPN going while you're

01:26:16.511 --> 01:26:19.273
connecting to Tor is actually,

01:26:19.313 --> 01:26:22.092
there are some benefits of doing that as

01:26:22.153 --> 01:26:22.434
well.

01:26:22.493 --> 01:26:24.594
So that's not a concern either,

01:26:25.954 --> 01:26:27.555
as long as it's set up correctly, right?

01:26:30.376 --> 01:26:32.537
Yeah, yeah, that should be the case.

01:26:34.528 --> 01:26:35.809
OK, yeah.

01:26:35.849 --> 01:26:36.349
So I don't know.

01:26:36.529 --> 01:26:37.970
This thread was kind of interesting to me.

01:26:38.609 --> 01:26:42.452
There was a lot of discussion about the

01:26:42.472 --> 01:26:44.033
differences here between these two

01:26:44.753 --> 01:26:45.694
software projects.

01:26:47.274 --> 01:26:47.715
But yeah,

01:26:47.795 --> 01:26:49.496
I think definitely check it out if you're

01:26:49.756 --> 01:26:50.936
kind of also a bit confused,

01:26:50.957 --> 01:26:53.399
because Nick kind of jumped in a couple

01:26:53.418 --> 01:26:55.239
of times and clarified some things there

01:26:55.260 --> 01:26:57.621
and made sure people were kind of

01:26:57.701 --> 01:27:00.502
understanding the benefits of Tor.

01:27:02.966 --> 01:27:04.868
yeah it was uh an interesting thread there

01:27:04.969 --> 01:27:06.211
um that's kind of everything that i saw

01:27:06.251 --> 01:27:07.471
on the forum that i didn't really see

01:27:07.532 --> 01:27:10.295
any any other big threads unless there's

01:27:10.314 --> 01:27:14.720
something you want to highlight um yeah

01:27:14.739 --> 01:27:15.980
that's a good question i don't think i've

01:27:16.001 --> 01:27:17.762
seen too much on the forum this week

01:27:17.802 --> 01:27:21.346
i've been kind of checking it uh

01:27:22.900 --> 01:27:24.542
what's the word, sporadically,

01:27:24.822 --> 01:27:29.003
because I've been spending too much time

01:27:29.323 --> 01:27:31.604
trying to redo all of our server stuff

01:27:31.625 --> 01:27:34.326
this week, which is fine.

01:27:34.565 --> 01:27:38.787
But yeah, taking a look here,

01:27:38.828 --> 01:27:40.988
I don't know if there are any that

01:27:41.029 --> 01:27:42.029
really stick out to me.

01:27:42.369 --> 01:27:43.390
I think this is a good time to

01:27:44.690 --> 01:27:49.073
remind people we definitely can take

01:27:49.113 --> 01:27:50.212
questions if anyone has any,

01:27:50.252 --> 01:27:51.014
do kind of a Q&A.

01:27:53.109 --> 01:27:55.011
If not, then we won't do that.

01:27:55.051 --> 01:27:57.292
But if you have any questions or want

01:27:57.313 --> 01:27:59.555
to know about anything either we talked

01:27:59.595 --> 01:28:00.877
about or privacy related,

01:28:01.737 --> 01:28:02.918
this is the time to share it in

01:28:02.939 --> 01:28:03.338
the chat.

01:28:04.819 --> 01:28:05.541
Yeah,

01:28:05.720 --> 01:28:07.762
I'm not seeing any comments on our forum

01:28:07.783 --> 01:28:08.344
thread this week.

01:28:08.404 --> 01:28:10.445
It was a bit later this week just

01:28:10.466 --> 01:28:13.207
because we've had, yeah,

01:28:13.368 --> 01:28:16.150
there was some hectic stuff going on.

01:28:17.625 --> 01:28:20.868
But, yeah, hopefully that worked out okay.

01:28:21.448 --> 01:28:22.828
And I didn't see any comments in the

01:28:22.929 --> 01:28:23.289
chat.

01:28:23.310 --> 01:28:24.591
We had a couple of people saying, like,

01:28:24.650 --> 01:28:25.131
hi.

01:28:25.470 --> 01:28:25.952
So, hi.

01:28:25.971 --> 01:28:26.992
If you're still watching.

01:28:29.033 --> 01:28:30.654
Not any questions here, really,

01:28:30.675 --> 01:28:31.376
that I'm seeing.

01:28:32.337 --> 01:28:32.957
Another story.

01:28:33.096 --> 01:28:35.658
I think this came out in the last

01:28:35.738 --> 01:28:36.000
week.

01:28:36.859 --> 01:28:37.640
You'll have to remind me.

01:28:37.881 --> 01:28:39.802
I didn't catch all of the show last

01:28:39.842 --> 01:28:40.063
week.

01:28:40.182 --> 01:28:44.065
But Brave just launched Origin Browser.

01:28:44.166 --> 01:28:45.006
I think that was only...

01:28:46.774 --> 01:28:48.895
like on Saturday, if I remember correctly.

01:28:48.975 --> 01:28:50.497
So that's something that happened in the

01:28:50.516 --> 01:28:50.917
last week,

01:28:50.957 --> 01:28:53.177
which is something to check out because we

01:28:53.217 --> 01:28:54.219
talked about Origin Browser,

01:28:54.559 --> 01:28:56.500
Brave Origin before on the show,

01:28:56.699 --> 01:29:00.261
and it's a pretty cool development from

01:29:00.301 --> 01:29:00.782
them, I think.

01:29:03.409 --> 01:29:06.452
Yeah, it's definitely, yeah,

01:29:06.471 --> 01:29:07.733
it'll be interesting to see if maybe

01:29:07.752 --> 01:29:09.514
that's something that gets recommended on

01:29:09.554 --> 01:29:10.314
privacy guides.

01:29:11.296 --> 01:29:12.456
But I think it's definitely something

01:29:12.515 --> 01:29:15.018
we're still looking into.

01:29:15.118 --> 01:29:16.599
I know some team members have already said

01:29:16.618 --> 01:29:18.300
that they've like bought it and they're

01:29:18.320 --> 01:29:18.900
trying it out.

01:29:18.980 --> 01:29:22.103
So if we get more like comments,

01:29:22.143 --> 01:29:23.144
I guess, from the community,

01:29:23.184 --> 01:29:24.265
maybe that's something that could get

01:29:24.364 --> 01:29:25.125
added in the future.

01:29:25.225 --> 01:29:26.706
But it is definitely an interesting thing,

01:29:26.746 --> 01:29:26.926
right?

01:29:26.947 --> 01:29:28.948
Like having a paid browser, right?

01:29:30.047 --> 01:29:30.908
in the recommendations.

01:29:30.929 --> 01:29:32.069
I don't know if that would ever...

01:29:33.488 --> 01:29:35.010
I guess there's technically no restriction

01:29:35.029 --> 01:29:35.789
on that, I guess.

01:29:36.170 --> 01:29:38.130
I guess to their credit,

01:29:38.430 --> 01:29:41.051
it is free on Linux, which we do...

01:29:41.371 --> 01:29:41.551
I mean,

01:29:41.631 --> 01:29:43.292
we would recommend people switch to Linux

01:29:43.431 --> 01:29:43.851
anyways.

01:29:44.351 --> 01:29:46.012
So there is that option for you.

01:29:46.092 --> 01:29:47.632
I think we'll probably add it as just

01:29:47.672 --> 01:29:49.194
a note in the Brave section.

01:29:50.134 --> 01:29:51.134
I don't really know if it has a

01:29:51.173 --> 01:29:54.354
lot of advantages over normal Brave for

01:29:54.414 --> 01:29:54.935
most people,

01:29:54.954 --> 01:29:57.376
at least from a privacy perspective,

01:29:57.456 --> 01:29:57.655
but

01:29:58.515 --> 01:30:00.917
if you like a more minimal browser or

01:30:00.957 --> 01:30:02.837
if you're the kind of person who likes

01:30:02.978 --> 01:30:05.359
ungoogled chromium for example this might

01:30:05.378 --> 01:30:07.560
be worth checking out because it's a much

01:30:07.659 --> 01:30:10.881
more minimal version of brave and unlike a

01:30:10.921 --> 01:30:13.521
lot of those chromium forks and in other

01:30:13.561 --> 01:30:14.462
browsers it's being

01:30:15.162 --> 01:30:16.722
maintained and kept up to date in a

01:30:16.764 --> 01:30:18.823
very reliable way whereas a lot of like

01:30:18.963 --> 01:30:20.984
on google chromium builds don't don't even

01:30:21.024 --> 01:30:22.784
have like automatic updates for example

01:30:22.805 --> 01:30:24.746
which is super important to have in

01:30:24.826 --> 01:30:27.707
something with the attack surface as large

01:30:27.766 --> 01:30:30.747
as a web browser so yeah if you

01:30:30.787 --> 01:30:32.868
want a really minimal browser i think it's

01:30:33.287 --> 01:30:36.328
i think it's worth checking out definitely

01:30:36.349 --> 01:30:38.510
and it does seem like they have taken

01:30:38.550 --> 01:30:40.189
the time like they've taken the time to

01:30:40.430 --> 01:30:41.990
do the payment system in a way that's

01:30:42.051 --> 01:30:42.451
not like

01:30:42.877 --> 01:30:44.340
connecting it back to your identity or

01:30:44.380 --> 01:30:45.081
anything as well.

01:30:45.161 --> 01:30:46.402
So like they definitely have thought it

01:30:46.442 --> 01:30:47.182
out pretty well.

01:30:48.203 --> 01:30:49.586
I think that's basically always been the

01:30:49.626 --> 01:30:51.588
concern in the community that I've noticed

01:30:51.668 --> 01:30:53.331
is like people complaining about Brave

01:30:53.451 --> 01:30:56.213
having so much bloatware attached and all

01:30:56.234 --> 01:30:58.015
these features that are like unnecessary

01:30:58.055 --> 01:30:59.457
and like it's increasing the attack

01:30:59.478 --> 01:30:59.979
surface.

01:31:00.538 --> 01:31:02.322
I think that is not particularly...

01:31:03.689 --> 01:31:05.030
That's not really a huge issue,

01:31:05.091 --> 01:31:05.631
I don't think,

01:31:05.751 --> 01:31:07.351
but maybe there's people that really,

01:31:07.471 --> 01:31:09.212
really despise it popping up every so

01:31:09.273 --> 01:31:11.052
often when they add new stuff.

01:31:11.132 --> 01:31:13.373
So that is a solution for you,

01:31:13.453 --> 01:31:13.954
I guess.

01:31:13.975 --> 01:31:16.815
And yeah, I don't know.

01:31:16.876 --> 01:31:19.596
It's definitely going to be interesting to

01:31:19.617 --> 01:31:21.637
see if they end up adding any Brave

01:31:21.698 --> 01:31:23.038
Origin specific features,

01:31:23.118 --> 01:31:23.979
but it's probably not.

01:31:24.479 --> 01:31:25.980
Looking like that will be the case.

01:31:26.822 --> 01:31:29.783
We did get a question here from Canabida.

01:31:30.743 --> 01:31:33.326
Hello, Canabida, a regular on the stream.

01:31:33.445 --> 01:31:35.287
And a lot of people talk about Zen

01:31:35.306 --> 01:31:35.747
browser.

01:31:35.787 --> 01:31:36.969
Are you familiar with that?

01:31:37.109 --> 01:31:39.289
Any opinion from privacy perspective?

01:31:39.630 --> 01:31:40.930
I'm going to throw this to you, Jonah,

01:31:41.011 --> 01:31:41.811
because I feel like you know.

01:31:41.979 --> 01:31:42.359
Yeah,

01:31:42.380 --> 01:31:44.161
I've said it a few times before on

01:31:44.180 --> 01:31:44.600
the stream,

01:31:44.640 --> 01:31:46.780
but I have been using Zen browser for

01:31:46.801 --> 01:31:48.942
a while and I quite like it because

01:31:48.962 --> 01:31:51.222
it provides a lot of features that other

01:31:51.262 --> 01:31:52.143
browsers aren't providing.

01:31:52.563 --> 01:31:54.363
I will say, speaking of Brave,

01:31:55.104 --> 01:31:57.503
I've talked to some people at Brave

01:31:57.564 --> 01:31:59.524
recently and they say that they're working

01:31:59.685 --> 01:32:03.405
on bringing a lot of these Zen browser,

01:32:03.605 --> 01:32:07.207
Arc browser sort of features over to

01:32:07.247 --> 01:32:07.627
Brave,

01:32:07.646 --> 01:32:09.787
which I'm pretty excited about because I

01:32:09.828 --> 01:32:10.887
do run into issues

01:32:12.525 --> 01:32:13.185
In Zen browser,

01:32:13.206 --> 01:32:15.027
sometimes of websites being less

01:32:15.106 --> 01:32:17.427
performant or not working exactly the same

01:32:17.448 --> 01:32:18.347
as they do in chromium,

01:32:18.707 --> 01:32:19.788
which is a bit annoying.

01:32:19.849 --> 01:32:23.109
So I have ended up using both brave

01:32:23.289 --> 01:32:24.550
and Zen browser a lot of the time,

01:32:24.649 --> 01:32:26.331
but some changes are coming.

01:32:26.451 --> 01:32:28.291
Some of them are already available in like

01:32:28.310 --> 01:32:29.931
brave nightly builds, for example,

01:32:29.971 --> 01:32:32.893
with like better sidebars and workspaces

01:32:33.092 --> 01:32:33.332
and

01:32:35.086 --> 01:32:36.146
Website containers,

01:32:36.186 --> 01:32:37.448
which I'm really excited about.

01:32:37.469 --> 01:32:39.251
That's the main feature I really like in

01:32:39.291 --> 01:32:39.771
Firefox,

01:32:39.811 --> 01:32:42.255
and bringing that over to Brave is just

01:32:42.295 --> 01:32:44.756
a good option for people to have.

01:32:46.739 --> 01:32:48.041
But yeah, overall, personally,

01:32:48.221 --> 01:32:50.064
I do like Zen Browser a lot,

01:32:50.163 --> 01:32:51.725
and I think that they...

01:32:53.027 --> 01:32:54.529
have been keeping up pretty well with

01:32:54.588 --> 01:32:56.329
updates and they have a good privacy

01:32:56.369 --> 01:32:56.791
policy.

01:32:57.251 --> 01:32:58.512
It's something that I think not a lot

01:32:58.573 --> 01:33:01.676
of other people either on the team or

01:33:01.975 --> 01:33:03.778
in the Privacy Guides community in general

01:33:03.797 --> 01:33:05.479
have taken too much of a look at.

01:33:05.559 --> 01:33:06.780
So it's not something that

01:33:08.069 --> 01:33:10.470
I've that I've really gone in depth on

01:33:10.490 --> 01:33:12.511
or that other people have to my knowledge

01:33:12.532 --> 01:33:14.273
so I can't really say for sure like

01:33:14.313 --> 01:33:16.373
just from a privacy security perspective

01:33:16.873 --> 01:33:20.255
where Zen browser lands so I would

01:33:20.274 --> 01:33:21.975
hesitate to like say you know everyone

01:33:21.996 --> 01:33:23.676
should switch to Zen browser or anything

01:33:23.737 --> 01:33:26.578
but yeah personally I use it and I

01:33:27.838 --> 01:33:28.958
have used it for a while and I

01:33:28.979 --> 01:33:32.240
like it and I just think it's worth

01:33:32.301 --> 01:33:33.921
supporting because I like all of these

01:33:34.202 --> 01:33:36.563
Firefox forks that

01:33:38.153 --> 01:33:40.234
are doing things correctly and

01:33:40.454 --> 01:33:44.396
professionally and implementing regular

01:33:44.436 --> 01:33:44.778
features,

01:33:44.818 --> 01:33:49.761
but are also being developed by people

01:33:49.860 --> 01:33:50.822
other than Mozilla,

01:33:50.981 --> 01:33:52.523
which I've spoken quite a bit about in

01:33:52.542 --> 01:33:52.863
the past.

01:33:52.922 --> 01:33:54.043
I think that they are just kind of

01:33:54.083 --> 01:33:56.905
mismanaging the organization and the whole

01:33:56.926 --> 01:33:57.746
Firefox project,

01:33:57.765 --> 01:33:58.987
and I think it's really unfortunate.

01:33:59.067 --> 01:34:00.688
And so supporting these other projects,

01:34:00.747 --> 01:34:03.270
I think, is very cool.

01:34:03.329 --> 01:34:05.070
So, yeah,

01:34:05.150 --> 01:34:05.971
that's what I have to say about it.

01:34:07.077 --> 01:34:08.797
yeah it's definitely i think zen browser

01:34:08.898 --> 01:34:10.319
is like definitely taking a lot of

01:34:10.380 --> 01:34:12.881
inspiration from arc browser which was

01:34:12.921 --> 01:34:15.082
really popular at one point and then they

01:34:15.103 --> 01:34:17.385
kind of dumped that project and said oh

01:34:17.404 --> 01:34:19.386
we're moving on to making this ai browser

01:34:19.426 --> 01:34:21.547
now um which i've been testing out like

01:34:21.587 --> 01:34:23.748
the last week and it is it doesn't

01:34:23.769 --> 01:34:27.152
really live up to the same like uh

01:34:27.171 --> 01:34:28.613
it doesn't live up to like the same

01:34:29.413 --> 01:34:30.935
standards and like it doesn't have the

01:34:30.954 --> 01:34:33.055
same features as arc does it's kind of

01:34:33.076 --> 01:34:34.317
like a stripped down version

01:34:35.557 --> 01:34:36.118
I don't know.

01:34:36.298 --> 01:34:38.119
It's quite unclear what is going on with

01:34:38.360 --> 01:34:39.641
the browser company as well.

01:34:40.221 --> 01:34:42.184
I think they got purchased by Atlassian as

01:34:42.243 --> 01:34:42.583
well,

01:34:42.664 --> 01:34:44.345
and it's like the whole project is kind

01:34:44.365 --> 01:34:45.426
of a little bit up in the air,

01:34:45.466 --> 01:34:50.591
whether this will be something that even

01:34:50.631 --> 01:34:51.853
the new browser that they're working on

01:34:51.872 --> 01:34:52.814
will even stick around.

01:34:52.833 --> 01:34:55.176
They keep making quite large changes to

01:34:55.195 --> 01:34:55.775
that as well.

01:34:56.976 --> 01:34:57.278
But yeah,

01:34:57.297 --> 01:34:58.639
I've definitely really enjoyed Zen

01:34:58.679 --> 01:34:59.059
Browser.

01:34:59.139 --> 01:35:00.520
I used it quite a bit as well.

01:35:01.429 --> 01:35:03.289
But I think more browsers should just have

01:35:03.329 --> 01:35:04.871
this feature built in by default.

01:35:04.890 --> 01:35:06.591
Like it should just have vertical tabs

01:35:07.091 --> 01:35:08.894
implemented in the same way that Arc does

01:35:08.953 --> 01:35:09.054
it.

01:35:09.713 --> 01:35:11.414
Because I don't know,

01:35:11.475 --> 01:35:12.336
it's just a no brainer.

01:35:12.355 --> 01:35:13.536
It just works so much better.

01:35:13.595 --> 01:35:17.238
Like I feel like no one's implementing it

01:35:17.278 --> 01:35:18.118
quite the same.

01:35:18.279 --> 01:35:20.539
And apart from Zen, basically.

01:35:22.521 --> 01:35:23.981
Zen and Arc are basically your two only

01:35:24.042 --> 01:35:24.823
options if you need

01:35:26.104 --> 01:35:27.105
the same setup, right?

01:35:27.426 --> 01:35:29.728
I know Firefox and Brave both have

01:35:30.429 --> 01:35:31.470
vertical tabs,

01:35:31.750 --> 01:35:33.931
but it's like a gimped version of what

01:35:33.952 --> 01:35:35.712
you can find in Zen browser and in

01:35:35.853 --> 01:35:36.413
Arc browser.

01:35:37.952 --> 01:35:39.372
But it would be interesting to see Brave

01:35:39.432 --> 01:35:42.213
if they actually do commit to this and

01:35:42.234 --> 01:35:43.774
they add those extra features that Zen

01:35:43.793 --> 01:35:44.394
browser has.

01:35:44.875 --> 01:35:46.435
I think the main thing that I miss

01:35:46.494 --> 01:35:49.456
from Arc browser is the ability to have

01:35:49.576 --> 01:35:51.237
profiles on the bottom and you could just

01:35:51.356 --> 01:35:53.478
easily switch between browser profiles and

01:35:53.557 --> 01:35:56.519
it segments your data and extensions and

01:35:56.559 --> 01:35:56.759
stuff.

01:35:58.496 --> 01:35:58.756
I don't know.

01:35:58.815 --> 01:35:59.457
As far as I know,

01:35:59.497 --> 01:36:00.777
there's no browser that does that.

01:36:01.917 --> 01:36:03.338
So I guess, yeah,

01:36:03.418 --> 01:36:04.819
it is kind of a tricky situation if

01:36:04.840 --> 01:36:05.800
you care about those.

01:36:06.581 --> 01:36:09.601
Zembrowser almost does that, I will say.

01:36:09.622 --> 01:36:10.983
But they don't segment extensions.

01:36:12.264 --> 01:36:14.104
Yeah, it uses the container tabs,

01:36:14.145 --> 01:36:16.546
which is, I'm OK with that.

01:36:16.586 --> 01:36:17.146
That's OK.

01:36:17.186 --> 01:36:18.247
But I don't know.

01:36:18.527 --> 01:36:20.488
I do feel like having separate profiles,

01:36:20.528 --> 01:36:22.810
it did enable a bit more customization,

01:36:24.511 --> 01:36:24.711
which

01:36:26.135 --> 01:36:26.494
I don't know.

01:36:26.654 --> 01:36:27.996
It's kind of unfortunate they stopped

01:36:28.015 --> 01:36:28.936
working on that project,

01:36:29.216 --> 01:36:30.677
because I do like Zen Browser.

01:36:30.778 --> 01:36:34.159
It is basically the replacement for Arc at

01:36:34.180 --> 01:36:34.619
the moment.

01:36:35.121 --> 01:36:39.783
I believe Brave is doing their version of

01:36:39.823 --> 01:36:42.465
containers with a multi-profile approach

01:36:42.524 --> 01:36:43.265
similar to Arch.

01:36:43.605 --> 01:36:44.265
Don't quote me on that.

01:36:44.305 --> 01:36:45.667
I haven't looked into Brave's

01:36:45.726 --> 01:36:47.347
implementation and what they're testing

01:36:47.368 --> 01:36:48.149
right now too much.

01:36:48.248 --> 01:36:50.470
But if that's true,

01:36:50.590 --> 01:36:52.211
and I hope that's the direction they go

01:36:52.230 --> 01:36:53.252
in, that will be pretty exciting.

01:36:54.064 --> 01:36:57.469
um i didn't actually know arc was uh

01:36:57.529 --> 01:36:59.350
acquired by atlassian that's that's funny

01:36:59.430 --> 01:37:00.712
i haven't looked into arc in quite a

01:37:00.752 --> 01:37:04.775
while but yeah it's i i don't really

01:37:04.815 --> 01:37:06.356
understand the direction that that whole

01:37:06.738 --> 01:37:08.739
company is going but any arc users who

01:37:08.779 --> 01:37:11.481
really liked arc i would definitely say i

01:37:11.523 --> 01:37:12.923
mean if you were going to trust arc

01:37:12.944 --> 01:37:16.247
which is like a proprietary service by

01:37:16.287 --> 01:37:17.347
like a big company uh

01:37:19.877 --> 01:37:21.318
zen is zen is going to be better

01:37:21.358 --> 01:37:23.298
than arc from a privacy and security

01:37:23.338 --> 01:37:25.899
perspective even if there is some reason

01:37:25.920 --> 01:37:27.220
that zen isn't as great as like the

01:37:27.240 --> 01:37:31.462
browsers we recommend um it's still you

01:37:31.481 --> 01:37:33.122
know worth checking out for arc users at

01:37:33.143 --> 01:37:34.963
the very least because it'll be I think

01:37:34.984 --> 01:37:36.784
it'll generally be an improvement outside

01:37:36.805 --> 01:37:39.225
of a couple a couple features like the

01:37:39.265 --> 01:37:43.648
ones that you mentioned yeah definitely I

01:37:43.707 --> 01:37:45.408
definitely would recommend at least giving

01:37:45.429 --> 01:37:45.868
it a shot

01:37:47.207 --> 01:37:51.189
Another news story on the forum that I

01:37:51.250 --> 01:37:52.449
remembered seeing this week,

01:37:52.831 --> 01:37:55.572
I just saw Proton release their

01:37:55.612 --> 01:37:57.814
ProtonDrive command line interface for

01:37:57.873 --> 01:37:58.274
Linux.

01:37:59.094 --> 01:38:00.274
So finally,

01:38:00.854 --> 01:38:03.837
some support for ProtonDrive on Linux,

01:38:04.056 --> 01:38:04.596
officially.

01:38:05.997 --> 01:38:06.217
Still,

01:38:06.417 --> 01:38:07.837
the command line version doesn't do as

01:38:07.898 --> 01:38:10.359
much as their typical desktop clients,

01:38:10.538 --> 01:38:13.399
but it's a huge step forward.

01:38:13.439 --> 01:38:15.180
I hope some people on Linux find it

01:38:15.220 --> 01:38:15.579
helpful.

01:38:16.359 --> 01:38:20.701
I hope that this also is able to

01:38:20.720 --> 01:38:23.841
be used by Rclone, for example,

01:38:23.921 --> 01:38:25.862
or other Linux projects that have sort of

01:38:26.021 --> 01:38:29.082
implemented a ProtonDrive interface.

01:38:29.507 --> 01:38:30.509
interface already,

01:38:30.548 --> 01:38:35.310
but built around unstable APIs that Proton

01:38:35.331 --> 01:38:36.152
hasn't really published.

01:38:36.171 --> 01:38:37.231
They're just kind of doing it on their

01:38:37.292 --> 01:38:37.412
own,

01:38:37.452 --> 01:38:39.854
but Proton could maybe break it at any

01:38:39.913 --> 01:38:40.234
time.

01:38:40.673 --> 01:38:43.314
Maybe this will provide a more stable

01:38:43.335 --> 01:38:45.296
approach to connecting to Proton Drive

01:38:46.157 --> 01:38:48.337
from a Linux machine that other projects

01:38:48.637 --> 01:38:49.578
can make use of as well.

01:38:51.561 --> 01:38:52.783
Linux support is always, I think,

01:38:52.863 --> 01:38:55.167
laking behind with anything Proton does,

01:38:55.226 --> 01:38:55.908
unfortunately,

01:38:55.967 --> 01:38:58.050
but at least they finally got around to

01:38:58.090 --> 01:39:00.073
doing something for ProtonDrive.

01:39:00.113 --> 01:39:02.315
I think it'll make ProtonDrive a bit more

01:39:02.456 --> 01:39:05.319
usable for people who otherwise have a lot

01:39:05.340 --> 01:39:07.162
of Proton storage they can't really make

01:39:07.242 --> 01:39:07.863
use of right now.

01:39:09.453 --> 01:39:09.774
Yeah,

01:39:09.934 --> 01:39:12.216
it definitely sucks for people that are on

01:39:12.256 --> 01:39:13.777
Linux that have been like kind of,

01:39:13.877 --> 01:39:15.597
I feel like it's definitely been somewhat

01:39:15.658 --> 01:39:16.137
neglected.

01:39:16.217 --> 01:39:17.418
I think it's definitely gotten better.

01:39:17.439 --> 01:39:19.659
Like if you've tried the ProtonVPN Linux

01:39:19.699 --> 01:39:21.600
client, it's actually really good now.

01:39:21.621 --> 01:39:23.122
It used to be like a web wrapper

01:39:23.141 --> 01:39:24.983
thing, but they made it better.

01:39:25.203 --> 01:39:26.323
So I don't know.

01:39:26.344 --> 01:39:27.765
It's good to see them actually at least

01:39:27.965 --> 01:39:29.645
pull through on some of their promises.

01:39:29.666 --> 01:39:31.686
I know they've been kind of saying this

01:39:31.707 --> 01:39:33.347
was the first step towards getting a

01:39:33.628 --> 01:39:35.069
ProtonDrive client on Linux.

01:39:35.670 --> 01:39:37.171
But I think what's going to happen is

01:39:37.610 --> 01:39:39.271
the open source community is just going to

01:39:39.292 --> 01:39:41.233
be like, fine, I'll do it myself.

01:39:41.313 --> 01:39:42.412
And then they'll just like, you know,

01:39:42.552 --> 01:39:45.234
make, make these projects, make like a,

01:39:46.314 --> 01:39:48.216
an open source implementation of like

01:39:48.275 --> 01:39:51.117
ProtonDrive or something like that before

01:39:51.157 --> 01:39:52.757
Proton actually releases something.

01:39:53.637 --> 01:39:55.399
So yeah, I would like, you know,

01:39:55.618 --> 01:39:58.359
have it work with rsync or rclone, sorry.

01:39:59.280 --> 01:40:00.020
And yeah, I don't know.

01:40:00.100 --> 01:40:03.322
It's definitely, it's definitely positive.

01:40:04.002 --> 01:40:04.682
Hopefully that's,

01:40:06.856 --> 01:40:08.056
a thing that we get to see,

01:40:09.337 --> 01:40:11.337
you know, in the next year,

01:40:11.457 --> 01:40:14.219
I hope a Linux client for proton drive.

01:40:14.698 --> 01:40:17.819
It's good to see that at least trying

01:40:17.838 --> 01:40:18.439
to support it.

01:40:18.998 --> 01:40:20.159
Cause it did feel like for a long

01:40:20.199 --> 01:40:20.479
time,

01:40:20.520 --> 01:40:22.399
they were kind of radio silent on it.

01:40:22.460 --> 01:40:25.060
And then, you know, people were like, oh,

01:40:25.081 --> 01:40:25.780
you're working on it.

01:40:25.820 --> 01:40:26.081
Right.

01:40:26.140 --> 01:40:27.680
And then proton was like, oh, we're not,

01:40:27.740 --> 01:40:28.520
we haven't started.

01:40:30.041 --> 01:40:31.462
So that was definitely a bit of a

01:40:31.481 --> 01:40:32.601
shock for some people.

01:40:36.059 --> 01:40:39.199
um another thing i want to highlight kind

01:40:39.220 --> 01:40:42.280
of from kind of inside updates but uh

01:40:42.301 --> 01:40:43.962
posted on a forum one of our team

01:40:44.002 --> 01:40:46.921
members uh just wrote a guide for people

01:40:46.962 --> 01:40:49.903
in the netherlands to set up uh something

01:40:49.922 --> 01:40:52.363
called address secrecy which is a privacy

01:40:52.384 --> 01:40:54.744
protection you can you can get there i'm

01:40:54.784 --> 01:40:57.666
not personally super well versed in

01:40:58.105 --> 01:40:59.127
things in the Netherlands,

01:40:59.167 --> 01:41:00.868
so I'm not the right person to ask

01:41:01.609 --> 01:41:02.510
details about this.

01:41:02.569 --> 01:41:04.891
But if you are in the Netherlands and

01:41:04.912 --> 01:41:06.854
you want to check out this post on

01:41:06.873 --> 01:41:08.855
our forum in the community Wiki section

01:41:08.876 --> 01:41:11.358
that comes from one of our team members,

01:41:12.627 --> 01:41:14.268
I would definitely say check it out.

01:41:15.048 --> 01:41:15.248
Again,

01:41:15.269 --> 01:41:16.349
if you're in the Netherlands and if you

01:41:16.368 --> 01:41:17.189
have questions about it,

01:41:17.550 --> 01:41:20.150
you can ask them about it and they

01:41:20.171 --> 01:41:22.752
will know far more than either of us

01:41:22.773 --> 01:41:22.953
will.

01:41:22.972 --> 01:41:24.014
But I just want to highlight that that

01:41:24.033 --> 01:41:25.234
was posted because it is a pretty

01:41:25.274 --> 01:41:27.775
comprehensive guide to all of that stuff

01:41:27.836 --> 01:41:30.556
in the Netherlands with links to how you

01:41:30.577 --> 01:41:32.417
can set that up and who it's for.

01:41:32.658 --> 01:41:35.100
So just another cool thing that got

01:41:35.119 --> 01:41:35.420
posted.

01:41:36.969 --> 01:41:37.389
Excellent.

01:41:37.689 --> 01:41:38.130
Yeah,

01:41:38.350 --> 01:41:40.271
I did see that you did post the...

01:41:41.212 --> 01:41:44.234
It does look like the Passwords video is

01:41:44.274 --> 01:41:45.135
on PeerTube now.

01:41:45.235 --> 01:41:45.916
So, sorry.

01:41:45.935 --> 01:41:47.577
Yeah, for members.

01:41:47.617 --> 01:41:48.318
For members, yeah.

01:41:48.478 --> 01:41:50.340
So, that is out now.

01:41:50.359 --> 01:41:51.279
If you go on the forum,

01:41:51.319 --> 01:41:53.282
you can find the link to watch that.

01:41:54.842 --> 01:41:55.042
Yeah.

01:41:55.243 --> 01:41:56.623
So, definitely check that out.

01:41:56.663 --> 01:41:58.886
It'll be going live publicly at ten a.m.

01:41:59.646 --> 01:42:01.448
Central Time in the U.S.

01:42:02.069 --> 01:42:02.248
So...

01:42:03.614 --> 01:42:05.077
Yeah, should be a good one.

01:42:07.960 --> 01:42:10.283
Got another question from Turnip Fanatic.

01:42:10.663 --> 01:42:12.645
Does Zen Browser have the same fingerprint

01:42:12.685 --> 01:42:13.266
in Firefox?

01:42:14.529 --> 01:42:14.708
No,

01:42:14.788 --> 01:42:16.430
it's definitely different from Firefox.

01:42:16.451 --> 01:42:17.692
So that is something to keep in mind.

01:42:18.472 --> 01:42:20.515
I don't know personally how...

01:42:21.436 --> 01:42:24.118
good the or if they do any sort

01:42:24.158 --> 01:42:26.158
of fingerprinting protection like to

01:42:26.219 --> 01:42:29.180
distinguish you from other zen browser

01:42:29.280 --> 01:42:30.921
users or if you will look kind of

01:42:30.961 --> 01:42:33.502
similar to other zen browser users but

01:42:34.603 --> 01:42:36.304
generally in firefox without like

01:42:36.323 --> 01:42:37.804
hardening protections you're not going to

01:42:37.823 --> 01:42:40.586
get much fingerprinting protections in the

01:42:40.626 --> 01:42:43.186
first place you can block some tracker

01:42:43.207 --> 01:42:45.127
scripts with just an ad blocker of course

01:42:45.247 --> 01:42:45.448
but

01:42:45.927 --> 01:42:48.930
no kind of technical means um unless

01:42:48.951 --> 01:42:50.292
you're going to be switching to something

01:42:50.311 --> 01:42:53.494
like mullved browser so yeah i definitely

01:42:53.555 --> 01:42:56.537
wouldn't use zen browser if you need

01:42:56.556 --> 01:42:58.179
fingerprinting protections but i also

01:42:58.219 --> 01:43:01.601
wouldn't use really any browser besides

01:43:01.702 --> 01:43:04.743
mullved browser or firefox if

01:43:04.844 --> 01:43:06.445
fingerprinting is of

01:43:07.838 --> 01:43:12.863
large concern to you because even even

01:43:12.903 --> 01:43:15.625
like regular firefox for example is not

01:43:15.645 --> 01:43:17.506
going to provide very strong protections

01:43:18.146 --> 01:43:19.887
brave provides some protections but

01:43:19.908 --> 01:43:22.711
they're done in a different way that i

01:43:24.172 --> 01:43:26.073
would consider a bit less robust than what

01:43:26.475 --> 01:43:27.735
Mulvad and Tor are doing,

01:43:27.775 --> 01:43:29.657
but some people disagree with that,

01:43:29.697 --> 01:43:32.538
so it's kind of up to you what

01:43:32.559 --> 01:43:32.939
you think.

01:43:33.039 --> 01:43:36.082
But yeah, Firefox browser, Zen browser,

01:43:36.122 --> 01:43:37.622
I wouldn't trust either of those with

01:43:37.783 --> 01:43:39.804
super strong fingerprinting protection,

01:43:39.823 --> 01:43:41.706
so that's something to keep in mind.

01:43:42.747 --> 01:43:44.930
I do think Firefox did at some point,

01:43:44.970 --> 01:43:46.212
they did actually, they do have,

01:43:46.311 --> 01:43:48.555
I think it looks like November last year,

01:43:48.595 --> 01:43:49.135
they did add.

01:43:49.515 --> 01:43:51.377
So if you use a strict mode,

01:43:51.698 --> 01:43:53.380
it actually does have like an enhanced

01:43:53.500 --> 01:43:54.581
tracking protection thing,

01:43:54.600 --> 01:43:57.064
which does have some anti-fingerprinting

01:43:57.104 --> 01:43:57.625
protection.

01:43:58.185 --> 01:43:59.206
So, I mean,

01:43:59.225 --> 01:44:00.287
if you're going to use Zen Browser,

01:44:00.307 --> 01:44:01.788
I'd just say crank all the settings,

01:44:02.069 --> 01:44:03.792
like put everything on maximum possible

01:44:03.811 --> 01:44:03.971
thing.

01:44:04.427 --> 01:44:05.287
Because because yeah,

01:44:05.307 --> 01:44:07.389
Zen browser is going to inherit all of

01:44:07.448 --> 01:44:09.369
those settings that Firefox has,

01:44:09.390 --> 01:44:09.671
of course,

01:44:09.690 --> 01:44:11.671
so you can enable like enhanced tracking

01:44:11.712 --> 01:44:13.112
production and stuff like that,

01:44:13.131 --> 01:44:16.413
which will improve things to some extent

01:44:16.434 --> 01:44:16.753
for sure.

01:44:18.364 --> 01:44:19.404
Yeah, but I think you're right.

01:44:19.425 --> 01:44:21.305
It's definitely nowhere near the same

01:44:21.345 --> 01:44:23.626
level of protection as like Moldad browser

01:44:23.666 --> 01:44:24.766
or Tor, right?

01:44:25.806 --> 01:44:27.606
It's like less protections that are going

01:44:27.627 --> 01:44:28.927
to have less of an impact on the

01:44:28.948 --> 01:44:29.927
browsing experience,

01:44:29.967 --> 01:44:32.028
but also offer some additional privacy

01:44:32.068 --> 01:44:32.387
stuff.

01:44:32.927 --> 01:44:33.809
And as far as I'm aware,

01:44:33.889 --> 01:44:34.628
like Jonah said,

01:44:34.649 --> 01:44:36.128
like Brave is kind of ahead on that

01:44:36.168 --> 01:44:36.548
as well.

01:44:36.689 --> 01:44:39.590
So at least, you know,

01:44:39.630 --> 01:44:41.270
if you decide to use Zen browser,

01:44:41.289 --> 01:44:44.390
you'll get some of those benefits from

01:44:44.970 --> 01:44:46.752
some of those settings in Firefox itself.

01:44:47.351 --> 01:44:47.612
So yeah.

01:44:48.256 --> 01:44:50.377
definitely enable those if you do decide

01:44:50.417 --> 01:44:50.899
to use it.

01:44:51.338 --> 01:44:53.399
That would definitely help somewhat.

01:44:54.060 --> 01:44:57.542
Yeah.

01:44:57.643 --> 01:44:59.664
I think in the absence of any other

01:45:00.005 --> 01:45:00.484
questions,

01:45:00.524 --> 01:45:03.327
we can probably start to wrap things up.

01:45:03.506 --> 01:45:04.908
I don't see anything on the forum or

01:45:04.927 --> 01:45:05.347
in chat.

01:45:05.427 --> 01:45:08.850
We also do have a members-only Signal

01:45:08.871 --> 01:45:09.331
community.

01:45:09.350 --> 01:45:11.872
We're happy to take questions there as

01:45:11.953 --> 01:45:12.193
well.

01:45:13.252 --> 01:45:14.734
We haven't gotten any questions there

01:45:14.774 --> 01:45:15.274
today, of course,

01:45:15.314 --> 01:45:16.576
but I need to be better about...

01:45:17.520 --> 01:45:19.801
notifying that group that these streams

01:45:19.822 --> 01:45:21.722
have started so maybe next week i'll let

01:45:21.743 --> 01:45:23.743
them know uh ahead of time that they

01:45:23.764 --> 01:45:25.444
can join the forum and ask questions there

01:45:25.463 --> 01:45:27.305
but that is an option for sending in

01:45:27.345 --> 01:45:29.845
stuff uh because we'll check like signal

01:45:29.886 --> 01:45:31.546
during the show and in that group and

01:45:31.587 --> 01:45:33.847
see if anything is coming in addition to

01:45:33.868 --> 01:45:35.707
the chats in in forum posts here so

01:45:35.768 --> 01:45:36.729
you have a lot of ways to

01:45:38.128 --> 01:45:40.131
interact with us on the stream if you

01:45:40.211 --> 01:45:43.094
if you want to say anything um otherwise

01:45:43.173 --> 01:45:45.296
are you fine to wrap things up jordan

01:45:45.315 --> 01:45:46.777
or is there anything else you want to

01:45:46.796 --> 01:45:48.920
talk about here yeah i think we can

01:45:49.000 --> 01:45:51.521
wrap things up now um yeah we've kind

01:45:51.561 --> 01:45:54.043
of covered everything that's on the agenda

01:45:54.064 --> 01:45:54.444
this week

01:45:55.614 --> 01:45:55.814
Sweet.

01:45:56.435 --> 01:45:57.615
Well, thanks, Jordan.

01:45:57.976 --> 01:45:59.257
Yeah, I'll end this here then.

01:46:00.417 --> 01:46:01.698
If I can find my notes.

01:46:01.979 --> 01:46:04.621
All of the updates on this week in

01:46:04.662 --> 01:46:05.282
privacy,

01:46:05.341 --> 01:46:06.863
we share them on the blog every week.

01:46:06.922 --> 01:46:08.423
We email them out on the newsletter.

01:46:08.463 --> 01:46:09.885
So you can sign up for that newsletter

01:46:10.005 --> 01:46:11.546
or you can subscribe to the blog with

01:46:11.565 --> 01:46:12.747
your favorite RSS reader.

01:46:12.806 --> 01:46:14.849
If you want to stay tuned and read

01:46:14.889 --> 01:46:15.769
all of the sources.

01:46:16.670 --> 01:46:18.251
of the stuff that we talked about in

01:46:18.270 --> 01:46:18.850
this episode.

01:46:19.411 --> 01:46:21.752
For people who prefer the audio version of

01:46:21.773 --> 01:46:21.953
this,

01:46:21.993 --> 01:46:24.213
we also offer a podcast which is available

01:46:24.354 --> 01:46:26.435
on pretty much all podcast platforms and

01:46:26.475 --> 01:46:30.296
through RSS if we haven't submitted it to

01:46:30.337 --> 01:46:31.917
your podcast app of choice for some

01:46:31.957 --> 01:46:32.257
reason.

01:46:32.978 --> 01:46:35.599
These videos are also synced to PureTube

01:46:35.679 --> 01:46:36.199
after the fact,

01:46:36.220 --> 01:46:37.779
so if you want to catch this away

01:46:37.800 --> 01:46:38.301
from YouTube,

01:46:38.320 --> 01:46:40.341
you can always follow our channel there as

01:46:40.381 --> 01:46:40.582
well.

01:46:41.202 --> 01:46:41.502
Again,

01:46:41.561 --> 01:46:43.783
Privacy Guides is an impartial nonprofit

01:46:43.823 --> 01:46:46.064
organization that's focused on building a

01:46:46.125 --> 01:46:48.485
strong privacy advocacy community and

01:46:48.525 --> 01:46:50.667
delivering the best digital privacy and

01:46:50.707 --> 01:46:52.628
consumer technology rights advice on the

01:46:52.649 --> 01:46:52.969
internet.

01:46:53.310 --> 01:46:54.591
If you want to support our mission,

01:46:54.891 --> 01:46:56.931
you can make a donation on our website

01:46:56.971 --> 01:46:59.292
at privacyguides.org slash donate.

01:46:59.653 --> 01:47:00.393
To make a donation,

01:47:00.432 --> 01:47:02.253
you can click the red heart icon located

01:47:02.354 --> 01:47:04.314
in the top right corner of the page.

01:47:04.694 --> 01:47:07.155
You can contribute using standard currency

01:47:07.195 --> 01:47:08.336
via debit or credit card,

01:47:08.456 --> 01:47:11.096
or you can opt to donate anonymously using

01:47:11.136 --> 01:47:12.778
Monero or with your favorite

01:47:12.818 --> 01:47:13.597
cryptocurrency.

01:47:14.078 --> 01:47:16.599
Becoming a paid member of Privacy Guides

01:47:16.639 --> 01:47:19.319
will unlock exclusive perks like early

01:47:19.380 --> 01:47:22.020
access to video content and priority

01:47:22.081 --> 01:47:22.720
during our

01:47:23.261 --> 01:47:24.823
Q&A if we get a lot of questions.

01:47:25.203 --> 01:47:28.305
You'll also get a cool badge on your

01:47:28.586 --> 01:47:31.609
forum profile on our forum and the warm,

01:47:31.788 --> 01:47:33.871
fuzzy feeling of supporting independent

01:47:33.911 --> 01:47:34.190
media.

01:47:35.252 --> 01:47:36.353
So with that out of the way,

01:47:36.432 --> 01:47:38.515
thank you all for watching and we will

01:47:38.795 --> 01:47:39.676
see you next week.

01:47:40.777 --> 01:47:41.337
Bye, everybody.