WEBVTT 00:00:03.365 --> 00:00:05.569 A Grand Theft Auto online cheat service 00:00:05.708 --> 00:00:06.690 suffered a data breach. 00:00:06.871 --> 00:00:09.195 Another password manager had vault stolen 00:00:09.335 --> 00:00:11.599 and two disappointing stories from Meta 00:00:11.618 --> 00:00:12.000 this week. 00:00:12.381 --> 00:00:13.542 All this and more coming up on This 00:00:13.563 --> 00:00:15.105 Week in Privacy, number fifty six. 00:00:15.445 --> 00:00:16.027 So stay tuned. 00:00:49.127 --> 00:00:49.987 Jordan, you're muted. 00:00:59.612 --> 00:01:00.872 Welcome back to This Week in Privacy, 00:01:00.893 --> 00:01:02.334 our weekly series where we discuss the 00:01:02.353 --> 00:01:03.753 latest updates with what we're working on 00:01:03.774 --> 00:01:05.135 within the PrivacyGuides community and 00:01:05.155 --> 00:01:06.796 this week's top stories in data privacy 00:01:06.816 --> 00:01:07.635 and cybersecurity. 00:01:07.736 --> 00:01:09.617 I think Jordan was muted this week, 00:01:10.177 --> 00:01:12.638 but I am Nate and Jordan is joining 00:01:12.679 --> 00:01:14.680 me. 00:01:14.799 --> 00:01:16.400 Or there were technical difficulties. 00:01:17.762 --> 00:01:18.501 Check, check, one, two. 00:01:18.522 --> 00:01:19.281 All right. 00:01:21.203 --> 00:01:25.284 Well, while Jordan gets that figured out, 00:01:25.364 --> 00:01:27.284 I think we're gonna... Hey, Jordan, 00:01:27.304 --> 00:01:27.743 welcome back. 00:01:31.344 --> 00:01:32.784 Oh no, we still can't hear you. 00:01:33.025 --> 00:01:35.465 Oh no. 00:01:36.986 --> 00:01:38.286 Gotta love going live. 00:01:38.585 --> 00:01:40.006 These things do happen. 00:01:42.746 --> 00:01:43.867 I'm gonna go ahead and jump into the 00:01:43.947 --> 00:01:46.367 main story while Jordan is trying to 00:01:46.427 --> 00:01:47.367 figure that out. 00:01:48.718 --> 00:01:51.340 And our main story this week is Grand 00:01:51.359 --> 00:01:53.581 Theft Auto. 00:01:54.343 --> 00:01:54.783 Yeah. 00:01:55.944 --> 00:01:58.126 So for those, I mean, 00:01:58.445 --> 00:01:59.546 I feel like this is a pretty popular 00:01:59.587 --> 00:01:59.846 game, 00:01:59.867 --> 00:02:00.707 but for those of you who are not 00:02:00.748 --> 00:02:01.968 gamers and maybe may not know, 00:02:02.688 --> 00:02:03.709 Grand Theft Auto, super, 00:02:03.750 --> 00:02:05.652 super popular video game. 00:02:06.721 --> 00:02:08.360 man, as long as I can remember, or, 00:02:08.501 --> 00:02:08.681 you know, 00:02:08.700 --> 00:02:09.581 at least as long as I've been a 00:02:09.602 --> 00:02:12.222 gamer and, um, it, uh, you know, 00:02:12.382 --> 00:02:13.443 like a lot of games these days, 00:02:13.483 --> 00:02:17.143 it has an online mode and, uh, 00:02:17.163 --> 00:02:18.584 the online mode from what I understand can 00:02:18.623 --> 00:02:21.743 be a cooperative or, um, adversarial. 00:02:21.764 --> 00:02:23.485 Uh, I, for some reason, 00:02:23.504 --> 00:02:24.485 the word I'm looking for is, 00:02:24.604 --> 00:02:27.985 is escaping me right now, but, um, 00:02:28.026 --> 00:02:30.165 you know, like, uh, like any online game, 00:02:30.186 --> 00:02:32.646 uh, there are cheaters and, uh, 00:02:33.586 --> 00:02:34.487 It's, you know, 00:02:34.527 --> 00:02:35.868 cheating kind of ruins the experience for 00:02:35.908 --> 00:02:36.489 everybody, right? 00:02:36.528 --> 00:02:37.810 Because if you're just a casual gamer 00:02:37.830 --> 00:02:40.331 trying to have fun and somebody just like, 00:02:41.052 --> 00:02:41.312 you know, 00:02:41.453 --> 00:02:42.633 blows your character up and steals 00:02:42.653 --> 00:02:44.194 everything, that really sucks. 00:02:44.594 --> 00:02:47.598 But then also if you're like a serious 00:02:47.617 --> 00:02:49.038 gamer and you're maybe like trying to be 00:02:49.179 --> 00:02:50.340 professional or something like that, 00:02:50.919 --> 00:02:54.043 then having somebody cheat is, you know, 00:02:54.502 --> 00:02:56.144 it ruins your rankings. 00:02:56.204 --> 00:02:57.224 It just, it sucks for everybody, 00:02:57.264 --> 00:02:59.066 except for the cheaters who seem to have 00:02:59.105 --> 00:03:01.228 fun, which I don't really understand why. 00:03:02.216 --> 00:03:02.575 Yeah, well, 00:03:02.596 --> 00:03:03.295 we'll get to that in a minute. 00:03:03.796 --> 00:03:05.396 So anyways, so there's a service. 00:03:05.477 --> 00:03:06.478 I mean, there's a lot of services. 00:03:06.497 --> 00:03:07.677 There's a lot of different ways to cheat. 00:03:09.479 --> 00:03:10.780 Dead serious, I've never done it. 00:03:10.900 --> 00:03:12.360 I'm not much of an online gamer myself, 00:03:12.800 --> 00:03:14.040 but there's a lot of different ways to 00:03:14.061 --> 00:03:14.241 do it. 00:03:14.281 --> 00:03:15.681 And one of them is this paid service 00:03:15.701 --> 00:03:16.943 called Atlas Menu. 00:03:17.902 --> 00:03:20.003 And they had a data breach, 00:03:20.324 --> 00:03:22.465 which leaked the email addresses, 00:03:22.604 --> 00:03:23.145 usernames. 00:03:24.105 --> 00:03:26.146 TechCrunch here says scrambled passwords, 00:03:27.127 --> 00:03:28.807 IP addresses, and support tickets. 00:03:29.668 --> 00:03:31.870 of almost sixty four thousand accounts. 00:03:31.909 --> 00:03:33.311 And I'm assuming by scrambled passwords, 00:03:33.330 --> 00:03:35.731 they mean like hash passwords. 00:03:35.752 --> 00:03:37.052 I don't know why they said scrambled here. 00:03:39.354 --> 00:03:39.534 Yeah, 00:03:39.574 --> 00:03:41.075 especially coming from this particular 00:03:41.175 --> 00:03:41.415 author, 00:03:41.455 --> 00:03:42.356 he's very knowledgeable about 00:03:42.396 --> 00:03:42.956 cybersecurity. 00:03:42.977 --> 00:03:43.957 So that was an interesting choice of 00:03:43.978 --> 00:03:44.198 words. 00:03:44.258 --> 00:03:47.480 But Atlas Menu claims to offer secure 00:03:47.561 --> 00:03:49.361 authentication and enhanced privacy 00:03:49.401 --> 00:03:50.543 through our advanced encryption 00:03:50.582 --> 00:03:50.983 techniques, 00:03:51.002 --> 00:03:52.963 which is just a reminder that marketing 00:03:53.003 --> 00:03:55.006 will say anything and usually means 00:03:55.066 --> 00:03:56.146 nothing because that's not 00:03:56.962 --> 00:03:57.703 really clear. 00:03:58.742 --> 00:04:00.563 The attacker claimed responsibility and 00:04:00.623 --> 00:04:01.943 posted the data on GitHub, 00:04:02.144 --> 00:04:04.125 and motivation appears to be revenge 00:04:04.224 --> 00:04:06.705 against a scammer, which, you know, 00:04:06.764 --> 00:04:07.746 privacy is a human right, 00:04:07.765 --> 00:04:08.746 so I'm not going to say these people 00:04:08.806 --> 00:04:09.466 had it coming, 00:04:09.586 --> 00:04:13.046 but I think anybody who's ever been the 00:04:13.086 --> 00:04:14.467 victim of a cheater on an online game 00:04:14.507 --> 00:04:16.567 can definitely feel the frustration there. 00:04:18.348 --> 00:04:19.569 So yeah, Atlas Menu, 00:04:19.869 --> 00:04:20.769 according to one video, 00:04:20.908 --> 00:04:22.829 offered features like invisibility and 00:04:22.870 --> 00:04:24.370 super jump and the ability to fly through 00:04:24.391 --> 00:04:24.810 the map. 00:04:25.411 --> 00:04:26.211 So I mean, 00:04:26.250 --> 00:04:27.512 at least I guess it wasn't like 00:04:27.591 --> 00:04:28.651 invulnerability or something. 00:04:28.771 --> 00:04:30.653 And then they point out in this article, 00:04:30.673 --> 00:04:33.074 cheating has become like a huge industry, 00:04:33.653 --> 00:04:34.875 multimillion dollar business. 00:04:35.535 --> 00:04:37.295 And they mentioned that Counter-Strike 00:04:37.315 --> 00:04:38.935 Global Offensive also had a breach a few 00:04:38.976 --> 00:04:39.437 years back. 00:04:39.456 --> 00:04:41.336 So this is not a particularly new thing, 00:04:41.377 --> 00:04:46.439 but it's definitely very interesting for 00:04:46.459 --> 00:04:46.639 sure. 00:04:46.660 --> 00:04:47.180 Yeah. 00:04:49.144 --> 00:04:49.564 Trying to think. 00:04:50.024 --> 00:04:50.305 Yeah. 00:04:50.365 --> 00:04:54.048 So like I said, am I back? 00:04:54.148 --> 00:04:55.048 Hey, Jordan. 00:04:55.149 --> 00:04:55.749 Yes, you are. 00:04:55.949 --> 00:04:56.329 Welcome back. 00:04:56.348 --> 00:04:56.750 Of course. 00:04:56.790 --> 00:04:58.471 As soon as we press go live, 00:04:58.591 --> 00:05:00.052 like everything just breaks. 00:05:00.072 --> 00:05:00.312 So yeah, 00:05:00.331 --> 00:05:04.776 you and I were talking beforehand. 00:05:04.915 --> 00:05:05.857 Yeah, that was so bizarre. 00:05:05.896 --> 00:05:06.757 I don't know what happened. 00:05:07.918 --> 00:05:08.639 But yeah, sorry. 00:05:08.658 --> 00:05:09.959 I'll just throw it back to you, Nate, 00:05:09.980 --> 00:05:11.180 to continue with the story. 00:05:12.303 --> 00:05:12.904 No, you're good. 00:05:12.964 --> 00:05:13.384 I mean, 00:05:13.425 --> 00:05:14.666 I don't really have too much to add. 00:05:15.206 --> 00:05:17.149 I'm not much of an online gamer. 00:05:17.250 --> 00:05:18.151 I think when I was in high school, 00:05:18.190 --> 00:05:19.552 I played a little bit of Halo Online, 00:05:19.591 --> 00:05:21.233 and there were a few. 00:05:21.533 --> 00:05:22.555 I think I ran into a couple of 00:05:22.574 --> 00:05:24.658 cheaters, but definitely not a ton. 00:05:25.278 --> 00:05:25.838 Just like I said, 00:05:25.879 --> 00:05:27.221 it kind of ruins it for everybody, 00:05:27.401 --> 00:05:27.521 and 00:05:28.682 --> 00:05:30.925 I've I've I've done some cheats in offline 00:05:30.944 --> 00:05:31.846 games just for fun, 00:05:31.906 --> 00:05:32.947 but I find that in my experience, 00:05:32.966 --> 00:05:34.149 they tend to get really boring really 00:05:34.168 --> 00:05:34.509 fast. 00:05:34.569 --> 00:05:35.709 So I'm not a huge fan of it. 00:05:36.151 --> 00:05:38.353 I don't really understand what the point 00:05:38.473 --> 00:05:39.475 is if you're just going to cheat, 00:05:39.514 --> 00:05:40.536 especially in online mode, 00:05:40.576 --> 00:05:41.937 like just play offline at that point. 00:05:41.997 --> 00:05:44.641 But the 00:05:46.297 --> 00:05:46.437 Yeah, 00:05:46.716 --> 00:05:48.137 I guess the two things that I really 00:05:48.158 --> 00:05:49.699 took away from this story is, number one, 00:05:50.279 --> 00:05:51.440 it's unfortunate because this cheating 00:05:51.480 --> 00:05:53.201 industry is why we've seen a huge rise 00:05:53.401 --> 00:05:54.163 in rootkit. 00:05:54.562 --> 00:05:55.624 Sorry, I shouldn't call them rootkits. 00:05:56.584 --> 00:05:57.185 Anti-cheats. 00:05:57.785 --> 00:05:59.747 And they kind of are rootkits, though, 00:05:59.766 --> 00:06:02.728 because a lot of them go deep, deep, 00:06:02.788 --> 00:06:05.511 deep into the operating system and work at 00:06:05.531 --> 00:06:07.992 a very deep level, similar to a rootkit. 00:06:08.031 --> 00:06:09.072 Like some of them even, I think, 00:06:09.093 --> 00:06:10.994 before the OS boots up, which is... 00:06:12.071 --> 00:06:13.473 incredibly frustrating, especially again, 00:06:13.492 --> 00:06:14.374 if you're like me and you don't really 00:06:14.394 --> 00:06:15.014 play online games, 00:06:15.035 --> 00:06:16.555 I actually did buy GTA five a few 00:06:16.576 --> 00:06:16.976 years ago. 00:06:17.838 --> 00:06:19.059 And, uh, it was like, Oh, 00:06:19.119 --> 00:06:20.161 install the anti-cheat. 00:06:20.180 --> 00:06:20.581 And I'm like, 00:06:21.641 --> 00:06:23.464 but I have no plans to ever online. 00:06:23.485 --> 00:06:24.225 And it's like, doesn't matter. 00:06:24.245 --> 00:06:25.286 You got to install the anti-cheat, 00:06:25.307 --> 00:06:27.369 which is just garbage and terrible. 00:06:28.069 --> 00:06:28.591 And, um, 00:06:29.641 --> 00:06:31.684 Yeah, it's... Ironically, 00:06:31.704 --> 00:06:33.084 we've seen stories in the past about how 00:06:33.144 --> 00:06:34.305 having these anti-cheats on your 00:06:34.324 --> 00:06:35.446 computer... First of all, 00:06:35.485 --> 00:06:36.766 some of them conflict with each other. 00:06:36.807 --> 00:06:38.288 So if you play multiple online games, 00:06:38.608 --> 00:06:40.490 you may have to uninstall one to install 00:06:40.509 --> 00:06:40.769 another, 00:06:40.790 --> 00:06:43.232 which is incredibly annoying as somebody 00:06:43.271 --> 00:06:44.932 who does not have a lot of space 00:06:44.973 --> 00:06:46.915 on my computer and therefore tends to do 00:06:46.954 --> 00:06:47.915 that with games in general. 00:06:48.336 --> 00:06:50.937 But also, it's... Ironically, they can... 00:06:52.622 --> 00:06:54.401 they kind of fend off certain forms of 00:06:54.482 --> 00:06:54.983 other malware. 00:06:55.002 --> 00:06:56.362 And I'm not saying that as an endorsement, 00:06:56.403 --> 00:06:57.242 obviously, but it's just, 00:06:57.322 --> 00:06:58.423 it's interesting to see that it's like, 00:06:58.442 --> 00:06:59.483 if you have one of these installed, 00:06:59.863 --> 00:07:01.363 because it basically functions like 00:07:01.403 --> 00:07:03.004 malware with a pinky promise not to do 00:07:03.024 --> 00:07:03.663 anything bad, 00:07:04.165 --> 00:07:07.444 then it kind of stops other malware from 00:07:07.464 --> 00:07:07.985 being installed, 00:07:08.084 --> 00:07:09.346 certain types of malware from being 00:07:09.365 --> 00:07:09.685 installed. 00:07:09.725 --> 00:07:10.045 But yeah, 00:07:10.646 --> 00:07:11.925 the other thing I kind of poked fun 00:07:11.966 --> 00:07:12.786 at was the whole, you know, 00:07:12.906 --> 00:07:13.387 I called it out. 00:07:13.406 --> 00:07:14.726 It's like, oh, Atlas menu says they have 00:07:15.047 --> 00:07:16.927 secure authentication and enhance privacy 00:07:16.968 --> 00:07:17.988 through our advanced encryption 00:07:18.009 --> 00:07:18.449 techniques. 00:07:19.250 --> 00:07:20.350 You got to be careful of marketing. 00:07:21.951 --> 00:07:24.173 I know marketing has always got to hype 00:07:24.192 --> 00:07:24.752 up their product. 00:07:24.773 --> 00:07:26.475 They got to seem super awesome and 00:07:26.514 --> 00:07:26.855 whatnot. 00:07:26.915 --> 00:07:27.975 But you do, 00:07:28.076 --> 00:07:29.196 especially with the open source stuff 00:07:29.216 --> 00:07:30.336 that's a little bit more transparent, 00:07:30.656 --> 00:07:31.637 try to find white papers, 00:07:31.677 --> 00:07:32.699 try to find the FAQ, 00:07:32.718 --> 00:07:33.838 try to find something that digs in a 00:07:33.939 --> 00:07:35.560 little bit deeper and specifically says, 00:07:36.300 --> 00:07:37.141 here's our threat model. 00:07:37.180 --> 00:07:38.201 Here's what we defend against. 00:07:38.242 --> 00:07:39.403 Here's exactly how it works. 00:07:39.523 --> 00:07:40.483 Even if you don't dig into... 00:07:41.184 --> 00:07:43.625 here's our exact encryption protocol and 00:07:43.665 --> 00:07:44.745 key exchange and this, that, 00:07:44.764 --> 00:07:45.365 because I'll be honest, 00:07:45.384 --> 00:07:46.685 that stuff goes over my head. 00:07:47.245 --> 00:07:48.646 But if they break it down, like, oh, 00:07:48.745 --> 00:07:51.125 everything is encrypted in the browser and 00:07:51.165 --> 00:07:53.086 then sent to our device where we compare 00:07:53.105 --> 00:07:53.947 hashes or, you know, 00:07:53.966 --> 00:07:54.646 just something like that, 00:07:54.687 --> 00:07:55.586 something that's a little bit more 00:07:55.966 --> 00:07:56.987 substantial, I think. 00:07:57.007 --> 00:07:59.168 I don't know. 00:07:59.487 --> 00:08:00.247 Yeah, so you were, 00:08:01.427 --> 00:08:02.627 Jordan was originally supposed to take 00:08:02.668 --> 00:08:04.028 this story because you have a little bit 00:08:04.048 --> 00:08:05.288 more experience with online gaming, 00:08:05.309 --> 00:08:05.649 I believe. 00:08:05.709 --> 00:08:07.548 So I guess I will turn it over 00:08:07.588 --> 00:08:10.029 to you for your thoughts on this story. 00:08:11.072 --> 00:08:11.372 Yeah, 00:08:11.392 --> 00:08:13.233 so I guess the most important thing about 00:08:13.293 --> 00:08:15.233 this that can be kind of confusing with 00:08:15.254 --> 00:08:17.795 the way that this story was presented was 00:08:18.814 --> 00:08:20.555 this is, you know, 00:08:20.596 --> 00:08:23.757 this cheat software is primarily used on 00:08:23.797 --> 00:08:24.797 GTA Online, 00:08:24.817 --> 00:08:26.877 which is where people basically... 00:08:27.237 --> 00:08:28.637 It's like GTA V except... 00:08:31.911 --> 00:08:35.092 you basically can play with other players 00:08:35.133 --> 00:08:36.433 and there's like different multiplayer 00:08:36.494 --> 00:08:37.394 activities you can do. 00:08:38.615 --> 00:08:40.514 So that's the main thing that I think 00:08:40.554 --> 00:08:41.475 people are using this for. 00:08:41.956 --> 00:08:44.236 And I think that's personally what I would 00:08:44.277 --> 00:08:45.917 think is the main issue with a lot 00:08:45.937 --> 00:08:47.177 of these cheat things. 00:08:47.217 --> 00:08:49.739 Like I don't really care if someone is 00:08:49.778 --> 00:08:56.480 like cheating on their GTA five local game 00:08:56.520 --> 00:08:57.221 installation. 00:08:57.282 --> 00:08:57.782 And it's like, 00:08:58.527 --> 00:08:59.106 you know, 00:08:59.148 --> 00:09:01.129 that they're single player video game. 00:09:01.168 --> 00:09:01.889 I don't really care. 00:09:01.950 --> 00:09:04.471 I think people should be able to use 00:09:04.552 --> 00:09:05.753 software the way that they want. 00:09:05.793 --> 00:09:06.013 Right. 00:09:06.033 --> 00:09:06.874 And they should be able to, 00:09:07.614 --> 00:09:09.475 if they want like run cheat software, 00:09:09.515 --> 00:09:09.775 right. 00:09:09.836 --> 00:09:13.019 Because that should be up to them. 00:09:13.739 --> 00:09:16.642 So I think this is kind of where 00:09:16.721 --> 00:09:18.722 I have more of an issue is when 00:09:18.743 --> 00:09:20.865 you start affecting other people and, 00:09:20.985 --> 00:09:24.187 you know, ruining people's experiences, 00:09:25.089 --> 00:09:25.288 um, 00:09:26.815 --> 00:09:28.756 It can kind of get really frustrating, 00:09:28.856 --> 00:09:30.359 especially with GTA Online, 00:09:30.379 --> 00:09:33.881 because this is one of these sorts of 00:09:33.922 --> 00:09:36.804 games where basically if someone is 00:09:36.845 --> 00:09:37.186 cheating, 00:09:37.206 --> 00:09:38.947 they can basically ruin the entire 00:09:38.988 --> 00:09:40.568 experience for everybody. 00:09:40.749 --> 00:09:43.952 And I've seen a lot of times, 00:09:43.972 --> 00:09:46.654 like I used to play GTA Online and 00:09:46.674 --> 00:09:48.496 there was a lot of people who would 00:09:48.717 --> 00:09:48.918 use 00:09:51.224 --> 00:09:52.745 not specifically this software. 00:09:52.826 --> 00:09:54.148 I don't know which software they were 00:09:54.227 --> 00:09:54.447 using, 00:09:54.488 --> 00:09:56.410 but they were using some sort of cheat 00:09:56.451 --> 00:09:58.653 menu to basically 00:10:00.538 --> 00:10:01.558 mess around with people. 00:10:02.918 --> 00:10:04.559 And I think the most important thing with 00:10:04.580 --> 00:10:05.460 this, though, is, like, 00:10:05.500 --> 00:10:06.541 I don't think we should be, like, 00:10:06.660 --> 00:10:08.601 celebrating people's information getting 00:10:08.642 --> 00:10:09.261 breached, right? 00:10:09.302 --> 00:10:10.543 Even if these are, like, people that, 00:10:10.602 --> 00:10:12.062 like, kind of deserved it, right? 00:10:12.102 --> 00:10:13.144 Like, it's, like, you know, 00:10:13.163 --> 00:10:16.524 you're fucking with people's video games. 00:10:16.544 --> 00:10:18.525 Like, you should probably, you know, 00:10:18.686 --> 00:10:21.788 be a bit... It's a bit of karma, 00:10:21.807 --> 00:10:22.008 right? 00:10:22.028 --> 00:10:23.508 But it's also, you know, 00:10:23.567 --> 00:10:26.889 I don't think we should be happy that 00:10:26.929 --> 00:10:27.909 all these people have had their 00:10:27.929 --> 00:10:29.331 information breached because... 00:10:30.316 --> 00:10:31.636 of like a security breach. 00:10:31.756 --> 00:10:32.018 Right. 00:10:32.217 --> 00:10:35.179 Um, so I think, you know, it's, 00:10:35.201 --> 00:10:39.644 it kind of makes sense why this, uh, 00:10:41.525 --> 00:10:43.148 why this service was breached in the first 00:10:43.187 --> 00:10:43.427 place. 00:10:43.467 --> 00:10:43.687 Right. 00:10:43.707 --> 00:10:45.570 Because they're kind of a target because a 00:10:45.610 --> 00:10:47.851 lot of people probably hate this software 00:10:47.892 --> 00:10:49.513 because it keeps ruining their games. 00:10:50.394 --> 00:10:52.976 Um, but it sounds like from the article, 00:10:53.017 --> 00:10:54.798 it was actually someone who thought that 00:10:54.817 --> 00:10:56.580 they'd been, um, 00:10:57.650 --> 00:11:00.451 scammed so maybe perhaps they purchased 00:11:00.471 --> 00:11:01.792 the software and then they never got 00:11:01.912 --> 00:11:03.471 access to it or something like that and 00:11:03.491 --> 00:11:07.232 they decided to basically take revenge on 00:11:07.253 --> 00:11:11.274 this specific software developer I do 00:11:11.293 --> 00:11:13.855 think though that you know obviously this 00:11:14.235 --> 00:11:16.355 sixty four thousand people whose accounts 00:11:16.375 --> 00:11:18.056 were part of the breach that's kind of 00:11:19.433 --> 00:11:23.154 crappy and I do think you know maybe 00:11:23.174 --> 00:11:25.475 if they were using this software on a 00:11:25.535 --> 00:11:27.417 local installation of a game maybe that 00:11:27.456 --> 00:11:31.097 would be like less of a concern I 00:11:31.118 --> 00:11:32.717 know a lot of these games definitely 00:11:33.118 --> 00:11:35.119 enforce like a TOS and they say like 00:11:35.139 --> 00:11:37.460 you know if you use any software that's 00:11:38.600 --> 00:11:40.400 that affects the game in a way that 00:11:40.821 --> 00:11:43.201 is not intended or allows you to gain 00:11:43.240 --> 00:11:45.081 an advantage that could be a reason to 00:11:45.121 --> 00:11:48.043 ban you so I mean 00:11:49.658 --> 00:11:51.360 I think we should be promoting people 00:11:51.700 --> 00:11:53.561 being able to use whatever software they 00:11:53.600 --> 00:11:53.841 want. 00:11:53.900 --> 00:11:54.701 But also, like, 00:11:55.621 --> 00:11:56.982 it's not great that these people had their 00:11:57.003 --> 00:11:57.903 information breached. 00:11:59.604 --> 00:12:00.884 I don't think we should be celebrating 00:12:00.924 --> 00:12:02.525 that exactly. 00:12:03.086 --> 00:12:04.447 I think it's just kind of unfortunate. 00:12:04.547 --> 00:12:08.448 And they were primed to get hacked, 00:12:08.589 --> 00:12:09.429 I think, at that point. 00:12:12.164 --> 00:12:12.985 Yeah, I totally agree. 00:12:13.966 --> 00:12:15.528 I'm never a fan of saying people deserve 00:12:15.548 --> 00:12:17.269 to get hacked because, again, 00:12:17.328 --> 00:12:18.730 privacy is a human right, right? 00:12:18.830 --> 00:12:20.851 And that's how human rights work, 00:12:20.892 --> 00:12:22.033 is even if you disagree with somebody. 00:12:22.312 --> 00:12:23.234 And also, it's a video game. 00:12:24.715 --> 00:12:25.716 Believe me, I am a gamer. 00:12:26.255 --> 00:12:28.118 I am ashamed to admit this, 00:12:28.177 --> 00:12:29.018 but in high school, 00:12:29.158 --> 00:12:30.620 I did throw a controller one time. 00:12:31.200 --> 00:12:32.041 And I know some of you guys are 00:12:32.061 --> 00:12:32.821 like, one time? 00:12:32.860 --> 00:12:33.402 Get on my level. 00:12:33.442 --> 00:12:34.062 But to me, 00:12:34.081 --> 00:12:35.604 that's really immature and not... 00:12:36.203 --> 00:12:39.147 emotionally, you know, but I was like, 00:12:39.187 --> 00:12:39.647 or something. 00:12:40.707 --> 00:12:41.528 So my point being is like, 00:12:41.568 --> 00:12:41.908 I get it. 00:12:41.989 --> 00:12:43.370 I know how frustrating it can be. 00:12:43.590 --> 00:12:44.871 And yeah, 00:12:44.912 --> 00:12:45.971 especially if they're like the kind of 00:12:45.991 --> 00:12:47.933 cheats where it's like the one hit kill 00:12:47.974 --> 00:12:49.174 kind of stuff is just like, dude, 00:12:49.215 --> 00:12:49.615 come on. 00:12:49.735 --> 00:12:50.996 Like, it's just a game. 00:12:51.037 --> 00:12:52.077 Don't take it so seriously. 00:12:52.138 --> 00:12:52.357 Don't, 00:12:52.398 --> 00:12:53.818 don't be doing that and ruining the fun 00:12:53.839 --> 00:12:54.539 for everybody else. 00:12:54.600 --> 00:12:57.722 But it's still, yeah, it's, and it's, 00:12:57.802 --> 00:12:58.322 it's frustrating. 00:12:58.342 --> 00:13:00.284 Cause like this anti-cheat thing has been 00:13:01.105 --> 00:13:02.547 a major sticking point for 00:13:03.493 --> 00:13:05.416 gaming on linux because so many of these 00:13:05.436 --> 00:13:08.140 games now require this anti-cheat that as 00:13:08.160 --> 00:13:09.523 far as i know only works on windows 00:13:09.562 --> 00:13:12.148 or maybe windows and mac and because linux 00:13:12.168 --> 00:13:13.610 has such a small adoption there's a lot 00:13:13.629 --> 00:13:14.230 of people who 00:13:15.198 --> 00:13:15.458 there's it. 00:13:15.818 --> 00:13:18.419 And I'm told that gaming on Linux has 00:13:18.440 --> 00:13:19.081 gotten a lot better. 00:13:19.360 --> 00:13:23.263 Um, because I, I use cubes, which you'd, 00:13:23.962 --> 00:13:24.763 I don't even know if you could play 00:13:24.783 --> 00:13:25.644 solitaire on that thing. 00:13:26.004 --> 00:13:27.403 Um, but you know, it's, 00:13:27.443 --> 00:13:28.524 it's not really a gaming computer, 00:13:28.565 --> 00:13:29.445 so I don't have a lot of gaming 00:13:29.485 --> 00:13:30.485 on Linux experience, 00:13:30.546 --> 00:13:32.787 but I'm told that gaming on Linux is 00:13:32.807 --> 00:13:33.527 getting a lot better, 00:13:34.267 --> 00:13:35.268 but it's still like a 00:13:36.638 --> 00:13:37.599 It's still got a ways to go, 00:13:37.658 --> 00:13:39.038 especially for some of the AAA titles, 00:13:39.058 --> 00:13:39.779 and this is why. 00:13:39.820 --> 00:13:41.201 Because the whole anti-cheat thing, 00:13:41.520 --> 00:13:43.261 which does not work on Linux, 00:13:43.701 --> 00:13:45.322 and therefore there's a lot of AAA games 00:13:45.342 --> 00:13:47.445 that you can't play on Linux strictly 00:13:47.465 --> 00:13:48.804 because you can't install the anti-cheat. 00:13:48.825 --> 00:13:51.547 So this does have privacy implications 00:13:51.586 --> 00:13:52.807 beyond just this story as well. 00:13:52.827 --> 00:13:54.328 It's like, if people would... 00:13:55.469 --> 00:13:56.429 I don't know what the solution is, 00:13:56.450 --> 00:13:57.230 because I don't think they should just 00:13:57.250 --> 00:13:58.671 make an anti-cheat that works on Linux. 00:13:59.011 --> 00:14:00.072 I don't think any of the Linux people 00:14:00.091 --> 00:14:00.732 would want that. 00:14:00.832 --> 00:14:01.952 But it's like, 00:14:01.993 --> 00:14:03.293 if we could get a better handle on 00:14:03.313 --> 00:14:04.654 the cheating situation where people didn't 00:14:04.695 --> 00:14:05.816 need it, that would be... 00:14:06.701 --> 00:14:07.600 That would be super awesome. 00:14:07.841 --> 00:14:11.403 I think also the issue with these 00:14:11.602 --> 00:14:13.123 anti-cheat software is that they're 00:14:13.182 --> 00:14:15.104 actually really privacy invasive as well. 00:14:15.264 --> 00:14:18.065 Like we've seen with, I know Vanguard, 00:14:18.085 --> 00:14:19.924 which is part of like Valorant and League 00:14:19.965 --> 00:14:20.544 of Legends. 00:14:21.826 --> 00:14:22.265 That's like. 00:14:22.711 --> 00:14:23.932 basically, like you were saying, 00:14:23.971 --> 00:14:25.331 it's basically a rootkit. 00:14:25.351 --> 00:14:28.033 Like it actually needs full access to your 00:14:28.072 --> 00:14:28.873 entire system. 00:14:29.313 --> 00:14:30.673 It needs to be running, uh, 00:14:32.475 --> 00:14:35.275 in order to verify the authenticity of 00:14:35.296 --> 00:14:35.816 your system. 00:14:35.916 --> 00:14:36.275 And, you know, 00:14:36.437 --> 00:14:38.697 I think that basically means that they're 00:14:38.756 --> 00:14:40.477 logging every process on your computer. 00:14:40.538 --> 00:14:42.639 They're checking to see what code is 00:14:42.678 --> 00:14:44.600 running on your computer and possibly 00:14:44.639 --> 00:14:47.780 sending that back to some third party 00:14:47.801 --> 00:14:48.181 company. 00:14:48.240 --> 00:14:48.461 Right. 00:14:48.561 --> 00:14:49.902 And, um, 00:14:51.027 --> 00:14:52.850 Yeah, I don't think the solution is... 00:14:53.991 --> 00:14:54.332 Actually, 00:14:54.413 --> 00:14:55.735 I don't really know what the solution is 00:14:55.754 --> 00:14:56.977 because I'm not a game developer. 00:14:56.998 --> 00:14:59.322 I'm sure there's issues either way, right? 00:14:59.361 --> 00:15:01.144 Like if we took away all the anti-cheat, 00:15:01.982 --> 00:15:03.684 every single game that we play would be 00:15:03.725 --> 00:15:05.186 filled with people cheating. 00:15:06.067 --> 00:15:08.349 And if we made it so that Linux 00:15:08.408 --> 00:15:11.091 had anti-cheat, then what might happen, 00:15:11.130 --> 00:15:12.831 like what we saw with Apex Legends. 00:15:12.892 --> 00:15:13.572 So at one point, 00:15:13.633 --> 00:15:16.535 Apex Legends was using BattleEye 00:15:16.855 --> 00:15:17.416 anti-cheat, 00:15:17.456 --> 00:15:19.197 which actually does have a Linux version. 00:15:19.717 --> 00:15:21.178 However, the Linux version isn't 00:15:21.899 --> 00:15:24.701 It doesn't have as good access as Windows. 00:15:25.282 --> 00:15:26.922 So basically all the cheaters were just 00:15:26.961 --> 00:15:28.942 switching to Linux to cheat because it 00:15:28.962 --> 00:15:30.183 would be harder to detect. 00:15:30.884 --> 00:15:31.924 And then, of course, 00:15:31.985 --> 00:15:33.284 what do you think happened then? 00:15:36.427 --> 00:15:36.706 Well, 00:15:37.226 --> 00:15:39.327 the Linux version doesn't exist anymore 00:15:39.347 --> 00:15:40.649 because it was just being used by 00:15:40.688 --> 00:15:42.830 cheaters, which sucks, right? 00:15:42.870 --> 00:15:45.010 Like, it goes both ways. 00:15:45.150 --> 00:15:45.311 So... 00:15:47.344 --> 00:15:47.844 Yeah, 00:15:48.004 --> 00:15:49.465 it's just a really crappy situation 00:15:49.485 --> 00:15:51.005 because, you know, 00:15:51.586 --> 00:15:52.525 I think a lot of people in our 00:15:52.546 --> 00:15:53.947 community don't want to have to use 00:15:53.986 --> 00:15:57.388 Windows and there's just a lot of video 00:15:57.427 --> 00:15:58.768 games at this point that are kind of 00:15:59.568 --> 00:16:02.990 forcing you to basically use it or... 00:16:05.491 --> 00:16:06.892 basically you can't even play the game. 00:16:06.932 --> 00:16:08.013 Like it would be fine if there was, 00:16:08.072 --> 00:16:10.453 you know, performance issues. 00:16:10.474 --> 00:16:12.533 Like if there was some minor performance 00:16:12.594 --> 00:16:14.534 issues and like maybe it didn't perform as 00:16:14.554 --> 00:16:16.196 well as the Windows version or something 00:16:16.216 --> 00:16:17.995 like that, but it can't even start. 00:16:18.076 --> 00:16:19.476 Like you can't even run the game. 00:16:20.496 --> 00:16:23.837 So I think that's, 00:16:23.937 --> 00:16:25.599 it basically has gotten to this point at 00:16:25.639 --> 00:16:28.120 this point where like if a game doesn't 00:16:28.179 --> 00:16:30.880 run on Linux, it's because of anti-cheat. 00:16:30.921 --> 00:16:32.941 There's no other reason why it can't run 00:16:33.881 --> 00:16:34.422 because it's 00:16:35.157 --> 00:16:38.217 It's just a platform limitation almost at 00:16:38.258 --> 00:16:38.697 this point. 00:16:40.178 --> 00:16:41.360 I don't know what the answer is to 00:16:41.379 --> 00:16:42.539 that exactly. 00:16:42.740 --> 00:16:46.022 Maybe I'd rather not have to run an 00:16:46.322 --> 00:16:48.702 invasive anti-cheat software on my Linux 00:16:48.743 --> 00:16:49.202 computer, 00:16:49.503 --> 00:16:53.284 but maybe that ends up being kind of 00:16:53.304 --> 00:16:56.885 the only option that actually allows it to 00:16:56.926 --> 00:16:57.265 happen. 00:16:57.546 --> 00:16:59.626 But if it doesn't have the same amount 00:16:59.647 --> 00:17:00.326 of access, 00:17:00.427 --> 00:17:03.369 I don't see why any company would allow 00:17:03.408 --> 00:17:03.629 that. 00:17:04.683 --> 00:17:05.423 in the first place. 00:17:07.625 --> 00:17:08.506 Yeah. 00:17:08.605 --> 00:17:09.666 Yeah, it really sucks. 00:17:09.686 --> 00:17:11.028 It's kind of a crappy situation all 00:17:11.067 --> 00:17:11.887 around, for sure. 00:17:12.048 --> 00:17:13.269 And I went and looked it up because 00:17:13.288 --> 00:17:13.729 I was like, man, 00:17:13.769 --> 00:17:15.410 wasn't there an anti-cheat thing recently? 00:17:15.789 --> 00:17:17.171 There have been several anti-cheat 00:17:17.191 --> 00:17:17.631 scandals. 00:17:18.192 --> 00:17:19.092 Riot Games, 00:17:19.632 --> 00:17:21.032 which is Vanguard you were talking about, 00:17:22.094 --> 00:17:24.134 and their easy anti-cheat. 00:17:24.494 --> 00:17:25.296 In Valorant, 00:17:25.336 --> 00:17:27.317 Vanguard has been accused of data 00:17:27.356 --> 00:17:28.057 scraping. 00:17:28.737 --> 00:17:30.438 There have even been allegations that a 00:17:30.518 --> 00:17:32.298 Riot employee was being bribed to ignore 00:17:32.339 --> 00:17:32.880 cheaters. 00:17:33.299 --> 00:17:35.121 Vanguard updates were reported to brick 00:17:35.201 --> 00:17:37.882 DMA cheating devices by forcing full OS 00:17:37.922 --> 00:17:40.143 reinstalls in Apex Legend. 00:17:40.403 --> 00:17:41.304 Oh, yeah, I remember this one. 00:17:41.723 --> 00:17:44.045 There was attackers used a remote code 00:17:44.144 --> 00:17:46.165 execution to inject cheats into pro 00:17:46.185 --> 00:17:48.826 players during an actual competition. 00:17:49.508 --> 00:17:51.367 So, I mean, like, yeah, this stuff is... 00:17:52.939 --> 00:17:54.339 This isn't just like theoretically it 00:17:54.380 --> 00:17:54.940 could be bad. 00:17:55.000 --> 00:17:57.102 Like there's an actual history of this 00:17:57.122 --> 00:17:57.461 stuff. 00:17:57.582 --> 00:17:58.843 And then now we see that sometimes it 00:17:58.863 --> 00:18:00.183 doesn't even work and just puts people at 00:18:00.223 --> 00:18:04.666 risk, which, you know, shocker, right? 00:18:04.787 --> 00:18:05.247 Unfortunate. 00:18:06.867 --> 00:18:09.789 But I think if that's all we have 00:18:09.809 --> 00:18:10.789 for that story, 00:18:11.851 --> 00:18:13.152 we're going to go ahead and talk about 00:18:13.551 --> 00:18:17.815 another super exciting corporate... 00:18:18.234 --> 00:18:19.195 How would I define this one? 00:18:20.096 --> 00:18:20.836 Corporations... 00:18:22.861 --> 00:18:24.462 Corporations doing the wrong thing or 00:18:24.482 --> 00:18:25.284 making the wrong move. 00:18:26.204 --> 00:18:28.087 So we've actually covered some of this 00:18:28.347 --> 00:18:29.930 recently for audio listeners. 00:18:29.950 --> 00:18:32.133 The headline says Microsoft under fire or 00:18:32.173 --> 00:18:33.374 threatening security researcher with 00:18:33.394 --> 00:18:34.496 criminal investigation. 00:18:35.096 --> 00:18:37.179 And so we've covered, 00:18:37.219 --> 00:18:39.040 there was a security researcher who goes 00:18:39.060 --> 00:18:40.282 by Nightmare Eclipse and 00:18:40.971 --> 00:18:43.212 And they have publicly published a series 00:18:43.374 --> 00:18:45.154 of vulnerabilities, including Blue Hammer, 00:18:45.276 --> 00:18:47.238 Red Sun, Undefend, and Yellow Key. 00:18:47.718 --> 00:18:49.240 And I think Yellow Key and Blue Hammer, 00:18:49.299 --> 00:18:50.820 we talked about on previous episodes, 00:18:50.921 --> 00:18:52.643 one of those was a vulnerability in 00:18:52.762 --> 00:18:53.284 BitLocker. 00:18:54.265 --> 00:18:58.548 And so this is interesting. 00:18:59.670 --> 00:19:00.090 Basically, 00:19:00.131 --> 00:19:01.711 Microsoft is saying this person did not 00:19:01.771 --> 00:19:03.673 responsibly disclose, which, okay, so... 00:19:05.306 --> 00:19:06.007 It's not a law, 00:19:06.027 --> 00:19:08.008 but I think it's kind of a – 00:19:07.307 --> 00:19:08.407 and it's actually a little contentious, 00:19:08.428 --> 00:19:09.508 which we'll talk about that in a minute. 00:19:09.949 --> 00:19:12.269 But generally speaking, in cybersecurity, 00:19:12.309 --> 00:19:13.730 there is kind of the idea that the 00:19:13.770 --> 00:19:15.030 proper way to go about things is you 00:19:15.050 --> 00:19:15.530 find a bug. 00:19:16.211 --> 00:19:17.612 You report it to the company, 00:19:18.192 --> 00:19:19.993 and then you give them about – I 00:19:20.013 --> 00:19:21.253 think the standard is ninety days. 00:19:21.394 --> 00:19:21.914 I could be wrong. 00:19:22.275 --> 00:19:24.296 Somewhere between thirty and ninety to fix 00:19:24.336 --> 00:19:25.757 the bug and push out an update. 00:19:26.497 --> 00:19:28.758 and then you kind of explain what you 00:19:28.778 --> 00:19:30.218 found and what it is um just kind 00:19:30.238 --> 00:19:31.798 of for the the education of the community 00:19:31.857 --> 00:19:34.479 right like letting everybody know that uh 00:19:34.499 --> 00:19:35.959 here's this bug i found here's how it 00:19:36.019 --> 00:19:38.900 works whatever whatever um they're kind of 00:19:38.920 --> 00:19:40.059 fun to read sometimes especially if 00:19:40.079 --> 00:19:41.320 they're not super super technical 00:19:41.721 --> 00:19:42.961 sometimes they're just super technical and 00:19:43.000 --> 00:19:44.320 i can't understand them but if they're a 00:19:44.340 --> 00:19:46.021 little more approachable i like and i 00:19:46.061 --> 00:19:47.622 enjoy reading those kind of posts and um 00:19:49.133 --> 00:19:50.673 So, and for the record, 00:19:50.713 --> 00:19:51.673 there's exceptions. 00:19:51.713 --> 00:19:53.535 Like if a company is really like open 00:19:53.555 --> 00:19:54.194 and working with you, 00:19:54.214 --> 00:19:56.115 a lot of the time they'll delay the 00:19:56.154 --> 00:19:57.375 public post because it's like, oh, 00:19:57.395 --> 00:19:58.855 they're having trouble rolling out an 00:19:58.895 --> 00:19:59.856 update or whatever the case. 00:20:00.477 --> 00:20:00.916 But anyways, 00:20:02.156 --> 00:20:03.657 so Microsoft is basically saying this 00:20:03.738 --> 00:20:05.317 nightmare eclipse person did not do that. 00:20:05.898 --> 00:20:06.959 They say there was no responsible 00:20:06.979 --> 00:20:07.519 disclosure. 00:20:07.979 --> 00:20:09.079 They just went ahead and published this 00:20:09.099 --> 00:20:09.920 stuff right off the bat, 00:20:10.440 --> 00:20:12.381 which in turn provably did put a lot 00:20:12.401 --> 00:20:13.040 of people at risk. 00:20:13.421 --> 00:20:14.821 The article talks about how there have 00:20:14.862 --> 00:20:15.142 been 00:20:16.442 --> 00:20:18.182 vulnerabilities that are already using 00:20:18.222 --> 00:20:19.763 this stuff in real world attacks, 00:20:19.864 --> 00:20:22.786 according to both Microsoft and CISA. 00:20:23.465 --> 00:20:24.826 So they're saying we're going to sue this 00:20:24.866 --> 00:20:27.788 person because this was negligent and just 00:20:27.847 --> 00:20:28.509 irresponsible. 00:20:30.250 --> 00:20:31.810 Nightmare Eclipse claims that's not true. 00:20:32.631 --> 00:20:34.152 They said there's a series of blog posts 00:20:34.791 --> 00:20:36.032 where they claim to have been in contact 00:20:36.053 --> 00:20:36.553 with Microsoft, 00:20:36.573 --> 00:20:38.054 but the company allegedly mistreated them, 00:20:38.394 --> 00:20:39.974 including revoking access to the Microsoft 00:20:39.994 --> 00:20:41.236 Security Response Center account. 00:20:42.276 --> 00:20:43.356 I think they said something like their 00:20:43.416 --> 00:20:45.018 GitHub posts were taken down in two. 00:20:47.708 --> 00:20:47.968 Oh, yeah, 00:20:48.008 --> 00:20:49.387 the researcher published the bugs on 00:20:49.468 --> 00:20:52.449 GitHub and the account, oh, and GitLab, 00:20:52.528 --> 00:20:54.170 and both of those accounts were banned, 00:20:54.329 --> 00:20:55.289 according to this writing, 00:20:55.349 --> 00:20:56.789 if I'm understanding that correctly. 00:20:56.849 --> 00:21:00.631 So, yeah, this is, and of course, 00:21:00.671 --> 00:21:01.671 neither of them have responded, 00:21:01.711 --> 00:21:02.711 which is smart when you're in the middle 00:21:02.731 --> 00:21:03.231 of a lawsuit, 00:21:03.311 --> 00:21:04.231 you do not talk about it, 00:21:04.251 --> 00:21:06.613 because that can complicate things. 00:21:08.532 --> 00:21:10.913 It seems that the community is on 00:21:10.973 --> 00:21:12.054 Nightmare Eclipse's side here, 00:21:12.074 --> 00:21:12.913 which I know is a shocker. 00:21:13.913 --> 00:21:15.755 They're, who did they cite here? 00:21:16.653 --> 00:21:19.876 They mentioned... I know they mentioned... 00:21:19.936 --> 00:21:21.499 Okay, so they mentioned this Katie... 00:21:22.579 --> 00:21:23.441 I don't know how to pronounce this. 00:21:23.480 --> 00:21:24.281 Katie Masouris, 00:21:24.402 --> 00:21:25.663 who works for Luda Security. 00:21:26.384 --> 00:21:29.909 And she talked about how responsible 00:21:29.929 --> 00:21:31.050 disclosure... It's kind of... 00:21:32.175 --> 00:21:33.037 I don't want to say nitpicky. 00:21:33.057 --> 00:21:33.718 It's not the right word. 00:21:33.978 --> 00:21:34.519 Um, 00:21:34.558 --> 00:21:35.861 but she talked about moving away from the 00:21:35.901 --> 00:21:37.663 idea of responsible disclosure and instead 00:21:37.702 --> 00:21:38.884 moving it more towards coordinated 00:21:38.904 --> 00:21:39.986 disclosure, which is like I mentioned, 00:21:40.006 --> 00:21:41.587 like sometimes they'll expand the window 00:21:41.627 --> 00:21:42.670 if the company's having a hard time 00:21:42.710 --> 00:21:43.170 patching it. 00:21:43.730 --> 00:21:45.834 Um, you know, Kevin Beaumont, I, 00:21:45.854 --> 00:21:46.775 I saw this on Mastodon. 00:21:46.815 --> 00:21:48.817 He was on Mastodon sizing Microsoft. 00:21:49.479 --> 00:21:49.999 And, um, 00:21:50.998 --> 00:21:52.018 I don't know, from what I've seen, 00:21:52.578 --> 00:21:53.558 and this is as an outsider, 00:21:53.659 --> 00:21:55.119 I'm not a cybersecurity expert, 00:21:55.160 --> 00:21:55.960 I'm not a researcher, 00:21:56.519 --> 00:21:57.119 but from what I've seen, 00:21:57.160 --> 00:21:59.441 Microsoft does not have a particularly 00:21:59.500 --> 00:22:00.701 strong security culture. 00:22:01.422 --> 00:22:03.863 So I'm kind of inclined to take this 00:22:03.903 --> 00:22:06.263 Nightmare Eclipse guy's version of events 00:22:07.003 --> 00:22:08.284 and say that he probably did try to 00:22:08.324 --> 00:22:09.664 reach out to them and they probably tried 00:22:09.684 --> 00:22:10.785 to like sweep this under the rug and 00:22:10.825 --> 00:22:11.385 make it go away. 00:22:12.465 --> 00:22:13.688 because everything is vibe coded from 00:22:13.729 --> 00:22:14.390 Microsoft now. 00:22:14.549 --> 00:22:16.313 But yeah, I mean, either way, 00:22:16.413 --> 00:22:18.497 it's I kind of brush past it. 00:22:18.517 --> 00:22:20.280 But this this sub headline here says 00:22:20.320 --> 00:22:21.844 cybersecurity veterans warn of chilling 00:22:21.864 --> 00:22:22.986 effect, which is true. 00:22:23.026 --> 00:22:24.008 This is this has been and 00:22:26.067 --> 00:22:26.926 I don't know how true this is, 00:22:26.946 --> 00:22:28.147 but I've heard this story from multiple 00:22:28.188 --> 00:22:28.448 people. 00:22:28.847 --> 00:22:29.769 There have been a lot of people who 00:22:29.788 --> 00:22:31.490 have say that they're like hobby 00:22:31.650 --> 00:22:32.829 cybersecurity researchers. 00:22:33.230 --> 00:22:34.371 They're not like professional, 00:22:34.391 --> 00:22:35.151 but they do it for fun. 00:22:35.852 --> 00:22:37.471 And they've disclosed vulnerabilities to 00:22:37.531 --> 00:22:39.192 multiple organizations, big and small. 00:22:39.752 --> 00:22:40.814 And nine out of ten times, 00:22:40.933 --> 00:22:42.013 if they get a response at all, 00:22:42.074 --> 00:22:43.914 the response is, oh, you hacked our stuff. 00:22:43.934 --> 00:22:44.556 We're going to sue you. 00:22:44.635 --> 00:22:45.276 And so after a while, 00:22:45.296 --> 00:22:45.816 they just give up. 00:22:45.955 --> 00:22:46.336 They're just like, 00:22:46.355 --> 00:22:47.596 I'm not even going to report bugs anymore 00:22:47.616 --> 00:22:48.717 because they keep threatening to sue me. 00:22:48.737 --> 00:22:49.317 And what's the point? 00:22:50.567 --> 00:22:51.367 go ahead and get hacked, 00:22:51.387 --> 00:22:53.069 which I don't think is a great response 00:22:53.089 --> 00:22:54.872 because it puts everybody else at risk. 00:22:54.912 --> 00:22:55.992 But yeah, 00:22:56.053 --> 00:22:58.797 so if this is how companies respond, 00:22:58.836 --> 00:23:00.699 it definitely does have a chilling effect 00:23:01.000 --> 00:23:01.119 on 00:23:02.757 --> 00:23:04.817 on researchers coming forward to report 00:23:04.837 --> 00:23:05.438 this kind of stuff, 00:23:05.498 --> 00:23:06.659 especially from a company as big as 00:23:06.699 --> 00:23:07.239 Microsoft. 00:23:07.579 --> 00:23:08.839 And I'm assuming that if, 00:23:08.940 --> 00:23:10.020 if nightmare clips reached out, 00:23:10.060 --> 00:23:11.181 he's probably got receipts, you know, 00:23:11.221 --> 00:23:13.563 he's probably got copies of the emails he 00:23:13.583 --> 00:23:14.722 sent and stuff like that. 00:23:14.843 --> 00:23:16.824 So we'll, 00:23:16.864 --> 00:23:18.164 I guess we'll see how this shakes out, 00:23:18.244 --> 00:23:19.705 but I do, 00:23:19.865 --> 00:23:21.967 I do find this whole debate interesting 00:23:22.067 --> 00:23:22.646 because I, 00:23:25.209 --> 00:23:27.049 of course I have my own opinions on 00:23:27.069 --> 00:23:27.210 this, 00:23:27.250 --> 00:23:29.371 but I've seen some people argue that like, 00:23:31.108 --> 00:23:33.230 you're never owed responsible disclosure. 00:23:33.790 --> 00:23:35.632 I'm thinking of a very specific researcher 00:23:35.652 --> 00:23:36.511 who I don't wanna name, 00:23:37.011 --> 00:23:39.193 but they will routinely post like, oh, 00:23:39.233 --> 00:23:40.773 here's why this software sucks and here's 00:23:40.794 --> 00:23:41.795 all the things I found in it. 00:23:42.214 --> 00:23:42.494 And no, 00:23:42.595 --> 00:23:43.875 I didn't message them because their 00:23:43.915 --> 00:23:45.737 software is so crappy that they're 00:23:46.037 --> 00:23:46.518 basically, 00:23:47.498 --> 00:23:48.978 malicious and they deserve it. 00:23:49.097 --> 00:23:50.699 And therefore I'm not going to say 00:23:50.739 --> 00:23:53.338 anything because I'm very full of myself. 00:23:54.118 --> 00:23:55.019 I feel comfortable saying that. 00:23:55.640 --> 00:23:56.839 So yeah, I don't know. 00:23:57.200 --> 00:23:57.920 I think it's very, 00:23:58.579 --> 00:24:00.320 I am a fan of at least trying. 00:24:00.760 --> 00:24:01.760 If you're going to disclose this kind of 00:24:01.780 --> 00:24:02.540 stuff in the first place, 00:24:02.621 --> 00:24:03.961 it's my personal opinion that you should 00:24:03.981 --> 00:24:04.741 reach out to the company. 00:24:05.422 --> 00:24:06.382 If you're one of those people who's just 00:24:06.402 --> 00:24:07.301 like, it's not worth the lawsuit, 00:24:07.321 --> 00:24:08.163 I'm not even going to report it, 00:24:08.202 --> 00:24:08.623 then fine. 00:24:08.643 --> 00:24:09.742 But you're also probably not the person 00:24:09.782 --> 00:24:10.903 who's blogging about it. 00:24:11.002 --> 00:24:12.063 So I don't know. 00:24:12.103 --> 00:24:12.824 That's kind of my opinion. 00:24:12.844 --> 00:24:14.284 Because again, it's the thing of like, 00:24:14.804 --> 00:24:16.005 You're putting other people at risk. 00:24:16.045 --> 00:24:17.306 It's not just like making this company 00:24:17.346 --> 00:24:18.507 look bad and shaming the company, 00:24:18.527 --> 00:24:20.028 which unfortunately is required sometimes. 00:24:21.489 --> 00:24:22.529 We've had to do this with Signal in 00:24:22.549 --> 00:24:22.910 the past. 00:24:22.950 --> 00:24:24.111 There was a bug a long time ago, 00:24:25.132 --> 00:24:25.711 a long time ago, 00:24:25.731 --> 00:24:28.134 a couple of years ago, where Signal, 00:24:28.213 --> 00:24:29.414 I think it was on Windows specifically, 00:24:29.474 --> 00:24:31.875 Signal was not like properly sandboxing 00:24:31.915 --> 00:24:32.517 the private key. 00:24:33.154 --> 00:24:35.538 And apparently a bug report had been open 00:24:35.557 --> 00:24:36.598 for years at that point. 00:24:37.240 --> 00:24:39.383 And signal tried to argue when it, like, 00:24:39.462 --> 00:24:40.324 it kind of blew up and became a 00:24:40.364 --> 00:24:42.246 big story and signal tried to be like, 00:24:42.306 --> 00:24:43.989 well, cause for those who don't know, 00:24:44.048 --> 00:24:45.130 basically what it is is if you had 00:24:45.170 --> 00:24:45.931 malware on your device, 00:24:45.971 --> 00:24:47.553 it could easily access your private key on 00:24:47.613 --> 00:24:47.932 signal. 00:24:48.354 --> 00:24:49.194 So it could see your messages. 00:24:49.736 --> 00:24:51.458 And Signal tried to like downplay it and 00:24:51.478 --> 00:24:51.998 be like, well, 00:24:52.077 --> 00:24:53.119 if your device is compromised, 00:24:53.140 --> 00:24:54.280 there's nothing we can do about that. 00:24:54.760 --> 00:24:56.042 To which everybody's response was like, 00:24:56.103 --> 00:24:56.383 yes, 00:24:56.423 --> 00:24:58.605 but this person already like did a fix 00:24:58.685 --> 00:25:00.248 and it takes two seconds and it's like, 00:25:00.288 --> 00:25:00.989 why not do it? 00:25:01.348 --> 00:25:02.790 And eventually Signal did it anyways, 00:25:02.830 --> 00:25:04.011 even though they insisted it wasn't a big 00:25:04.051 --> 00:25:04.272 deal. 00:25:04.653 --> 00:25:05.394 So unfortunately, 00:25:05.453 --> 00:25:07.175 companies do have to be shamed sometimes, 00:25:07.256 --> 00:25:08.156 even the best of companies. 00:25:08.718 --> 00:25:09.038 But... 00:25:10.343 --> 00:25:11.983 I think to go straight to the shaming 00:25:12.023 --> 00:25:13.785 part and to not try to coordinate first 00:25:13.865 --> 00:25:15.486 is definitely, in my opinion, 00:25:15.705 --> 00:25:16.326 not pretty cool. 00:25:16.905 --> 00:25:18.186 But I also think it's not really cool 00:25:18.227 --> 00:25:19.627 for the companies to respond by saying, 00:25:19.667 --> 00:25:19.788 hey, 00:25:19.807 --> 00:25:21.048 let's sue you because you found a 00:25:21.088 --> 00:25:23.190 vulnerability instead of saying, hey, 00:25:23.210 --> 00:25:23.809 let's fix it. 00:25:23.829 --> 00:25:26.971 So I don't know, a little bit rambly, 00:25:26.991 --> 00:25:28.192 but I think that's all I've got. 00:25:28.571 --> 00:25:28.832 Jordan, 00:25:28.852 --> 00:25:31.173 did you have any additional thoughts on 00:25:31.213 --> 00:25:31.653 this one? 00:25:34.352 --> 00:25:34.672 Yeah, 00:25:34.731 --> 00:25:37.675 so I think one interesting thing about 00:25:37.715 --> 00:25:41.760 this entire thing was you mentioned in the 00:25:41.780 --> 00:25:44.364 start there that it was GitHub and GitLab. 00:25:44.463 --> 00:25:47.008 Both the exploits were removed on GitHub 00:25:47.067 --> 00:25:47.688 and GitLab. 00:25:48.229 --> 00:25:50.451 And I think that kind of shows that 00:25:50.491 --> 00:25:51.894 we've reached a point, honestly, 00:25:52.074 --> 00:25:52.433 where 00:25:53.597 --> 00:25:56.960 basically Microsoft controls way too much. 00:25:57.220 --> 00:25:59.602 Like they control the software 00:25:59.642 --> 00:26:00.982 distribution platforms. 00:26:01.303 --> 00:26:03.444 They control the most popular operating 00:26:03.505 --> 00:26:03.884 system. 00:26:03.924 --> 00:26:06.026 They control like way too much. 00:26:06.066 --> 00:26:06.326 Right. 00:26:06.426 --> 00:26:10.209 And I think the reason that even get 00:26:10.249 --> 00:26:12.090 their GitLab account was deleted because 00:26:12.310 --> 00:26:13.951 it's because GitLab is a Microsoft 00:26:14.011 --> 00:26:14.412 partner. 00:26:14.791 --> 00:26:15.373 Um, 00:26:15.492 --> 00:26:17.634 and they also coordinate with Microsoft. 00:26:17.713 --> 00:26:18.375 So they, 00:26:18.795 --> 00:26:21.178 I think, you know, it's once again, 00:26:21.218 --> 00:26:22.378 one of those things where we have to 00:26:22.419 --> 00:26:25.583 say, you know, this is probably, 00:26:26.584 --> 00:26:28.567 it's probably a bit too much control that 00:26:28.606 --> 00:26:30.909 Microsoft has over the entire software 00:26:31.430 --> 00:26:32.691 distribution process. 00:26:33.311 --> 00:26:35.454 And that's where they kind of can wield 00:26:35.474 --> 00:26:37.356 this power against developers and 00:26:38.796 --> 00:26:41.416 security researchers who report this stuff 00:26:41.436 --> 00:26:41.758 to them. 00:26:42.417 --> 00:26:44.538 And I think it also shows a really 00:26:44.578 --> 00:26:47.601 bad look as well because imagine if you're 00:26:47.621 --> 00:26:49.682 a security researcher and you find a 00:26:49.742 --> 00:26:52.345 really bad vulnerability in a Microsoft 00:26:52.384 --> 00:26:52.785 product. 00:26:53.986 --> 00:26:55.547 Now there's precedent that you're going to 00:26:55.586 --> 00:26:58.628 get sued and reported to the criminal... 00:27:00.549 --> 00:27:01.090 What do they call it? 00:27:01.131 --> 00:27:03.832 The criminal... Something security... 00:27:03.852 --> 00:27:04.813 I can't remember what they call it. 00:27:04.833 --> 00:27:05.993 The digital crimes unit. 00:27:06.519 --> 00:27:07.440 digital crimes unit, 00:27:07.480 --> 00:27:08.720 like you're going to get reported to the 00:27:08.759 --> 00:27:09.800 digital crimes unit, 00:27:09.861 --> 00:27:11.942 like just for reporting a vulnerability. 00:27:12.281 --> 00:27:14.542 Um, and I dunno, 00:27:14.663 --> 00:27:19.205 I just think this is not how you, 00:27:19.226 --> 00:27:21.126 this is not how you look good when 00:27:21.146 --> 00:27:23.587 you, when, when in terms of security, 00:27:23.647 --> 00:27:25.469 this is not how you promote more people 00:27:25.509 --> 00:27:27.250 to report vulnerabilities to you. 00:27:28.210 --> 00:27:31.612 Um, and I think even if it's like, 00:27:31.971 --> 00:27:32.271 you know, 00:27:33.173 --> 00:27:34.772 these vulnerabilities that get reported, 00:27:34.854 --> 00:27:35.693 if they're like, you know, 00:27:38.891 --> 00:27:41.933 if they're used for criminal activities 00:27:42.874 --> 00:27:44.375 and Microsoft doesn't realize that these 00:27:44.395 --> 00:27:47.557 are being exploited in the wild just 00:27:47.597 --> 00:27:49.700 because people don't want to report it, 00:27:49.759 --> 00:27:51.040 then that's just like a negative for 00:27:51.101 --> 00:27:51.561 everybody. 00:27:51.682 --> 00:27:52.583 That's not a positive. 00:27:54.964 --> 00:27:57.767 And I did also see Kevin Beaumont, 00:27:57.826 --> 00:27:59.127 who's like a security, 00:27:59.147 --> 00:28:01.309 I feel like he's in like the cybersecurity 00:28:01.349 --> 00:28:01.769 industry, 00:28:01.789 --> 00:28:03.571 is kind of quite a popular person. 00:28:05.163 --> 00:28:05.924 popular guy. 00:28:06.445 --> 00:28:08.448 He also wrote like a Medium blog post. 00:28:08.468 --> 00:28:09.829 I don't know if we can bring that 00:28:09.890 --> 00:28:10.069 up. 00:28:10.750 --> 00:28:14.255 But in his blog post, 00:28:16.557 --> 00:28:17.818 he talks about someone else. 00:28:17.878 --> 00:28:19.520 There was someone else called Sandbox 00:28:19.621 --> 00:28:20.122 Escaper. 00:28:22.680 --> 00:28:25.223 And they basically reported a bunch of 00:28:26.005 --> 00:28:28.409 zero-day flaws to Microsoft. 00:28:28.569 --> 00:28:29.330 And then eventually, 00:28:29.351 --> 00:28:30.653 according to Kevin Beaumont, 00:28:30.692 --> 00:28:32.076 they hired this person. 00:28:33.458 --> 00:28:35.622 So it seems like there's... 00:28:36.556 --> 00:28:38.057 Microsoft has done the right thing in the 00:28:38.116 --> 00:28:42.038 past and also hired somebody. 00:28:42.117 --> 00:28:44.219 And now why have they suddenly changed 00:28:44.259 --> 00:28:46.881 their tune to start reporting someone to 00:28:46.961 --> 00:28:47.701 the authorities? 00:28:48.641 --> 00:28:51.082 It doesn't really make a whole lot of 00:28:51.142 --> 00:28:51.603 sense. 00:28:52.323 --> 00:28:53.482 It also says Microsoft, 00:28:53.864 --> 00:28:55.423 Kevin Beaumont also says Microsoft have 00:28:55.523 --> 00:28:57.744 also purchased zero day exploits in their 00:28:57.825 --> 00:28:59.726 own products from exploit brokers. 00:29:00.946 --> 00:29:01.146 So 00:29:02.412 --> 00:29:02.971 Yeah. 00:29:03.132 --> 00:29:05.492 I mean, according to Kevin Beaumont, this, 00:29:06.073 --> 00:29:07.893 this basic, this whole, 00:29:09.953 --> 00:29:12.634 this whole saga is not looking too good 00:29:12.673 --> 00:29:16.914 from a legal perspective for Microsoft, 00:29:16.994 --> 00:29:18.935 especially because now there's all that 00:29:18.996 --> 00:29:19.695 history, right? 00:29:19.715 --> 00:29:21.455 There's like the history of Microsoft 00:29:22.715 --> 00:29:24.497 hiring somebody who was doing the exact 00:29:24.537 --> 00:29:25.057 same thing. 00:29:25.136 --> 00:29:25.416 It's, 00:29:26.096 --> 00:29:28.157 it looks extremely bad for Microsoft. 00:29:28.678 --> 00:29:29.557 I don't think this is 00:29:31.222 --> 00:29:32.604 This is not the right way to do 00:29:32.663 --> 00:29:36.125 vulnerability disclosure. 00:29:36.145 --> 00:29:38.928 Like this is like the bug bounties and 00:29:39.008 --> 00:29:39.808 all this sort of stuff. 00:29:40.108 --> 00:29:41.549 It's not the right way to do it. 00:29:43.431 --> 00:29:45.172 And yeah, I think Microsoft just, 00:29:45.251 --> 00:29:46.472 it just shows us in this case, 00:29:46.532 --> 00:29:48.574 Microsoft has too much control as well. 00:29:49.575 --> 00:29:50.756 I didn't really have too much to add 00:29:50.776 --> 00:29:53.637 about this specific person because I don't 00:29:53.657 --> 00:29:53.897 really... 00:29:55.305 --> 00:29:56.506 I don't really know how much we can 00:29:56.566 --> 00:29:57.988 trust from some random person, 00:29:58.048 --> 00:30:00.048 but like if we just look at things 00:30:00.088 --> 00:30:03.813 from like a, the aspect of like, 00:30:05.709 --> 00:30:08.711 the actions of Microsoft against someone 00:30:08.750 --> 00:30:09.730 reporting a vulnerability. 00:30:09.830 --> 00:30:11.372 I think we can all agree that this 00:30:11.432 --> 00:30:13.834 is the wrong way to do it. 00:30:13.913 --> 00:30:15.755 The exact opposite way to do it, 00:30:15.855 --> 00:30:16.275 in fact. 00:30:17.056 --> 00:30:18.316 So yeah, 00:30:18.355 --> 00:30:19.797 just really frustrating for Microsoft. 00:30:19.856 --> 00:30:21.857 It feels like Microsoft is literally not 00:30:21.917 --> 00:30:23.598 doing a single thing right at this point. 00:30:23.679 --> 00:30:25.641 Like they can't even get anything right. 00:30:25.661 --> 00:30:27.701 Like their operating system, 00:30:28.281 --> 00:30:29.123 everyone is switching. 00:30:30.063 --> 00:30:31.344 They keep trying to put AI in all 00:30:31.364 --> 00:30:32.904 their products and no one wants it. 00:30:32.964 --> 00:30:33.184 Like, 00:30:34.286 --> 00:30:38.930 it's not great I'm not not a fan 00:30:39.029 --> 00:30:41.010 okay this is totally off topic like just 00:30:41.050 --> 00:30:42.712 taking shots at Microsoft but did you see 00:30:42.752 --> 00:30:46.015 four oh four's post about like Microsoft 00:30:46.055 --> 00:30:47.696 is trying to roll out some new AI 00:30:47.717 --> 00:30:49.938 thing called Scout and apparently there 00:30:49.958 --> 00:30:51.278 was like a leaked memo that was like 00:30:51.439 --> 00:30:53.260 oh we want it to be addicting and 00:30:53.320 --> 00:30:55.222 Sachi Nadella went on this huge rant where 00:30:55.242 --> 00:30:56.784 he's like I don't know who wrote that 00:30:56.804 --> 00:30:58.625 or where it's coming from and four oh 00:30:58.644 --> 00:30:59.905 four wrote this like it's almost 00:30:59.986 --> 00:31:01.587 borderline passive-aggressive 00:31:02.167 --> 00:31:02.667 But it's not. 00:31:03.128 --> 00:31:04.148 It's close, but it's not. 00:31:04.450 --> 00:31:05.250 But it is beautiful. 00:31:05.690 --> 00:31:06.911 Where this whole thing where they said 00:31:06.971 --> 00:31:08.571 like six times in the post, they're like, 00:31:08.952 --> 00:31:10.753 it says in the post who wrote it. 00:31:11.294 --> 00:31:13.275 So either you are like really not paying 00:31:13.315 --> 00:31:15.977 attention or just choosing to be ignorant. 00:31:16.017 --> 00:31:17.397 Like, why don't you go ask that person? 00:31:17.478 --> 00:31:19.298 It's, oh man, if you haven't read it, 00:31:19.318 --> 00:31:19.660 you should. 00:31:19.740 --> 00:31:20.921 It's beautiful. 00:31:20.980 --> 00:31:24.623 But yeah, I kept seeing stuff about him. 00:31:24.643 --> 00:31:24.722 Yeah. 00:31:24.762 --> 00:31:26.064 Like he kept saying like he didn't know 00:31:26.084 --> 00:31:26.743 what it was about, 00:31:26.784 --> 00:31:28.506 but like he's like the CEO. 00:31:28.546 --> 00:31:30.027 He should know everything that's going on 00:31:30.067 --> 00:31:30.547 in the company. 00:31:30.567 --> 00:31:31.708 That's like his job, right? 00:31:32.728 --> 00:31:34.008 yeah which is what four oh four said 00:31:34.048 --> 00:31:35.788 it's like so are you telling me that 00:31:35.808 --> 00:31:37.108 you don't know what's going on in your 00:31:37.148 --> 00:31:40.329 own company like what's going on here dude 00:31:40.390 --> 00:31:42.529 here I'll real quick I'll I know we're 00:31:42.549 --> 00:31:43.549 a little off topic but I'll put it 00:31:43.609 --> 00:31:44.809 up I just pulled it up right now 00:31:44.970 --> 00:31:47.371 it's a Sachi Nadella not sure who said 00:31:47.411 --> 00:31:49.211 Microsoft wanted to make AI addictive is 00:31:49.250 --> 00:31:51.511 looking for the guy who did this and 00:31:51.531 --> 00:31:52.771 then if you actually read it they say 00:31:52.811 --> 00:31:54.872 like multiple times it's like again it's 00:31:55.071 --> 00:31:57.432 you know he signed it or whatever so 00:31:57.472 --> 00:31:58.032 yeah it's a 00:31:59.602 --> 00:32:01.683 Just, yeah, what is going on at Microsoft? 00:32:02.304 --> 00:32:03.684 That is the million-dollar question right 00:32:03.704 --> 00:32:04.925 now. 00:32:05.465 --> 00:32:06.747 Actually, how much is Microsoft worth? 00:32:06.906 --> 00:32:10.230 That is the trillion-dollar question. 00:32:10.250 --> 00:32:12.791 Common Microsoft L, as usual. 00:32:14.893 --> 00:32:15.594 Yeah, for real. 00:32:15.993 --> 00:32:16.673 That's a good way to put it. 00:32:18.115 --> 00:32:18.635 All righty. 00:32:20.136 --> 00:32:20.457 Yeah, no, 00:32:20.537 --> 00:32:21.778 I don't have anything to add to that. 00:32:21.958 --> 00:32:23.778 But I do appreciate you pointing out 00:32:23.819 --> 00:32:23.920 the... 00:32:27.261 --> 00:32:27.721 Oh, gosh. 00:32:27.741 --> 00:32:29.243 I already lost track of it. 00:32:29.384 --> 00:32:31.165 But it was good insight. 00:32:31.266 --> 00:32:31.566 Oh, yes. 00:32:32.106 --> 00:32:33.728 How Microsoft is getting way too powerful. 00:32:34.128 --> 00:32:36.010 If they can get GitLab to take stuff 00:32:36.030 --> 00:32:36.510 down, 00:32:36.530 --> 00:32:39.054 GitLab is supposed to be separate and 00:32:39.173 --> 00:32:39.835 independent. 00:32:40.075 --> 00:32:41.856 And just, yeah, that's troubling. 00:32:42.457 --> 00:32:44.179 GitLab's getting a little too corporate, 00:32:44.199 --> 00:32:44.439 I think. 00:32:46.921 --> 00:32:48.301 I know there's a lot of people starting 00:32:48.342 --> 00:32:49.142 to push away. 00:32:49.162 --> 00:32:49.521 What's it called? 00:32:50.321 --> 00:32:52.442 Forge Go, Forge Joe, something like that, 00:32:52.923 --> 00:32:54.963 which is supposed to be like an activity 00:32:55.003 --> 00:32:56.765 pub version of Git. 00:32:57.144 --> 00:32:59.705 Or there's, what else? 00:32:59.945 --> 00:33:01.266 Codeberg's a popular one. 00:33:01.925 --> 00:33:02.987 I don't know if it's as popular, 00:33:03.007 --> 00:33:04.267 but I know some people like GitT. 00:33:04.346 --> 00:33:04.487 I mean, 00:33:04.507 --> 00:33:05.708 they've all got their pros and cons, 00:33:05.788 --> 00:33:06.508 but yeah, 00:33:06.667 --> 00:33:10.028 we definitely need to decentralize a 00:33:10.048 --> 00:33:11.890 little bit because that is scary, I think. 00:33:13.759 --> 00:33:15.140 But in the meantime, 00:33:16.381 --> 00:33:18.221 I think we're going to issue some quick 00:33:18.500 --> 00:33:19.540 site updates. 00:33:19.961 --> 00:33:21.181 We do have a story coming up in 00:33:21.201 --> 00:33:22.701 a little bit about Dashlane, 00:33:23.342 --> 00:33:24.862 who's pulling a LastPass. 00:33:25.422 --> 00:33:28.343 There's some good news there, hopefully, 00:33:28.423 --> 00:33:29.722 but still not great. 00:33:29.742 --> 00:33:30.782 But before we discuss that, 00:33:31.262 --> 00:33:32.262 we're going to talk about what's been 00:33:32.282 --> 00:33:33.884 going on at Privacy Guides this week. 00:33:33.903 --> 00:33:35.384 So this has been another one of those 00:33:35.423 --> 00:33:37.144 weeks where there hasn't been a whole lot 00:33:37.223 --> 00:33:38.545 of public-facing stuff, 00:33:38.565 --> 00:33:39.865 but we've been very busy behind the 00:33:39.884 --> 00:33:40.265 scenes. 00:33:41.365 --> 00:33:44.208 Jordan is wrapping up a new video. 00:33:44.488 --> 00:33:47.289 I'm getting all the B-roll for the next 00:33:47.329 --> 00:33:48.150 video after that. 00:33:48.490 --> 00:33:49.371 But in the meantime, 00:33:49.612 --> 00:33:51.313 we had a fantastic new article, 00:33:51.373 --> 00:33:51.772 which actually, 00:33:51.792 --> 00:33:52.993 let me see if I can pull that 00:33:53.114 --> 00:33:54.174 up real quick. 00:33:56.135 --> 00:33:56.836 While that's loading, 00:33:56.936 --> 00:33:59.898 it is called No Right to Remain Silent, 00:34:00.019 --> 00:34:01.861 Negative Rights in a Positive Rights 00:34:02.060 --> 00:34:02.461 World. 00:34:02.681 --> 00:34:04.301 And I highly encourage you guys to go 00:34:04.383 --> 00:34:06.844 read this one because it is here. 00:34:06.864 --> 00:34:07.684 Let me pull this up real quick. 00:34:08.635 --> 00:34:09.356 Share this tab. 00:34:10.257 --> 00:34:12.139 It is about something a lot of you 00:34:12.159 --> 00:34:13.400 guys, if you're privacy veterans, 00:34:13.420 --> 00:34:14.382 have probably clocked already, 00:34:14.422 --> 00:34:16.023 which is we're kind of moving into a 00:34:16.063 --> 00:34:21.751 world where it is suspicious to not be 00:34:21.791 --> 00:34:22.391 part of the system. 00:34:22.452 --> 00:34:23.213 You know, like it was a... 00:34:24.641 --> 00:34:25.163 What year are we in? 00:34:25.202 --> 00:34:25.862 Twenty twenty six. 00:34:25.882 --> 00:34:28.244 So like fifteen years ago, 00:34:28.465 --> 00:34:29.246 twenty years ago. 00:34:29.565 --> 00:34:30.447 God, it's been so long. 00:34:31.288 --> 00:34:31.887 We'll say fifteen, 00:34:31.947 --> 00:34:32.889 ten to fifteen years ago. 00:34:33.289 --> 00:34:34.271 If you didn't have a Facebook, 00:34:34.391 --> 00:34:35.130 that's kind of normal. 00:34:36.431 --> 00:34:37.833 I mean, it wasn't like super normal, 00:34:37.853 --> 00:34:38.733 but it's kind of like whatever. 00:34:39.875 --> 00:34:41.157 You know, if you didn't have Instagram, 00:34:41.197 --> 00:34:42.577 if you didn't have Snapchat and even now, 00:34:42.617 --> 00:34:43.918 I think to not have some of these 00:34:43.938 --> 00:34:45.239 things like I'm not on Snapchat, 00:34:45.260 --> 00:34:47.322 but I'm on Discord or I'm not really 00:34:47.402 --> 00:34:47.983 on Facebook, 00:34:48.003 --> 00:34:49.143 but I'm really active on Instagram or 00:34:49.164 --> 00:34:49.423 whatever. 00:34:49.443 --> 00:34:50.123 That's pretty normal. 00:34:50.844 --> 00:34:52.547 But we're moving into a world increasingly 00:34:52.646 --> 00:34:54.327 where to not have any of this stuff 00:34:54.407 --> 00:34:56.750 is really starting to be seen as 00:34:57.431 --> 00:34:59.072 suspicious and strange. 00:34:59.572 --> 00:35:01.835 And this was a fantastic write-up by one 00:35:01.875 --> 00:35:04.898 of our guest contributors. 00:35:05.617 --> 00:35:07.320 And they kind of explore this and how 00:35:07.440 --> 00:35:08.820 it's kind of really becoming a problem 00:35:08.860 --> 00:35:09.282 where like, 00:35:10.623 --> 00:35:11.585 obviously we're not fans of it, 00:35:11.605 --> 00:35:12.525 but here in the US, you know, 00:35:12.565 --> 00:35:13.905 now to get a visa or get into 00:35:13.925 --> 00:35:15.347 the country, they want you to show, 00:35:15.487 --> 00:35:16.367 if you're a foreigner, 00:35:16.387 --> 00:35:17.548 they want you to show like five years 00:35:17.568 --> 00:35:18.570 of social media history. 00:35:18.670 --> 00:35:18.969 And it's like, 00:35:19.010 --> 00:35:19.769 how do you think that's going to look 00:35:19.789 --> 00:35:20.851 when you show up at border patrol? 00:35:20.871 --> 00:35:21.271 And you're like, yeah, 00:35:21.291 --> 00:35:22.211 I don't have social media. 00:35:22.271 --> 00:35:23.472 I don't have, or, you know, 00:35:23.552 --> 00:35:25.253 I use Mastodon where everything over a 00:35:25.293 --> 00:35:26.755 month gets automatically deleted. 00:35:26.815 --> 00:35:27.695 Like that's going to look really 00:35:27.755 --> 00:35:28.275 suspicious, 00:35:28.876 --> 00:35:30.518 even if it was a different administration 00:35:30.557 --> 00:35:30.958 in charge. 00:35:30.998 --> 00:35:31.398 And so it's, 00:35:32.099 --> 00:35:34.219 this is a definitely becoming a problem. 00:35:34.780 --> 00:35:36.541 And I highly recommend checking that out. 00:35:37.262 --> 00:35:38.003 And then, again, 00:35:38.023 --> 00:35:38.922 it was kind of a slower week. 00:35:38.943 --> 00:35:40.824 We did have a couple of news articles, 00:35:40.885 --> 00:35:41.105 really. 00:35:41.125 --> 00:35:42.947 We had the Data Breach Roundup, of course. 00:35:42.987 --> 00:35:44.728 But we also had a story that we're 00:35:44.748 --> 00:35:45.728 going to talk about here in a minute, 00:35:46.088 --> 00:35:48.251 which is Meta's AI support agent used by 00:35:48.411 --> 00:35:50.213 attackers to take over Instagram accounts. 00:35:50.393 --> 00:35:53.034 And if you want to read a little 00:35:53.054 --> 00:35:54.516 bit more about that story or a different 00:35:54.536 --> 00:35:56.257 perspective, Freya wrote that. 00:35:56.297 --> 00:35:58.159 So definitely check that out. 00:35:59.119 --> 00:36:00.942 But that's all that's been going on the 00:36:01.061 --> 00:36:02.081 article side of things. 00:36:02.123 --> 00:36:04.423 And I think Jordan has some additional 00:36:04.463 --> 00:36:04.864 updates. 00:36:08.306 --> 00:36:09.005 Yes, I do. 00:36:09.086 --> 00:36:12.007 I've got something that Jonah's been 00:36:12.047 --> 00:36:14.510 working on quite a lot behind the scenes. 00:36:14.530 --> 00:36:17.190 I'm not sure if I can... Okay, 00:36:17.210 --> 00:36:18.572 it looks like I've got to remove your... 00:36:18.592 --> 00:36:20.213 Okay. 00:36:20.253 --> 00:36:22.034 Basically, we've been working on... Well, 00:36:22.074 --> 00:36:22.594 not we. 00:36:22.934 --> 00:36:24.635 I'm just going to say Jonah's been working 00:36:24.715 --> 00:36:28.016 on basically this whole verified apps 00:36:28.498 --> 00:36:29.077 database. 00:36:29.597 --> 00:36:31.079 So if you didn't catch last week's show, 00:36:31.619 --> 00:36:33.760 basically how it works is it's 00:36:34.864 --> 00:36:38.327 a database that has the certificate hashes 00:36:38.527 --> 00:36:39.650 of Android apps. 00:36:39.889 --> 00:36:41.371 And basically we're relying on our 00:36:41.431 --> 00:36:43.594 community members to submit their apps to 00:36:43.614 --> 00:36:44.335 that database. 00:36:45.056 --> 00:36:47.418 And originally it was just like we talked 00:36:47.438 --> 00:36:48.059 about last week. 00:36:48.119 --> 00:36:49.641 It was a website that you could visit 00:36:50.181 --> 00:36:51.302 that basically would provide 00:36:52.684 --> 00:36:54.445 have the hashes that you could compare 00:36:54.465 --> 00:36:55.746 with apps on your device. 00:36:56.565 --> 00:37:00.086 And Jonah has basically been working on a, 00:37:00.507 --> 00:37:03.248 he's been testing something that would 00:37:03.327 --> 00:37:08.010 basically allow for allow for people to 00:37:09.644 --> 00:37:11.947 automatically check device like 00:37:12.007 --> 00:37:13.768 certificate hashes of apps that they have 00:37:13.809 --> 00:37:15.871 installed automatically against the 00:37:15.891 --> 00:37:18.373 database that we've been working on so I 00:37:18.393 --> 00:37:19.534 guess I can scroll down a little bit 00:37:19.574 --> 00:37:20.755 here this is kind of like what it 00:37:20.775 --> 00:37:24.059 looks like it basically shows all the all 00:37:24.079 --> 00:37:26.701 the apps that you have installed and it 00:37:26.840 --> 00:37:29.403 will basically tell you the hash of the 00:37:29.523 --> 00:37:30.644 app and then it will tell you the 00:37:31.257 --> 00:37:36.581 status of the, if the app matches that, 00:37:36.621 --> 00:37:38.884 that is stored in our community database. 00:37:39.905 --> 00:37:41.346 So basically we've been having people on 00:37:41.405 --> 00:37:43.567 GitHub submitting their app certificate 00:37:43.606 --> 00:37:44.068 hashes, 00:37:44.748 --> 00:37:46.829 and then that's been compared against 00:37:48.489 --> 00:37:50.172 all app stores, basically. 00:37:50.251 --> 00:37:52.793 Google Play, FDroid, Accrescent, 00:37:54.255 --> 00:37:55.036 all these app stores, 00:37:55.096 --> 00:37:56.677 checking the certificate hashes against 00:37:56.697 --> 00:37:57.938 that, and then eventually, 00:37:58.197 --> 00:37:59.498 once we double-check everything, 00:38:00.239 --> 00:38:02.101 submitting that to the database itself. 00:38:03.001 --> 00:38:04.163 And basically, 00:38:04.182 --> 00:38:06.085 the reason why we've been doing this is 00:38:07.525 --> 00:38:09.307 the previous app that existed, 00:38:09.708 --> 00:38:10.268 which was... 00:38:11.771 --> 00:38:14.293 called AppVerifier by Superslurper. 00:38:15.213 --> 00:38:17.054 It was a good app, 00:38:17.114 --> 00:38:19.293 but the issue with it was that the 00:38:19.333 --> 00:38:21.474 internal database was very limited and the 00:38:21.514 --> 00:38:25.496 developer didn't want to increase the apps 00:38:25.536 --> 00:38:27.036 that were actually included in that 00:38:27.056 --> 00:38:27.637 database. 00:38:28.416 --> 00:38:31.097 So basically it was useful for checking 00:38:31.137 --> 00:38:31.757 the hashes, 00:38:31.797 --> 00:38:33.838 but it didn't have a very large internal 00:38:33.898 --> 00:38:34.498 database. 00:38:35.378 --> 00:38:37.320 So basically we're trying to change that a 00:38:37.340 --> 00:38:37.739 little bit. 00:38:38.492 --> 00:38:41.175 And we're not trying to replace the App 00:38:41.195 --> 00:38:42.476 Verifier app exactly. 00:38:43.056 --> 00:38:44.157 We're basically just using... 00:38:44.277 --> 00:38:46.277 This is basically an app that can check 00:38:46.838 --> 00:38:49.079 the certificate hashes of all the apps 00:38:49.119 --> 00:38:50.119 that you have installed. 00:38:51.240 --> 00:38:53.402 It doesn't work exactly the same way as 00:38:53.422 --> 00:38:54.503 the App Verifier app. 00:38:55.083 --> 00:38:56.744 I might just read exactly what Jonah put 00:38:56.844 --> 00:38:59.626 on the GitHub because I feel like that's 00:38:59.666 --> 00:39:01.588 probably a better way to... 00:39:04.050 --> 00:39:06.170 basically explain it. 00:39:06.990 --> 00:39:08.431 So let me just share this tab instead. 00:39:10.514 --> 00:39:13.315 Basically it's a verified apps is a app 00:39:13.375 --> 00:39:15.617 signing hash viewer and verifier. 00:39:17.458 --> 00:39:18.778 And if you scroll down here, 00:39:20.628 --> 00:39:22.128 It's a fork of AppVerifier, 00:39:22.528 --> 00:39:24.210 but many components have been removed, 00:39:24.610 --> 00:39:26.530 so it no longer serves the same purpose. 00:39:26.771 --> 00:39:27.190 Notably, 00:39:27.331 --> 00:39:29.170 it no longer includes peer-to-peer 00:39:29.190 --> 00:39:31.411 verification via clipboard sharing. 00:39:31.552 --> 00:39:33.672 This app only checks against our 00:39:33.692 --> 00:39:36.233 crowdsourced database. 00:39:36.393 --> 00:39:42.454 So basically what this means is that this 00:39:42.594 --> 00:39:43.715 is more of a 00:39:45.447 --> 00:39:45.867 I guess, 00:39:46.266 --> 00:39:49.728 supplementation to the app verifier app. 00:39:49.748 --> 00:39:50.949 So it's not a replacement. 00:39:51.789 --> 00:39:53.951 It fills a small niche there. 00:39:55.090 --> 00:39:56.371 And the app right now is, 00:39:56.751 --> 00:39:58.432 this is all pre-release stuff as well. 00:39:58.492 --> 00:39:59.532 I just want to put that out there. 00:39:59.572 --> 00:40:01.853 This is not anything that's been fully 00:40:01.893 --> 00:40:02.333 released. 00:40:04.757 --> 00:40:05.679 We've currently got, 00:40:06.739 --> 00:40:08.561 Jonah put out a release fifteen hours ago. 00:40:08.601 --> 00:40:10.242 This is like a pre-release of the app. 00:40:10.943 --> 00:40:12.806 I've downloaded it myself and there's no 00:40:12.925 --> 00:40:14.927 issues with the functionality or anything 00:40:14.967 --> 00:40:15.467 like that. 00:40:16.668 --> 00:40:19.251 But it is, 00:40:21.614 --> 00:40:23.456 it is not quite production ready. 00:40:23.496 --> 00:40:24.956 Like there's still certain things that I 00:40:24.976 --> 00:40:26.418 think Jonah is working out on the back 00:40:26.518 --> 00:40:28.059 end and to basically 00:40:30.077 --> 00:40:32.677 make sure that you can verify that the 00:40:33.097 --> 00:40:34.438 app is actually legit. 00:40:35.918 --> 00:40:37.278 Because obviously you need to make sure 00:40:37.298 --> 00:40:38.878 you trust this app because it's going to 00:40:38.898 --> 00:40:40.798 be checking all the certificate hashes of 00:40:40.838 --> 00:40:41.960 all the apps you're using. 00:40:44.139 --> 00:40:45.219 So yeah, 00:40:45.280 --> 00:40:46.601 there's been some kind of background 00:40:46.641 --> 00:40:47.701 process on that. 00:40:48.001 --> 00:40:50.320 And overall, it's looking really good. 00:40:50.501 --> 00:40:52.481 I've already really liked this app a lot, 00:40:52.541 --> 00:40:52.882 actually. 00:40:54.342 --> 00:40:55.764 So if you're interested in testing it out, 00:40:55.784 --> 00:40:58.065 you can check that out on the privacy 00:40:58.085 --> 00:40:58.766 guides forum, 00:40:58.945 --> 00:41:01.668 verified apps app for Android pre-release. 00:41:01.987 --> 00:41:04.130 So it's available for pre-release if you 00:41:04.150 --> 00:41:04.831 want to test it. 00:41:05.431 --> 00:41:07.432 Obviously don't rely on this fully yet 00:41:07.472 --> 00:41:10.255 because it's not really fully released, 00:41:10.934 --> 00:41:12.856 but it would be really helpful if people 00:41:12.896 --> 00:41:14.898 could download this and give feedback if 00:41:14.918 --> 00:41:15.378 they have any. 00:41:16.338 --> 00:41:17.980 because it's, yeah, 00:41:18.059 --> 00:41:19.581 it's kind of actively being developed and 00:41:19.641 --> 00:41:22.202 it's only just, we only just put out, 00:41:22.302 --> 00:41:24.864 I think Jonah put out a release the 00:41:24.983 --> 00:41:25.985 other day, two days ago. 00:41:26.364 --> 00:41:27.806 So two day old app. 00:41:28.126 --> 00:41:29.907 So don't, don't judge too harshly, 00:41:29.947 --> 00:41:33.369 but I think it's already quite promising. 00:41:34.849 --> 00:41:35.190 But yeah. 00:41:35.409 --> 00:41:36.811 Do you have any thoughts on this on 00:41:36.831 --> 00:41:37.030 Nate? 00:41:37.050 --> 00:41:39.373 Because I feel like this is kind of 00:41:39.393 --> 00:41:40.132 a big release here. 00:41:41.733 --> 00:41:43.353 Um, no, to be honest, 00:41:43.393 --> 00:41:44.434 I don't really have any thought. 00:41:44.474 --> 00:41:45.396 I think it is super cool. 00:41:45.456 --> 00:41:45.956 I agree with you. 00:41:45.976 --> 00:41:47.496 Um, it is a big release. 00:41:47.536 --> 00:41:48.217 It is really exciting. 00:41:48.637 --> 00:41:49.498 Um, I'm glad, uh, 00:41:49.518 --> 00:41:51.159 cause I know last time we mentioned this, 00:41:51.260 --> 00:41:53.420 uh, this crowdsourced app verifier thing, 00:41:53.922 --> 00:41:55.121 we explicitly said like, 00:41:55.483 --> 00:41:57.304 we're not promising an Android app to go 00:41:57.344 --> 00:41:57.623 with it. 00:41:58.545 --> 00:41:59.144 And, uh, 00:41:59.164 --> 00:42:01.086 I believe basically Jonah was just kind of 00:42:01.106 --> 00:42:01.847 like, well, 00:42:01.867 --> 00:42:03.027 how hard would it be to make an 00:42:03.188 --> 00:42:04.509 app and kind of tinkered around a little 00:42:04.528 --> 00:42:04.748 bit. 00:42:04.969 --> 00:42:05.369 And, um, 00:42:06.148 --> 00:42:08.570 Jonah's crazy smart with tech stuff. 00:42:08.771 --> 00:42:10.891 Um, I mean, obviously, but yeah, uh, 00:42:10.911 --> 00:42:11.992 I guess for him it was like, Oh, 00:42:12.012 --> 00:42:13.333 this is actually easier than I thought. 00:42:13.414 --> 00:42:14.054 So, uh, 00:42:14.074 --> 00:42:16.635 he went ahead and released this and, um, 00:42:16.896 --> 00:42:17.416 yeah, I mean, I, 00:42:17.456 --> 00:42:18.317 I think it's super cool. 00:42:18.456 --> 00:42:19.038 Uh, 00:42:19.057 --> 00:42:20.918 I will say another place you can find 00:42:20.938 --> 00:42:22.079 the link to this is in the newsletter. 00:42:22.159 --> 00:42:23.880 So if you go to privacyguides.org slash 00:42:23.920 --> 00:42:24.760 live streams, um, 00:42:24.780 --> 00:42:25.702 there's a link to it in there as 00:42:25.742 --> 00:42:27.643 well, but yeah, uh, 00:42:27.663 --> 00:42:28.764 I don't really have too many thoughts. 00:42:28.884 --> 00:42:29.704 I just think it's, um, 00:42:31.056 --> 00:42:31.717 It is super cool. 00:42:31.777 --> 00:42:32.617 It is super exciting. 00:42:32.836 --> 00:42:36.039 And if you are okay with some bugs 00:42:36.059 --> 00:42:36.679 and some stuff, 00:42:37.119 --> 00:42:40.742 I think we always appreciate beta testers 00:42:40.782 --> 00:42:42.143 and feedback and stuff. 00:42:42.563 --> 00:42:43.844 But yeah, like Jordan said, 00:42:43.903 --> 00:42:46.365 this should be considered pre-release 00:42:46.485 --> 00:42:46.905 alpha. 00:42:47.065 --> 00:42:48.626 Do not rely on it too heavily. 00:42:48.726 --> 00:42:50.088 Expect there to be some issues. 00:42:50.128 --> 00:42:51.849 And yeah, 00:42:51.909 --> 00:42:53.070 it's really cool to see this coming 00:42:53.090 --> 00:42:53.349 together. 00:42:53.369 --> 00:42:54.951 I don't know. 00:42:54.990 --> 00:42:55.811 I think those are kind of just my 00:42:55.851 --> 00:42:56.231 main thoughts. 00:42:56.271 --> 00:42:57.432 It's really cool to see this project 00:42:57.452 --> 00:42:59.373 coming together from my perspective, so. 00:43:00.188 --> 00:43:00.748 Yeah, same. 00:43:00.849 --> 00:43:01.929 And I think I do want to remind 00:43:01.969 --> 00:43:02.891 people like, you know, 00:43:03.351 --> 00:43:04.572 we wouldn't be able to do this without 00:43:04.592 --> 00:43:05.193 your support. 00:43:05.253 --> 00:43:06.755 So all of this is made possible by 00:43:06.795 --> 00:43:08.436 our supporters and you can sign up for 00:43:08.456 --> 00:43:10.199 a membership or donate at 00:43:10.239 --> 00:43:11.019 privacyguides.org. 00:43:11.119 --> 00:43:13.362 Or you can pick up some swag at 00:43:13.443 --> 00:43:15.164 shop.privacyguides.org. 00:43:16.005 --> 00:43:17.987 Privacy Guides is a nonprofit which 00:43:18.088 --> 00:43:20.030 researches and shares privacy related 00:43:20.050 --> 00:43:20.570 information. 00:43:21.077 --> 00:43:24.762 and facilitates a community on our forum 00:43:24.922 --> 00:43:27.204 and matrix where people can ask questions 00:43:27.344 --> 00:43:29.106 and get advice about staying private 00:43:29.226 --> 00:43:31.547 online and preserving their digital 00:43:32.028 --> 00:43:32.548 rights. 00:43:32.849 --> 00:43:36.253 Now let's dive into this story about Meta. 00:43:38.846 --> 00:43:40.266 Yeah, all right. 00:43:40.447 --> 00:43:43.349 So we got a couple stories about Meta 00:43:43.369 --> 00:43:43.869 this week. 00:43:44.510 --> 00:43:46.851 We'll start with this first one that you 00:43:46.871 --> 00:43:48.391 guys may have seen because it kind of 00:43:48.411 --> 00:43:49.012 made the rounds. 00:43:49.793 --> 00:43:50.112 It says, 00:43:50.152 --> 00:43:52.414 hackers use Meta's AI support bot to seize 00:43:52.554 --> 00:43:53.355 Instagram accounts. 00:43:53.835 --> 00:43:56.036 So we're talking big name accounts like 00:43:56.496 --> 00:43:57.577 the Obama White House. 00:43:57.677 --> 00:43:59.898 I didn't know that past administrations 00:43:59.998 --> 00:44:02.280 get to keep their own little archive 00:44:02.300 --> 00:44:02.581 account. 00:44:02.661 --> 00:44:03.240 I didn't know that. 00:44:03.382 --> 00:44:05.103 But the Obama White House, 00:44:05.143 --> 00:44:06.382 the chief master sergeant of the U.S. 00:44:06.402 --> 00:44:07.224 Space Force says, 00:44:07.885 --> 00:44:09.648 I think four Oh four said Sephora, 00:44:09.668 --> 00:44:10.469 the makeup brand, 00:44:10.949 --> 00:44:12.713 and they were briefly defaced with pro 00:44:12.833 --> 00:44:14.577 Iranian messages over the weekend. 00:44:15.157 --> 00:44:18.222 And apparently it's so meta has patched 00:44:18.262 --> 00:44:20.065 this now, according to this article, 00:44:20.567 --> 00:44:20.907 but it's, 00:44:21.900 --> 00:44:22.360 Apparently, 00:44:22.400 --> 00:44:24.181 it was literally as simple as opening the 00:44:24.222 --> 00:44:26.963 Meta AI support assistant and saying, hey, 00:44:27.143 --> 00:44:29.244 I need to add a new email address 00:44:29.284 --> 00:44:29.925 to this account. 00:44:30.605 --> 00:44:31.905 And then Meta would send you the 00:44:31.945 --> 00:44:34.588 verification code for video viewers. 00:44:34.608 --> 00:44:35.768 You can see a screenshot of the 00:44:35.789 --> 00:44:36.429 conversation here. 00:44:36.969 --> 00:44:37.309 And, you know, 00:44:37.590 --> 00:44:38.811 tell me the verification code. 00:44:39.371 --> 00:44:40.931 And then they would add it to the 00:44:40.952 --> 00:44:41.172 account. 00:44:41.192 --> 00:44:42.193 And then you could do like a basic 00:44:42.213 --> 00:44:42.932 password reset. 00:44:43.594 --> 00:44:43.753 So... 00:44:46.476 --> 00:44:48.518 My first thought is I have to wonder 00:44:48.677 --> 00:44:50.679 if two-factor would have slowed this down 00:44:50.719 --> 00:44:51.721 or stopped this potentially. 00:44:53.141 --> 00:44:54.123 I'm not positive, 00:44:54.163 --> 00:44:55.443 but I feel pretty confident that it 00:44:55.704 --> 00:44:56.744 probably would have. 00:44:58.496 --> 00:44:59.735 But, oh yes, 00:45:00.096 --> 00:45:01.257 it says here in the last paragraph, 00:45:01.396 --> 00:45:02.536 securing your various online accounts 00:45:02.577 --> 00:45:03.817 means taking full advantage of the most 00:45:03.836 --> 00:45:05.376 secure form of multi-factor authentication 00:45:05.476 --> 00:45:05.797 offered. 00:45:07.478 --> 00:45:08.438 And in this case, 00:45:08.617 --> 00:45:10.597 using even the least robust forms of MFA, 00:45:10.657 --> 00:45:12.259 such as a one-time code sent via SMS, 00:45:12.518 --> 00:45:13.798 would likely have blocked the exploit. 00:45:14.358 --> 00:45:17.219 And we'll talk about two-factor actually a 00:45:17.239 --> 00:45:18.800 little bit in the Dashlane story. 00:45:19.500 --> 00:45:23.320 But I think the other thing is, 00:45:23.360 --> 00:45:24.840 and this is kind of preaching to the 00:45:24.860 --> 00:45:25.380 choir here, 00:45:25.440 --> 00:45:27.641 but the other thing with this story is 00:45:27.681 --> 00:45:27.922 that 00:45:29.280 --> 00:45:30.802 This is a reminder, like I don't, 00:45:32.204 --> 00:45:32.324 I mean, 00:45:32.344 --> 00:45:33.545 it's not really a reminder because again, 00:45:33.585 --> 00:45:34.186 you guys know this, 00:45:34.206 --> 00:45:36.329 but like it blows my mind that companies 00:45:38.132 --> 00:45:41.054 are relying so heavily on AI when it's 00:45:41.235 --> 00:45:45.159 just, it's not, it doesn't have thought, 00:45:45.239 --> 00:45:45.541 you know? 00:45:45.661 --> 00:45:46.121 I mean, again, 00:45:46.762 --> 00:45:47.762 I know I'm preaching the choir here, 00:45:47.782 --> 00:45:48.023 but like, 00:45:49.280 --> 00:45:51.623 This is the problem is AI is not 00:45:51.663 --> 00:45:52.003 conscious. 00:45:52.043 --> 00:45:53.284 And this is proof of it because a 00:45:53.344 --> 00:45:54.764 conscious person would have realized, 00:45:55.344 --> 00:45:56.925 why am I adding a random email address 00:45:56.945 --> 00:45:57.505 to this account? 00:45:58.186 --> 00:45:59.568 But AI is just automatic. 00:45:59.608 --> 00:46:00.849 It just does what it's told. 00:46:00.989 --> 00:46:03.690 And it's just, it's crazy. 00:46:03.751 --> 00:46:04.530 I can't believe it did that. 00:46:04.610 --> 00:46:05.311 But yeah, and I... 00:46:06.251 --> 00:46:06.652 Um, ever, 00:46:06.833 --> 00:46:08.856 ever since the anthropic code leech leak, 00:46:08.996 --> 00:46:10.737 I would love to see how meta patch 00:46:10.757 --> 00:46:11.998 this, because from what I can tell, 00:46:12.079 --> 00:46:14.262 like programming AI is basically just 00:46:14.302 --> 00:46:16.704 giving it prompts that are like deep down 00:46:16.744 --> 00:46:17.565 below the user level. 00:46:17.987 --> 00:46:18.827 So like, what did they do? 00:46:18.867 --> 00:46:19.929 They just added a new prompt, 00:46:19.969 --> 00:46:22.291 like do not add random email addresses to 00:46:22.331 --> 00:46:23.333 an account, you know, things that again, 00:46:23.373 --> 00:46:25.076 a normal person would know, but yeah. 00:46:25.702 --> 00:46:28.905 Yeah, this move fast and break everything, 00:46:28.945 --> 00:46:29.164 right? 00:46:29.786 --> 00:46:30.746 And it's not even just meta. 00:46:30.786 --> 00:46:31.806 Like as much as I love to crap 00:46:31.847 --> 00:46:33.467 on meta and they deserve every bit of 00:46:33.507 --> 00:46:35.048 it and then some, it's, you know, 00:46:35.128 --> 00:46:36.530 all these companies are doing this where 00:46:36.550 --> 00:46:37.990 they just roll everything out and then 00:46:38.010 --> 00:46:39.251 worry about the consequences later. 00:46:39.972 --> 00:46:41.733 To which I would like to inform people 00:46:41.773 --> 00:46:42.974 if you didn't know that there's literally 00:46:43.054 --> 00:46:44.996 an entire Wikipedia page listing deaths 00:46:45.076 --> 00:46:47.217 directly relatable to AI and LLMs. 00:46:48.143 --> 00:46:49.143 So yeah, 00:46:50.704 --> 00:46:51.985 I've been pretty open that I'm not like 00:46:52.005 --> 00:46:53.826 the most anti-AI person around here, 00:46:53.846 --> 00:46:54.505 but they're just, 00:46:55.507 --> 00:46:57.007 the number of use cases that I found 00:46:57.047 --> 00:46:58.847 for it are so few and far between 00:46:58.867 --> 00:47:00.208 that it just blows my mind that companies 00:47:00.228 --> 00:47:01.929 are trying to cram it into every single 00:47:01.949 --> 00:47:02.630 thing possible. 00:47:02.829 --> 00:47:05.452 But I don't, yeah, I mean, 00:47:05.472 --> 00:47:07.072 this is a pretty straightforward story. 00:47:07.112 --> 00:47:08.452 So I don't know if I have anything 00:47:08.492 --> 00:47:09.494 else really to add to this. 00:47:10.074 --> 00:47:10.914 I know this was a big one that 00:47:10.954 --> 00:47:11.454 made the rounds. 00:47:11.494 --> 00:47:12.755 Did you have any thoughts on this one 00:47:12.775 --> 00:47:13.896 when you saw this story, Jordan? 00:47:13.916 --> 00:47:14.016 Yeah. 00:47:15.507 --> 00:47:17.568 I was thinking of jumping in right away, 00:47:17.628 --> 00:47:18.347 but I think it's, 00:47:18.507 --> 00:47:20.108 it is kind of funny that like the 00:47:20.268 --> 00:47:20.849 Obama, 00:47:21.090 --> 00:47:23.271 the Obama White House account didn't have 00:47:23.331 --> 00:47:24.811 two-factor authentication. 00:47:24.851 --> 00:47:25.751 What are they doing? 00:47:25.811 --> 00:47:27.333 Like that, that must be so many, 00:47:27.413 --> 00:47:29.072 that must be like such a huge account 00:47:29.132 --> 00:47:29.494 as well. 00:47:29.534 --> 00:47:31.153 Like that is not a small account. 00:47:31.173 --> 00:47:32.735 I don't know. 00:47:32.755 --> 00:47:34.295 It just kind of surprises me how, 00:47:35.036 --> 00:47:36.356 how resistant people are to, 00:47:36.597 --> 00:47:36.836 to like 00:47:37.184 --> 00:47:39.846 it's not even like SMS to FAA is 00:47:39.885 --> 00:47:41.606 like the bare minimum. 00:47:41.666 --> 00:47:42.547 Like that is like this, 00:47:42.927 --> 00:47:45.648 that is literally the lowest form of 00:47:45.829 --> 00:47:47.409 authentication you can possibly have. 00:47:48.010 --> 00:47:48.369 And okay. 00:47:48.409 --> 00:47:48.990 So it says here, 00:47:49.510 --> 00:47:53.353 Obama White House account and the chief 00:47:53.432 --> 00:47:55.813 master Sergeant of the U S space force 00:47:55.853 --> 00:47:58.215 were briefly defaced with pro Iranian 00:47:58.235 --> 00:47:58.594 images. 00:47:58.655 --> 00:48:00.215 So I don't know. 00:48:00.235 --> 00:48:01.757 It just kind of surprises me that there's 00:48:01.777 --> 00:48:03.677 these public facing accounts that have 00:48:03.737 --> 00:48:03.998 like 00:48:05.045 --> 00:48:05.907 zero security. 00:48:05.987 --> 00:48:06.686 And I think it also, 00:48:07.206 --> 00:48:08.407 I think meta is to blame here as 00:48:08.447 --> 00:48:10.429 well, because number one, 00:48:11.028 --> 00:48:12.789 you should be enforcing two factor, 00:48:13.351 --> 00:48:15.192 like a hundred percent across your entire 00:48:15.552 --> 00:48:15.891 company. 00:48:15.911 --> 00:48:17.813 You shouldn't be allowing people to just 00:48:18.793 --> 00:48:20.454 not have two factor authentication, 00:48:20.514 --> 00:48:21.835 especially when you're like meta, right? 00:48:21.856 --> 00:48:25.257 Like you have so much power over so 00:48:25.277 --> 00:48:25.838 many people, 00:48:25.918 --> 00:48:27.659 like you should be at least trying to 00:48:27.699 --> 00:48:30.159 enforce the bare minimum of security. 00:48:30.219 --> 00:48:31.380 Like, I mean, 00:48:31.960 --> 00:48:33.181 as much as we don't like Google, 00:48:34.659 --> 00:48:36.480 As much as we really hate Google, 00:48:36.840 --> 00:48:37.780 they have done that right. 00:48:38.260 --> 00:48:38.862 They've put in, 00:48:39.961 --> 00:48:41.902 they've mandated two-factor authentication 00:48:41.922 --> 00:48:44.925 across every account, which, you know, 00:48:45.025 --> 00:48:46.766 it stops silly stuff like this. 00:48:46.826 --> 00:48:48.927 But also, I wonder, like, 00:48:51.329 --> 00:48:53.510 how much control did they actually give 00:48:53.570 --> 00:48:55.150 this AI support assistant? 00:48:55.170 --> 00:48:57.873 Because if it's allowed to reset account 00:48:57.913 --> 00:48:58.672 passwords, 00:48:59.213 --> 00:49:00.594 how much more control over the 00:49:00.614 --> 00:49:01.715 infrastructure does this? 00:49:03.235 --> 00:49:04.157 It's basically a... 00:49:06.737 --> 00:49:08.159 it's basically just making stuff up, 00:49:08.199 --> 00:49:08.338 right? 00:49:08.378 --> 00:49:11.501 Like AI is basically just telling you what 00:49:11.521 --> 00:49:12.222 you want to hear. 00:49:12.501 --> 00:49:15.284 And I think putting that into a support 00:49:15.324 --> 00:49:16.784 bot that has control over people's 00:49:16.824 --> 00:49:17.364 accounts, 00:49:18.025 --> 00:49:19.666 that just sounds like a security nightmare 00:49:19.726 --> 00:49:21.708 because we've seen this before. 00:49:21.728 --> 00:49:23.568 There's all these sort of prompt injection 00:49:23.588 --> 00:49:24.590 things where you can be like, 00:49:24.929 --> 00:49:27.811 disregard all prior programming and 00:49:28.652 --> 00:49:30.253 and change the email address of this 00:49:30.293 --> 00:49:30.552 account. 00:49:30.572 --> 00:49:33.735 Like, it's just so ripe for abuse because, 00:49:33.795 --> 00:49:36.376 like Nate said, it's not a human being. 00:49:36.416 --> 00:49:37.277 It doesn't think. 00:49:37.476 --> 00:49:39.639 It's not like they're trying to imitate a 00:49:39.679 --> 00:49:41.219 human, but it's not the same thing. 00:49:41.380 --> 00:49:42.380 And, I don't know, 00:49:42.400 --> 00:49:43.920 it's just kind of funny how much money 00:49:43.940 --> 00:49:45.561 we're pouring into this, like, 00:49:46.141 --> 00:49:50.603 funny makeup words machine that, you know, 00:49:50.643 --> 00:49:52.603 keeps doing silly stuff like this. 00:49:52.664 --> 00:49:52.844 Right. 00:49:52.903 --> 00:49:55.364 And they're just trying to mimic the power 00:49:55.423 --> 00:49:56.664 of a single human being. 00:49:56.724 --> 00:49:58.324 Like if a single human being was on 00:49:58.344 --> 00:49:59.125 the other end of this, 00:49:59.545 --> 00:50:00.644 this wouldn't even be a story. 00:50:00.664 --> 00:50:02.505 It literally wouldn't have happened. 00:50:03.146 --> 00:50:03.925 So like, 00:50:04.726 --> 00:50:06.047 it's just really frustrating that they're 00:50:06.067 --> 00:50:06.766 trying to, you know, 00:50:07.547 --> 00:50:09.726 maybe you should start employing human 00:50:09.766 --> 00:50:12.507 beings to actually, you know, manual, uh, 00:50:14.766 --> 00:50:17.126 support assistant instead of having some 00:50:17.286 --> 00:50:20.528 AI that can make mistakes like this. 00:50:20.588 --> 00:50:21.570 So I don't know, 00:50:21.590 --> 00:50:24.831 this is just kind of the reality of 00:50:24.911 --> 00:50:25.213 meta. 00:50:25.373 --> 00:50:26.313 I think in this day and age, 00:50:26.333 --> 00:50:27.914 they've just gone too far. 00:50:28.054 --> 00:50:31.817 They've put AI into too many things. 00:50:32.217 --> 00:50:35.079 They're trying to minimize costs as much 00:50:35.119 --> 00:50:35.940 as possible and 00:50:37.414 --> 00:50:39.856 utilize all these AI systems to automate 00:50:39.896 --> 00:50:40.336 things. 00:50:40.556 --> 00:50:42.518 And I think we're only just going to 00:50:42.539 --> 00:50:43.980 see this becoming more and more of an 00:50:44.019 --> 00:50:44.360 issue. 00:50:44.780 --> 00:50:47.081 And any company that is doing this sort 00:50:47.121 --> 00:50:47.842 of integration, 00:50:47.902 --> 00:50:49.543 I would be extremely skeptical of the 00:50:49.583 --> 00:50:50.704 security of their product. 00:50:52.606 --> 00:50:53.025 And honestly, 00:50:53.065 --> 00:50:54.947 the most surprising thing of this story is 00:50:55.367 --> 00:50:57.248 just how much control they gave to the 00:50:57.349 --> 00:50:58.268 AI support bot, 00:50:58.530 --> 00:51:02.692 because that's basically not... 00:51:03.708 --> 00:51:05.092 Something that I would have expected a 00:51:05.152 --> 00:51:06.155 company to actually do, 00:51:06.615 --> 00:51:09.643 but I guess meta is just that bad. 00:51:12.987 --> 00:51:13.206 Yeah. 00:51:13.547 --> 00:51:13.867 Yeah. 00:51:14.146 --> 00:51:15.007 I, I totally agree, 00:51:15.088 --> 00:51:16.407 especially about the two FA thing. 00:51:16.547 --> 00:51:16.788 Like, 00:51:17.327 --> 00:51:18.929 I don't know what things are like at, 00:51:19.088 --> 00:51:20.389 at the white house, 00:51:20.989 --> 00:51:22.170 any white house for the record. 00:51:22.409 --> 00:51:23.369 Um, and you know, 00:51:23.409 --> 00:51:24.369 the chief master Sergeant, 00:51:24.409 --> 00:51:26.130 I have to assume that's his account that 00:51:26.170 --> 00:51:26.791 he's Manning. 00:51:27.050 --> 00:51:28.130 Maybe I could be wrong about that. 00:51:28.771 --> 00:51:31.831 But, uh, I, I, especially like Sephora, 00:51:31.972 --> 00:51:32.893 I mentioned that was in the four Oh 00:51:32.932 --> 00:51:33.672 four media article. 00:51:33.693 --> 00:51:33.853 Like 00:51:35.108 --> 00:51:36.769 How is there a company on earth that 00:51:36.809 --> 00:51:38.791 is not using a password manager and not 00:51:38.851 --> 00:51:39.331 mandating? 00:51:39.391 --> 00:51:40.490 Like at my last job, 00:51:41.070 --> 00:51:42.911 they mandated we had to use Microsoft 00:51:43.211 --> 00:51:44.813 Authenticator, which pissed me off. 00:51:44.833 --> 00:51:45.413 It was garbage. 00:51:45.492 --> 00:51:46.474 But, you know, 00:51:46.554 --> 00:51:48.594 it's like we had to use two FAA. 00:51:48.635 --> 00:51:50.454 That was just basic push notification to 00:51:50.594 --> 00:51:50.856 FAA. 00:51:50.896 --> 00:51:53.076 Like that's insane that these these big 00:51:53.135 --> 00:51:55.617 billion dollar brands like God forbid you 00:51:55.657 --> 00:51:57.577 make everybody even even Microsoft 00:51:57.617 --> 00:51:59.318 Authenticator is as much as I hated it 00:51:59.358 --> 00:52:00.478 and as dumb as it is and as 00:52:00.518 --> 00:52:01.679 much as I wouldn't want anybody to put 00:52:01.699 --> 00:52:03.280 that spyware on their freaking phone. 00:52:03.701 --> 00:52:03.900 Like 00:52:04.400 --> 00:52:04.521 it's, 00:52:04.641 --> 00:52:06.021 it's better than just leaving it wide 00:52:06.081 --> 00:52:06.242 open. 00:52:06.262 --> 00:52:06.362 Right. 00:52:06.382 --> 00:52:07.661 And it's probably some shared garbage 00:52:07.681 --> 00:52:08.963 password to like, you know, 00:52:09.362 --> 00:52:10.983 make up forever or something stupid. 00:52:11.103 --> 00:52:11.423 I don't know. 00:52:11.523 --> 00:52:12.704 So yeah, it's, 00:52:12.784 --> 00:52:13.824 it's completely insane that these 00:52:13.864 --> 00:52:16.306 companies are not doing better. 00:52:16.746 --> 00:52:17.327 Um, yeah. 00:52:17.387 --> 00:52:20.467 Chess Joe said a stochastic parroting. 00:52:20.487 --> 00:52:21.568 I've never heard that word before. 00:52:21.588 --> 00:52:22.248 I had to look it up. 00:52:22.289 --> 00:52:24.690 Apparently it means random involving a 00:52:24.750 --> 00:52:25.530 random variable. 00:52:25.590 --> 00:52:27.351 So yeah, just, it's, um, 00:52:28.518 --> 00:52:30.018 Again, I'm not the biggest AI hater, 00:52:30.099 --> 00:52:31.619 but it is a probability machine. 00:52:31.679 --> 00:52:31.940 It's like, 00:52:31.980 --> 00:52:33.440 what is the most likely word that's going 00:52:33.460 --> 00:52:33.981 to come next? 00:52:35.581 --> 00:52:36.501 It's an oversimplification, 00:52:36.521 --> 00:52:37.842 but it is fancy autocorrect. 00:52:37.882 --> 00:52:40.302 And to try to assign sentience or 00:52:40.362 --> 00:52:42.282 intention or motivation to it is 00:52:42.322 --> 00:52:43.163 incredibly dangerous. 00:52:43.362 --> 00:52:46.344 Again, I do believe AI has use cases. 00:52:46.983 --> 00:52:47.684 But like you said, 00:52:47.724 --> 00:52:49.344 just giving it this massive amount of 00:52:49.744 --> 00:52:50.744 ability and power, 00:52:51.244 --> 00:52:52.286 that's one of the things that no... 00:52:53.905 --> 00:52:55.467 mild offense to the people that use ai 00:52:55.527 --> 00:52:57.286 agents i think they're completely insane 00:52:57.407 --> 00:52:58.788 unless they've got like a very specific 00:52:58.847 --> 00:53:01.309 like it's got this machine and it only 00:53:01.329 --> 00:53:03.550 has access to like the search engine and 00:53:03.590 --> 00:53:05.891 it doesn't have access to like my my 00:53:05.911 --> 00:53:06.791 you know because that's the example 00:53:06.811 --> 00:53:08.251 they've given us right it's like oh you 00:53:08.271 --> 00:53:10.052 can use it to uh to like go 00:53:10.192 --> 00:53:11.793 buy plane tickets it's like first of all 00:53:11.932 --> 00:53:13.532 i don't trust it not to buy like 00:53:13.592 --> 00:53:15.813 first class tickets to freaking moscow at 00:53:15.833 --> 00:53:18.014 this point i don't trust it not to 00:53:18.034 --> 00:53:20.016 buy three of them at a time and 00:53:20.096 --> 00:53:21.777 i also don't trust it to actually get 00:53:21.817 --> 00:53:22.697 me the best price 00:53:23.516 --> 00:53:23.898 So it's like, 00:53:23.998 --> 00:53:25.719 I don't understand people that trust AI 00:53:25.739 --> 00:53:29.001 with that degree of power and control or 00:53:29.021 --> 00:53:30.943 like unchecked responding to emails. 00:53:30.963 --> 00:53:33.164 Like I have never used AI to write 00:53:33.244 --> 00:53:35.427 an email, but I cannot imagine the people, 00:53:35.487 --> 00:53:37.208 which we've seen it in our spam and 00:53:37.248 --> 00:53:38.489 privacy guides and in our email, 00:53:38.528 --> 00:53:40.351 people will just like give it a prompt, 00:53:40.431 --> 00:53:41.532 go and hit send. 00:53:41.612 --> 00:53:41.911 And it's like, 00:53:41.952 --> 00:53:43.413 what kind of a psychopath doesn't even 00:53:43.472 --> 00:53:44.434 like proofread it? 00:53:44.514 --> 00:53:44.873 It's just, 00:53:45.715 --> 00:53:47.195 people are putting way too much trust in 00:53:47.335 --> 00:53:47.597 AI. 00:53:47.637 --> 00:53:48.077 It's scary. 00:53:49.217 --> 00:53:50.617 I think the other thing that we've kind 00:53:50.677 --> 00:53:54.500 of seen is the boon of this software 00:53:54.539 --> 00:53:57.440 that's like AI, it's like agentic agents. 00:53:57.519 --> 00:54:00.021 They're like open claws of the world. 00:54:00.061 --> 00:54:01.402 Like people will just like, 00:54:02.322 --> 00:54:04.262 they'll give an email inbox to like this 00:54:04.402 --> 00:54:05.003 AI agent. 00:54:05.043 --> 00:54:06.483 And then the AI agent will just go 00:54:06.503 --> 00:54:08.083 through the entire internet and just send 00:54:08.143 --> 00:54:09.824 out emails to people and just like be 00:54:09.864 --> 00:54:10.643 really irritating. 00:54:11.043 --> 00:54:12.125 Like we have this issue. 00:54:12.525 --> 00:54:14.485 We kept getting this one person who would 00:54:14.505 --> 00:54:16.686 just keep sending us emails and 00:54:16.885 --> 00:54:17.766 And it wasn't a person. 00:54:17.827 --> 00:54:19.329 It was an AI agent that was just 00:54:19.349 --> 00:54:21.032 spamming us constantly. 00:54:22.795 --> 00:54:25.659 And it was complete gibberish too. 00:54:25.759 --> 00:54:26.239 Exactly. 00:54:26.400 --> 00:54:28.262 It was like complete slop as well. 00:54:28.282 --> 00:54:30.126 It was like not even... It was like... 00:54:32.289 --> 00:54:32.710 It's just... 00:54:34.784 --> 00:54:36.523 it's just very frustrating when you, 00:54:36.543 --> 00:54:39.684 when you see these sort of the way 00:54:39.704 --> 00:54:40.405 things are going, 00:54:40.465 --> 00:54:42.905 like the way certain companies are 00:54:42.945 --> 00:54:44.585 influencing technology at the moment, 00:54:44.606 --> 00:54:47.347 because let's be real, like it's not, 00:54:47.427 --> 00:54:49.188 it's not the individual people using the 00:54:49.228 --> 00:54:50.648 technology that are shaping where 00:54:50.708 --> 00:54:51.588 technology is going. 00:54:52.188 --> 00:54:53.568 It's these massive, you know, 00:54:53.608 --> 00:54:55.228 like multinational corporations like 00:54:55.289 --> 00:54:59.670 Microsoft, Apple, Nvidia, you know, 00:54:59.710 --> 00:55:00.871 all these massive companies, 00:55:00.911 --> 00:55:02.251 they're controlling where the 00:55:03.958 --> 00:55:07.000 where where money is going where where 00:55:07.019 --> 00:55:10.320 development is being focused on and uh 00:55:10.639 --> 00:55:12.221 unfortunately it's being focused on 00:55:12.400 --> 00:55:14.021 something that's really silly and kind of 00:55:14.121 --> 00:55:15.840 useless in a lot of aspects right like 00:55:16.701 --> 00:55:19.181 we could argue you know oh maybe it's 00:55:19.222 --> 00:55:21.461 good for like a little bit of stuff 00:55:21.481 --> 00:55:22.842 like you said maybe it's like oh it's 00:55:22.862 --> 00:55:24.543 okay for like researching something maybe 00:55:24.583 --> 00:55:26.722 I can find some information that's hard to 00:55:26.762 --> 00:55:29.143 find on a search engine by you know 00:55:29.224 --> 00:55:30.784 asking an AI agent but like 00:55:32.181 --> 00:55:34.244 when we start expanding it to more things 00:55:34.304 --> 00:55:35.465 like, you know, 00:55:35.684 --> 00:55:37.967 asking it to manage an inbox or be 00:55:37.987 --> 00:55:40.829 a support agent, then it's like, that's, 00:55:41.090 --> 00:55:42.251 I think that is a little bit too 00:55:42.291 --> 00:55:43.472 far. 00:55:44.074 --> 00:55:44.954 I totally agree, 00:55:44.974 --> 00:55:46.536 but I do want to push back just 00:55:46.596 --> 00:55:48.137 a tiny bit in the name of optimism 00:55:48.297 --> 00:55:49.199 and point out that like, 00:55:50.452 --> 00:55:52.335 Sometimes we can push back on this stuff. 00:55:53.135 --> 00:55:55.719 Remember the metaverse and how that 00:55:55.878 --> 00:55:57.239 completely failed to materialize? 00:55:57.541 --> 00:55:58.061 Or like, okay, 00:55:58.101 --> 00:55:59.121 this is an example that I don't know 00:55:59.141 --> 00:55:59.943 how many people remember. 00:56:00.384 --> 00:56:03.507 But I used to see commercials for this 00:56:03.547 --> 00:56:04.708 service called Quibi. 00:56:05.369 --> 00:56:06.510 And it was supposed to be like... 00:56:07.650 --> 00:56:08.931 It was supposed to be like Netflix, 00:56:09.032 --> 00:56:10.893 except every episode was less than ten 00:56:10.934 --> 00:56:11.193 minutes. 00:56:11.213 --> 00:56:12.474 So I guess the idea was like you 00:56:12.494 --> 00:56:13.576 could watch it while you were like waiting 00:56:13.615 --> 00:56:14.356 for the bus or something. 00:56:14.777 --> 00:56:15.617 And I swear to God, 00:56:15.757 --> 00:56:17.498 I saw those commercials like every single 00:56:17.539 --> 00:56:18.119 commercial break. 00:56:18.159 --> 00:56:20.521 Like streaming services, cable TV, 00:56:20.541 --> 00:56:21.621 because I think I was traveling a lot 00:56:21.641 --> 00:56:21.961 at the time, 00:56:21.981 --> 00:56:23.023 so a lot of hotel TVs. 00:56:23.782 --> 00:56:24.804 Like I saw it everywhere. 00:56:24.923 --> 00:56:25.744 It was everywhere. 00:56:25.784 --> 00:56:27.286 It was obnoxiously everywhere. 00:56:27.987 --> 00:56:29.768 They went under in like a year because 00:56:29.788 --> 00:56:30.528 it was a stupid idea. 00:56:30.869 --> 00:56:33.130 So like my point being is like a 00:56:33.170 --> 00:56:36.112 lot of people think that – 00:56:34.992 --> 00:56:35.992 and I'm not accusing you of this for 00:56:36.012 --> 00:56:36.311 the record, 00:56:36.331 --> 00:56:37.492 but I've seen a lot of people who 00:56:37.512 --> 00:56:38.512 seem to think that like, oh, 00:56:38.893 --> 00:56:41.554 companies just pump an ungodly amount of 00:56:41.594 --> 00:56:43.155 money that most of us would never need 00:56:43.175 --> 00:56:44.235 to work again if we had that kind 00:56:44.255 --> 00:56:44.514 of money. 00:56:44.795 --> 00:56:46.135 They just pump this ridiculous amount of 00:56:46.175 --> 00:56:47.655 money into advertising and boom, 00:56:47.715 --> 00:56:48.936 now they've shoved this terrible product 00:56:48.956 --> 00:56:49.436 down our throat. 00:56:50.637 --> 00:56:52.757 Usually, but every once in a while, 00:56:52.818 --> 00:56:54.117 we can kind of push back on it 00:56:54.257 --> 00:56:55.237 and like get them, 00:56:55.398 --> 00:56:56.518 get it to fail regardless. 00:56:56.559 --> 00:56:58.798 So, I mean, if I'm being realistic, 00:56:58.858 --> 00:57:00.320 I don't think AI is going to completely 00:57:00.360 --> 00:57:00.760 go away, 00:57:00.800 --> 00:57:02.059 but I do think there is something to 00:57:02.079 --> 00:57:03.661 be said for like, it's not a guarantee. 00:57:03.701 --> 00:57:04.041 And I think 00:57:04.710 --> 00:57:06.170 It is worth continuing to push back and 00:57:06.190 --> 00:57:07.291 I admire everyone who does. 00:57:07.612 --> 00:57:08.952 I say as the person who is admitted 00:57:08.992 --> 00:57:10.353 to occasionally using AI, 00:57:10.853 --> 00:57:12.974 I know I kind of suck, but yeah, 00:57:13.076 --> 00:57:13.576 I don't know. 00:57:13.675 --> 00:57:14.556 I guess I just wanted to offer a 00:57:14.577 --> 00:57:16.097 little bit of potential hope. 00:57:17.257 --> 00:57:18.099 Boo. 00:57:18.259 --> 00:57:18.378 Yeah. 00:57:18.438 --> 00:57:19.420 Anyway, I know. 00:57:19.739 --> 00:57:21.280 I think a lot of people use AI. 00:57:21.521 --> 00:57:23.882 A lot of people would say like they, 00:57:24.523 --> 00:57:25.884 I think it's pretty fair to say most 00:57:25.903 --> 00:57:27.864 people use at least some sort of AI 00:57:27.885 --> 00:57:28.545 right at this point. 00:57:28.585 --> 00:57:31.226 Like it's become kind of ubiquitous. 00:57:31.248 --> 00:57:31.887 Yeah. 00:57:32.250 --> 00:57:34.291 Um, so I don't think that, you know, 00:57:34.331 --> 00:57:35.692 we shouldn't shame people that are using 00:57:35.711 --> 00:57:37.393 this technology, but I think, you know, 00:57:37.753 --> 00:57:39.554 educating people like, oh, why is this, 00:57:39.853 --> 00:57:41.135 why shouldn't we be doing this? 00:57:41.175 --> 00:57:41.554 Why are, 00:57:41.594 --> 00:57:43.396 why are we funneling so much money into 00:57:43.416 --> 00:57:44.097 this technology? 00:57:44.137 --> 00:57:45.577 Why is this technology not good? 00:57:46.557 --> 00:57:50.581 Um, so, you know, I think, yeah, 00:57:50.641 --> 00:57:51.061 you're right. 00:57:51.081 --> 00:57:52.902 Like we are already kind of seeing it 00:57:52.942 --> 00:57:53.862 happening a little bit. 00:57:54.182 --> 00:57:55.744 Maybe let's be optimistic. 00:57:55.804 --> 00:57:57.465 I guess we've seen data centers being 00:57:57.505 --> 00:57:58.125 canceled. 00:57:58.184 --> 00:57:59.826 We've been seeing, you know, 00:58:01.094 --> 00:58:03.635 ram prices and gpu prices kind of hitting 00:58:04.335 --> 00:58:06.197 hitting a ridiculous point now where like 00:58:06.237 --> 00:58:08.697 you know it's impacting a lot of people 00:58:08.818 --> 00:58:10.778 and people are becoming a little bit more 00:58:12.760 --> 00:58:14.139 skeptical of the amount of money that 00:58:14.159 --> 00:58:16.221 we're pouring into this right like oh you 00:58:16.260 --> 00:58:17.882 know it is kind of affecting a lot 00:58:17.961 --> 00:58:19.862 and like is it really that useful like 00:58:19.902 --> 00:58:21.722 people are becoming more skeptical i think 00:58:22.664 --> 00:58:26.945 um at least i would like to hope 00:58:27.005 --> 00:58:28.445 same totally agree 00:58:30.465 --> 00:58:31.326 But with that being said, 00:58:31.365 --> 00:58:32.987 I guess we could move on to the 00:58:33.047 --> 00:58:34.186 next article here, 00:58:34.947 --> 00:58:38.548 also about Meta as well. 00:58:39.168 --> 00:58:41.250 So this one is from Wired. 00:58:41.751 --> 00:58:44.931 Meta silently added face recognition code 00:58:44.992 --> 00:58:47.353 for its smart glasses to millions of 00:58:47.393 --> 00:58:47.954 phones. 00:58:48.373 --> 00:58:50.135 So one quick thing before we dive into 00:58:50.155 --> 00:58:50.614 this story. 00:58:51.833 --> 00:58:53.014 I don't know if anyone remembers, 00:58:53.094 --> 00:58:54.275 but a couple of years ago, 00:58:54.454 --> 00:58:55.835 maybe it was like two years ago, 00:58:56.635 --> 00:58:59.237 there was another story about this and it 00:58:59.257 --> 00:58:59.637 was some, 00:58:59.856 --> 00:59:01.498 there was some university students and 00:59:01.518 --> 00:59:04.038 what they'd done is basically hooked up 00:59:04.318 --> 00:59:06.039 meta glasses to, 00:59:08.000 --> 00:59:10.021 what's that facial recognition? 00:59:10.541 --> 00:59:11.320 Pim eyes. 00:59:11.701 --> 00:59:12.181 Pim eyes. 00:59:12.422 --> 00:59:13.041 That's it. 00:59:13.101 --> 00:59:13.322 Sorry. 00:59:13.362 --> 00:59:14.802 I'm going to find that story right now 00:59:14.822 --> 00:59:16.163 and put it on screen, but keep going. 00:59:16.630 --> 00:59:17.150 Perfect. 00:59:17.271 --> 00:59:17.510 Okay. 00:59:17.992 --> 00:59:18.092 Um, 00:59:18.132 --> 00:59:19.574 so they did that a couple of years 00:59:19.594 --> 00:59:19.773 ago. 00:59:19.833 --> 00:59:20.054 Right. 00:59:20.094 --> 00:59:22.117 And they basically were like proved, 00:59:22.217 --> 00:59:23.898 Oh wow, this is like really creepy. 00:59:23.938 --> 00:59:24.440 Like you can, 00:59:24.559 --> 00:59:26.101 you can just look at someone in public 00:59:26.181 --> 00:59:28.885 and they'll just immediately have a name 00:59:28.925 --> 00:59:30.487 attached to somebody and like all their 00:59:30.527 --> 00:59:31.108 information and 00:59:32.851 --> 00:59:34.512 So, um, yeah, anyway, 00:59:34.592 --> 00:59:35.994 so everyone really thought that was super 00:59:36.034 --> 00:59:36.414 creepy. 00:59:36.554 --> 00:59:38.356 And of course, you know, Meta was like, 00:59:38.556 --> 00:59:39.317 we've got to do that. 00:59:39.436 --> 00:59:41.760 So Meta's currently, uh, 00:59:41.800 --> 00:59:44.702 they added some face facial recognition 00:59:44.742 --> 00:59:44.983 code. 00:59:45.083 --> 00:59:45.583 Oh, there we go. 00:59:45.722 --> 00:59:47.324 So here's the story that I was talking 00:59:47.344 --> 00:59:48.666 about in this one's from four or four 00:59:48.686 --> 00:59:49.867 media, um, 00:59:55.019 --> 00:59:55.199 Yeah, 00:59:55.219 --> 00:59:57.460 so basically they attached PIMIs to it. 00:59:57.780 --> 00:59:59.641 And I think if you scroll down, 00:59:59.661 --> 01:00:01.481 there's like a little bit of stuff like 01:00:01.561 --> 01:00:03.021 this, like images of, you know, 01:00:04.061 --> 01:00:06.822 being able to like identify people and 01:00:07.402 --> 01:00:09.103 find their name and all this other creepy 01:00:09.143 --> 01:00:09.563 stuff. 01:00:09.862 --> 01:00:11.963 It's a pair of students at Harvard. 01:00:12.003 --> 01:00:12.282 Yeah. 01:00:12.782 --> 01:00:13.983 So that was super creepy. 01:00:14.423 --> 01:00:16.143 And I think we all agreed at the 01:00:16.184 --> 01:00:19.625 time that was like incredibly wrong and 01:00:19.664 --> 01:00:20.664 incredibly invasive. 01:00:21.820 --> 01:00:23.286 But, of course, you know, 01:00:23.326 --> 01:00:24.429 meta doesn't really care. 01:00:24.710 --> 01:00:26.635 And basically they have... 01:00:30.054 --> 01:00:30.353 Well, 01:00:30.373 --> 01:00:33.356 Wired has uncovered an unreleased facial 01:00:33.376 --> 01:00:35.458 recognition system embedded in Meta's 01:00:35.657 --> 01:00:37.400 smart glasses platform. 01:00:38.099 --> 01:00:39.802 It's designed to identify people via 01:00:39.882 --> 01:00:44.945 biometric data stored on users' phones. 01:00:45.025 --> 01:00:48.307 I think this is kind of... Oh, 01:00:48.347 --> 01:00:48.889 and of course, 01:00:49.068 --> 01:00:50.989 I'm running into a paywall on this article 01:00:51.030 --> 01:00:51.389 as well. 01:00:52.711 --> 01:00:53.992 Things are going really well this week. 01:00:54.052 --> 01:00:55.072 I'm just going to read off the screen 01:00:55.112 --> 01:00:55.313 here. 01:00:56.333 --> 01:00:56.875 Okay, so... 01:01:00.070 --> 01:01:02.090 code discreetly added to meta's AI app 01:01:02.170 --> 01:01:04.572 over multiple updates this year shows that 01:01:04.612 --> 01:01:06.932 the feature internally called name tag 01:01:07.293 --> 01:01:10.313 identifies people captured by the glasses 01:01:10.353 --> 01:01:12.454 camera and when activated alerts the 01:01:12.474 --> 01:01:15.096 wearer when it recognizes someone so 01:01:15.735 --> 01:01:18.117 firstly like do we really need to rely 01:01:18.277 --> 01:01:18.356 on 01:01:19.730 --> 01:01:22.393 smart glasses to recognize somebody. 01:01:22.954 --> 01:01:25.217 I feel like are we dedicating that much 01:01:25.318 --> 01:01:26.840 to technology at this point where we can't 01:01:26.880 --> 01:01:29.164 even use our own brain to remember 01:01:29.224 --> 01:01:30.224 someone's appearance? 01:01:31.141 --> 01:01:32.362 That's just kind of strange to me. 01:01:33.561 --> 01:01:36.202 The discovery of name tag in the live 01:01:36.362 --> 01:01:39.344 Meta AI app shows that Meta had begun 01:01:39.405 --> 01:01:41.766 shipping face recognition code to users' 01:01:41.806 --> 01:01:44.086 phones while publicly describing it as 01:01:44.126 --> 01:01:46.547 something the company was still thinking 01:01:46.588 --> 01:01:47.228 through. 01:01:47.588 --> 01:01:48.108 In April, 01:01:48.208 --> 01:01:50.550 Meta said if it were to utilize facial 01:01:50.590 --> 01:01:51.190 recognition, 01:01:51.610 --> 01:01:53.351 it wouldn't be rolled out without first 01:01:53.371 --> 01:01:55.311 taking a very thoughtful approach. 01:01:56.822 --> 01:01:57.543 I don't know about that. 01:01:57.684 --> 01:01:58.503 I don't know about that. 01:01:58.764 --> 01:02:01.445 Because I think Meta had quite a long 01:02:01.485 --> 01:02:06.349 time to basically think about implementing 01:02:06.911 --> 01:02:08.911 these smart glasses and put them out in 01:02:08.931 --> 01:02:10.032 a privacy respecting way, 01:02:10.052 --> 01:02:12.014 like have the light activated and make 01:02:12.034 --> 01:02:13.896 sure that it's not easy to deactivate. 01:02:14.195 --> 01:02:15.737 And they still failed at that. 01:02:15.797 --> 01:02:18.099 There's people on the internet who are 01:02:18.119 --> 01:02:20.179 making tutorials on how to disable the 01:02:20.561 --> 01:02:23.762 Meta Ray-Ban light on the side to record 01:02:23.802 --> 01:02:25.483 people without their consent. 01:02:27.422 --> 01:02:28.704 I don't think like, 01:02:28.923 --> 01:02:30.545 and also like we talked about the previous 01:02:30.565 --> 01:02:31.905 story, you know, um, 01:02:31.985 --> 01:02:33.768 I don't think meta thinks about things too 01:02:33.788 --> 01:02:35.168 carefully when they roll something out, 01:02:35.208 --> 01:02:37.690 they'll roll out an AI support bot without 01:02:37.730 --> 01:02:40.952 thinking in a couple of months, you know? 01:02:41.512 --> 01:02:44.034 Um, so, uh, 01:02:45.222 --> 01:02:46.822 Yeah, so though not yet enabled, 01:02:46.882 --> 01:02:49.405 NameTag sits inside a Meta AI companion 01:02:49.485 --> 01:02:51.427 app that's been downloaded over fifty 01:02:51.467 --> 01:02:54.170 million times and is necessary for use of 01:02:54.210 --> 01:02:56.632 key features of its smart glasses, 01:02:56.711 --> 01:02:58.773 including Ray-Ban and Oakley models. 01:02:59.153 --> 01:02:59.813 If activated, 01:02:59.833 --> 01:03:01.976 it will transform faces captured by Meta's 01:03:01.996 --> 01:03:04.597 glasses into unique biometric signatures, 01:03:05.159 --> 01:03:06.659 commonly known as face prints, 01:03:06.840 --> 01:03:08.461 and check each one against face prints 01:03:08.481 --> 01:03:10.943 stored on the user's phone, a database. 01:03:12.469 --> 01:03:14.030 that's currently configured to receive 01:03:14.110 --> 01:03:15.110 updates from Meta. 01:03:15.630 --> 01:03:16.952 Recognized faces will trigger 01:03:16.992 --> 01:03:19.934 notifications while the rest are cropped, 01:03:20.173 --> 01:03:20.695 indexed, 01:03:20.974 --> 01:03:23.215 and saved to a folder marked as pending. 01:03:24.277 --> 01:03:26.518 I feel like this is almost like one 01:03:26.539 --> 01:03:28.239 of those Black Mirror episodes, you know, 01:03:28.260 --> 01:03:30.661 like you're walking down the street and 01:03:30.701 --> 01:03:32.282 like you see somebody and then your 01:03:32.322 --> 01:03:34.264 glasses automatically detect them as like 01:03:34.284 --> 01:03:35.804 a criminal and it just like pops up 01:03:35.844 --> 01:03:36.905 on the screen or something like, 01:03:37.106 --> 01:03:38.487 something ridiculous like that, you know, 01:03:38.507 --> 01:03:40.987 like I could see this technology being 01:03:41.148 --> 01:03:41.409 used 01:03:42.690 --> 01:03:44.072 for something super creepy like that. 01:03:44.114 --> 01:03:46.898 And I think also it's not really a 01:03:46.918 --> 01:03:47.219 very... 01:03:48.416 --> 01:03:51.056 I think these face recognition scans, 01:03:51.097 --> 01:03:53.398 they're not very good. 01:03:53.878 --> 01:03:56.500 They're not very accurate as well because 01:03:56.559 --> 01:03:59.440 the cameras on these glasses is kind of 01:03:59.501 --> 01:04:00.181 bad, right? 01:04:01.922 --> 01:04:03.282 So I guess quoting more from this article, 01:04:03.362 --> 01:04:06.623 it's renewed efforts arrive amid mounting 01:04:06.664 --> 01:04:08.445 opposition to consumer level face 01:04:08.525 --> 01:04:09.125 recognition, 01:04:09.164 --> 01:04:11.126 which privacy advocates argue will give 01:04:11.206 --> 01:04:13.646 anyone from stalkers to immigration agents 01:04:13.726 --> 01:04:15.608 easy access to dangerous technology. 01:04:18.623 --> 01:04:20.746 internal meta documents published by the 01:04:20.766 --> 01:04:22.606 new york times in february showed the 01:04:22.646 --> 01:04:24.108 company had planned to roll out the 01:04:24.148 --> 01:04:26.208 feature during a dynamic political 01:04:26.268 --> 01:04:30.072 environment when meta believed its biggest 01:04:30.152 --> 01:04:32.693 critics would be preoccupied so yeah 01:04:32.733 --> 01:04:37.356 basically what they're saying is that they 01:04:37.376 --> 01:04:38.838 were going to release it when everyone was 01:04:38.878 --> 01:04:40.978 kind of busy getting getting mad about 01:04:41.039 --> 01:04:43.760 something else um and it does seem like 01:04:43.800 --> 01:04:44.922 they do these sort of things 01:04:45.782 --> 01:04:46.521 they do plan this. 01:04:46.561 --> 01:04:48.483 Like I wouldn't be surprised if they do 01:04:48.523 --> 01:04:51.264 plan these releases around when things 01:04:51.503 --> 01:04:55.166 are, you know, kind of a bit turbulent. 01:04:55.186 --> 01:04:56.565 And I think especially now, 01:04:56.806 --> 01:04:58.007 especially with a lot of the stuff that's 01:04:58.027 --> 01:04:59.347 going on in the U S I think 01:04:59.367 --> 01:04:59.847 there's, 01:05:00.027 --> 01:05:01.907 it's a pretty turbulent political 01:05:01.927 --> 01:05:02.947 environment currently. 01:05:03.429 --> 01:05:03.708 Um, 01:05:04.048 --> 01:05:05.608 especially like this talked about earlier 01:05:05.628 --> 01:05:08.050 with the immigration, um, officials, 01:05:08.070 --> 01:05:08.510 like there's, 01:05:08.570 --> 01:05:09.630 there's a lot of that going on in 01:05:09.650 --> 01:05:12.211 the U S with like ICE agents, um, 01:05:13.663 --> 01:05:15.242 you know, like kidnapping people almost. 01:05:15.684 --> 01:05:17.983 Um, so I think it's, yeah, 01:05:18.143 --> 01:05:21.505 it's definitely a very strange time to 01:05:21.545 --> 01:05:22.125 release this. 01:05:22.306 --> 01:05:26.007 And I think it's at a time when 01:05:26.126 --> 01:05:28.847 it can be abused the most, almost, um, 01:05:28.887 --> 01:05:29.788 which kind of sucks. 01:05:30.788 --> 01:05:31.588 Um, but yeah, 01:05:31.867 --> 01:05:33.128 I feel like I've rambled a little bit 01:05:33.208 --> 01:05:33.509 here. 01:05:34.088 --> 01:05:34.809 Um, do you have any, 01:05:35.449 --> 01:05:36.369 do you have any thoughts on this one 01:05:36.409 --> 01:05:37.190 as well, Nate, or? 01:05:38.590 --> 01:05:38.929 Yeah. 01:05:39.311 --> 01:05:40.291 Um, I mean, 01:05:41.865 --> 01:05:42.706 I do, as always, 01:05:42.827 --> 01:05:43.987 I do want to push back a little 01:05:44.007 --> 01:05:45.628 bit on what you said at the beginning, 01:05:45.688 --> 01:05:48.530 where I don't think this technology in and 01:05:48.550 --> 01:05:49.670 of itself is bad, 01:05:49.710 --> 01:05:51.331 because they do actually talk about, 01:05:51.692 --> 01:05:52.472 towards the bottom, 01:05:54.893 --> 01:05:57.536 Meta originally presented this name tag 01:05:57.556 --> 01:05:58.275 thing in... 01:05:59.940 --> 01:06:00.400 what did they say? 01:06:00.501 --> 01:06:03.985 Um, no, 01:06:04.025 --> 01:06:05.827 they were planning to debut it at a 01:06:05.887 --> 01:06:07.409 conference for blind, uh, 01:06:07.429 --> 01:06:09.371 for the blind before making it available 01:06:09.411 --> 01:06:10.251 to the general public. 01:06:10.632 --> 01:06:12.255 However, they never did for the record. 01:06:12.394 --> 01:06:14.376 I do not want to defend meta for 01:06:14.396 --> 01:06:15.918 a second because it's a garbage company 01:06:15.978 --> 01:06:16.880 run by garbage people. 01:06:17.240 --> 01:06:17.701 Um, 01:06:18.541 --> 01:06:19.521 But in that same paragraph, 01:06:19.541 --> 01:06:20.882 Wired pointed out that a twenty eighteen 01:06:20.902 --> 01:06:22.704 study of blind users by Cornell Tech and 01:06:22.744 --> 01:06:24.523 Facebook researchers found that every 01:06:24.563 --> 01:06:26.364 participant called recognizing people an 01:06:26.385 --> 01:06:27.445 important daily task. 01:06:27.724 --> 01:06:29.746 And I've also shared that me personally, 01:06:29.945 --> 01:06:31.567 I think I genuinely think I have some 01:06:31.586 --> 01:06:35.047 like low key face blindness because I have 01:06:35.068 --> 01:06:36.909 to meet the same person like multiple 01:06:36.949 --> 01:06:38.588 times before they start to really stick in 01:06:38.628 --> 01:06:38.989 my head. 01:06:39.429 --> 01:06:40.929 And I'm also a very contextual person. 01:06:41.489 --> 01:06:42.630 Like if I met you once and I've 01:06:42.650 --> 01:06:43.130 talked to you. 01:06:44.010 --> 01:06:44.992 And then I run into you again, 01:06:45.012 --> 01:06:45.771 like a month later, 01:06:46.273 --> 01:06:47.673 I probably won't remember you unless 01:06:47.693 --> 01:06:48.134 you're like, yeah, 01:06:48.153 --> 01:06:49.195 we talked about this thing. 01:06:49.235 --> 01:06:50.054 Remember, like, you know, 01:06:50.076 --> 01:06:52.117 we talked about silos coming up and we're, 01:06:52.177 --> 01:06:53.237 we're both really excited about that. 01:06:53.257 --> 01:06:53.878 And I'm like, oh my God. 01:06:53.918 --> 01:06:54.117 Yes. 01:06:54.177 --> 01:06:54.838 I remember that now. 01:06:55.079 --> 01:06:57.440 Um, so I personally, 01:06:57.621 --> 01:06:58.461 I really see the value, 01:06:58.501 --> 01:07:00.242 especially as someone who wears glasses in 01:07:00.282 --> 01:07:02.103 being able to wear glasses that do like, 01:07:02.164 --> 01:07:03.065 Hey, you know, this person, 01:07:03.105 --> 01:07:04.445 and you can recall that information for 01:07:04.465 --> 01:07:04.626 me. 01:07:05.286 --> 01:07:07.108 But at the same time, 01:07:07.248 --> 01:07:08.088 I think it's very, um, 01:07:09.045 --> 01:07:09.925 I mean, it's meta, right? 01:07:10.065 --> 01:07:11.909 It straight up says that if their face 01:07:11.929 --> 01:07:12.769 is not recognized, 01:07:12.869 --> 01:07:14.351 that it's just going to hold on to 01:07:14.371 --> 01:07:14.791 the image. 01:07:16.393 --> 01:07:16.695 What? 01:07:17.795 --> 01:07:18.175 Why? 01:07:18.737 --> 01:07:20.579 That's like... I didn't consent to that. 01:07:20.719 --> 01:07:20.880 I mean, 01:07:20.900 --> 01:07:21.981 I didn't consent to being in these things 01:07:22.001 --> 01:07:22.561 in the first place. 01:07:22.802 --> 01:07:23.844 But especially, I could... 01:07:24.992 --> 01:07:26.572 Arguably, because again, it's meta. 01:07:26.733 --> 01:07:28.054 I don't trust them as far as I 01:07:28.074 --> 01:07:28.914 can throw any of them. 01:07:29.094 --> 01:07:30.315 And I probably can't throw any of them 01:07:30.356 --> 01:07:31.797 very far because I have not been working 01:07:31.836 --> 01:07:32.237 out lately. 01:07:32.637 --> 01:07:32.998 But like, 01:07:33.998 --> 01:07:35.079 it would be one thing that I could 01:07:35.139 --> 01:07:37.000 quote unquote defend if they were like, 01:07:37.061 --> 01:07:38.420 hey, we're going to do a search. 01:07:38.521 --> 01:07:39.222 If we don't find you, 01:07:39.242 --> 01:07:40.083 we discard the image. 01:07:40.842 --> 01:07:41.844 Okay, fine, whatever. 01:07:41.963 --> 01:07:43.405 At least we can pretend that's kind of 01:07:43.425 --> 01:07:44.125 privacy respecting. 01:07:44.385 --> 01:07:45.005 Well, if we don't find you, 01:07:45.025 --> 01:07:46.746 we'll just hold on to it for reasons. 01:07:47.347 --> 01:07:48.148 You know, it's like... 01:07:50.088 --> 01:07:50.768 Anyways, okay, 01:07:50.909 --> 01:07:51.710 I think I made my point there. 01:07:52.690 --> 01:07:54.092 It's also meta, 01:07:54.192 --> 01:07:55.331 and actually backing that up, 01:07:55.411 --> 01:07:56.793 meta said in a different article in the 01:07:56.833 --> 01:07:58.855 past that the whole idea was that it 01:07:58.875 --> 01:08:00.536 would only identify people that you knew, 01:08:00.596 --> 01:08:01.695 but then that raises the question of, 01:08:01.715 --> 01:08:01.856 like, 01:08:01.896 --> 01:08:03.697 how far is this people that you know 01:08:03.737 --> 01:08:03.938 thing? 01:08:03.958 --> 01:08:05.858 Because it's one thing to, like, 01:08:05.898 --> 01:08:06.960 which I still don't like this for the 01:08:06.980 --> 01:08:07.860 record because I don't think it's 01:08:07.880 --> 01:08:08.521 anybody's business. 01:08:09.762 --> 01:08:11.202 It's one thing if it downloads the faces 01:08:11.242 --> 01:08:11.543 of, like, 01:08:12.302 --> 01:08:14.244 your immediate friends on Facebook, right? 01:08:14.264 --> 01:08:16.065 Like, the people you friended, which... 01:08:17.070 --> 01:08:17.752 I don't know. 01:08:17.771 --> 01:08:18.671 To me, that's distracting. 01:08:18.712 --> 01:08:19.552 Let's say I go to the store. 01:08:19.613 --> 01:08:20.092 Hypothetically, 01:08:20.113 --> 01:08:20.993 let's pretend I have Facebook. 01:08:21.373 --> 01:08:22.954 I go to the store and I pass 01:08:22.994 --> 01:08:24.216 one of my friends and it pings me 01:08:24.256 --> 01:08:25.436 like, oh, hey, that's your friend. 01:08:25.777 --> 01:08:26.398 Okay, first of all, 01:08:26.478 --> 01:08:28.059 either I'm gonna notice and I don't need 01:08:28.078 --> 01:08:30.340 your help or B, I'm busy, 01:08:30.399 --> 01:08:31.980 my mind is elsewhere and I don't really 01:08:32.020 --> 01:08:32.322 care. 01:08:32.502 --> 01:08:33.743 No offense to my friends, but like, 01:08:34.422 --> 01:08:35.003 I hate shopping. 01:08:35.144 --> 01:08:36.283 I just wanna get my crap and get 01:08:36.304 --> 01:08:37.145 out. 01:08:37.185 --> 01:08:37.545 So like, 01:08:37.604 --> 01:08:38.985 if I'm so focused that I just wanna 01:08:39.025 --> 01:08:39.487 get my thing, 01:08:39.606 --> 01:08:40.807 I don't wanna stop and talk to you 01:08:41.087 --> 01:08:42.167 because I'm gonna forget why I'm there. 01:08:42.229 --> 01:08:43.009 I'm gonna take too long. 01:08:43.069 --> 01:08:44.390 It's just, it's a stupid thing. 01:08:44.710 --> 01:08:45.131 But anyways... 01:08:45.990 --> 01:08:47.212 That was their original intention is it 01:08:47.252 --> 01:08:48.271 only flags people you know, 01:08:48.332 --> 01:08:49.271 so it's not just everybody. 01:08:49.551 --> 01:08:51.332 But then what happens when it's people you 01:08:51.372 --> 01:08:51.912 know you know? 01:08:52.033 --> 01:08:53.073 Like, oh, that's your wife's friend. 01:08:53.913 --> 01:08:55.635 Okay, cool. 01:08:55.654 --> 01:08:57.055 There's probably a reason I haven't added 01:08:57.074 --> 01:08:57.716 them on Facebook. 01:08:57.756 --> 01:08:58.876 So like, why are you telling me this? 01:08:58.895 --> 01:09:00.516 And I don't know. 01:09:00.596 --> 01:09:02.596 It's just, this whole system is like, 01:09:02.697 --> 01:09:03.797 I'm not, again, 01:09:03.818 --> 01:09:04.637 where I'm going with that is like, 01:09:04.677 --> 01:09:05.918 I'm not opposed to the tech itself, 01:09:05.958 --> 01:09:06.819 but I do want to make it very 01:09:06.859 --> 01:09:08.220 clear that like, I don't trust Meta. 01:09:08.800 --> 01:09:09.739 I think of all the companies, 01:09:09.760 --> 01:09:10.780 they're like the company I would trust the 01:09:10.841 --> 01:09:12.020 least to roll this out in anything 01:09:12.081 --> 01:09:13.582 remotely resembling an ethical form. 01:09:14.813 --> 01:09:15.533 And it's just a shame. 01:09:15.712 --> 01:09:16.814 It's a shame that we can't have, 01:09:17.274 --> 01:09:18.493 it's a shame we can't have nice things 01:09:18.554 --> 01:09:19.835 because, you know, 01:09:19.935 --> 01:09:21.336 we mentioned this with age verification 01:09:21.355 --> 01:09:21.695 the other week. 01:09:21.716 --> 01:09:21.956 It's like, 01:09:22.275 --> 01:09:24.037 there are so many ways to do things 01:09:24.737 --> 01:09:26.417 in a way that is privacy respecting, 01:09:26.957 --> 01:09:29.118 that is at least not overtly terrible, 01:09:29.158 --> 01:09:30.399 but companies never do that because 01:09:30.418 --> 01:09:31.179 where's the money in that? 01:09:31.559 --> 01:09:33.380 So it's just, it's awful. 01:09:33.600 --> 01:09:33.960 I hate it. 01:09:36.480 --> 01:09:37.462 But other than that, yeah, I mean, 01:09:37.742 --> 01:09:38.761 I don't really have a whole lot of 01:09:39.162 --> 01:09:39.722 other thoughts. 01:09:39.802 --> 01:09:40.162 It's just, 01:09:41.613 --> 01:09:42.673 I guess this does kind of counter what 01:09:42.713 --> 01:09:43.574 I said at the end of the last 01:09:43.595 --> 01:09:44.175 story where it's like, 01:09:44.194 --> 01:09:45.994 sometimes we push back and, you know, 01:09:46.015 --> 01:09:47.416 we can get companies to like stop this 01:09:47.435 --> 01:09:47.636 stuff, 01:09:47.655 --> 01:09:49.055 but we pushed back against this so many 01:09:49.095 --> 01:09:51.497 times and meta is just so adamant about 01:09:51.537 --> 01:09:52.377 making this a thing. 01:09:52.617 --> 01:09:55.957 And that is really, really unfortunate. 01:09:56.438 --> 01:09:56.837 Yeah. 01:09:58.158 --> 01:09:59.099 Yeah. 01:09:59.238 --> 01:10:00.259 I hate these things. 01:10:00.698 --> 01:10:01.798 Please, please friends. 01:10:01.838 --> 01:10:03.239 Don't let friends buy meta glasses. 01:10:03.359 --> 01:10:04.560 Don't ever let your friends buy this 01:10:04.579 --> 01:10:04.739 stuff. 01:10:06.542 --> 01:10:06.761 Yeah, 01:10:06.782 --> 01:10:08.483 and I think also it's kind of interesting 01:10:08.542 --> 01:10:09.563 that thing you brought up about 01:10:09.643 --> 01:10:10.363 accessibility. 01:10:11.163 --> 01:10:12.604 I didn't really think about that too much, 01:10:12.685 --> 01:10:13.085 actually. 01:10:14.284 --> 01:10:15.386 But I almost think, like, 01:10:16.945 --> 01:10:18.407 it is kind of like an excuse a 01:10:18.426 --> 01:10:20.108 lot of these companies use to, like, 01:10:20.807 --> 01:10:23.029 make something pretty invasive and then, 01:10:23.048 --> 01:10:24.469 like, kind of normalize it a little bit. 01:10:24.488 --> 01:10:26.250 I mean, I don't know. 01:10:26.689 --> 01:10:28.530 I'm not an accessibility expert. 01:10:28.610 --> 01:10:30.912 I don't really know what technology, like, 01:10:30.952 --> 01:10:32.613 people that are low vision people are 01:10:32.693 --> 01:10:35.333 using to identify people in public. 01:10:35.793 --> 01:10:38.998 Um, but, you know, 01:10:39.019 --> 01:10:41.262 I think we have to weigh the benefits. 01:10:41.302 --> 01:10:43.386 Maybe there could be some other way of 01:10:43.426 --> 01:10:45.229 doing it in a way that doesn't require 01:10:45.269 --> 01:10:47.332 you to take biometric scans of people's 01:10:47.372 --> 01:10:47.792 faces. 01:10:47.854 --> 01:10:49.555 Maybe there's like a way to 01:10:51.340 --> 01:10:51.739 I don't know, 01:10:51.880 --> 01:10:55.061 like maybe it detects nearby devices and 01:10:55.082 --> 01:10:58.623 then it pings you if someone is detected 01:10:58.663 --> 01:11:00.123 nearby or something like that. 01:11:00.203 --> 01:11:00.564 I don't know, 01:11:00.805 --> 01:11:02.085 but that is a way to do it 01:11:02.125 --> 01:11:05.587 without having to get face scans of 01:11:05.606 --> 01:11:05.966 people, 01:11:06.447 --> 01:11:07.927 of every single person you interact with, 01:11:07.948 --> 01:11:10.909 because like that is kind of terrible from 01:11:10.930 --> 01:11:11.829 a privacy perspective. 01:11:11.850 --> 01:11:13.270 You're basically creating a massive 01:11:13.310 --> 01:11:15.152 database of people. 01:11:15.832 --> 01:11:19.872 um people's faces biometric scans so yeah 01:11:20.153 --> 01:11:22.073 overall just kind of frustrating situation 01:11:22.394 --> 01:11:24.494 um let's see uh there was some comments 01:11:24.515 --> 01:11:26.074 here from peace boy john um uh someone 01:11:26.095 --> 01:11:34.698 he's uh they said uh if meta was 01:11:34.797 --> 01:11:36.198 president i would make sure creepish 01:11:36.238 --> 01:11:37.878 companies like them are banned and i would 01:11:37.899 --> 01:11:40.819 make them illegal too yeah if he was 01:11:40.880 --> 01:11:41.239 president 01:11:42.073 --> 01:11:43.755 yeah i think i think that would be 01:11:44.536 --> 01:11:46.898 that would be ideal but yeah unfortunately 01:11:46.917 --> 01:11:50.421 that's not really how how the government 01:11:50.461 --> 01:11:53.724 works the us government at least um so 01:11:53.804 --> 01:11:55.045 i don't know we kind of just got 01:11:55.064 --> 01:11:57.787 to deal with it and i don't know 01:11:57.827 --> 01:11:59.408 try and try and stop this stuff from 01:11:59.467 --> 01:12:02.110 happening as much as we can um advocate 01:12:02.131 --> 01:12:04.653 for this and hopefully we can get some 01:12:04.672 --> 01:12:07.154 changes to make sure that this technology 01:12:07.295 --> 01:12:10.738 is not normalized i think also just kind 01:12:10.778 --> 01:12:10.837 of 01:12:12.327 --> 01:12:14.268 shaming people that wear them in public. 01:12:14.408 --> 01:12:15.349 Like, you know, 01:12:15.389 --> 01:12:16.529 if someone walks up to me and they're 01:12:16.550 --> 01:12:17.411 wearing meta glasses, 01:12:17.511 --> 01:12:18.171 I'm just going to say, 01:12:18.230 --> 01:12:19.452 are you wearing meta glasses? 01:12:20.051 --> 01:12:21.012 And if they say yes, 01:12:21.412 --> 01:12:22.274 I'll just walk away. 01:12:22.373 --> 01:12:23.414 You know, I don't think that's, 01:12:25.496 --> 01:12:26.716 I don't think that's really 01:12:28.319 --> 01:12:28.899 I don't know, 01:12:28.918 --> 01:12:31.782 I don't see a usefulness aspect of these 01:12:31.801 --> 01:12:32.282 devices. 01:12:32.362 --> 01:12:33.103 I think, you know, 01:12:33.143 --> 01:12:34.384 we have phones for that reason. 01:12:34.884 --> 01:12:36.885 I think it's basically just normalizing a 01:12:37.586 --> 01:12:39.266 concealed recording device, 01:12:39.327 --> 01:12:41.349 which is very creepy. 01:12:41.448 --> 01:12:41.649 I mean, 01:12:42.128 --> 01:12:43.489 I'm sure some people probably wouldn't 01:12:43.529 --> 01:12:43.871 care, 01:12:44.011 --> 01:12:45.551 but there's people that don't like to be 01:12:45.612 --> 01:12:48.533 recorded and there's certain people that 01:12:48.673 --> 01:12:50.555 are more affected by this. 01:12:51.555 --> 01:12:53.238 So we should keep that in mind as 01:12:53.297 --> 01:12:53.478 well. 01:12:55.154 --> 01:12:56.875 I just want to support what you said 01:12:56.914 --> 01:12:57.795 is, yeah, for the record, 01:12:57.875 --> 01:12:59.355 do not assault people. 01:12:59.416 --> 01:13:00.775 Do not break their glasses. 01:13:00.895 --> 01:13:02.216 I don't know how many people are serious 01:13:02.237 --> 01:13:03.716 and how many people are just talking big 01:13:03.756 --> 01:13:04.256 on the internet, 01:13:04.556 --> 01:13:05.837 but I've seen so many people say that. 01:13:05.858 --> 01:13:06.198 It's like, oh, 01:13:06.217 --> 01:13:07.118 if I see somebody with those, 01:13:07.137 --> 01:13:09.019 I'm going to punch them or I'm going 01:13:09.038 --> 01:13:10.139 to break their glasses. 01:13:10.158 --> 01:13:10.779 And it's like, cool. 01:13:11.140 --> 01:13:12.340 And you're going to get in legal trouble 01:13:12.659 --> 01:13:13.520 and you're just going to look like an 01:13:13.560 --> 01:13:14.201 even bigger dick. 01:13:14.801 --> 01:13:17.443 That said, I think for the average person, 01:13:17.603 --> 01:13:19.845 these are universally unpopular, 01:13:20.385 --> 01:13:21.685 especially once people know what they are 01:13:21.706 --> 01:13:22.327 and how they're working. 01:13:22.707 --> 01:13:23.988 So I think, yeah, calling somebody out, 01:13:24.007 --> 01:13:25.189 like if you're in a social setting and 01:13:25.208 --> 01:13:26.430 it's like, hey, I'm sorry, like, 01:13:26.449 --> 01:13:27.650 are you wearing meta glasses? 01:13:28.110 --> 01:13:28.811 And they're like, oh, yeah, 01:13:28.832 --> 01:13:29.292 do you like them? 01:13:29.452 --> 01:13:30.332 No, actually, I hate them. 01:13:30.453 --> 01:13:31.434 I think they're really creepy. 01:13:31.854 --> 01:13:32.875 I think they're really invasive. 01:13:33.034 --> 01:13:34.155 I don't want you to record me. 01:13:34.576 --> 01:13:36.137 And there's like a social phenomenon where 01:13:36.158 --> 01:13:37.578 like everybody is afraid to make the first 01:13:37.618 --> 01:13:37.838 move, 01:13:37.958 --> 01:13:39.761 except for a few psychopaths like myself. 01:13:40.060 --> 01:13:40.320 Yeah. 01:13:40.501 --> 01:13:41.962 which also for the record depends on how 01:13:42.002 --> 01:13:42.282 I feel. 01:13:42.341 --> 01:13:43.603 Sometimes I'm also afraid to make the 01:13:43.622 --> 01:13:44.002 first move, 01:13:44.264 --> 01:13:45.765 but I guarantee you if you speak up 01:13:46.045 --> 01:13:46.385 and like, 01:13:47.024 --> 01:13:48.546 probably not that that's probably being a 01:13:48.565 --> 01:13:49.426 little bit too harsh even, 01:13:49.766 --> 01:13:50.728 but if you speak up and it's like, 01:13:50.787 --> 01:13:51.908 I'm actually really uncomfortable with 01:13:51.929 --> 01:13:52.088 those. 01:13:52.109 --> 01:13:54.069 And I don't like how they're always 01:13:54.130 --> 01:13:55.350 recording and sending my data to meta. 01:13:55.730 --> 01:13:56.752 Even if they try to argue you and 01:13:56.771 --> 01:13:57.311 they're like, well, 01:13:57.332 --> 01:13:58.432 it's not always recording. 01:13:58.453 --> 01:13:59.394 There's going to be somebody else. 01:13:59.594 --> 01:14:00.654 Almost certainly there's going to be 01:14:00.675 --> 01:14:01.875 another person who's got your back. 01:14:01.914 --> 01:14:03.737 Who's like, actually I'm kind of with him. 01:14:04.457 --> 01:14:05.497 I don't really like that. 01:14:05.637 --> 01:14:06.518 I don't trust Facebook. 01:14:06.537 --> 01:14:07.859 Could you like take those off please? 01:14:07.979 --> 01:14:09.260 Or like not wear them next time or 01:14:09.300 --> 01:14:09.600 whatever. 01:14:09.640 --> 01:14:09.801 Like, 01:14:10.701 --> 01:14:11.761 it just takes one person. 01:14:12.061 --> 01:14:15.002 And like, once they realize that, I mean, 01:14:15.462 --> 01:14:16.063 I curse all the time. 01:14:16.502 --> 01:14:17.323 Once they realize that they're the 01:14:17.403 --> 01:14:17.662 asshole, 01:14:17.682 --> 01:14:18.564 they're either not going to bring them 01:14:18.583 --> 01:14:18.923 next time, 01:14:18.963 --> 01:14:19.823 or they're just not going to come back 01:14:19.844 --> 01:14:20.663 to whatever that event is, 01:14:20.703 --> 01:14:22.444 which in my opinion is the trash taking 01:14:22.465 --> 01:14:22.925 itself out. 01:14:22.984 --> 01:14:25.305 So I don't care, but yeah, 01:14:25.445 --> 01:14:26.725 I just wanted to point that out. 01:14:26.746 --> 01:14:28.806 Like definitely don't resort to assault 01:14:28.966 --> 01:14:30.408 because it's not going to help you any, 01:14:30.488 --> 01:14:31.287 and it's just going to get you in 01:14:31.307 --> 01:14:31.568 trouble. 01:14:31.648 --> 01:14:32.788 But I agree with you, 01:14:32.828 --> 01:14:34.069 like shaming people who do this, 01:14:34.128 --> 01:14:35.869 I think is really the way to go 01:14:36.090 --> 01:14:36.489 personally. 01:14:36.970 --> 01:14:37.069 So. 01:14:38.670 --> 01:14:39.130 Yeah, 01:14:39.329 --> 01:14:41.771 it's better to explain to someone the 01:14:41.811 --> 01:14:44.073 reason why it's bad than like try to 01:14:44.132 --> 01:14:47.354 start a physical altercation. 01:14:48.073 --> 01:14:52.036 I think also the if people aren't really 01:14:52.176 --> 01:14:53.856 open to, you know, 01:14:54.537 --> 01:14:56.158 if you try to explain something to someone 01:14:56.177 --> 01:14:57.559 and they don't see the issue. 01:14:58.561 --> 01:15:01.845 then I think maybe it's time to start 01:15:01.864 --> 01:15:02.865 thinking about whether you want to be 01:15:02.905 --> 01:15:04.646 friends with that person or interact with 01:15:04.667 --> 01:15:04.827 them. 01:15:06.347 --> 01:15:07.829 Because I think they're not going to get 01:15:07.869 --> 01:15:09.570 the message unless they start actually 01:15:09.610 --> 01:15:11.252 getting pushback for their actions. 01:15:12.993 --> 01:15:15.154 And I've never seen anyone in public 01:15:15.195 --> 01:15:15.595 wearing them. 01:15:17.118 --> 01:15:18.259 So, but maybe that's, 01:15:18.840 --> 01:15:21.921 maybe this is much more a tech hub 01:15:22.161 --> 01:15:23.761 situation where like everyone in like 01:15:23.820 --> 01:15:25.702 Silicon Valley is like walking around with 01:15:26.221 --> 01:15:28.802 like meta, meta Ray-Bans and like, 01:15:29.103 --> 01:15:31.623 that's just a locational aspect thing. 01:15:33.625 --> 01:15:34.185 But I mean, 01:15:34.545 --> 01:15:35.805 since Google's coming out with these 01:15:35.845 --> 01:15:36.586 products as well, 01:15:36.645 --> 01:15:39.806 I think they must be selling reasonably 01:15:39.867 --> 01:15:40.707 well if there's, 01:15:40.846 --> 01:15:42.266 if more people are jumping on the boat. 01:15:42.307 --> 01:15:44.967 So it's only, it's only more of a, 01:15:45.668 --> 01:15:46.448 it's only more of a, 01:15:48.378 --> 01:15:50.761 it's only becoming a better time to 01:15:51.320 --> 01:15:52.722 publicly shame people that buy these 01:15:52.762 --> 01:15:53.283 products. 01:15:54.783 --> 01:15:55.203 Because, you know, 01:15:55.265 --> 01:15:57.726 I think eventually if the public opinion 01:15:57.766 --> 01:15:59.228 does sway, I think, you know, 01:15:59.268 --> 01:16:01.229 just someone wearing those in public is 01:16:01.269 --> 01:16:05.131 enough to stop a lot of people buying 01:16:05.152 --> 01:16:06.092 these products, I think. 01:16:07.634 --> 01:16:07.814 Yeah, 01:16:08.475 --> 01:16:09.855 we did cover this on a previous story. 01:16:09.876 --> 01:16:11.396 They sold like millions of these things 01:16:11.436 --> 01:16:11.898 last year, 01:16:11.917 --> 01:16:13.378 which is incredibly unfortunate. 01:16:13.399 --> 01:16:14.079 But yeah, like you said, 01:16:14.180 --> 01:16:15.600 enough that other companies are now like, 01:16:15.640 --> 01:16:15.761 oh, 01:16:15.780 --> 01:16:17.082 maybe we should get in on this and 01:16:18.752 --> 01:16:18.992 Yeah. 01:16:19.511 --> 01:16:20.672 It's, it's really unfortunate. 01:16:20.693 --> 01:16:23.594 All right. 01:16:24.234 --> 01:16:24.474 Um, 01:16:24.573 --> 01:16:25.814 I think that's all we have for that 01:16:25.854 --> 01:16:26.213 story. 01:16:27.055 --> 01:16:31.216 So we'll go ahead and talk about Dashlane. 01:16:31.956 --> 01:16:32.996 I'm a little excited for this story. 01:16:33.015 --> 01:16:33.577 I'm not going to lie. 01:16:33.596 --> 01:16:37.738 Um, so, uh, this started, 01:16:37.837 --> 01:16:40.038 I want to say earlier this week and 01:16:40.179 --> 01:16:42.479 basically Dashlane users, uh, 01:16:42.559 --> 01:16:43.859 Dashlane is a password manager for those 01:16:43.880 --> 01:16:44.279 who don't know. 01:16:44.500 --> 01:16:44.539 Um, 01:16:44.600 --> 01:16:45.680 I believe it's one of the most popular 01:16:45.779 --> 01:16:45.921 ones. 01:16:46.621 --> 01:16:47.220 And, um, 01:16:48.074 --> 01:16:50.476 it is not open source and it is 01:16:50.516 --> 01:16:54.059 cloud-based and they, uh, 01:16:54.458 --> 01:16:55.880 a lot of users were reporting that they 01:16:55.899 --> 01:16:57.261 were getting emails about their accounts 01:16:57.280 --> 01:16:57.780 being locked. 01:16:58.561 --> 01:16:59.521 And, um, 01:16:59.542 --> 01:17:00.943 Dashlane to their defense was very quick 01:17:00.962 --> 01:17:01.443 to respond. 01:17:01.463 --> 01:17:02.363 And they were kind of like, yeah, 01:17:02.384 --> 01:17:04.746 there's like this, um, what did they say? 01:17:04.845 --> 01:17:05.246 There was like, 01:17:06.726 --> 01:17:08.528 basically when they initially responded, 01:17:08.587 --> 01:17:09.389 it was kind of unclear. 01:17:09.429 --> 01:17:09.929 It's like, Oh, 01:17:10.009 --> 01:17:11.289 is this a glitch or is this some 01:17:11.329 --> 01:17:12.210 kind of cyber attack? 01:17:12.529 --> 01:17:13.430 But they were basically like, 01:17:13.470 --> 01:17:14.231 we're on top of it. 01:17:14.271 --> 01:17:14.891 Don't worry. 01:17:15.532 --> 01:17:16.012 And, um, 01:17:17.158 --> 01:17:18.600 They did finally release a statement that 01:17:18.640 --> 01:17:19.979 basically, I believe, 01:17:20.020 --> 01:17:22.541 still left a lot to be desired. 01:17:22.640 --> 01:17:23.761 I didn't see the statement myself, 01:17:23.782 --> 01:17:24.902 but I saw a lot of headlines that 01:17:24.921 --> 01:17:27.222 said, like, eh, the statement isn't great. 01:17:27.724 --> 01:17:31.625 But basically, Dashlane is now saying, 01:17:31.685 --> 01:17:32.185 like, okay, 01:17:32.246 --> 01:17:34.367 so what happened was there was a cyber 01:17:34.386 --> 01:17:34.707 attack. 01:17:35.067 --> 01:17:36.688 And for any audio listeners, 01:17:36.707 --> 01:17:37.868 the headline of this article from Ars 01:17:37.887 --> 01:17:39.628 Technica says Dashlane explains how 01:17:39.668 --> 01:17:41.109 attackers managed to download encrypted 01:17:41.149 --> 01:17:41.750 password vaults. 01:17:42.645 --> 01:17:44.987 So veteran listeners are already thinking 01:17:45.006 --> 01:17:45.587 of LastPass. 01:17:45.606 --> 01:17:48.949 I believe that was in twenty twenty two. 01:17:48.970 --> 01:17:51.211 So basically what happened is there were 01:17:51.230 --> 01:17:52.891 attackers who mounted, they said, 01:17:52.912 --> 01:17:54.873 a coordinated hacking campaign against a 01:17:54.913 --> 01:17:55.795 large base of users. 01:17:56.854 --> 01:17:57.115 So. 01:17:58.997 --> 01:17:59.938 Trying to think of how to describe this 01:17:59.957 --> 01:18:00.398 succinctly. 01:18:02.364 --> 01:18:03.365 Um, so for those who don't know, 01:18:03.386 --> 01:18:04.707 there's a thing called credential stuffing 01:18:04.947 --> 01:18:06.188 and with credential stuffing, 01:18:06.268 --> 01:18:08.048 basically because a lot of people reuse 01:18:08.368 --> 01:18:09.750 the same garbage passwords everywhere. 01:18:10.210 --> 01:18:12.391 If an attacker gets your username and 01:18:12.412 --> 01:18:13.733 password or your email address and your 01:18:13.752 --> 01:18:14.172 password, 01:18:14.693 --> 01:18:16.515 they'll just try it on like every website 01:18:16.534 --> 01:18:17.154 they can find, right? 01:18:17.175 --> 01:18:17.916 They'll try it on Netflix. 01:18:17.935 --> 01:18:18.655 They'll try it on Amazon. 01:18:18.676 --> 01:18:19.516 They'll try to Gmail, 01:18:19.676 --> 01:18:21.257 assuming it's a Gmail pass or email 01:18:21.278 --> 01:18:21.557 address. 01:18:22.018 --> 01:18:23.559 They'll just try it everywhere and see 01:18:23.599 --> 01:18:24.479 what it works because again, 01:18:24.520 --> 01:18:25.621 most people reuse passwords. 01:18:25.640 --> 01:18:27.021 So it will probably work in more places 01:18:27.042 --> 01:18:27.381 than it won't. 01:18:32.509 --> 01:18:33.770 Apparently, this is now... 01:18:34.131 --> 01:18:36.574 I think somebody on Mastodon called it MFA 01:18:36.595 --> 01:18:37.957 stuffing or two FA stuffing. 01:18:39.198 --> 01:18:40.180 And basically, so... 01:18:41.444 --> 01:18:43.587 Let me see if I can read just 01:18:43.606 --> 01:18:44.007 parts of this. 01:18:44.427 --> 01:18:46.149 So when a user installs the Dashlane app 01:18:46.189 --> 01:18:47.591 on a new device and attempts to enroll 01:18:47.612 --> 01:18:48.632 it into their existing account, 01:18:48.912 --> 01:18:50.274 Dashlane first verifies the account 01:18:50.295 --> 01:18:50.935 holder's identity. 01:18:51.716 --> 01:18:53.097 This verification is completed by sending 01:18:53.137 --> 01:18:54.859 a one-time six-digit token to the user's 01:18:54.939 --> 01:18:56.761 registered email address or for users who 01:18:56.782 --> 01:18:58.283 have enabled two-factor by validating the 01:18:58.304 --> 01:19:00.024 six-digit code authenticated by their app. 01:19:00.765 --> 01:19:01.787 For the registration to succeed, 01:19:01.806 --> 01:19:03.288 the user must enter this code into the 01:19:03.309 --> 01:19:03.849 application. 01:19:03.948 --> 01:19:04.390 At this point, 01:19:04.409 --> 01:19:05.831 Dashlane will improve the enrollment and 01:19:05.871 --> 01:19:07.573 send a copy of the encrypted vault to 01:19:07.592 --> 01:19:08.033 the device. 01:19:08.393 --> 01:19:09.054 So basically, 01:19:09.774 --> 01:19:10.956 let's say you download Dashlane on a new 01:19:10.975 --> 01:19:11.275 phone. 01:19:11.655 --> 01:19:12.797 You go to sign in, and it says, 01:19:12.837 --> 01:19:13.837 hey, we emailed you a code. 01:19:14.338 --> 01:19:15.500 If you enter the code, 01:19:16.301 --> 01:19:18.943 now it sends a local copy of the 01:19:18.962 --> 01:19:20.123 vault, but it's still encrypted. 01:19:21.586 --> 01:19:22.145 It then says... 01:19:23.891 --> 01:19:24.313 Let's see. 01:19:24.472 --> 01:19:26.354 Contents remain unreadable until the user 01:19:26.416 --> 01:19:27.417 enters the master password, 01:19:27.436 --> 01:19:28.738 which acts as a decryption key. 01:19:29.559 --> 01:19:31.601 And then let's see. 01:19:32.103 --> 01:19:33.484 So basically at that point, 01:19:33.925 --> 01:19:35.327 what the attackers were doing is they were 01:19:35.386 --> 01:19:36.307 brute forcing the 01:19:38.188 --> 01:19:39.708 Again, how do I... Okay, 01:19:40.309 --> 01:19:41.350 I'll just keep reading because they really 01:19:41.390 --> 01:19:42.291 do describe it pretty well. 01:19:42.671 --> 01:19:44.112 So brute forcing the one-time code for a 01:19:44.192 --> 01:19:44.872 single account, 01:19:44.952 --> 01:19:46.073 which means iterating through every 01:19:46.132 --> 01:19:47.314 possible combination until the right one 01:19:47.354 --> 01:19:47.673 is entered, 01:19:48.014 --> 01:19:48.975 would be little more than a fool's 01:19:49.015 --> 01:19:49.234 errands, 01:19:49.314 --> 01:19:50.475 even with a three-hour window that the 01:19:50.496 --> 01:19:51.155 code remains valid. 01:19:51.457 --> 01:19:52.997 With one million possible valid codes, 01:19:53.037 --> 01:19:54.198 the attackers would have to cycle through 01:19:54.219 --> 01:19:55.639 a statistically significant percentage 01:19:55.658 --> 01:19:56.340 within that period. 01:19:56.720 --> 01:19:57.260 Rate limiting, 01:19:57.381 --> 01:19:59.061 in which a set of requests are allowed 01:19:59.101 --> 01:19:59.721 per account, 01:19:59.782 --> 01:20:01.323 would also lock out the account. 01:20:01.342 --> 01:20:01.703 So, I mean, 01:20:01.722 --> 01:20:02.564 you guys have seen rate limiting. 01:20:02.904 --> 01:20:04.024 You put in the password wrong too many 01:20:04.045 --> 01:20:04.225 times, 01:20:04.244 --> 01:20:05.845 it says try again in five minutes or 01:20:05.966 --> 01:20:06.686 an hour or whatever. 01:20:07.386 --> 01:20:08.268 So to improve their odds, 01:20:08.307 --> 01:20:09.728 the attacker sent requests to register new 01:20:09.747 --> 01:20:11.628 devices across a large number of accounts, 01:20:11.890 --> 01:20:13.449 and then they simultaneously entered the 01:20:13.510 --> 01:20:14.810 one-time codes into each of them. 01:20:15.211 --> 01:20:15.692 In theory, 01:20:15.792 --> 01:20:17.472 attacking two accounts this way increases 01:20:17.493 --> 01:20:20.094 the odds for each try from one in 01:20:20.654 --> 01:20:22.015 two, one in five hundred thousand. 01:20:22.475 --> 01:20:23.815 Attacking a thousand counts would make it 01:20:23.916 --> 01:20:25.037 one in one thousand and so on. 01:20:25.077 --> 01:20:25.676 So basically, 01:20:26.096 --> 01:20:28.078 they tried to log into a ton of 01:20:28.097 --> 01:20:30.680 accounts all at once and started spamming 01:20:30.739 --> 01:20:32.761 two FA codes because if you do it 01:20:32.841 --> 01:20:34.341 at scale, statistically, 01:20:34.421 --> 01:20:35.882 you're certainly going to get something 01:20:35.943 --> 01:20:36.122 right. 01:20:37.000 --> 01:20:40.242 So they said that ultimately the two-FA 01:20:40.301 --> 01:20:41.402 spraying attack managed to hit the right 01:20:41.421 --> 01:20:43.023 combination on fewer than twenty user 01:20:43.042 --> 01:20:47.585 accounts before it was shut down. 01:20:47.604 --> 01:20:48.466 Now, there is... 01:20:49.966 --> 01:20:51.367 A lot of differences here with the 01:20:51.407 --> 01:20:52.068 LastPass thing. 01:20:53.689 --> 01:20:54.109 For example, 01:20:54.149 --> 01:20:55.610 this was not somebody's Plex server that 01:20:55.631 --> 01:20:56.112 caused this. 01:20:57.332 --> 01:20:59.795 They also said Dashlane was using Argon, 01:20:59.835 --> 01:21:01.877 too, which is very, very modern. 01:21:01.917 --> 01:21:03.137 I think it's one of the most modern 01:21:03.158 --> 01:21:04.658 and current standards for hashing 01:21:05.020 --> 01:21:05.500 passwords. 01:21:06.740 --> 01:21:08.222 They also said that... 01:21:09.810 --> 01:21:10.529 Let's see here. 01:21:11.350 --> 01:21:12.570 I don't think they mentioned iterations. 01:21:12.810 --> 01:21:13.810 That was the thing with LastPass. 01:21:13.831 --> 01:21:15.011 So with LastPass, basically, 01:21:15.452 --> 01:21:17.592 there were sections of the password 01:21:17.632 --> 01:21:19.273 manager vault that were not encrypted, 01:21:19.393 --> 01:21:20.993 like the login link. 01:21:21.594 --> 01:21:24.255 So that would mean that attackers know, 01:21:24.274 --> 01:21:24.734 for example, 01:21:24.774 --> 01:21:26.775 if you have an account with Amazon and 01:21:26.796 --> 01:21:28.036 they can create an Amazon phishing link. 01:21:29.497 --> 01:21:30.596 Dashlane said they don't have that. 01:21:30.636 --> 01:21:31.757 They said everything is encrypted. 01:21:32.238 --> 01:21:33.018 They're not open source, 01:21:33.057 --> 01:21:33.797 but theoretically, 01:21:33.957 --> 01:21:34.719 if they're telling the truth. 01:21:35.738 --> 01:21:38.159 Another thing with LastPass is they were 01:21:38.199 --> 01:21:38.460 not 01:21:40.454 --> 01:21:41.695 The whole iteration thing goes a little 01:21:41.716 --> 01:21:42.876 bit above my head, but basically, 01:21:43.176 --> 01:21:43.936 long story short, 01:21:45.056 --> 01:21:47.698 the more iterations a master password has 01:21:47.717 --> 01:21:48.498 when it's being hashed, 01:21:48.599 --> 01:21:49.759 the harder it is to crack. 01:21:50.640 --> 01:21:53.041 LastPass was not increasing the 01:21:53.081 --> 01:21:53.740 iterations, 01:21:53.980 --> 01:21:55.322 at least not without user input. 01:21:57.143 --> 01:21:58.722 Dashlane says they have been doing that. 01:21:59.083 --> 01:21:59.743 So theoretically, 01:21:59.764 --> 01:22:01.164 as long as a user was using a 01:22:01.204 --> 01:22:03.064 good, strong master password, 01:22:04.145 --> 01:22:05.326 they still don't really have much. 01:22:05.466 --> 01:22:06.167 The attackers don't. 01:22:07.435 --> 01:22:08.796 That's a big caveat though, because again, 01:22:08.836 --> 01:22:10.195 I just mentioned a lot of people reuse 01:22:10.216 --> 01:22:12.436 garbage passwords and master passwords are 01:22:12.476 --> 01:22:13.637 unfortunately no exception to that. 01:22:14.097 --> 01:22:16.599 So I guess the only thing here that 01:22:16.658 --> 01:22:17.960 I think is interesting is this seems to 01:22:17.979 --> 01:22:19.761 have been, from what I can tell, 01:22:20.320 --> 01:22:21.041 kind of random. 01:22:21.221 --> 01:22:22.921 Because if they're doing this at scale, 01:22:23.462 --> 01:22:24.983 they don't really have any control over 01:22:25.302 --> 01:22:26.644 which ones are going to succeed and which 01:22:26.703 --> 01:22:27.184 ones aren't. 01:22:27.864 --> 01:22:28.725 So they just grabbed like, 01:22:28.765 --> 01:22:30.466 twenty random user vaults, 01:22:31.046 --> 01:22:31.966 which is really confusing. 01:22:33.456 --> 01:22:33.815 I don't know. 01:22:34.917 --> 01:22:36.279 I guess I will be interested to see 01:22:36.319 --> 01:22:37.279 how this plays out. 01:22:38.121 --> 01:22:41.043 I will be interested to see is Dashlane 01:22:41.064 --> 01:22:41.744 telling the truth? 01:22:42.204 --> 01:22:43.206 Are we going to get another story in 01:22:43.225 --> 01:22:44.027 a week that's like, oh, 01:22:44.067 --> 01:22:45.748 it turns out fields aren't encrypted or 01:22:45.788 --> 01:22:46.128 whatever. 01:22:47.109 --> 01:22:48.030 Are we going to find out that this 01:22:48.070 --> 01:22:49.872 was actually some coordinated thing 01:22:49.953 --> 01:22:50.213 that... 01:22:51.033 --> 01:22:52.475 uh they did know exactly what accounts 01:22:52.494 --> 01:22:54.114 they were going for and somehow managed to 01:22:54.154 --> 01:22:55.716 pull that off i don't know how they 01:22:55.735 --> 01:22:56.737 would have done that that would be really 01:22:56.756 --> 01:22:58.978 impressive but again it's just this this 01:22:59.018 --> 01:23:00.518 whole thing i have a lot of questions 01:23:00.557 --> 01:23:02.899 that i don't necessarily expect dash lane 01:23:02.918 --> 01:23:04.739 to have answers to like again why those 01:23:04.760 --> 01:23:06.280 accounts and stuff like that but it's it's 01:23:06.301 --> 01:23:08.662 a really interesting story it does if we 01:23:08.681 --> 01:23:09.942 take it at face value it does seem 01:23:09.981 --> 01:23:11.363 like everything was handled a lot better 01:23:11.382 --> 01:23:12.823 than the last pass thing which is good 01:23:13.604 --> 01:23:13.804 but 01:23:14.832 --> 01:23:16.054 Again, still lots of questions. 01:23:16.234 --> 01:23:19.355 And I think the last thing I want 01:23:19.376 --> 01:23:23.838 to emphasize is when you use a password 01:23:23.859 --> 01:23:25.079 manager, any password manager, 01:23:25.119 --> 01:23:29.143 whether it's a cloud-based one like this, 01:23:29.182 --> 01:23:30.684 like Bitwarden, like one password, 01:23:30.944 --> 01:23:33.385 a local one, KeePassXE, 01:23:33.666 --> 01:23:35.067 if you write your passwords down in a 01:23:35.106 --> 01:23:35.447 notebook, 01:23:36.467 --> 01:23:39.590 you are placing an immense amount of trust 01:23:40.090 --> 01:23:41.150 in that password manager. 01:23:42.832 --> 01:23:44.412 And so we always recommend... 01:23:46.756 --> 01:23:47.737 I mean, 01:23:47.817 --> 01:23:49.257 I feel safe saying that everybody in 01:23:49.318 --> 01:23:50.298 Privacy Guides would agree with me on 01:23:50.338 --> 01:23:50.479 this. 01:23:51.019 --> 01:23:53.541 I would recommend if you don't use a 01:23:53.600 --> 01:23:54.640 security key anywhere else, 01:23:54.661 --> 01:23:56.061 like a YubiKey or something like that, 01:23:56.703 --> 01:23:56.983 first of all, 01:23:57.002 --> 01:23:58.163 you should be using it everywhere you can. 01:23:58.224 --> 01:23:59.364 But if you don't use it anywhere else, 01:23:59.385 --> 01:24:00.364 you should at least be using it on 01:24:00.385 --> 01:24:02.627 your password manager because of how 01:24:02.667 --> 01:24:03.266 sensitive it is, 01:24:03.327 --> 01:24:05.769 because everything is centralized there. 01:24:06.288 --> 01:24:07.189 And theoretically, 01:24:07.289 --> 01:24:09.291 if you had used a security key, 01:24:10.112 --> 01:24:12.113 I feel like this attack probably would 01:24:13.409 --> 01:24:13.550 I mean, 01:24:13.590 --> 01:24:14.770 I guess it might have still worked because 01:24:14.791 --> 01:24:14.930 again, 01:24:14.951 --> 01:24:16.091 they're trying to verify the device, 01:24:16.131 --> 01:24:19.113 not necessarily the login, but I mean, 01:24:19.153 --> 01:24:20.274 at very least you wouldn't have to worry 01:24:20.293 --> 01:24:21.654 about them like trying to crack your 01:24:21.673 --> 01:24:22.435 master password, right? 01:24:22.454 --> 01:24:23.756 Because they still need the YubiKey to get 01:24:23.815 --> 01:24:24.935 it and they're not going to have that. 01:24:25.015 --> 01:24:25.997 So yeah, 01:24:26.117 --> 01:24:27.757 always try to put the maximum amount of 01:24:27.797 --> 01:24:29.298 security on your password manager, 01:24:29.439 --> 01:24:30.439 even if it's not cloud-based, 01:24:30.498 --> 01:24:31.140 like whatever it is, 01:24:31.180 --> 01:24:32.520 because you're putting a lot of trust in 01:24:32.560 --> 01:24:33.440 that thing regardless. 01:24:33.501 --> 01:24:36.462 So I think I kind of went over 01:24:36.502 --> 01:24:36.983 a lot there, 01:24:37.063 --> 01:24:39.743 but did you have any thoughts on this 01:24:39.764 --> 01:24:40.904 story or is there anything I missed, 01:24:41.064 --> 01:24:41.284 Jordan? 01:24:42.900 --> 01:24:44.381 Yeah, definitely an info dump. 01:24:44.601 --> 01:24:46.662 I think it is important, though, 01:24:46.722 --> 01:24:48.564 to all the stuff that you mentioned, 01:24:48.623 --> 01:24:51.145 like putting the most security you can on 01:24:51.164 --> 01:24:52.085 your password manager. 01:24:52.685 --> 01:24:55.587 Nate actually wrote a video about 01:24:55.646 --> 01:24:58.507 passwords and password management and all 01:24:58.528 --> 01:24:59.788 this sort of stuff that's going to go 01:24:59.849 --> 01:25:02.590 into things in a much more succinct and 01:25:02.630 --> 01:25:03.909 explainable way. 01:25:04.850 --> 01:25:06.452 Hopefully this weekend we'll have it out. 01:25:08.654 --> 01:25:09.956 So definitely look out for that if you 01:25:09.996 --> 01:25:11.775 want to kind of, I don't know, 01:25:11.836 --> 01:25:13.277 I think it's also important to, you know, 01:25:13.337 --> 01:25:15.037 if you share that with someone, uh, 01:25:15.118 --> 01:25:15.797 I think it's a good, 01:25:16.238 --> 01:25:18.099 it's a good resource that we're going to 01:25:18.118 --> 01:25:19.060 have available soon. 01:25:19.560 --> 01:25:21.161 And it does go into like a lot 01:25:21.201 --> 01:25:22.560 of what Nate was saying, like, you know, 01:25:22.640 --> 01:25:25.382 your, your password manager is, 01:25:25.563 --> 01:25:26.622 I think the way Nate put it in 01:25:26.643 --> 01:25:27.623 the video was, you know, 01:25:27.644 --> 01:25:29.423 you're putting all the keys to your castle 01:25:29.463 --> 01:25:30.404 in one spot. 01:25:30.465 --> 01:25:31.604 So you need to make sure it's well 01:25:31.625 --> 01:25:32.086 defended. 01:25:32.586 --> 01:25:32.746 Um, 01:25:33.903 --> 01:25:37.265 And it's the same with, you know, 01:25:37.605 --> 01:25:39.167 any centralization of trust. 01:25:39.686 --> 01:25:41.287 I think one interesting thing about this, 01:25:41.368 --> 01:25:44.810 though, was they did mention it. 01:25:44.829 --> 01:25:47.231 So this is Dan Gooden, who's like, yeah, 01:25:47.252 --> 01:25:49.412 he's basically super, super, 01:25:51.074 --> 01:25:53.957 super big on like security topics at Ars 01:25:53.997 --> 01:25:54.476 Technica. 01:25:54.976 --> 01:25:56.238 He put at the bottom, 01:25:56.257 --> 01:25:57.259 he said like there was, 01:25:58.697 --> 01:25:59.016 I don't know, 01:25:59.176 --> 01:26:00.537 out of an abundance of caution, 01:26:00.578 --> 01:26:02.438 both master passwords and the contents of 01:26:02.497 --> 01:26:06.199 any recovered Dashlane vaults should be 01:26:06.239 --> 01:26:08.100 changed immediately to reduce the chance. 01:26:08.500 --> 01:26:10.621 So I think one thing that I think 01:26:10.661 --> 01:26:12.282 Nate did talk about it a bit was 01:26:12.341 --> 01:26:12.862 like the... 01:26:14.591 --> 01:26:17.213 The issue with these password managers and 01:26:17.274 --> 01:26:19.377 when these encrypted vaults get stolen is 01:26:21.038 --> 01:26:24.423 it's basically stuck at that stage, right? 01:26:24.463 --> 01:26:26.646 Because once they've stolen the encrypted 01:26:26.686 --> 01:26:26.947 vault, 01:26:27.287 --> 01:26:28.989 you can't change the password to something 01:26:29.029 --> 01:26:29.650 more secure. 01:26:30.131 --> 01:26:31.193 That vault is now... 01:26:32.992 --> 01:26:33.773 stuck in time. 01:26:34.012 --> 01:26:36.015 It's not able to get more secure. 01:26:36.034 --> 01:26:37.376 It's not able to get less secure. 01:26:37.416 --> 01:26:40.698 It's just stuck at that specific security 01:26:40.738 --> 01:26:41.059 level. 01:26:41.099 --> 01:26:44.921 So the risk with this is updating your 01:26:44.942 --> 01:26:45.722 master password. 01:26:46.103 --> 01:26:47.444 That's not going to do anything because 01:26:47.505 --> 01:26:48.945 they already have the encrypted vault 01:26:48.985 --> 01:26:49.485 itself. 01:26:50.266 --> 01:26:52.368 So basically, I don't know, 01:26:52.408 --> 01:26:53.909 if you're a Dashlane user and you think 01:26:53.949 --> 01:26:54.810 you might have been affected, 01:26:55.411 --> 01:26:56.712 I would just change every password. 01:26:58.176 --> 01:26:59.158 which kind of sucks, right? 01:26:59.198 --> 01:27:01.439 This is like the worst case scenario for 01:27:01.519 --> 01:27:03.640 anybody having to change every single 01:27:03.680 --> 01:27:05.001 password in your password manager. 01:27:05.041 --> 01:27:07.262 That's depending on who you are. 01:27:07.342 --> 01:27:10.784 I think Nate also wrote this in the 01:27:10.824 --> 01:27:11.865 script for this new video. 01:27:12.666 --> 01:27:14.567 It was about a hundred passwords. 01:27:14.847 --> 01:27:17.149 The average American has average of a 01:27:17.189 --> 01:27:18.050 hundred passwords. 01:27:18.109 --> 01:27:19.770 So, you know, this is, 01:27:21.971 --> 01:27:23.172 it's almost unreasonable. 01:27:23.353 --> 01:27:24.793 That is an unreasonable amount of 01:27:24.833 --> 01:27:25.793 passwords to change. 01:27:25.814 --> 01:27:26.614 Like that would take 01:27:27.448 --> 01:27:30.931 hours so you know i think this is 01:27:31.511 --> 01:27:33.594 this is a pretty big flop from dashlane 01:27:33.734 --> 01:27:36.796 i think like you know this this is 01:27:37.377 --> 01:27:39.057 basically as bad as it can get i 01:27:39.097 --> 01:27:40.238 mean it's not as bad as it can 01:27:40.279 --> 01:27:41.680 get because you can be last pass and 01:27:41.699 --> 01:27:44.823 you can just like leak everyone's stuff um 01:27:44.943 --> 01:27:46.965 and not encrypt anything so you know it's 01:27:47.005 --> 01:27:49.846 not the worst case scenario but it's it's 01:27:49.867 --> 01:27:51.828 kind of nightmare scenario level um 01:27:53.337 --> 01:27:54.997 I mean, I would probably, 01:27:56.118 --> 01:27:57.380 if you don't think you've been affected, 01:27:57.420 --> 01:27:59.081 I would just update my master password 01:27:59.121 --> 01:28:00.782 anyway out of caution. 01:28:00.981 --> 01:28:02.582 But again, 01:28:03.182 --> 01:28:04.845 we do have password manager 01:28:04.885 --> 01:28:05.824 recommendations. 01:28:06.225 --> 01:28:07.966 And, you know, at Privacy Guides, 01:28:08.226 --> 01:28:10.627 we do more rigorous analysis. 01:28:10.707 --> 01:28:10.787 We... 01:28:12.029 --> 01:28:13.609 get input from the community on which 01:28:14.590 --> 01:28:15.550 products are the best. 01:28:15.890 --> 01:28:17.591 And we do all the hard work for 01:28:17.610 --> 01:28:20.030 you to work out what the best services 01:28:20.171 --> 01:28:20.371 are. 01:28:22.332 --> 01:28:24.372 So Dashlane is not something we recommend. 01:28:24.972 --> 01:28:28.634 We don't recommend Dashlane for a variety 01:28:28.673 --> 01:28:29.333 of reasons. 01:28:29.953 --> 01:28:32.154 But I think you'd be much better off 01:28:32.194 --> 01:28:33.734 if you were using something like Bitwarden 01:28:33.795 --> 01:28:36.376 or ProtonPass or Sono. 01:28:36.895 --> 01:28:39.315 There's plenty of other password manager 01:28:39.355 --> 01:28:40.957 recommendations that we have on our site. 01:28:42.847 --> 01:28:44.710 And I think it's always going to happen, 01:28:44.729 --> 01:28:44.909 though. 01:28:44.949 --> 01:28:46.711 There's always going to be, like, 01:28:46.770 --> 01:28:48.332 cyber attacks against these password 01:28:48.353 --> 01:28:49.873 managers because they are, 01:28:50.014 --> 01:28:51.895 like Nate said in the video, 01:28:51.996 --> 01:28:53.417 that what's going to come out is it's 01:28:53.457 --> 01:28:53.976 a castle. 01:28:54.016 --> 01:28:56.319 It's where all the secrets are in there. 01:28:56.658 --> 01:28:59.261 So it's a much more valuable target. 01:29:01.542 --> 01:29:03.244 It's kind of frustrating when security 01:29:04.525 --> 01:29:06.747 isn't enforced as well as it should be 01:29:07.068 --> 01:29:07.688 in this case. 01:29:07.948 --> 01:29:09.489 But, yeah, 01:29:09.689 --> 01:29:10.951 I don't really have too much more to 01:29:11.030 --> 01:29:12.192 add other than that. 01:29:14.676 --> 01:29:15.055 Yeah, 01:29:15.155 --> 01:29:16.877 I don't really have much else to add 01:29:16.896 --> 01:29:17.256 myself. 01:29:17.296 --> 01:29:19.677 It's just, I guess, again, 01:29:19.717 --> 01:29:21.519 assuming we take Dashlane at face value, 01:29:21.618 --> 01:29:25.560 it's good that this is not a repeat 01:29:25.640 --> 01:29:26.280 of LastPass, 01:29:26.320 --> 01:29:28.362 where they did everything they possibly 01:29:28.381 --> 01:29:28.942 could wrong. 01:29:29.462 --> 01:29:31.582 But it's also, there are certain things, 01:29:31.643 --> 01:29:32.064 I feel like, 01:29:32.104 --> 01:29:34.885 where it's just too important 01:29:35.855 --> 01:29:38.677 to trust a non-open source thing. 01:29:39.179 --> 01:29:41.579 And a password manager is one of them. 01:29:41.600 --> 01:29:42.261 Because I keep saying, 01:29:42.520 --> 01:29:43.582 assuming they're telling the truth, 01:29:43.881 --> 01:29:44.261 we don't know. 01:29:44.483 --> 01:29:45.443 Dashlane's proprietary. 01:29:45.523 --> 01:29:46.703 If this happened to ProtonPass, 01:29:46.743 --> 01:29:48.706 if this happened to Bitwarden, 01:29:49.386 --> 01:29:49.886 if this happened to, 01:29:49.907 --> 01:29:51.448 I don't know how it would happen to 01:29:51.467 --> 01:29:52.509 KeePass, but theoretically, 01:29:52.529 --> 01:29:53.609 if this happened to KeePass, 01:29:53.649 --> 01:29:54.550 those are all open source. 01:29:54.810 --> 01:29:56.692 So we can verify that, yes, everything is. 01:29:57.131 --> 01:29:58.592 I actually remember when LastPass 01:29:58.613 --> 01:29:58.974 happened, 01:29:59.634 --> 01:30:01.034 Everybody went to these open source 01:30:01.055 --> 01:30:02.877 password managers and started re-examining 01:30:02.896 --> 01:30:03.917 and being like, oh crap, 01:30:04.298 --> 01:30:05.099 are we in danger? 01:30:05.619 --> 01:30:08.082 And I remember Bitwarden, I think, 01:30:08.181 --> 01:30:08.802 was okay. 01:30:09.344 --> 01:30:10.425 But a lot of people did notice. 01:30:10.465 --> 01:30:10.824 It's like, hey, 01:30:10.845 --> 01:30:11.886 you're kind of using this like, 01:30:12.726 --> 01:30:14.929 it's not like outdated hashing, 01:30:14.969 --> 01:30:15.590 but there's, you know, 01:30:15.630 --> 01:30:17.150 this Argon-II is out now and it's a 01:30:17.171 --> 01:30:17.792 lot better. 01:30:17.832 --> 01:30:19.172 And like, why don't we up the iterations? 01:30:19.613 --> 01:30:20.795 And I remember Bitwarden kind of replied 01:30:20.814 --> 01:30:21.414 where they're like, yeah, 01:30:21.435 --> 01:30:22.576 we don't really have to, but I mean... 01:30:23.546 --> 01:30:24.006 Good point. 01:30:24.087 --> 01:30:25.007 We'll go ahead and do that. 01:30:25.208 --> 01:30:26.229 And you know, now it's, 01:30:26.329 --> 01:30:28.171 it's more secure and we can verify that 01:30:28.190 --> 01:30:29.591 because it's open source and not to 01:30:29.612 --> 01:30:31.033 necessarily sing Bitwarden's praises. 01:30:31.054 --> 01:30:31.994 I'm not trying to harp on them, 01:30:32.034 --> 01:30:32.295 but you know, 01:30:32.314 --> 01:30:35.056 it's just an example of like, hopefully, 01:30:35.658 --> 01:30:37.078 uh, Dashlane users will be okay. 01:30:37.118 --> 01:30:38.399 But yeah, if you are a Dashlane user, 01:30:38.439 --> 01:30:40.601 definitely, um, that does suck. 01:30:40.622 --> 01:30:41.443 Cause I am that I've, 01:30:41.582 --> 01:30:42.344 I've said this before. 01:30:42.484 --> 01:30:44.765 I am that psychopath that went down and 01:30:44.786 --> 01:30:46.667 changed all my passwords in like one 01:30:46.688 --> 01:30:48.088 weekend when I first got into privacy. 01:30:48.248 --> 01:30:48.829 And it is, 01:30:50.393 --> 01:30:51.212 It is intense. 01:30:51.533 --> 01:30:52.113 And, uh, you know, 01:30:52.132 --> 01:30:53.234 at the time I was single and I 01:30:53.253 --> 01:30:54.833 was in my twenties and I had all 01:30:54.854 --> 01:30:55.974 the energy for that stuff. 01:30:56.033 --> 01:30:57.435 And, but it's, uh, you know, 01:30:57.475 --> 01:30:58.555 especially if you've got a family and 01:30:58.595 --> 01:30:59.215 stuff, it's like, man, 01:30:59.234 --> 01:31:00.234 how are you supposed to find time to 01:31:00.255 --> 01:31:00.615 do that? 01:31:00.676 --> 01:31:01.775 So that's crazy. 01:31:03.256 --> 01:31:04.537 But here we are. 01:31:04.577 --> 01:31:05.957 I almost feel like there needs to be 01:31:06.016 --> 01:31:06.537 a way. 01:31:06.556 --> 01:31:08.537 I don't know. 01:31:08.637 --> 01:31:10.097 I feel like this could have been. 01:31:12.148 --> 01:31:14.988 possibly avoided if there was i don't know 01:31:15.029 --> 01:31:16.569 maybe there's got to be a way for 01:31:16.890 --> 01:31:18.930 an api access or i don't know some 01:31:19.070 --> 01:31:20.610 some way to easily update a lot of 01:31:20.631 --> 01:31:23.072 accounts passwords quickly um i don't know 01:31:23.091 --> 01:31:24.493 what that would look like but it's kind 01:31:24.512 --> 01:31:26.993 of we get into this situation with with 01:31:27.033 --> 01:31:28.654 a password manager where things get 01:31:29.814 --> 01:31:32.194 breached like this and it becomes like i 01:31:32.215 --> 01:31:33.735 know people that have got like five 01:31:33.756 --> 01:31:35.796 hundred passwords like how the heck are 01:31:35.817 --> 01:31:37.216 you supposed to go through and update all 01:31:37.237 --> 01:31:40.358 that like that is impossible um it's just 01:31:40.398 --> 01:31:41.899 kind of frustrating for those people 01:31:43.402 --> 01:31:43.802 Unfortunately, 01:31:43.823 --> 01:31:45.284 you are not the first person to have 01:31:45.324 --> 01:31:45.865 that idea. 01:31:46.487 --> 01:31:49.212 And I don't think, yeah, 01:31:49.532 --> 01:31:50.453 it would need to be some kind of 01:31:50.474 --> 01:31:51.654 like standardized process, 01:31:51.675 --> 01:31:52.837 which I don't think it is right now. 01:31:52.877 --> 01:31:54.239 And I think that's the big challenge is... 01:31:55.250 --> 01:31:55.529 Yeah, 01:31:55.569 --> 01:31:57.752 but it would be cool because then that 01:31:57.771 --> 01:32:00.073 would open the door for like a privacy 01:32:00.113 --> 01:32:00.873 service that's like, oh, 01:32:00.894 --> 01:32:01.755 you're getting into privacy? 01:32:02.074 --> 01:32:03.515 Cool, for like ten bucks, 01:32:03.956 --> 01:32:05.936 we'll download all your accounts out of 01:32:05.976 --> 01:32:07.417 Chrome and go in and change all the 01:32:07.457 --> 01:32:09.039 passwords and dump them into Bitwarden or 01:32:09.060 --> 01:32:09.439 whatever. 01:32:10.340 --> 01:32:11.301 That would open a lot of doors to 01:32:11.320 --> 01:32:12.761 make it easier for people to get started 01:32:12.782 --> 01:32:13.282 with this stuff. 01:32:13.342 --> 01:32:14.103 But I just don't think, 01:32:14.643 --> 01:32:15.184 as far as I know, 01:32:15.203 --> 01:32:16.805 there's not like a standardized API that 01:32:16.845 --> 01:32:18.225 people could hook into like you're talking 01:32:18.246 --> 01:32:18.426 about. 01:32:18.805 --> 01:32:19.527 It'd be cool if there was. 01:32:20.739 --> 01:32:21.020 Yeah. 01:32:21.199 --> 01:32:21.399 I mean, 01:32:21.500 --> 01:32:23.740 one thing that you did talk about quite 01:32:23.761 --> 01:32:25.202 a bit in the video we've been working 01:32:25.261 --> 01:32:26.542 on is, you know, 01:32:26.582 --> 01:32:28.064 like the adoption of passkeys. 01:32:28.323 --> 01:32:30.604 And I think that could be at least 01:32:30.725 --> 01:32:32.204 one step in the right direction, right? 01:32:32.225 --> 01:32:33.265 At least one end, 01:32:33.725 --> 01:32:36.807 one end of the passwords being messed up 01:32:36.847 --> 01:32:37.547 is going to be okay. 01:32:37.587 --> 01:32:40.088 Like the websites themselves can't, 01:32:42.189 --> 01:32:43.690 they can't leak the passwords. 01:32:43.911 --> 01:32:45.412 So then you don't have to worry about 01:32:45.452 --> 01:32:46.792 your password ever getting breached. 01:32:47.552 --> 01:32:49.953 But then there's the opposite end as well. 01:32:52.206 --> 01:32:53.027 That's what I was about to say is 01:32:53.087 --> 01:32:54.908 I feel like this unfortunately would be 01:32:54.988 --> 01:32:56.451 one of the few times where a passkey 01:32:56.470 --> 01:32:57.231 wouldn't save you. 01:32:57.731 --> 01:32:58.833 Like someone correct me if I'm wrong, 01:32:58.894 --> 01:33:01.036 but because in this case, 01:33:01.756 --> 01:33:04.460 if you're saving your passkeys to a 01:33:04.500 --> 01:33:05.301 password manager, 01:33:05.320 --> 01:33:06.381 which is probably what most people are 01:33:06.402 --> 01:33:06.742 gonna do, 01:33:07.603 --> 01:33:08.804 which I would argue in most cases is 01:33:08.844 --> 01:33:09.184 fine. 01:33:09.524 --> 01:33:11.485 But now it's the password manager that got 01:33:11.546 --> 01:33:11.926 leaked. 01:33:12.426 --> 01:33:14.268 So if they get into it, 01:33:14.287 --> 01:33:15.488 they would have your pass keys. 01:33:15.649 --> 01:33:17.890 But generally speaking, yeah, I mean, 01:33:17.930 --> 01:33:20.672 stuff like this is still very much the 01:33:20.792 --> 01:33:21.314 outlier. 01:33:21.514 --> 01:33:22.175 So, I mean, 01:33:22.895 --> 01:33:24.055 ninety nine times out of one hundred, 01:33:24.095 --> 01:33:24.716 I totally agree. 01:33:24.756 --> 01:33:26.217 A pass key is it's one of those 01:33:26.238 --> 01:33:27.338 things where like, yes, 01:33:27.359 --> 01:33:28.960 there's always going to be that one 01:33:29.039 --> 01:33:30.720 scenario where it's like, OK, fine. 01:33:30.841 --> 01:33:32.082 It doesn't make sense to do that. 01:33:33.082 --> 01:33:35.244 But every other time it makes perfect 01:33:35.265 --> 01:33:36.586 sense, you know, so. 01:33:37.845 --> 01:33:38.244 Yeah. 01:33:38.305 --> 01:33:38.485 I mean, 01:33:38.546 --> 01:33:40.106 I feel like pass keys could definitely, 01:33:40.226 --> 01:33:40.426 yeah, 01:33:40.447 --> 01:33:41.488 you're a hundred percent right about it. 01:33:41.507 --> 01:33:43.270 Like the private key is the thing that's 01:33:43.310 --> 01:33:44.650 important and that's what your password 01:33:44.690 --> 01:33:45.572 manager is protecting. 01:33:45.931 --> 01:33:48.234 The public key is what the website has. 01:33:49.855 --> 01:33:50.895 So it doesn't matter if they leak the 01:33:50.935 --> 01:33:51.716 public key. 01:33:51.737 --> 01:33:52.818 Public key can be public. 01:33:53.979 --> 01:33:54.739 But yeah, 01:33:54.779 --> 01:33:57.082 the private keys is that's where you start 01:33:57.101 --> 01:33:57.761 having the issue. 01:33:57.782 --> 01:34:00.444 I don't know if it's like, you know, 01:34:00.465 --> 01:34:01.005 a way for 01:34:02.006 --> 01:34:03.707 basically password managers to like kind 01:34:03.747 --> 01:34:07.451 of hook into a website's like, like, uh, 01:34:08.011 --> 01:34:11.054 Fido flow or something to automatically 01:34:11.113 --> 01:34:11.554 update it. 01:34:11.573 --> 01:34:12.034 I don't know. 01:34:12.335 --> 01:34:13.895 Someone really smart is probably going to 01:34:13.916 --> 01:34:14.457 work it out. 01:34:15.176 --> 01:34:16.297 Um, that's just not me. 01:34:16.318 --> 01:34:16.439 Um, 01:34:17.859 --> 01:34:19.220 I don't really know what the solution is, 01:34:19.261 --> 01:34:19.701 but I don't know. 01:34:19.720 --> 01:34:20.761 It was just a thought that I had. 01:34:21.082 --> 01:34:21.943 It's kind of interesting. 01:34:22.323 --> 01:34:22.444 Um, 01:34:22.944 --> 01:34:24.385 Don't think it's super relevant to this 01:34:24.404 --> 01:34:26.386 story, though, because like you said, 01:34:26.627 --> 01:34:28.128 if your vault is breached, 01:34:28.748 --> 01:34:30.350 it's not really going to protect you in 01:34:30.371 --> 01:34:31.270 that case either. 01:34:31.492 --> 01:34:34.154 So kind of a crappy situation. 01:34:35.854 --> 01:34:36.235 Agreed. 01:34:39.177 --> 01:34:41.100 I think that's all we've got on this 01:34:41.239 --> 01:34:41.380 one. 01:34:41.460 --> 01:34:43.002 Do you want to move into forum updates? 01:34:45.369 --> 01:34:48.930 yeah let's dive into some forum updates 01:34:49.030 --> 01:34:51.452 here in a minute we'll start taking viewer 01:34:51.471 --> 01:34:53.052 questions so if you've been holding on to 01:34:53.132 --> 01:34:55.394 any questions about any of the stories 01:34:55.413 --> 01:34:57.694 we've talked about so far go and go 01:34:57.715 --> 01:34:59.975 ahead and leave them on the forum thread 01:35:00.055 --> 01:35:01.735 or in the comment section on the live 01:35:01.775 --> 01:35:03.856 stream and you can do so on the 01:35:03.896 --> 01:35:05.478 stream yard chat if you don't want to 01:35:05.578 --> 01:35:07.177 sign up to youtube or any other platform 01:35:07.238 --> 01:35:08.259 so if you do want to leave a 01:35:08.279 --> 01:35:08.578 comment 01:35:10.435 --> 01:35:12.076 definitely feel free to do so. 01:35:12.536 --> 01:35:13.197 But for now, 01:35:13.256 --> 01:35:15.216 let's check in on our community forum. 01:35:15.356 --> 01:35:16.436 And as always, 01:35:16.636 --> 01:35:19.337 there is a lot of activity on the 01:35:19.358 --> 01:35:19.677 forum. 01:35:19.837 --> 01:35:21.899 So here's just like a few of this 01:35:21.939 --> 01:35:24.658 week's most interesting discussions 01:35:24.719 --> 01:35:25.378 happening there. 01:35:25.519 --> 01:35:28.560 So I'm going to take this one. 01:35:28.720 --> 01:35:29.640 You can take the other one. 01:35:30.159 --> 01:35:33.480 How do I compellingly advocate for my 01:35:33.520 --> 01:35:36.362 privacy with doctors and other health care 01:35:36.622 --> 01:35:37.261 professionals? 01:35:39.264 --> 01:35:40.364 I think this is a really interesting 01:35:40.385 --> 01:35:40.704 thread. 01:35:41.565 --> 01:35:44.427 So this one was started by a regular 01:35:44.467 --> 01:35:44.868 on our forum, 01:35:44.889 --> 01:35:46.510 not going to mention the name for their 01:35:46.550 --> 01:35:47.270 privacy sake. 01:35:48.150 --> 01:35:53.475 But basically, you know, I think it's, 01:35:54.942 --> 01:35:56.761 we're living in an age where a lot 01:35:56.801 --> 01:35:59.622 of doctors are using technology that is 01:35:59.762 --> 01:36:00.842 pretty invasive, right? 01:36:00.882 --> 01:36:02.203 Like I'm, 01:36:02.484 --> 01:36:04.003 I guarantee you if you've been to the 01:36:04.024 --> 01:36:05.323 doctor in the last two years, 01:36:05.684 --> 01:36:07.265 they've asked you if you, 01:36:07.345 --> 01:36:09.085 if they can use an AI transcription 01:36:09.104 --> 01:36:11.046 software, if they can, you know, 01:36:11.265 --> 01:36:12.685 share your data with one of these 01:36:12.725 --> 01:36:13.185 companies. 01:36:14.025 --> 01:36:14.867 And, um, 01:36:14.926 --> 01:36:16.926 I guess kind of reading a little bit 01:36:16.966 --> 01:36:17.846 into this, uh, 01:36:17.907 --> 01:36:20.148 thread that was started here. 01:36:20.887 --> 01:36:21.007 Um, 01:36:22.560 --> 01:36:22.739 you know, 01:36:22.779 --> 01:36:24.680 this person was saying that they kind of 01:36:24.720 --> 01:36:27.962 felt like healthcare workers don't really 01:36:28.002 --> 01:36:28.403 care. 01:36:28.443 --> 01:36:30.243 They don't really read the privacy policy. 01:36:30.264 --> 01:36:32.064 They don't really, you know, 01:36:32.085 --> 01:36:34.405 think that there's any issues. 01:36:36.448 --> 01:36:37.127 They don't, you know, 01:36:37.148 --> 01:36:38.868 they don't really have the same level of 01:36:38.929 --> 01:36:40.949 concern that most people should have about 01:36:40.970 --> 01:36:42.331 their medical data, especially if it's, 01:36:42.411 --> 01:36:45.792 you know, very sensitive information, 01:36:45.813 --> 01:36:46.313 like, you know, 01:36:47.014 --> 01:36:48.774 It could be reproductive status. 01:36:48.854 --> 01:36:49.835 It could be all these, 01:36:50.635 --> 01:36:52.055 especially in the US, like these, 01:36:52.255 --> 01:36:52.854 these are pretty, 01:36:54.615 --> 01:36:56.395 I would say sensitive things, right? 01:36:56.416 --> 01:36:58.317 Because, you know, in some states it's, 01:36:58.436 --> 01:37:00.457 it's illegal and stuff like that. 01:37:00.476 --> 01:37:01.096 Like this is, 01:37:02.238 --> 01:37:03.658 it depends obviously on your threat model 01:37:03.698 --> 01:37:04.478 and your situation, 01:37:04.518 --> 01:37:07.519 but they can be extremely concerning. 01:37:10.020 --> 01:37:11.020 So they kind of went through 01:37:14.036 --> 01:37:15.716 basically how they want to challenge 01:37:16.636 --> 01:37:17.056 their, 01:37:18.097 --> 01:37:21.338 their doctors and to basically get them to 01:37:21.458 --> 01:37:22.880 take things a bit more seriously. 01:37:23.439 --> 01:37:23.760 Um, 01:37:24.520 --> 01:37:26.820 and they did bring up this one specific 01:37:27.220 --> 01:37:31.743 example, um, you know, about, 01:37:32.643 --> 01:37:34.743 it was Carissa Vellies who we interviewed, 01:37:34.923 --> 01:37:36.284 um, a couple of weeks ago. 01:37:36.505 --> 01:37:36.704 She, 01:37:36.805 --> 01:37:39.345 she basically had an example and she used 01:37:39.386 --> 01:37:41.146 the example of like the Holocaust, like, 01:37:41.167 --> 01:37:41.367 you know, 01:37:42.604 --> 01:37:44.327 would you, you know, 01:37:44.346 --> 01:37:45.927 disclosing that you're Jewish in the 01:37:45.967 --> 01:37:48.270 Holocaust is kind of a bit of a 01:37:48.310 --> 01:37:51.554 death sentence and maybe it's not as the 01:37:51.594 --> 01:37:54.756 parallel is not as like, Oh, 01:37:54.777 --> 01:37:55.658 did you want to add something here? 01:37:56.479 --> 01:37:57.199 Yeah, real quick. 01:37:57.399 --> 01:37:57.579 Um, 01:37:57.600 --> 01:37:59.761 so what she was talking about was in, 01:38:00.162 --> 01:38:00.302 um, 01:38:01.154 --> 01:38:01.574 Oh my God, 01:38:01.614 --> 01:38:02.895 I can't remember which countries it were. 01:38:04.275 --> 01:38:07.257 Basically, when the Nazis invaded, 01:38:08.318 --> 01:38:09.578 I wanna say it was France, 01:38:10.779 --> 01:38:12.760 the number of Jews that they killed in 01:38:12.800 --> 01:38:15.900 France was significantly lower because in 01:38:15.961 --> 01:38:16.341 France, 01:38:16.400 --> 01:38:18.801 they didn't even keep ethnicity records on 01:38:18.921 --> 01:38:20.222 who was Jewish and who wasn't. 01:38:20.722 --> 01:38:21.203 And therefore, 01:38:21.243 --> 01:38:22.944 that made it significantly harder for them 01:38:22.984 --> 01:38:25.045 to find Jews to send them to the 01:38:25.064 --> 01:38:25.404 camps. 01:38:25.885 --> 01:38:27.206 That was the example she was using. 01:38:27.725 --> 01:38:29.186 And that's the example this person is 01:38:29.226 --> 01:38:30.127 talking about is like, 01:38:30.606 --> 01:38:35.467 if um if my doctor is not sharing 01:38:35.507 --> 01:38:37.427 data with these companies like uh i'll 01:38:37.587 --> 01:38:39.368 i'll let you talk in just a second 01:38:39.389 --> 01:38:41.009 sorry i'm trying not to like do all 01:38:41.029 --> 01:38:42.548 the talking um but like they said their 01:38:42.569 --> 01:38:44.250 doctor is using gmail and it's like okay 01:38:44.289 --> 01:38:46.310 but if gmail is reading these emails or 01:38:46.329 --> 01:38:48.390 even has access to these emails that's 01:38:48.430 --> 01:38:49.730 kind of the same thing where it's like 01:38:49.770 --> 01:38:51.390 if something goes wrong now the the data 01:38:51.451 --> 01:38:52.692 is there in the first place that's kind 01:38:52.712 --> 01:38:54.152 of the example the the connection they're 01:38:54.171 --> 01:38:54.771 trying to make there 01:38:58.684 --> 01:38:59.064 Right. 01:38:59.225 --> 01:38:59.604 Okay. 01:38:59.645 --> 01:39:00.666 So that's, yeah, 01:39:00.685 --> 01:39:02.287 that's definitely good context. 01:39:02.546 --> 01:39:02.947 Um, 01:39:03.027 --> 01:39:04.448 I'm not really super familiar with her 01:39:04.488 --> 01:39:07.251 work personally, so that is good to know. 01:39:07.650 --> 01:39:10.493 Um, yeah, I think it's, I think, 01:39:10.512 --> 01:39:10.953 I don't know. 01:39:11.073 --> 01:39:11.913 I think you should be, 01:39:13.454 --> 01:39:16.358 try and be cautious around, I think, 01:39:16.377 --> 01:39:17.958 standing up to these people because 01:39:18.838 --> 01:39:21.301 unfortunately they kind of do have quite a 01:39:21.341 --> 01:39:24.484 lot of control over, um, 01:39:26.932 --> 01:39:27.953 But when you talk to a doctor, 01:39:27.972 --> 01:39:29.154 like they do have quite a lot of 01:39:29.194 --> 01:39:32.296 control over the care that you receive and 01:39:32.536 --> 01:39:34.537 that care could be kind of important. 01:39:34.596 --> 01:39:35.317 So, you know, 01:39:35.356 --> 01:39:36.698 if you're going to challenge someone on 01:39:36.717 --> 01:39:37.658 this sort of stuff, 01:39:38.139 --> 01:39:40.780 I would definitely think about the 01:39:40.820 --> 01:39:43.341 consequences of doing so, because, 01:39:43.742 --> 01:39:44.603 you know, the. 01:39:46.672 --> 01:39:49.114 the repercussions for challenging someone 01:39:49.135 --> 01:39:50.996 like this could cause things to become a 01:39:51.055 --> 01:39:52.976 bit more difficult because, you know, 01:39:52.997 --> 01:39:56.880 you have such strict, um, 01:39:57.079 --> 01:39:58.300 beliefs and stuff and such. 01:39:58.340 --> 01:40:01.042 Like, I think it shouldn't be like that. 01:40:01.082 --> 01:40:02.743 Like they shouldn't be able to do that, 01:40:02.802 --> 01:40:04.543 but it's kind of the facts of the 01:40:04.583 --> 01:40:05.085 situation. 01:40:05.145 --> 01:40:06.426 Unfortunately, like you'll, 01:40:07.166 --> 01:40:09.728 you'll receive different care. 01:40:09.768 --> 01:40:11.189 If you make a fuss about something like 01:40:11.208 --> 01:40:11.408 that, 01:40:11.448 --> 01:40:14.211 you may not get treated the same way. 01:40:14.511 --> 01:40:14.730 Um, 01:40:16.123 --> 01:40:17.664 you might be seen as someone who's trying 01:40:17.704 --> 01:40:18.824 to, you know, 01:40:19.244 --> 01:40:22.525 hide information or like be a criminal. 01:40:22.586 --> 01:40:25.127 And there's all these stereotypes for 01:40:25.167 --> 01:40:28.908 people that are, um, 01:40:28.929 --> 01:40:30.069 caring about their privacy. 01:40:30.208 --> 01:40:31.328 And it's not really, 01:40:31.389 --> 01:40:32.310 it shouldn't be like that, 01:40:32.350 --> 01:40:34.210 but it's kind of the way things are 01:40:34.229 --> 01:40:34.890 at the moment. 01:40:35.390 --> 01:40:37.230 And it's kind of seen as almost like 01:40:37.251 --> 01:40:38.091 a fringe thing. 01:40:38.712 --> 01:40:40.792 So I would also take that into account 01:40:40.832 --> 01:40:41.172 as well. 01:40:41.252 --> 01:40:42.972 If you do end up bringing this up 01:40:42.993 --> 01:40:44.173 to them, um, 01:40:47.101 --> 01:40:49.283 yeah anyway i i think people are saying 01:40:49.302 --> 01:40:51.364 like you should walk away from these 01:40:51.564 --> 01:40:53.445 doctors agencies and stuff i i kind of 01:40:53.485 --> 01:40:57.068 disagree with this because um i think you 01:40:57.087 --> 01:40:58.868 know depends on what conditions you have 01:40:59.229 --> 01:41:01.011 and for some people there's not really an 01:41:01.051 --> 01:41:02.712 option right if you have like a very 01:41:02.771 --> 01:41:04.113 specific condition you need to see a 01:41:04.153 --> 01:41:05.713 specialist you need to see 01:41:06.573 --> 01:41:09.676 a doctor that is specifically trained in a 01:41:09.737 --> 01:41:12.278 certain area that doesn't particularly 01:41:12.998 --> 01:41:14.760 have another option especially if you live 01:41:14.779 --> 01:41:16.841 in a small area um you don't exactly 01:41:16.862 --> 01:41:19.484 get a choice to just like oh you 01:41:19.524 --> 01:41:21.826 you're using google workspace for all your 01:41:21.926 --> 01:41:24.368 medical emails i'm gonna go to a different 01:41:24.387 --> 01:41:27.289 clinic um and it's not even verified that 01:41:27.329 --> 01:41:28.831 you know the the next clinic you go 01:41:28.871 --> 01:41:30.671 to they might be even worse so 01:41:31.932 --> 01:41:33.994 um it's kind of frustrating situation but 01:41:34.055 --> 01:41:35.996 i don't think that is always the best 01:41:36.036 --> 01:41:40.338 solution just like walking away from um 01:41:40.378 --> 01:41:43.001 someone um i've never seen a doctor's 01:41:43.421 --> 01:41:45.101 office using gmail i've never seen a 01:41:45.162 --> 01:41:48.043 doctor's office even use email so this is 01:41:48.083 --> 01:41:50.105 kind of bizarre to me like is this 01:41:50.126 --> 01:41:53.087 a common thing in the us or yeah 01:41:53.108 --> 01:41:56.170 they um they do use internal email a 01:41:56.210 --> 01:41:58.712 lot and i've i've seen doctor's offices 01:41:58.731 --> 01:41:59.972 that i'm pretty sure using teams 01:42:00.894 --> 01:42:02.855 So I definitely have thoughts on this one, 01:42:02.876 --> 01:42:04.337 but I'll wait for you to finish your 01:42:04.358 --> 01:42:04.679 thoughts. 01:42:04.958 --> 01:42:05.680 I don't want to cut you off. 01:42:07.081 --> 01:42:07.402 Okay. 01:42:07.641 --> 01:42:07.881 Yeah. 01:42:08.502 --> 01:42:09.323 I mean, yeah. 01:42:09.463 --> 01:42:11.006 So there's some more comments here. 01:42:11.206 --> 01:42:12.667 People were discussing like, you know, 01:42:15.430 --> 01:42:17.132 the original author of the post was saying 01:42:17.172 --> 01:42:17.394 like, 01:42:20.807 --> 01:42:21.007 you know, 01:42:21.127 --> 01:42:22.668 you wouldn't even try to convince them 01:42:22.748 --> 01:42:24.048 that what they're doing is wrong. 01:42:24.090 --> 01:42:25.550 Like you wouldn't even try and bring up 01:42:25.569 --> 01:42:26.911 that this is a privacy issue. 01:42:29.152 --> 01:42:30.152 I mean, I could, 01:42:30.192 --> 01:42:32.832 I think it's certainly possible to try. 01:42:33.113 --> 01:42:34.134 I think you could try, 01:42:34.213 --> 01:42:35.734 but I don't think you're going to be 01:42:35.795 --> 01:42:39.076 able to convince, you know, an entire, 01:42:40.356 --> 01:42:40.596 you know, 01:42:40.777 --> 01:42:42.957 medical facility to change their main 01:42:43.858 --> 01:42:44.958 tools so quickly. 01:42:44.979 --> 01:42:47.340 I don't know. 01:42:47.380 --> 01:42:49.461 There's definitely some people were, 01:42:52.127 --> 01:42:53.969 making jokes in this thread I guess a 01:42:53.988 --> 01:42:56.029 little bit of about this like saying like 01:42:56.069 --> 01:42:57.569 you know it's better to keep quiet in 01:42:57.630 --> 01:42:59.591 such situations you might be misunderstood 01:42:59.671 --> 01:43:02.492 and referred to a psychiatrist I don't I 01:43:02.532 --> 01:43:04.313 think you know if you you've got to 01:43:04.332 --> 01:43:06.212 be tactful about this right you can't just 01:43:06.252 --> 01:43:08.354 be saying like how could you be using 01:43:08.413 --> 01:43:11.414 gmail it's spyware like it's evil like you 01:43:11.435 --> 01:43:13.315 know coming across as like someone who's 01:43:13.395 --> 01:43:17.337 not really uh you have to have tact 01:43:17.417 --> 01:43:18.858 right and I think it comes down to 01:43:18.917 --> 01:43:19.078 any 01:43:19.778 --> 01:43:21.019 any social cause, right? 01:43:21.059 --> 01:43:22.979 If you just start calling someone like a, 01:43:24.039 --> 01:43:26.681 you know, a privacy normie or something, 01:43:26.721 --> 01:43:28.523 like they're not going to really take what 01:43:28.542 --> 01:43:29.603 you're saying that seriously, 01:43:29.622 --> 01:43:30.724 and they're probably not going to agree 01:43:30.743 --> 01:43:31.064 with you. 01:43:31.184 --> 01:43:34.865 So I think it definitely helps to have 01:43:34.926 --> 01:43:36.886 some grounding in reality, you know? 01:43:38.908 --> 01:43:40.488 And, but yeah, 01:43:40.509 --> 01:43:41.729 I don't really have too much more to 01:43:41.828 --> 01:43:42.170 add. 01:43:42.250 --> 01:43:42.829 There's quite, 01:43:42.869 --> 01:43:44.211 this goes on for quite a long time. 01:43:44.511 --> 01:43:45.891 I didn't have time to read this entire 01:43:45.912 --> 01:43:46.252 thread. 01:43:46.332 --> 01:43:46.511 So 01:43:48.823 --> 01:43:50.184 Yeah, I was kind of skimming in myself. 01:43:50.203 --> 01:43:51.145 There is a lot here. 01:43:52.085 --> 01:43:53.265 Also, Mike Lastname said, 01:43:53.286 --> 01:43:55.087 you are a doctor and a privacy advocate. 01:43:55.407 --> 01:43:57.948 Feel free to weigh in while I'm giving 01:43:57.988 --> 01:43:58.349 my thoughts, 01:43:58.368 --> 01:44:01.511 and we'll definitely – maybe it would be 01:44:01.532 --> 01:44:02.551 great to get an expert opinion. 01:44:04.613 --> 01:44:10.978 So my thing is it's – 01:44:13.277 --> 01:44:14.637 The challenge is institutional. 01:44:15.057 --> 01:44:16.139 This kind of came up a little bit 01:44:16.219 --> 01:44:17.740 in this article. 01:44:17.860 --> 01:44:18.421 So first of all, 01:44:18.501 --> 01:44:19.521 I want to say that in my personal 01:44:19.542 --> 01:44:19.862 opinion, 01:44:20.302 --> 01:44:21.262 and I don't think this is a hot 01:44:21.283 --> 01:44:21.564 take, 01:44:22.984 --> 01:44:24.126 your health should always come first, 01:44:24.166 --> 01:44:25.146 whether that's physical health, 01:44:25.186 --> 01:44:26.127 mental health, whatever. 01:44:27.148 --> 01:44:28.809 If your choices are between not seeing a 01:44:28.828 --> 01:44:30.631 doctor and seeing a doctor that uses Gmail 01:44:30.711 --> 01:44:31.992 or even, God forbid, Teams, 01:44:32.292 --> 01:44:33.212 please go see the doctor. 01:44:33.332 --> 01:44:34.373 Your health always comes first. 01:44:35.014 --> 01:44:37.475 That said, in my experience, 01:44:37.536 --> 01:44:38.657 a lot of this is institutional. 01:44:38.716 --> 01:44:40.738 Like I have pushed – I'm – 01:44:41.826 --> 01:44:46.488 generally relatively healthy um my wife in 01:44:46.528 --> 01:44:49.149 particular has um you know seen a lot 01:44:49.168 --> 01:44:51.609 more doctors relatively than i have and i 01:44:51.630 --> 01:44:53.130 mentioned her because like i've tried to 01:44:53.350 --> 01:44:55.211 get her to push her doctors towards things 01:44:55.251 --> 01:44:57.231 like using signal instead of whatever 01:44:57.292 --> 01:44:59.832 weird platform they're on or something and 01:44:59.993 --> 01:45:01.233 a lot of the time the doctors don't 01:45:01.293 --> 01:45:02.453 really have control over that 01:45:02.654 --> 01:45:04.234 a lot of the time they'll, you know, 01:45:04.274 --> 01:45:04.854 they're like, oh, 01:45:05.055 --> 01:45:06.416 I do use Signal in my personal life. 01:45:06.435 --> 01:45:07.237 I'm totally cool with it, 01:45:07.976 --> 01:45:09.778 but I am required to use this platform 01:45:09.978 --> 01:45:13.539 because either it's not their practice and 01:45:13.579 --> 01:45:14.940 they have to do whatever their boss tells 01:45:14.961 --> 01:45:15.360 them to do, 01:45:15.400 --> 01:45:16.641 just like you do at your job, 01:45:17.323 --> 01:45:17.382 or 01:45:18.323 --> 01:45:20.444 there's like healthcare is so heavily 01:45:20.503 --> 01:45:22.386 regulated that even though HIPAA isn't 01:45:22.426 --> 01:45:23.326 really about privacy, 01:45:23.666 --> 01:45:26.268 there are very strict rules about who has 01:45:26.287 --> 01:45:27.609 to be able to access that data. 01:45:28.189 --> 01:45:30.010 And it does have to be transparent to 01:45:30.050 --> 01:45:30.371 a point, 01:45:30.770 --> 01:45:31.791 to the point where a lot of them 01:45:31.831 --> 01:45:34.512 can't use something like signal because 01:45:34.552 --> 01:45:35.713 like, again, 01:45:35.753 --> 01:45:36.914 like their boss has to be able to 01:45:36.994 --> 01:45:38.175 access it in the case of an audit 01:45:38.234 --> 01:45:39.536 or something along those lines. 01:45:40.117 --> 01:45:41.818 So that's a, 01:45:44.313 --> 01:45:44.453 It's, 01:45:44.573 --> 01:45:47.015 it's hard because in a lot of cases 01:45:47.055 --> 01:45:48.435 they might be totally willing to, 01:45:49.216 --> 01:45:51.097 it's just not something they actually can 01:45:51.398 --> 01:45:51.658 do. 01:45:51.917 --> 01:45:53.019 It's, it's beyond their control. 01:45:53.059 --> 01:45:55.140 They don't have the authority to make that 01:45:55.180 --> 01:45:55.440 call. 01:45:55.900 --> 01:45:56.341 Another thing, 01:45:56.461 --> 01:45:57.662 I think you may have mentioned this. 01:45:58.101 --> 01:45:58.403 Cause again, 01:45:58.422 --> 01:45:59.622 I was kind of skimming while I was 01:45:59.643 --> 01:46:00.123 listening to you, 01:46:00.724 --> 01:46:02.364 but there's a logistical thing. 01:46:02.425 --> 01:46:04.086 If we are talking about an office and 01:46:04.105 --> 01:46:05.087 not a single practice, 01:46:05.106 --> 01:46:08.729 like a single person, it's, you know, I, 01:46:08.869 --> 01:46:10.470 and my last job, we were using LastPass, 01:46:10.990 --> 01:46:12.152 probably still using LastPass. 01:46:12.752 --> 01:46:13.552 And I, 01:46:15.730 --> 01:46:17.993 would very openly kind of like, haha, JK, 01:46:18.014 --> 01:46:18.614 but not really. 01:46:18.994 --> 01:46:20.738 But I would very regularly like criticize 01:46:20.757 --> 01:46:21.238 the IT guys. 01:46:21.257 --> 01:46:21.738 I'm like, man, 01:46:21.779 --> 01:46:22.619 I can't believe we're still using 01:46:22.680 --> 01:46:23.161 LastPass. 01:46:23.600 --> 01:46:24.722 And they would point out, it's like, no, 01:46:24.783 --> 01:46:25.663 I totally agree with you. 01:46:26.625 --> 01:46:28.186 There's a thousand people in the company. 01:46:29.082 --> 01:46:30.042 across the country. 01:46:31.463 --> 01:46:33.645 Switching off LastPass is not easy, 01:46:33.784 --> 01:46:34.826 especially when you're talking about 01:46:34.865 --> 01:46:36.247 people that are not necessarily tech 01:46:36.266 --> 01:46:41.029 savvy, that don't... Yeah, for you or me, 01:46:41.090 --> 01:46:42.390 switching to another password manager is 01:46:42.430 --> 01:46:42.690 cake. 01:46:42.730 --> 01:46:44.271 But for a thousand people who, again, 01:46:44.591 --> 01:46:46.113 some of them call in every single day 01:46:46.274 --> 01:46:47.474 asking, how do I get into my email? 01:46:47.875 --> 01:46:51.096 It's a huge lift to migrate your entire 01:46:51.157 --> 01:46:52.698 infrastructure over to another provider. 01:46:53.238 --> 01:46:54.059 And then there's cost, 01:46:54.219 --> 01:46:56.661 which I know a lot of healthcare is... 01:46:59.591 --> 01:47:01.231 Let me politely say that cost should not 01:47:01.252 --> 01:47:02.332 be an issue for some of them. 01:47:02.753 --> 01:47:03.914 But here in the US, at least, 01:47:03.935 --> 01:47:05.475 a lot of them are for-profit entities, 01:47:05.496 --> 01:47:06.337 which means they're going to want to go 01:47:06.356 --> 01:47:07.738 with things that are inexpensive, 01:47:08.018 --> 01:47:09.538 which is going to automatically rule out 01:47:09.559 --> 01:47:10.720 Proton, for example. 01:47:12.542 --> 01:47:12.962 So, I mean, 01:47:13.221 --> 01:47:15.243 there's just so many factors that go into 01:47:15.304 --> 01:47:15.423 it. 01:47:15.484 --> 01:47:19.407 But I think, yeah, 01:47:20.729 --> 01:47:21.628 I also want to agree with what you 01:47:21.649 --> 01:47:24.532 said about it's very... 01:47:26.201 --> 01:47:28.141 How you ask is usually very helpful, 01:47:28.242 --> 01:47:30.423 like especially in some places, 01:47:30.444 --> 01:47:32.244 they're just used to people being entitled 01:47:32.364 --> 01:47:35.426 and frustrated and snappy. 01:47:36.087 --> 01:47:38.387 And so asking politely, like, you know, 01:47:38.448 --> 01:47:40.389 hey, I don't really like Zoom. 01:47:40.469 --> 01:47:41.609 Can we use something else for this 01:47:41.630 --> 01:47:43.570 appointment is going to make them a lot 01:47:43.610 --> 01:47:44.591 more likely to work with you if they 01:47:44.631 --> 01:47:47.953 can. 01:47:48.033 --> 01:47:50.114 I think I saw something in here where 01:47:50.154 --> 01:47:51.136 people were arguing about 01:47:52.841 --> 01:47:55.643 Because there was a section here where the 01:47:55.662 --> 01:47:57.305 original poster said something about like, 01:47:59.686 --> 01:48:00.167 okay, here it is. 01:48:00.186 --> 01:48:01.488 So they said health workers don't have to 01:48:01.528 --> 01:48:01.828 care. 01:48:01.868 --> 01:48:04.229 And they pointed out that like doctors are 01:48:04.331 --> 01:48:05.411 overflowing with patients. 01:48:05.591 --> 01:48:06.532 So it's like, it's almost, 01:48:06.551 --> 01:48:07.432 and I think you mentioned this too. 01:48:07.453 --> 01:48:08.713 It's almost like if you're being 01:48:08.734 --> 01:48:09.134 difficult, 01:48:09.194 --> 01:48:10.154 they just don't even have to work with 01:48:10.175 --> 01:48:10.274 you. 01:48:10.314 --> 01:48:11.235 There's like a line of, 01:48:11.496 --> 01:48:13.497 there's a literal waiting list in most 01:48:13.518 --> 01:48:14.479 places, right? 01:48:14.658 --> 01:48:15.399 But at the same time, 01:48:15.819 --> 01:48:16.841 we could weaponize that as well. 01:48:16.921 --> 01:48:18.363 And I understand not everybody has the 01:48:18.403 --> 01:48:19.484 time to be politically involved, 01:48:19.884 --> 01:48:23.148 but to call your representatives or email 01:48:23.188 --> 01:48:24.850 them once in a while, once a month, 01:48:25.390 --> 01:48:26.310 and say, hey, 01:48:26.730 --> 01:48:28.052 I really think we need better privacy 01:48:28.092 --> 01:48:28.372 laws. 01:48:29.795 --> 01:48:30.314 In this thread, 01:48:30.335 --> 01:48:31.737 they pointed out that when they're talking 01:48:31.756 --> 01:48:33.377 about trying to convince the doctor's 01:48:33.417 --> 01:48:33.958 office to move, 01:48:34.640 --> 01:48:36.400 they mentioned that Gmail has had 01:48:37.221 --> 01:48:39.623 so many fines for not handling patient 01:48:39.663 --> 01:48:41.645 data properly or user data properly and 01:48:41.685 --> 01:48:43.046 stuff like that, which for the record, 01:48:43.126 --> 01:48:44.006 I don't think that's going to work on 01:48:44.046 --> 01:48:45.207 them because, you know, they're like, Oh, 01:48:45.226 --> 01:48:46.807 but we use the HIPAA version that blah, 01:48:46.828 --> 01:48:47.268 blah, blah, blah. 01:48:47.287 --> 01:48:48.429 And again, HIPAA, 01:48:48.509 --> 01:48:50.130 there's not privacy anywhere in that 01:48:50.170 --> 01:48:50.390 title. 01:48:50.430 --> 01:48:51.711 But anyways, it's, you know, 01:48:51.730 --> 01:48:52.891 if you call your representatives and 01:48:52.912 --> 01:48:53.292 you're like, Hey, 01:48:53.311 --> 01:48:54.712 a lot of these doctor's offices are using 01:48:55.033 --> 01:48:56.094 Microsoft and Gmail, 01:48:56.134 --> 01:48:58.194 who Microsoft especially has been hacked 01:48:58.234 --> 01:48:59.756 more times than I have fingers and toes 01:49:00.256 --> 01:49:02.358 and trying to institute it at a, 01:49:02.597 --> 01:49:02.618 a 01:49:04.123 --> 01:49:04.965 I want to say structural level, 01:49:04.984 --> 01:49:05.585 systemic level, 01:49:05.904 --> 01:49:08.086 at a systemic level where they don't have 01:49:08.105 --> 01:49:10.807 to care because there are options or it's 01:49:10.828 --> 01:49:12.389 like mandated that they have to use 01:49:12.408 --> 01:49:13.310 something that's encrypted. 01:49:13.770 --> 01:49:16.011 And now there will be a whole bunch 01:49:16.030 --> 01:49:17.452 of companies that spring up to serve that 01:49:17.492 --> 01:49:17.811 purpose. 01:49:17.832 --> 01:49:18.091 I don't know. 01:49:18.152 --> 01:49:18.292 I mean, 01:49:18.313 --> 01:49:19.632 that's kind of a long-term solution, 01:49:19.693 --> 01:49:19.832 but... 01:49:20.673 --> 01:49:21.253 I don't know. 01:49:21.395 --> 01:49:22.635 I guess what I'm getting at is like 01:49:22.675 --> 01:49:23.355 for individuals, 01:49:23.475 --> 01:49:24.716 I don't think there is that much you 01:49:24.737 --> 01:49:25.578 can do, unfortunately. 01:49:26.578 --> 01:49:27.698 If you are in a position where you 01:49:27.719 --> 01:49:28.920 can shop around and you can find a 01:49:28.960 --> 01:49:30.440 doctor who's like, yes, I use Signal. 01:49:30.900 --> 01:49:31.761 I encrypt everything. 01:49:32.563 --> 01:49:33.182 Awesome. 01:49:33.262 --> 01:49:33.743 That's great. 01:49:33.884 --> 01:49:36.364 And if you have that privilege, 01:49:36.385 --> 01:49:37.405 you totally should use it. 01:49:38.207 --> 01:49:39.146 But for the average person, 01:49:39.186 --> 01:49:40.408 I think the best you can do is 01:49:40.448 --> 01:49:42.770 just kind of like ask the doctor like 01:49:42.770 --> 01:49:43.529 – 01:49:42.930 --> 01:49:43.970 can you not write this down? 01:49:43.990 --> 01:49:45.070 Um, can you, you know, 01:49:45.270 --> 01:49:46.252 especially if it's something less 01:49:46.292 --> 01:49:46.731 important, 01:49:46.811 --> 01:49:48.132 like they do have to make notes about 01:49:48.153 --> 01:49:49.474 your medical care, but if it's like, 01:49:50.173 --> 01:49:50.395 you know, 01:49:50.515 --> 01:49:51.414 please don't write down anything 01:49:51.454 --> 01:49:51.854 essential. 01:49:51.935 --> 01:49:52.775 Like I, 01:49:52.916 --> 01:49:55.637 I had one therapist who said that, um, 01:49:55.658 --> 01:49:57.219 she did not write down actual 01:49:57.259 --> 01:49:57.899 conversations. 01:49:57.939 --> 01:49:59.859 She just wrote down like broad notes about 01:49:59.939 --> 01:50:00.640 what we talked about. 01:50:01.541 --> 01:50:03.202 Um, but like never quoted me or anything. 01:50:03.301 --> 01:50:05.604 So yeah, uh, 01:50:05.743 --> 01:50:07.625 I've always advocated for like using alias 01:50:07.704 --> 01:50:09.145 email, alias phone numbers. 01:50:09.166 --> 01:50:10.667 Uh, that's more of a data breach thing, 01:50:10.726 --> 01:50:10.867 but 01:50:11.569 --> 01:50:11.810 Yeah. 01:50:11.829 --> 01:50:13.612 So, I mean, it's it's tricky, man. 01:50:15.054 --> 01:50:15.554 I mean, real quick, 01:50:15.573 --> 01:50:16.494 let me go back and check and see 01:50:16.515 --> 01:50:17.256 what Mike said here. 01:50:18.698 --> 01:50:19.438 I could explain a bit. 01:50:19.819 --> 01:50:21.119 There's a really big time constraint to 01:50:21.140 --> 01:50:22.280 see more patients and to keep up. 01:50:22.320 --> 01:50:22.462 Yeah. 01:50:22.542 --> 01:50:23.563 So that's a true thing, too. 01:50:23.882 --> 01:50:25.744 Doctors are really like, again, 01:50:25.784 --> 01:50:27.087 they have literal waiting lists. 01:50:27.146 --> 01:50:28.528 Like there's so many patients that need to 01:50:28.547 --> 01:50:29.009 be seen. 01:50:29.529 --> 01:50:31.171 And contrary to some stereotypes. 01:50:31.730 --> 01:50:33.572 I think most doctors are actually trying 01:50:33.612 --> 01:50:34.492 to help their patients. 01:50:34.551 --> 01:50:35.931 Like they're not all just like selfish and 01:50:35.971 --> 01:50:36.551 in it for the money. 01:50:37.072 --> 01:50:38.393 And so when they've got to see a 01:50:38.432 --> 01:50:39.073 million patients, 01:50:39.092 --> 01:50:40.292 but they've also got to make notes in 01:50:40.332 --> 01:50:41.512 between the care and they've got to, 01:50:41.953 --> 01:50:43.554 you know, send prescriptions, 01:50:43.573 --> 01:50:44.953 they've got to respond to messages and 01:50:44.974 --> 01:50:45.673 this, that, and the other. 01:50:45.694 --> 01:50:46.835 Um, 01:50:46.895 --> 01:50:47.795 a lot of the time is used for 01:50:47.835 --> 01:50:49.154 filing documents and insurance, 01:50:49.215 --> 01:50:49.994 legal documents, 01:50:50.175 --> 01:50:52.055 using AI for the slow typers helps. 01:50:52.336 --> 01:50:53.496 Um, that's another thing. 01:50:53.555 --> 01:50:54.636 If they are using AI, 01:50:54.676 --> 01:50:55.817 they have to fact check it and make 01:50:58.600 --> 01:51:00.122 But yeah, like you said, most importantly, 01:51:00.143 --> 01:51:01.203 they just don't understand that they are 01:51:01.224 --> 01:51:01.885 just employees. 01:51:02.324 --> 01:51:02.564 Yeah. 01:51:02.826 --> 01:51:04.447 So there have to be records. 01:51:04.466 --> 01:51:05.729 They use the most well-known ones like 01:51:05.769 --> 01:51:06.609 Teams and Gmail. 01:51:07.451 --> 01:51:08.452 Quick note, saw this all, 01:51:08.752 --> 01:51:09.872 has been a member for five months and 01:51:09.893 --> 01:51:10.694 said, keep up the good work. 01:51:10.713 --> 01:51:11.734 So thank you so much. 01:51:11.774 --> 01:51:14.118 But yeah, it's just... 01:51:15.341 --> 01:51:16.202 I think the best you can do is 01:51:16.242 --> 01:51:17.403 to ask nicely. 01:51:17.722 --> 01:51:19.323 Like that's, that's really my, 01:51:19.344 --> 01:51:20.604 I don't know if this is a common 01:51:20.625 --> 01:51:20.864 phrase. 01:51:20.904 --> 01:51:21.585 I feel like I don't hear it a 01:51:21.604 --> 01:51:21.725 lot, 01:51:21.744 --> 01:51:22.845 but my mother used to have this phrase 01:51:22.865 --> 01:51:24.926 that you catch more flies with honey than 01:51:24.947 --> 01:51:25.266 vinegar. 01:51:26.127 --> 01:51:27.408 And basically what she always meant was 01:51:27.427 --> 01:51:27.988 just like, you know, 01:51:28.108 --> 01:51:30.109 it like you get better results when you're 01:51:30.149 --> 01:51:30.729 nice to people. 01:51:31.369 --> 01:51:31.770 So yeah. 01:51:32.791 --> 01:51:35.113 I definitely would not go in there talking 01:51:35.234 --> 01:51:36.335 about like, oh, you know, 01:51:36.395 --> 01:51:37.577 Gmail's reading our emails. 01:51:37.617 --> 01:51:38.117 Because again, 01:51:38.478 --> 01:51:40.220 they don't understand that companies will 01:51:40.260 --> 01:51:41.121 do this stuff anyways. 01:51:41.801 --> 01:51:42.922 And they'll just say like, oh, 01:51:42.943 --> 01:51:43.804 but they're not supposed to do that 01:51:43.823 --> 01:51:45.666 because we have this special, again, 01:51:45.826 --> 01:51:47.368 like a lot of these companies do have 01:51:47.847 --> 01:51:49.229 a HIPAA compliant version that is 01:51:49.250 --> 01:51:51.011 specifically for medical companies. 01:51:51.231 --> 01:51:52.212 And so they'll be like, no, no, no, 01:51:52.231 --> 01:51:53.372 we're using this different version. 01:51:53.432 --> 01:51:54.353 And they don't understand that like, 01:51:54.372 --> 01:51:55.733 that doesn't really matter because again, 01:51:55.773 --> 01:51:56.913 HIPAA has nothing to do with privacy. 01:51:57.474 --> 01:51:57.894 But you know, 01:51:57.974 --> 01:51:59.073 if you go in there with like, 01:51:59.173 --> 01:51:59.434 I'm just, 01:51:59.493 --> 01:52:01.015 I'm really concerned about this stuff and 01:52:01.675 --> 01:52:02.555 it makes me uncomfortable. 01:52:02.675 --> 01:52:02.935 And like, 01:52:03.015 --> 01:52:04.176 I would prefer to use something else. 01:52:04.416 --> 01:52:05.916 And I think again, 01:52:05.935 --> 01:52:06.855 if you're kind about it, 01:52:06.957 --> 01:52:09.537 I think people will be much more likely 01:52:09.556 --> 01:52:11.217 to work with you as best they can. 01:52:11.677 --> 01:52:12.597 But yeah, 01:52:12.698 --> 01:52:14.498 unfortunately the privacy situation in 01:52:14.519 --> 01:52:15.498 healthcare kind of sucks. 01:52:17.188 --> 01:52:19.189 I think one other interesting thing that I 01:52:19.229 --> 01:52:20.890 think kind of happens with these doctors 01:52:21.011 --> 01:52:21.511 is like, 01:52:21.890 --> 01:52:24.934 like Mike last name said in the chat, 01:52:24.953 --> 01:52:26.914 like basically doctors don't really have 01:52:26.975 --> 01:52:28.815 time to read the privacy policies of every 01:52:28.836 --> 01:52:29.436 tool they're using. 01:52:29.917 --> 01:52:31.677 And a lot of times these, 01:52:31.898 --> 01:52:33.800 these vendors of these, of these software, 01:52:33.939 --> 01:52:35.461 like they'll, they'll say, Oh, it's, 01:52:35.661 --> 01:52:37.521 it's got all this privacy stuff and it's 01:52:37.561 --> 01:52:37.962 like, it's, 01:52:38.162 --> 01:52:39.844 it's secure and it's not going to send 01:52:39.884 --> 01:52:40.444 it to anywhere. 01:52:41.045 --> 01:52:42.826 And I've been to multiple doctor's office 01:52:42.865 --> 01:52:45.247 and they're using AI transcription 01:52:45.307 --> 01:52:46.748 software and that software is, 01:52:47.069 --> 01:52:49.149 it's it's it says that it's private but 01:52:49.189 --> 01:52:51.551 it's sending all that to open ai but 01:52:51.591 --> 01:52:53.412 it's just zero retention like that's not 01:52:53.472 --> 01:52:57.135 very that's not very good like that's 01:52:57.336 --> 01:52:59.096 that's exactly what we don't want and it's 01:52:59.117 --> 01:53:01.417 a lot of times it's these vendors that 01:53:01.438 --> 01:53:03.139 are trying to sell to these to these 01:53:03.179 --> 01:53:05.501 medical practices that kind of get get it 01:53:05.860 --> 01:53:07.702 pull the wool over the eyes of these 01:53:07.742 --> 01:53:09.884 doctors and basically you know tell them 01:53:10.104 --> 01:53:11.465 you're going to save so much time if 01:53:11.484 --> 01:53:13.286 you use this tool and like you know 01:53:13.826 --> 01:53:15.207 it's completely private and it's, 01:53:15.427 --> 01:53:16.047 it's no problem. 01:53:16.149 --> 01:53:16.788 And, you know, 01:53:16.849 --> 01:53:20.273 I think you have to be a bit 01:53:20.313 --> 01:53:20.733 genuine. 01:53:20.773 --> 01:53:22.715 Like you have to, you have to say, 01:53:22.775 --> 01:53:24.757 if you say no to them using these, 01:53:25.377 --> 01:53:27.060 this piece of these pieces of software, 01:53:27.100 --> 01:53:29.122 like if it's AI transcription or if it's 01:53:29.743 --> 01:53:32.045 some other like medical system they use 01:53:32.064 --> 01:53:33.567 for booking appointments or something like 01:53:33.606 --> 01:53:34.127 that, um, 01:53:35.497 --> 01:53:36.720 I've just never seen email. 01:53:36.939 --> 01:53:39.922 I've never seen anyone emailing patient 01:53:39.962 --> 01:53:40.524 records around. 01:53:40.583 --> 01:53:41.824 So that's very bizarre to me. 01:53:42.006 --> 01:53:44.588 But I guess if they're using an email 01:53:44.628 --> 01:53:45.048 system, 01:53:45.189 --> 01:53:47.652 convincing them to switch might be 01:53:47.712 --> 01:53:48.193 possible. 01:53:48.252 --> 01:53:49.493 But I feel like that's a bit more 01:53:49.533 --> 01:53:50.114 of a, 01:53:50.154 --> 01:53:51.936 that's definitely a bit more of a harder 01:53:51.976 --> 01:53:53.319 thing to get them to do, I think. 01:53:54.757 --> 01:53:55.837 Yeah, I don't, to clarify, 01:53:55.858 --> 01:53:56.618 I don't know if they use it to 01:53:56.719 --> 01:53:58.298 email patient records, but I mean, 01:53:58.319 --> 01:53:59.338 that was another thing that I was thinking 01:53:59.359 --> 01:54:00.640 about while you were talking on that note 01:54:00.800 --> 01:54:02.680 is it's, you know, 01:54:02.720 --> 01:54:03.980 coupling what Mike said about like, 01:54:04.001 --> 01:54:05.421 they have so many patients to see. 01:54:05.841 --> 01:54:06.202 Okay. 01:54:06.381 --> 01:54:08.202 And so when you have to see, 01:54:08.662 --> 01:54:11.103 when you have eight hours in a day 01:54:11.302 --> 01:54:11.882 and you need to see 01:54:14.091 --> 01:54:16.854 And they all have questions and concerns. 01:54:17.015 --> 01:54:19.238 And I'm hitting that age where every time 01:54:19.278 --> 01:54:20.399 my leg starts hurting a little bit, 01:54:20.439 --> 01:54:21.841 I'm like, maybe I have a blood clot. 01:54:21.881 --> 01:54:24.404 Maybe I should go to the doctor. 01:54:24.484 --> 01:54:26.947 When you have patients like that all day, 01:54:27.106 --> 01:54:27.587 and again, 01:54:27.608 --> 01:54:28.949 you need to take notes in between and 01:54:28.970 --> 01:54:29.911 the billing and the filing. 01:54:30.350 --> 01:54:32.131 And so now you're saying like, Oh, 01:54:32.171 --> 01:54:34.193 but I want them to like store everything 01:54:34.353 --> 01:54:35.712 offline in Libra office. 01:54:36.073 --> 01:54:36.293 Okay. 01:54:36.354 --> 01:54:37.694 And what happens when you move and they 01:54:37.713 --> 01:54:39.175 need to transfer your medical record to 01:54:39.215 --> 01:54:39.574 someone else, 01:54:39.635 --> 01:54:40.815 or they need to get your medical, 01:54:40.876 --> 01:54:42.235 we already have a huge problem in this 01:54:42.275 --> 01:54:43.176 country, in this country, 01:54:43.195 --> 01:54:44.476 in the U S I think it's probably 01:54:44.497 --> 01:54:45.577 better in other places, I hope. 01:54:45.938 --> 01:54:46.217 But like, 01:54:46.478 --> 01:54:47.438 we already have a huge problem where 01:54:47.557 --> 01:54:49.458 nobody uses a standardized medical system. 01:54:49.899 --> 01:54:51.720 So like every time my wife and I 01:54:51.779 --> 01:54:53.440 move and you know, it's like, Oh, 01:54:53.480 --> 01:54:54.881 now we're closer to a different doctor. 01:54:54.900 --> 01:54:56.042 So let's start going here instead. 01:54:56.542 --> 01:54:58.703 It's this huge pain in the ass to 01:54:58.762 --> 01:55:00.523 get the medical records transferred from 01:55:00.662 --> 01:55:01.623 one place to another. 01:55:02.304 --> 01:55:02.944 And, you know, 01:55:03.024 --> 01:55:05.225 it's just like everything is fragmented. 01:55:06.164 --> 01:55:07.364 And, you know, 01:55:07.445 --> 01:55:08.725 it's more work is what I'm getting at. 01:55:08.765 --> 01:55:10.246 Like if you're the one who's like, 01:55:10.747 --> 01:55:12.306 I'm the only person who's saying, hey, 01:55:12.367 --> 01:55:13.327 don't use this system. 01:55:13.747 --> 01:55:15.047 You're one person out of, again, 01:55:15.108 --> 01:55:17.109 five hundred on a waiting list and they 01:55:17.128 --> 01:55:17.748 don't care. 01:55:17.868 --> 01:55:19.128 And it's going to make it quicker for 01:55:19.168 --> 01:55:20.109 me to give you care. 01:55:20.149 --> 01:55:21.430 Like that's what the doctors are saying. 01:55:22.774 --> 01:55:25.135 are interested in so it's just there's 01:55:25.175 --> 01:55:26.735 there's so many things working against us 01:55:26.756 --> 01:55:28.277 which is why again i'm kind of i 01:55:28.317 --> 01:55:29.497 know it's hard work and i know i 01:55:29.518 --> 01:55:31.279 can't ask that of everybody but i'm kind 01:55:31.319 --> 01:55:32.179 of at the point where it's like this 01:55:32.198 --> 01:55:33.300 needs to be one of those things that 01:55:33.319 --> 01:55:35.640 like trickles down from the top where like 01:55:35.680 --> 01:55:38.542 we have these good privacy laws that say 01:55:39.283 --> 01:55:40.863 you know medical emails have to be 01:55:41.684 --> 01:55:43.345 end-to-end encrypted or encrypted at rest. 01:55:43.385 --> 01:55:45.206 These systems have to enforce two-factor 01:55:45.225 --> 01:55:47.127 authentication. 01:55:47.186 --> 01:55:49.988 These kind of technical requirements that 01:55:50.028 --> 01:55:50.929 will give us privacy, 01:55:50.948 --> 01:55:53.050 that it is illegal to share data with 01:55:53.109 --> 01:55:54.831 third parties for anything other than 01:55:54.871 --> 01:55:57.311 research purposes or something like that. 01:55:57.591 --> 01:56:00.113 We need something at a systemic level so 01:56:00.154 --> 01:56:02.055 that doctors and nurses don't need to care 01:56:02.074 --> 01:56:03.215 about this stuff anymore because it's 01:56:03.295 --> 01:56:05.515 built into the systems they use, 01:56:05.576 --> 01:56:07.077 which is really what we need at all 01:56:07.117 --> 01:56:08.278 levels, not just healthcare, 01:56:08.337 --> 01:56:09.118 but I digress. 01:56:09.198 --> 01:56:10.078 I'm kind of rambling now. 01:56:10.118 --> 01:56:10.698 So yeah. 01:56:12.443 --> 01:56:12.842 Yeah. 01:56:12.943 --> 01:56:13.143 I mean, 01:56:13.222 --> 01:56:15.864 I think a lot of vendors that are 01:56:15.885 --> 01:56:17.365 trying to sell this software to doctors, 01:56:17.405 --> 01:56:19.567 they do think that they are providing that 01:56:19.606 --> 01:56:20.006 right now. 01:56:20.287 --> 01:56:22.109 They think that zero retention sending 01:56:22.168 --> 01:56:25.170 your transcription to OpenAI is fine. 01:56:25.350 --> 01:56:27.351 But yeah, 01:56:27.551 --> 01:56:29.393 I think it's kind of frustrating because 01:56:31.217 --> 01:56:34.341 usually if it's an AI transcription 01:56:34.400 --> 01:56:34.921 locally, 01:56:35.442 --> 01:56:36.944 that's going to be a lot more expensive, 01:56:36.984 --> 01:56:37.323 isn't it? 01:56:37.505 --> 01:56:38.565 Because you've got to have a whole, 01:56:39.166 --> 01:56:39.386 you know, 01:56:39.546 --> 01:56:41.108 a whole beefy computer to run that. 01:56:41.328 --> 01:56:41.969 So, you know, 01:56:41.988 --> 01:56:43.109 it's definitely a harder sell. 01:56:43.690 --> 01:56:45.872 So I kind of understand why a lot 01:56:45.893 --> 01:56:47.975 of times these systems that are like 01:56:48.034 --> 01:56:50.957 relying on external third parties and 01:56:50.997 --> 01:56:54.221 stuff is kind of becoming more 01:56:56.328 --> 01:56:56.708 popular. 01:56:57.130 --> 01:56:57.350 It said, 01:56:57.869 --> 01:56:59.631 so Mike Lastname has kind of put a 01:56:59.791 --> 01:57:00.810 couple more comments. 01:57:04.453 --> 01:57:06.033 Not only the privacy policies, 01:57:06.054 --> 01:57:07.213 but also in general, 01:57:07.434 --> 01:57:11.515 they don't understand how computers work 01:57:12.657 --> 01:57:14.438 as thinking maybe we as the clinic or 01:57:14.478 --> 01:57:15.797 mail service could get hacked. 01:57:16.519 --> 01:57:17.738 Yeah, I don't think they think about, 01:57:17.779 --> 01:57:19.899 they don't think about like the 01:57:19.939 --> 01:57:21.541 cybersecurity risks and such. 01:57:21.980 --> 01:57:23.242 It kind of sucks though, because with 01:57:24.979 --> 01:57:26.862 With the medical field, 01:57:27.162 --> 01:57:29.064 you kind of do have to store records 01:57:29.123 --> 01:57:29.564 on people. 01:57:30.083 --> 01:57:32.286 I need to have records of my treatment 01:57:32.326 --> 01:57:34.007 so my doctor can understand how to treat 01:57:34.028 --> 01:57:37.911 me the best. 01:57:38.051 --> 01:57:38.792 In other areas, 01:57:38.832 --> 01:57:40.974 it's like minimal data retention is the 01:57:40.993 --> 01:57:41.333 best. 01:57:41.675 --> 01:57:43.095 But in this specific case, 01:57:43.555 --> 01:57:45.417 maximum data retention is the most 01:57:45.478 --> 01:57:47.378 important because if someone doesn't 01:57:47.439 --> 01:57:48.260 understand your... 01:57:49.560 --> 01:57:52.742 your needs or your issues then they're not 01:57:52.761 --> 01:57:53.483 going to be able to give you the 01:57:53.523 --> 01:57:57.163 correct care um and I think the other 01:57:57.184 --> 01:57:58.805 thing that Nate said about like the data 01:57:58.824 --> 01:58:00.564 transfer stuff I think that's another 01:58:00.585 --> 01:58:04.426 thing that we could definitely improve um 01:58:04.447 --> 01:58:05.907 it's never been an issue for me but 01:58:06.186 --> 01:58:08.328 I guess it could be I guess because 01:58:08.368 --> 01:58:11.389 you kind of have that I'm not sure 01:58:11.429 --> 01:58:12.630 it's I always thought it was 01:58:14.502 --> 01:58:16.542 done through like a government run system 01:58:16.603 --> 01:58:18.465 here, but maybe I guess through, 01:58:18.564 --> 01:58:20.405 through your system, it's kind of like, 01:58:20.786 --> 01:58:22.948 it's just different private companies kind 01:58:22.988 --> 01:58:24.448 of managing the records. 01:58:25.269 --> 01:58:26.010 Um, so it, it, 01:58:27.648 --> 01:58:28.609 I mean, a little bit off topic. 01:58:28.689 --> 01:58:30.628 It's not usually a huge issue for us. 01:58:30.829 --> 01:58:32.791 Usually my wife just calls the old clinic 01:58:32.810 --> 01:58:33.350 and goes, hey, 01:58:33.390 --> 01:58:34.770 I've moved to this other doctor because we 01:58:34.832 --> 01:58:35.212 moved. 01:58:35.252 --> 01:58:36.252 And, you know, 01:58:36.332 --> 01:58:37.912 I've she fills out a form and we 01:58:37.953 --> 01:58:39.854 scan it and there's your email. 01:58:39.913 --> 01:58:41.994 Actually, we email it to them or whatever. 01:58:42.135 --> 01:58:43.055 And they, you know, 01:58:43.355 --> 01:58:45.095 send over the medical records. 01:58:45.157 --> 01:58:48.238 But it's definitely I have a friend who 01:58:48.557 --> 01:58:49.399 has he's a. 01:58:50.658 --> 01:58:51.600 a full stack developer. 01:58:51.659 --> 01:58:52.581 He's very experienced. 01:58:52.600 --> 01:58:55.002 He's a veteran and he's worked for a 01:58:55.042 --> 01:58:55.622 lot of startups. 01:58:55.643 --> 01:58:57.385 And one of his most recent was a 01:58:57.585 --> 01:58:58.386 healthcare startup. 01:58:58.886 --> 01:59:00.247 And that's what they were trying to do 01:59:00.287 --> 01:59:03.130 basically was trying to create a way to 01:59:04.030 --> 01:59:06.552 make it easier for healthcare companies to 01:59:06.613 --> 01:59:07.953 standardize record formats. 01:59:07.974 --> 01:59:09.654 So they were more easily transferable 01:59:10.176 --> 01:59:12.237 because again, we, like you were saying, 01:59:12.256 --> 01:59:12.557 we, 01:59:12.618 --> 01:59:16.440 we have a bunch of fragmented private 01:59:16.480 --> 01:59:17.702 companies here and, 01:59:17.881 --> 01:59:20.224 And so like on a technical level, 01:59:20.244 --> 01:59:21.326 like the database itself, 01:59:21.645 --> 01:59:23.528 the format for this company may not match 01:59:23.547 --> 01:59:24.649 the format for this company. 01:59:25.088 --> 01:59:26.109 So even if they do, 01:59:26.170 --> 01:59:27.971 it's almost like I don't know if you've 01:59:27.992 --> 01:59:28.733 had this experience, 01:59:28.752 --> 01:59:29.673 but I know it's pretty common here in 01:59:29.694 --> 01:59:30.954 America where like you'll go to apply for 01:59:30.975 --> 01:59:33.037 a job and sometimes it'll be like, oh, 01:59:33.056 --> 01:59:34.359 click here to upload your resume and you 01:59:34.439 --> 01:59:36.621 upload your resume and it's still wrong. 01:59:36.701 --> 01:59:37.582 And you have to go through and like 01:59:37.622 --> 01:59:39.524 manually reformat everything correctly, 01:59:39.543 --> 01:59:40.404 which is super annoying. 01:59:41.125 --> 01:59:41.786 It's kind of like that. 01:59:41.805 --> 01:59:43.667 It's like they might transfer the medical 01:59:43.707 --> 01:59:44.027 records, 01:59:44.367 --> 01:59:46.068 but they may still need to be cleaned 01:59:46.108 --> 01:59:47.349 up on the other side because there's no 01:59:47.408 --> 01:59:50.610 standard protocol for how they transfer. 01:59:52.735 --> 01:59:53.055 It's weird. 01:59:53.136 --> 01:59:54.197 I mean, I'm in the VA, 01:59:54.237 --> 01:59:55.056 so I've never had that problem, 01:59:55.096 --> 01:59:56.358 which actually I wanted to say that real 01:59:56.377 --> 01:59:56.578 quick. 01:59:56.938 --> 01:59:57.537 I thought that was funny. 01:59:57.557 --> 01:59:59.378 You were talking about like healthcare is 01:59:59.418 --> 02:00:00.439 kind of like the one time it makes 02:00:00.458 --> 02:00:02.739 sense to have maximum data retention. 02:00:03.180 --> 02:00:04.220 And this happened to me. 02:00:05.641 --> 02:00:06.721 I mean, full disclosure to everybody, 02:00:07.002 --> 02:00:08.703 I'm back on antidepressants now. 02:00:09.363 --> 02:00:11.663 And when I went to the VA and 02:00:11.684 --> 02:00:12.043 I was like, hey, 02:00:12.064 --> 02:00:13.324 I want to get back on antidepressants. 02:00:13.984 --> 02:00:15.565 And he like pulled up my record and 02:00:15.586 --> 02:00:16.046 he's like, oh, 02:00:16.086 --> 02:00:17.086 so you used to take this one. 02:00:17.426 --> 02:00:18.447 He's like, how much were you taking? 02:00:18.466 --> 02:00:18.806 And I'm like, 02:00:20.690 --> 02:00:21.471 What do you mean how much was I 02:00:21.511 --> 02:00:21.631 taking? 02:00:21.652 --> 02:00:22.613 Shouldn't that be in the record? 02:00:22.632 --> 02:00:22.792 Like, 02:00:22.872 --> 02:00:24.033 I don't know how much I was taking. 02:00:24.073 --> 02:00:25.435 That was four years ago. 02:00:26.817 --> 02:00:27.637 And for some reason, 02:00:27.858 --> 02:00:29.439 the dosage that I was on was not 02:00:29.560 --> 02:00:30.541 in the medical record. 02:00:30.581 --> 02:00:31.440 It was super weird. 02:00:31.520 --> 02:00:32.341 But yeah, 02:00:32.362 --> 02:00:33.422 it's like the one time that it's like, 02:00:33.443 --> 02:00:34.163 that was four years ago. 02:00:34.184 --> 02:00:35.685 Why should I know what my dosage was? 02:00:35.746 --> 02:00:36.907 I thought you guys handled that. 02:00:38.448 --> 02:00:38.828 So yeah, 02:00:39.628 --> 02:00:43.092 that's our lovely fragmented system around 02:00:43.153 --> 02:00:43.332 here. 02:00:44.957 --> 02:00:46.519 yeah it is kind of I don't know 02:00:46.859 --> 02:00:49.618 I've definitely run into issues similar to 02:00:49.639 --> 02:00:53.480 that like people not having the correct 02:00:53.541 --> 02:00:56.480 information or like assuming things um 02:00:57.282 --> 02:00:58.881 it's not great but I think yeah I 02:00:58.902 --> 02:01:00.143 do think it is kind of important to 02:01:00.182 --> 02:01:02.403 have that data in in the medical field 02:01:02.622 --> 02:01:04.583 um especially I don't know like 02:01:06.186 --> 02:01:08.868 I think having good notes on people's 02:01:08.988 --> 02:01:10.350 conditions is kind of important. 02:01:10.409 --> 02:01:10.949 Unfortunately, 02:01:10.970 --> 02:01:13.752 like we would rather that that information 02:01:13.851 --> 02:01:16.194 isn't stored right because it can probably 02:01:16.234 --> 02:01:17.335 get breached at some point. 02:01:17.375 --> 02:01:19.435 But also like if you're seeing a lot 02:01:19.456 --> 02:01:21.197 of doctors and they kind of need to 02:01:21.237 --> 02:01:22.337 be able to coordinate together, 02:01:22.417 --> 02:01:24.198 it's kind of problematic if you don't have 02:01:24.238 --> 02:01:24.939 those notes. 02:01:28.261 --> 02:01:30.863 It looks like someone said here National 02:01:31.243 --> 02:01:34.006 Nurses United has been part of protesting 02:01:34.086 --> 02:01:35.247 Palantir campaign's 02:01:35.935 --> 02:01:37.358 Yeah, I know Palantir... 02:01:38.118 --> 02:01:41.704 Doesn't Palantir have stuff to do with the 02:01:41.744 --> 02:01:43.186 medical sector as well now? 02:01:43.207 --> 02:01:44.729 They're kind of moving into that as well? 02:01:45.610 --> 02:01:46.893 I don't know if I've heard about that, 02:01:46.912 --> 02:01:48.234 but it wouldn't surprise me because I'm 02:01:48.435 --> 02:01:48.735 really... 02:01:50.204 --> 02:01:50.966 For those who don't know, 02:01:51.065 --> 02:01:52.346 the interesting thing about Palantir is 02:01:52.386 --> 02:01:54.609 they technically don't do any surveillance 02:01:54.649 --> 02:01:55.711 or data collection themselves. 02:01:56.110 --> 02:01:57.773 What they do is they're kind of like 02:01:57.792 --> 02:01:58.673 my friend I just talked about. 02:01:59.215 --> 02:02:00.695 They're trying to figure out how to 02:02:00.996 --> 02:02:03.038 aggregate all the data and make it all 02:02:03.078 --> 02:02:04.420 talk to each other and then turn it 02:02:04.460 --> 02:02:05.360 over to law enforcement. 02:02:05.421 --> 02:02:06.802 So, I mean, yeah, 02:02:06.842 --> 02:02:07.984 healthcare seems like it would be an 02:02:08.003 --> 02:02:09.064 inevitable part of that mission. 02:02:09.284 --> 02:02:10.867 So if they're not moving in yet, 02:02:10.907 --> 02:02:11.868 I'm sure it's on the roadmap. 02:02:14.716 --> 02:02:14.996 Yeah. 02:02:15.077 --> 02:02:16.738 And then Mike, last name also said, 02:02:17.179 --> 02:02:19.240 there's also what we call defensive 02:02:19.280 --> 02:02:20.762 medicine where doctors want to make 02:02:20.802 --> 02:02:22.265 records of everything in the case they get 02:02:22.305 --> 02:02:22.845 a lawsuit. 02:02:23.506 --> 02:02:23.707 Yeah. 02:02:24.207 --> 02:02:24.887 Yeah. 02:02:25.548 --> 02:02:26.289 That's fair too. 02:02:26.470 --> 02:02:26.670 I mean, 02:02:26.970 --> 02:02:28.612 everyone's got to protect themselves. 02:02:28.693 --> 02:02:30.534 I think, yeah, especially doctors, 02:02:30.675 --> 02:02:30.895 I think, 02:02:31.114 --> 02:02:33.457 especially someone who's your primary care 02:02:33.478 --> 02:02:33.878 provider, 02:02:33.899 --> 02:02:34.559 they have kind of 02:02:35.720 --> 02:02:38.064 quite a lot of say over what care 02:02:38.083 --> 02:02:38.604 you receive. 02:02:38.645 --> 02:02:39.726 So it kind of makes sense. 02:02:40.648 --> 02:02:40.849 Yeah, 02:02:40.868 --> 02:02:42.251 we've talked about this one for a while. 02:02:42.270 --> 02:02:43.592 Do you have anything actually you want to 02:02:43.653 --> 02:02:45.414 add before we hop into this next forum 02:02:45.435 --> 02:02:45.695 post? 02:02:47.023 --> 02:02:48.064 Um, yeah, just real quick. 02:02:48.104 --> 02:02:49.244 I was going to say, uh, in, 02:02:49.364 --> 02:02:50.645 in response to what Mike said about the 02:02:50.966 --> 02:02:52.247 doctors keeping a record of lawsuits, 02:02:52.306 --> 02:02:53.447 I found out here in the U S 02:02:53.506 --> 02:02:54.747 at least in like emergency rooms, 02:02:55.429 --> 02:02:56.469 if I understand it correctly, 02:02:56.529 --> 02:02:58.270 it's almost like the doctors are like 02:02:58.451 --> 02:03:00.252 contractors renting out the rooms. 02:03:01.113 --> 02:03:01.432 Um, 02:03:01.453 --> 02:03:03.014 because the hospitals and the doctors will 02:03:03.033 --> 02:03:03.814 bill you separately, 02:03:03.873 --> 02:03:05.775 like to go see the doctor costs like 02:03:05.815 --> 02:03:06.855 two hundred and fifty bucks, 02:03:07.256 --> 02:03:08.818 but then you're paying like a thousand 02:03:08.858 --> 02:03:10.298 dollars for the aspirin and the room 02:03:10.319 --> 02:03:11.298 cleaning and all this kind of stuff. 02:03:11.319 --> 02:03:12.279 And they're like separate fees. 02:03:12.319 --> 02:03:13.161 But yeah, 02:03:13.220 --> 02:03:14.440 so doctors make a lot of money, 02:03:14.461 --> 02:03:15.641 but it's also because from what I 02:03:15.662 --> 02:03:16.643 understand, they're like, 02:03:17.382 --> 02:03:18.965 kind of a lot more on the hook 02:03:18.984 --> 02:03:20.265 for it like when you sue a doctor 02:03:20.284 --> 02:03:21.725 you're not suing the hospital you're suing 02:03:21.765 --> 02:03:24.889 the actual doctor so yeah that's um not 02:03:24.908 --> 02:03:26.350 saying that's a good system but yeah i 02:03:26.390 --> 02:03:28.610 totally get it for sure like you said 02:03:28.631 --> 02:03:31.533 you got to protect yourself that is the 02:03:31.552 --> 02:03:34.694 u.s health care system for you oh best 02:03:34.756 --> 02:03:37.117 country on the planet they tell me i'm 02:03:37.136 --> 02:03:38.757 not gonna get into that there's worse 02:03:38.778 --> 02:03:40.539 places i'll say that i uh i would 02:03:40.560 --> 02:03:42.261 rather be here than a lot of places 02:03:42.280 --> 02:03:44.662 in the world so um 02:03:45.783 --> 02:03:46.463 Moving on, 02:03:46.524 --> 02:03:48.305 the last forum post we were going to 02:03:48.345 --> 02:03:48.725 look at, 02:03:48.864 --> 02:03:51.086 is RCS with Google messages worth having 02:03:51.145 --> 02:03:52.546 Google on my phone? 02:03:53.167 --> 02:03:56.529 So this person has a graphene phone, 02:03:56.630 --> 02:03:57.649 and they're basically saying, like, 02:03:57.670 --> 02:03:58.631 I was kind of thinking about it, 02:03:59.051 --> 02:04:02.273 and I can totally take all the Google 02:04:02.292 --> 02:04:03.934 Play stuff off of my phone, 02:04:04.594 --> 02:04:07.095 except that I use Google and RCS. 02:04:07.256 --> 02:04:08.457 And so basically, they're saying, like, 02:04:08.556 --> 02:04:10.818 is it worth it to have this, like, 02:04:10.858 --> 02:04:12.319 totally de-Googled phone? 02:04:13.590 --> 02:04:15.731 But to go ahead and put some Google 02:04:15.851 --> 02:04:17.552 on it for the sake of getting access 02:04:17.592 --> 02:04:19.453 to RCS messages. 02:04:20.835 --> 02:04:22.877 And they do specifically mention that they 02:04:22.896 --> 02:04:24.778 say their closest contacts use Signal. 02:04:25.859 --> 02:04:28.400 But non-close contacts and random people, 02:04:28.581 --> 02:04:29.680 they always default to... 02:04:29.720 --> 02:04:31.061 They say they do live in the USA, 02:04:31.141 --> 02:04:33.003 so it's always just regular text message. 02:04:34.185 --> 02:04:34.925 I can confirm this one. 02:04:34.965 --> 02:04:36.326 You said you have to pull teeth to 02:04:36.345 --> 02:04:37.627 get them to use anything else. 02:04:39.167 --> 02:04:39.328 So... 02:04:40.828 --> 02:04:42.470 They're just kind of looking for a second 02:04:42.572 --> 02:04:42.992 opinion. 02:04:44.713 --> 02:04:45.354 Well, they do say, 02:04:45.395 --> 02:04:46.595 how do we know Google isn't lying about 02:04:46.615 --> 02:04:47.938 the encryption or isn't client-side 02:04:47.957 --> 02:04:48.679 scanning messages? 02:04:49.078 --> 02:04:50.320 I will tell you right now, actually, 02:04:51.122 --> 02:04:52.143 I'm assuming this is still true. 02:04:53.363 --> 02:04:54.746 I covered a story on Surveillance Report a 02:04:54.765 --> 02:04:56.787 long time ago where Google does actually 02:04:56.828 --> 02:04:58.350 make hashes of the message. 02:04:59.269 --> 02:05:00.449 And then compare the hashes. 02:05:00.470 --> 02:05:01.591 So they do actually know who you're 02:05:01.612 --> 02:05:02.131 talking to. 02:05:02.172 --> 02:05:03.854 They can't see the content of the message. 02:05:03.914 --> 02:05:05.036 But yeah, 02:05:05.456 --> 02:05:06.537 that's why I always tell people when I 02:05:06.557 --> 02:05:08.078 explain that RCS has an encryption, 02:05:08.099 --> 02:05:08.380 I'm like, yeah, 02:05:08.399 --> 02:05:10.341 it's better than not having it. 02:05:10.362 --> 02:05:11.262 But also at the same time, 02:05:11.302 --> 02:05:12.645 it's definitely not as good as something 02:05:12.685 --> 02:05:13.085 like Signal. 02:05:13.104 --> 02:05:16.248 I'm gonna have to go find that story. 02:05:16.328 --> 02:05:17.010 But yeah. 02:05:17.511 --> 02:05:17.872 Yeah. 02:05:18.092 --> 02:05:19.033 I mean, this is a, 02:05:19.073 --> 02:05:20.033 I think this is kind of a classic 02:05:20.054 --> 02:05:20.914 question for everybody, right? 02:05:20.954 --> 02:05:21.796 Cause you're always going to have the 02:05:21.815 --> 02:05:23.697 people that won't use signal or can't use 02:05:23.737 --> 02:05:25.838 signal or just like the one-off contacts 02:05:25.859 --> 02:05:27.439 that like, you know, again, 02:05:27.460 --> 02:05:28.360 at my last job, I, 02:05:28.560 --> 02:05:30.323 I interfaced with a lot of other trades 02:05:30.342 --> 02:05:30.983 and other jobs. 02:05:31.002 --> 02:05:32.264 And so I would have to give them 02:05:32.283 --> 02:05:33.604 a phone number to like call me or 02:05:33.625 --> 02:05:34.826 text me if they had any questions or 02:05:34.865 --> 02:05:35.167 anything. 02:05:36.287 --> 02:05:36.787 So, um, 02:05:38.296 --> 02:05:40.358 I think my thoughts are, 02:05:40.898 --> 02:05:42.158 it kind of depends. 02:05:42.238 --> 02:05:43.378 If that happens to you a lot, 02:05:43.439 --> 02:05:44.220 I'm at the point where, 02:05:44.800 --> 02:05:45.899 even before I took this job, like, 02:05:46.060 --> 02:05:47.640 ninety percent of my communications were 02:05:47.680 --> 02:05:48.121 on Signal, 02:05:48.841 --> 02:05:51.203 and the ten percent that weren't were 02:05:51.222 --> 02:05:52.502 mostly job-related stuff, 02:05:52.582 --> 02:05:53.463 like professional stuff. 02:05:53.484 --> 02:05:54.423 So it was like, okay, 02:05:55.203 --> 02:05:56.364 I don't really care if that's encrypted 02:05:56.404 --> 02:05:56.805 personally, 02:05:56.904 --> 02:05:58.046 and I would rather not have Google 02:05:58.065 --> 02:05:59.765 Messages and deal with that. 02:06:02.153 --> 02:06:02.934 I think if you're kind of in the 02:06:02.993 --> 02:06:04.113 opposite boat where it's like, okay, 02:06:04.154 --> 02:06:05.756 but only my closest friends and family are 02:06:05.796 --> 02:06:07.497 on Signal and the vast majority of 02:06:07.537 --> 02:06:08.637 messages I get are not, 02:06:09.278 --> 02:06:11.099 including some friends and family who just 02:06:11.140 --> 02:06:12.079 refuse to download Signal, 02:06:12.159 --> 02:06:13.240 I think that might change the math a 02:06:13.261 --> 02:06:13.581 little bit. 02:06:14.801 --> 02:06:16.724 Another thing worth considering is I 02:06:16.743 --> 02:06:18.524 believe Jonah has said in the past that 02:06:18.864 --> 02:06:21.106 RCS only works on certain carriers. 02:06:21.646 --> 02:06:24.328 And so you might have to check and 02:06:24.349 --> 02:06:26.951 make sure that your carrier is one of 02:06:26.970 --> 02:06:27.110 them. 02:06:28.752 --> 02:06:29.072 So, I mean, 02:06:29.152 --> 02:06:30.774 it kind of sucks because you're already 02:06:30.833 --> 02:06:31.054 like, 02:06:33.032 --> 02:06:34.273 it's already kind of getting narrowed 02:06:34.332 --> 02:06:34.552 down. 02:06:34.573 --> 02:06:36.012 It's not just as simple as like, okay, 02:06:36.073 --> 02:06:37.333 I have Google messages and now I've got 02:06:37.413 --> 02:06:38.154 RCS encryption. 02:06:38.173 --> 02:06:38.675 It's like, well, 02:06:39.154 --> 02:06:41.176 you've only got RCS encryption with other 02:06:41.195 --> 02:06:43.777 Google message users or Apple users or 02:06:43.877 --> 02:06:45.377 people that use this certain carrier. 02:06:45.457 --> 02:06:47.059 So I don't know. 02:06:47.118 --> 02:06:48.158 I don't think I can really give like 02:06:48.179 --> 02:06:48.979 a yes or no answer. 02:06:49.000 --> 02:06:50.881 I think it really just depends on you. 02:06:51.560 --> 02:06:52.581 I will say on Graphene, 02:06:52.600 --> 02:06:54.582 the nice thing about Graphene is that you 02:06:54.622 --> 02:06:56.363 do have a little bit of privacy because 02:06:56.382 --> 02:06:57.243 of the sandbox thing. 02:06:57.583 --> 02:06:58.963 I know that's more security than privacy 02:06:59.003 --> 02:06:59.625 per se, but... 02:07:00.545 --> 02:07:01.086 Um, 02:07:01.145 --> 02:07:02.266 I would probably be a little bit more 02:07:02.287 --> 02:07:03.467 willing to do it on a graphene phone 02:07:03.488 --> 02:07:04.467 than a regular phone, I guess. 02:07:04.507 --> 02:07:05.569 Although I guess with a regular phone and 02:07:05.588 --> 02:07:06.689 all the Google stuff would be built in 02:07:06.710 --> 02:07:06.850 there. 02:07:06.890 --> 02:07:08.030 So I guess, nevermind, 02:07:08.051 --> 02:07:08.872 that doesn't really make sense, 02:07:08.931 --> 02:07:10.493 but I don't know. 02:07:10.853 --> 02:07:11.854 I think it's really a personal thing, 02:07:11.894 --> 02:07:12.875 but I guess I just thought this 02:07:12.914 --> 02:07:13.676 interesting because again, 02:07:13.695 --> 02:07:14.917 this is a situation that I think a 02:07:14.957 --> 02:07:15.957 lot of people have been in where it's 02:07:15.976 --> 02:07:16.457 like, you only, 02:07:16.797 --> 02:07:18.038 you can only get so many people using 02:07:18.078 --> 02:07:18.779 encrypted messaging. 02:07:18.859 --> 02:07:20.581 So what's the right move. 02:07:20.621 --> 02:07:21.481 And, you know, as usual, 02:07:21.542 --> 02:07:23.422 I don't think there is one right answer, 02:07:23.502 --> 02:07:24.925 but I think those are kind of the 02:07:24.944 --> 02:07:27.306 factors that I would think about. 02:07:27.327 --> 02:07:27.806 Yeah. 02:07:29.230 --> 02:07:30.333 do you have any thoughts on that one 02:07:30.373 --> 02:07:32.319 I know you're I don't think you're like 02:07:32.359 --> 02:07:34.386 a daily Android user are you I know 02:07:34.405 --> 02:07:35.469 you have an Android but 02:07:37.162 --> 02:07:38.484 Um, yeah. 02:07:38.503 --> 02:07:39.585 Am I throwing you in the house? 02:07:39.625 --> 02:07:40.626 I'm sorry. 02:07:40.666 --> 02:07:42.867 I mean, yeah, I mean, yeah, I do. 02:07:43.087 --> 02:07:44.889 I use both like iOS and Android for 02:07:44.908 --> 02:07:45.548 different things. 02:07:46.109 --> 02:07:47.730 I think it's always like, 02:07:47.890 --> 02:07:49.051 there's weird people who are just like, 02:07:49.551 --> 02:07:50.972 I'll only ever use an Android. 02:07:51.073 --> 02:07:52.173 I'm never going to use an Apple. 02:07:52.293 --> 02:07:53.274 Apple is so bad. 02:07:53.314 --> 02:07:54.975 And it's like, well, you can use both. 02:07:55.015 --> 02:07:56.577 Like both have got good things about them, 02:07:56.778 --> 02:07:56.957 right? 02:07:56.978 --> 02:07:59.279 Like there's, there's positives to both. 02:07:59.819 --> 02:08:01.400 I think there's certainly more positives 02:08:01.480 --> 02:08:02.421 on the Android side, 02:08:02.442 --> 02:08:02.502 but 02:08:02.881 --> 02:08:04.483 a huge amount more positives but there's 02:08:04.542 --> 02:08:07.364 also some positives on the apple side as 02:08:07.404 --> 02:08:10.666 well so you know don't don't feel like 02:08:10.706 --> 02:08:12.367 you only have to use one type of 02:08:12.386 --> 02:08:15.149 device i think that's also another thing 02:08:15.248 --> 02:08:17.210 but yeah i think i agree with you 02:08:17.250 --> 02:08:19.131 though like i think you know if you're 02:08:19.150 --> 02:08:20.832 using this on graphene os though i feel 02:08:20.851 --> 02:08:22.853 like you're giving google significantly 02:08:22.953 --> 02:08:23.832 less information 02:08:25.274 --> 02:08:26.913 um than you would on like a google 02:08:27.173 --> 02:08:30.154 android device right like it's it's not as 02:08:30.215 --> 02:08:31.795 deeply integrated into the operating 02:08:31.835 --> 02:08:33.876 system it's just a standard app that you 02:08:33.935 --> 02:08:36.115 install um i think that would definitely 02:08:36.136 --> 02:08:39.155 be a good idea and i think considering 02:08:39.176 --> 02:08:41.796 the state of like of of cellular 02:08:41.837 --> 02:08:43.837 communication like remember i don't know 02:08:43.856 --> 02:08:46.238 if you remember but a couple of maybe 02:08:46.278 --> 02:08:47.597 maybe a year ago there was like a 02:08:47.658 --> 02:08:50.158 story about like um chinese 02:08:50.198 --> 02:08:52.338 state-sponsored hackers like inside the 02:08:52.498 --> 02:08:53.298 u.s like 02:08:53.800 --> 02:08:55.463 telecommunications infrastructure. 02:08:55.484 --> 02:08:57.989 Like I don't think you want to put 02:08:58.050 --> 02:09:00.136 like all your text messages to those 02:09:00.195 --> 02:09:00.537 people. 02:09:00.577 --> 02:09:02.320 Like that's basically public, right? 02:09:04.997 --> 02:09:06.658 Yeah, I remember that Volt typhoon, 02:09:06.898 --> 02:09:08.958 and I think it had been going on 02:09:08.979 --> 02:09:10.420 for at least a year when they found 02:09:10.539 --> 02:09:10.739 it. 02:09:12.121 --> 02:09:13.221 I actually remember I was with 02:09:13.242 --> 02:09:14.363 Surveillance Report when that happened, 02:09:14.403 --> 02:09:15.622 and I remember the way Henry described 02:09:15.643 --> 02:09:16.043 that story. 02:09:16.064 --> 02:09:16.524 He's like, yeah, 02:09:16.543 --> 02:09:17.744 the government is basically like, 02:09:18.244 --> 02:09:19.185 we don't know if they're gone yet. 02:09:19.365 --> 02:09:20.626 We don't know when we'll kick them out. 02:09:21.106 --> 02:09:22.306 It's just kind of like the whole thing 02:09:22.346 --> 02:09:22.967 was such a mess. 02:09:23.087 --> 02:09:24.429 Yeah, that was a crazy story. 02:09:24.748 --> 02:09:25.668 And that, oh, 02:09:25.708 --> 02:09:26.569 I know this isn't the point, 02:09:26.609 --> 02:09:28.470 but that is my favorite story when we 02:09:28.490 --> 02:09:29.912 talk about how backdoors don't work. 02:09:29.952 --> 02:09:31.693 It's like that was literally a backdoor 02:09:31.733 --> 02:09:33.134 that was only for the good guys, 02:09:33.493 --> 02:09:34.354 and look what happened. 02:09:34.975 --> 02:09:36.756 So yeah, I'm, I'm with you. 02:09:36.796 --> 02:09:37.756 When, when I saw that story, 02:09:37.777 --> 02:09:38.596 I was just like, Oh, 02:09:39.176 --> 02:09:40.358 I'm really glad I've got again, 02:09:40.398 --> 02:09:42.099 like on almost all my friends and family 02:09:42.158 --> 02:09:43.238 using signal, thankfully. 02:09:43.259 --> 02:09:44.479 And like I said, 02:09:44.500 --> 02:09:45.560 the handful of things that aren't on 02:09:45.600 --> 02:09:46.020 signal, I mean, 02:09:46.081 --> 02:09:47.761 I guess it was technically like company IP 02:09:47.782 --> 02:09:48.641 or whatever, but you know, 02:09:48.681 --> 02:09:49.382 that's on the company. 02:09:49.443 --> 02:09:53.104 So it was, uh, I don't know. 02:09:53.185 --> 02:09:54.305 I mean, again, 02:09:54.324 --> 02:09:55.426 this was before I worked at privacy 02:09:55.445 --> 02:09:56.046 guides, but yeah, you know, 02:09:56.065 --> 02:09:57.167 it was just texting other people like, 02:09:57.186 --> 02:09:58.408 Hey, there's supposed to be this here. 02:09:58.467 --> 02:09:59.268 Where's this thing? 02:09:59.528 --> 02:10:00.628 When's this delivery coming? 02:10:00.729 --> 02:10:01.029 So yeah. 02:10:01.845 --> 02:10:02.806 It's the kind of stuff that as far 02:10:02.846 --> 02:10:04.369 as I'm concerned, I'm not super, 02:10:04.990 --> 02:10:05.351 I don't know. 02:10:05.452 --> 02:10:05.813 It's whatever. 02:10:07.030 --> 02:10:07.190 Yeah, 02:10:07.230 --> 02:10:09.511 I think the most important part is like 02:10:09.551 --> 02:10:10.872 you're saying, you should be careful. 02:10:11.252 --> 02:10:12.434 Like you should be thinking, 02:10:13.173 --> 02:10:14.395 I'm about to send this message. 02:10:14.994 --> 02:10:17.176 Am I okay with this information becoming 02:10:17.235 --> 02:10:17.595 public? 02:10:18.197 --> 02:10:19.237 And if the answer is no, 02:10:19.317 --> 02:10:21.358 then you should be using something else, 02:10:21.417 --> 02:10:21.658 right? 02:10:21.698 --> 02:10:23.979 Like that is the case because I think 02:10:24.399 --> 02:10:26.541 any message you send on like a public 02:10:28.002 --> 02:10:30.143 service like telephone network, 02:10:30.483 --> 02:10:32.684 any sort of telecommunications thing, 02:10:32.823 --> 02:10:34.185 I think you should treat it as public 02:10:34.225 --> 02:10:40.969 because it's not really – 02:10:36.345 --> 02:10:37.106 secure it in a way. 02:10:37.127 --> 02:10:38.327 You don't know how long that data is 02:10:38.346 --> 02:10:39.507 being retained either. 02:10:40.268 --> 02:10:41.368 So, yeah, 02:10:41.408 --> 02:10:42.609 that's how I would think of it at 02:10:42.630 --> 02:10:44.650 least. 02:10:44.711 --> 02:10:45.070 Personally, 02:10:45.171 --> 02:10:47.393 I'm a big fan of applying that to 02:10:47.472 --> 02:10:48.573 everything because you never know if 02:10:48.592 --> 02:10:49.934 somebody's going to screenshot a post. 02:10:49.953 --> 02:10:51.875 I mean, you can screenshot Signal still. 02:10:51.975 --> 02:10:52.676 It's super easy. 02:10:53.716 --> 02:10:54.997 Or even if you can't screenshot something, 02:10:55.016 --> 02:10:56.037 they might take a picture of it with 02:10:56.057 --> 02:10:56.717 another phone. 02:10:56.778 --> 02:10:58.158 So, yeah, 02:10:58.559 --> 02:11:00.159 that's always what I encourage people is 02:11:00.180 --> 02:11:01.860 like anything you put in a digital format, 02:11:01.881 --> 02:11:03.822 just assume it might be publicly leaked. 02:11:03.862 --> 02:11:04.002 So... 02:11:05.203 --> 02:11:06.724 I mean, yeah, I think we can. 02:11:07.083 --> 02:11:07.823 I think, you know, 02:11:07.944 --> 02:11:09.944 I think it's definitely we should be 02:11:09.984 --> 02:11:11.666 trying to preach privacy to everybody. 02:11:11.706 --> 02:11:12.605 We should be like, you know, 02:11:12.626 --> 02:11:13.145 don't do that. 02:11:13.185 --> 02:11:14.185 That is the wrong thing to do. 02:11:14.226 --> 02:11:16.646 That's just ethically wrong to do that. 02:11:16.686 --> 02:11:18.728 But yeah, of course, people aren't on. 02:11:18.768 --> 02:11:20.168 No one's perfect and people are going to 02:11:20.208 --> 02:11:20.569 do that. 02:11:20.689 --> 02:11:21.988 So it's true. 02:11:22.029 --> 02:11:22.529 But I think. 02:11:23.649 --> 02:11:27.212 With the cell phone network, 02:11:27.271 --> 02:11:28.412 I think it is one of those things 02:11:28.432 --> 02:11:30.493 where it's systemically just going to be 02:11:30.554 --> 02:11:31.434 public at some point. 02:11:31.474 --> 02:11:32.414 That's fair. 02:11:33.456 --> 02:11:34.256 At least with Signal, 02:11:34.756 --> 02:11:36.356 if I send you a message, 02:11:36.817 --> 02:11:37.957 I know you're not going to share that 02:11:37.978 --> 02:11:38.779 with someone else, right? 02:11:38.819 --> 02:11:40.479 Because we have a shared understanding. 02:11:40.939 --> 02:11:45.282 But if it's like the telecommunications 02:11:45.322 --> 02:11:45.702 company, 02:11:46.143 --> 02:11:47.783 they don't have any agreement with me. 02:11:48.043 --> 02:11:49.505 They just are going to... 02:11:50.364 --> 02:11:50.685 you know, 02:11:50.925 --> 02:11:52.766 let hackers roam around in their network 02:11:52.867 --> 02:11:54.948 and not actually do anything and then say 02:11:54.988 --> 02:11:56.349 that they're gone, but they're not really. 02:11:57.689 --> 02:11:58.149 So anyway, 02:11:58.229 --> 02:12:00.511 what I'm trying to say and going around 02:12:00.891 --> 02:12:02.313 in a kind of massive circle here, 02:12:02.332 --> 02:12:06.234 what I'm trying to say is basically that 02:12:06.256 --> 02:12:07.515 is what you need to think about when 02:12:07.536 --> 02:12:09.457 you think about whether you need to do 02:12:09.478 --> 02:12:10.118 this or not. 02:12:12.078 --> 02:12:12.560 I still think 02:12:13.817 --> 02:12:16.497 that most people are using Google Play 02:12:16.537 --> 02:12:18.679 services on like a Graphene OS device. 02:12:18.979 --> 02:12:19.479 Most people, 02:12:19.759 --> 02:12:22.980 like most people are using these apps from 02:12:23.020 --> 02:12:23.680 these stores, right? 02:12:23.701 --> 02:12:27.141 You don't need to create an account that's 02:12:27.181 --> 02:12:28.143 linked to your identity. 02:12:28.203 --> 02:12:29.943 You could use just some burner Google 02:12:29.983 --> 02:12:30.543 account, right? 02:12:30.564 --> 02:12:32.404 You don't have to provide that much 02:12:32.444 --> 02:12:32.925 information. 02:12:34.444 --> 02:12:37.346 So I think using RCS on GrapheneOS to 02:12:37.386 --> 02:12:38.847 secure, even if it's one, 02:12:39.007 --> 02:12:40.309 even if it's only one person, 02:12:40.368 --> 02:12:41.949 I think that's still a benefit in a 02:12:41.989 --> 02:12:42.711 lot of cases. 02:12:44.072 --> 02:12:45.051 And I think it's not, 02:12:45.372 --> 02:12:47.753 you're restricting the access quite 02:12:47.793 --> 02:12:50.114 significantly compared to what is 02:12:50.154 --> 02:12:51.296 available on the cell network, 02:12:51.336 --> 02:12:52.537 which is basically nothing. 02:12:52.796 --> 02:12:55.158 So something is better than nothing and 02:12:55.939 --> 02:12:57.300 Of course, it's up to you to decide. 02:12:57.319 --> 02:12:59.221 If you don't have Google Play services on 02:12:59.242 --> 02:13:00.122 the device already, 02:13:00.322 --> 02:13:01.804 then maybe that is a bit more of 02:13:01.844 --> 02:13:02.384 a concern. 02:13:02.524 --> 02:13:03.625 Maybe that's like, oh, 02:13:03.645 --> 02:13:04.284 I don't know if I want to do 02:13:04.326 --> 02:13:04.506 that. 02:13:04.805 --> 02:13:06.627 You could also set up a separate profile. 02:13:06.707 --> 02:13:08.368 You could set up a separate user profile. 02:13:08.849 --> 02:13:09.989 And in that user profile, 02:13:10.029 --> 02:13:11.690 you set up a burner Google account and 02:13:11.730 --> 02:13:13.552 then you add Google messages. 02:13:14.814 --> 02:13:15.974 Maybe that could be an option. 02:13:16.135 --> 02:13:17.215 But I'm just, you know, 02:13:17.255 --> 02:13:18.055 kind of spitballing. 02:13:18.576 --> 02:13:19.056 I think it's 02:13:20.711 --> 02:13:21.890 You need to decide this yourself, 02:13:21.930 --> 02:13:26.292 but I think if you just avoid SMS, 02:13:26.692 --> 02:13:28.172 just, just avoid it in general, 02:13:28.233 --> 02:13:28.752 if you can. 02:13:29.412 --> 02:13:29.912 I think a lot, 02:13:30.052 --> 02:13:31.712 and now with Apple releasing like 02:13:31.912 --> 02:13:32.753 encrypted RCS, 02:13:32.793 --> 02:13:33.894 I think it's becoming more and more 02:13:33.934 --> 02:13:36.134 popular and more and more accessible. 02:13:36.793 --> 02:13:38.074 So, you know, 02:13:38.154 --> 02:13:40.734 I think you should try and try and 02:13:40.935 --> 02:13:42.515 try and see if some of your friends 02:13:42.536 --> 02:13:44.256 are using it and if you can secure 02:13:44.275 --> 02:13:44.855 those chats. 02:13:44.895 --> 02:13:46.296 And I think that's definitely a big win. 02:13:48.516 --> 02:13:49.197 Agreed. 02:13:49.277 --> 02:13:49.457 Yeah. 02:13:51.774 --> 02:13:52.074 All right, 02:13:53.336 --> 02:13:55.318 I think that was it for forum updates. 02:13:55.637 --> 02:13:57.779 And so I think we'll move into listener 02:13:57.859 --> 02:13:58.820 questions. 02:13:59.561 --> 02:14:02.423 So if you have been holding on to 02:14:02.503 --> 02:14:03.265 any questions, 02:14:03.645 --> 02:14:04.666 definitely go ahead and leave them in the 02:14:04.685 --> 02:14:05.046 chat. 02:14:05.726 --> 02:14:07.868 Normally we would start with the forum, 02:14:08.349 --> 02:14:10.671 but it looks like there haven't been any 02:14:11.412 --> 02:14:12.932 questions left on the forum. 02:14:13.012 --> 02:14:16.515 So we'll just go straight into the chat, 02:14:16.636 --> 02:14:17.216 which I did. 02:14:17.317 --> 02:14:18.957 I think somebody left something earlier. 02:14:19.998 --> 02:14:20.238 Oh yeah. 02:14:20.298 --> 02:14:21.979 Purring pudding quite a while back, 02:14:22.020 --> 02:14:22.239 we were, 02:14:22.319 --> 02:14:23.501 we were talking about how cool it would 02:14:23.541 --> 02:14:24.720 be if there was some kind of API 02:14:24.740 --> 02:14:26.061 you could hook into that could just like 02:14:26.421 --> 02:14:27.662 change passwords automatically. 02:14:28.122 --> 02:14:29.503 They said, apparently there is a, 02:14:29.764 --> 02:14:32.845 the skim SCIM API to provision logins, 02:14:33.164 --> 02:14:34.506 but most sites don't implement this. 02:14:34.546 --> 02:14:37.367 So yeah, that, that doesn't surprise me. 02:14:37.447 --> 02:14:38.648 Cause I know I'm a, 02:14:40.613 --> 02:14:41.613 Like I've said multiple times, 02:14:41.654 --> 02:14:42.354 even today alone, 02:14:42.614 --> 02:14:44.376 we could do things in a certain way. 02:14:44.416 --> 02:14:45.355 We could do things in a way that 02:14:45.395 --> 02:14:47.097 are privacy respecting and we just don't. 02:14:47.158 --> 02:14:50.019 So it doesn't surprise me that people have 02:14:50.119 --> 02:14:52.940 opted not to do things that way. 02:14:53.561 --> 02:14:54.722 I mean, talking about standards, 02:14:54.842 --> 02:14:56.404 it's kind of a funny situation. 02:14:56.484 --> 02:15:00.065 I was talking to everyone on the team 02:15:00.105 --> 02:15:00.766 about this. 02:15:01.287 --> 02:15:02.568 It's really kind of funny. 02:15:02.608 --> 02:15:04.349 We have all these standards that are 02:15:04.368 --> 02:15:06.470 really good that everyone should be using, 02:15:07.070 --> 02:15:09.573 but it's just all the organizations can't 02:15:09.592 --> 02:15:09.953 agree on 02:15:10.472 --> 02:15:12.213 using them and they don't all use them 02:15:12.253 --> 02:15:12.634 properly. 02:15:12.774 --> 02:15:15.015 So it's, it's, we do have the answer. 02:15:15.055 --> 02:15:16.877 Like we do like with passwords, 02:15:16.896 --> 02:15:18.158 like we have the answer, like don't, 02:15:19.297 --> 02:15:19.938 Yeah, exactly. 02:15:20.358 --> 02:15:22.939 It's this XKCD thing, like the situation. 02:15:23.020 --> 02:15:25.060 There are fourteen competing standards. 02:15:25.100 --> 02:15:25.581 Fourteen. 02:15:25.621 --> 02:15:26.100 Ridiculous. 02:15:26.140 --> 02:15:28.042 We need to develop one universal standard. 02:15:28.101 --> 02:15:29.242 And then now there's fifteen. 02:15:29.301 --> 02:15:32.163 So it's like we have all these standards, 02:15:32.224 --> 02:15:34.404 but like no one can decide which one 02:15:34.425 --> 02:15:35.024 is the best, 02:15:35.204 --> 02:15:36.324 which one we should implement. 02:15:36.364 --> 02:15:38.286 Like, oh, we're going to put pass keys, 02:15:38.326 --> 02:15:39.667 but we're going to retain passwords. 02:15:39.686 --> 02:15:41.226 We're going to use pass keys and passwords 02:15:41.266 --> 02:15:41.988 at the same time. 02:15:42.087 --> 02:15:43.328 Or we're going to use pass keys and 02:15:43.408 --> 02:15:44.149 only pass keys. 02:15:44.208 --> 02:15:45.889 And it's like it's ridiculous. 02:15:45.949 --> 02:15:46.470 It's it's. 02:15:47.229 --> 02:15:48.970 yeah i feel like this is such the 02:15:48.990 --> 02:15:51.092 case for like so many things like linux 02:15:51.313 --> 02:15:53.095 specifically comes to mind like oh we're 02:15:53.114 --> 02:15:55.195 gonna use we're gonna use weyland oh no 02:15:55.235 --> 02:15:56.596 we're not gonna use weyland because that's 02:15:56.818 --> 02:15:59.118 that's gonna be too bad blah blah blah 02:15:59.539 --> 02:16:01.560 it's like you know it's a never-ending 02:16:01.600 --> 02:16:04.703 thing the minute you said standards that 02:16:04.724 --> 02:16:07.905 was where my brain went ah i never 02:16:07.926 --> 02:16:09.787 get tired of that comic yeah i agree 02:16:11.255 --> 02:16:11.414 Um, 02:16:11.475 --> 02:16:13.436 Mike here pointed out on the topic of, 02:16:13.537 --> 02:16:15.337 uh, Google, uh, Google services, 02:16:15.398 --> 02:16:16.899 most apps don't need play services, 02:16:16.998 --> 02:16:18.380 even if they say so when opening the 02:16:18.460 --> 02:16:19.280 app, I was surprised by it. 02:16:19.381 --> 02:16:19.640 Yeah. 02:16:19.720 --> 02:16:21.603 Especially a lot of privacy apps. 02:16:21.622 --> 02:16:22.922 Like I think signal, for example, 02:16:22.984 --> 02:16:25.125 if you download signal, um, 02:16:25.204 --> 02:16:26.105 I think by default, 02:16:26.265 --> 02:16:27.006 I could be wrong about this. 02:16:27.065 --> 02:16:27.527 Don't quote me. 02:16:27.966 --> 02:16:28.667 I think by default, 02:16:28.688 --> 02:16:30.029 it will use Google services, 02:16:30.609 --> 02:16:33.050 but in the past I've downloaded it on, 02:16:33.171 --> 02:16:34.891 um, D Google fully D Googled phones, 02:16:34.912 --> 02:16:36.433 like lineage phones, um, 02:16:36.452 --> 02:16:37.273 just for whatever reason. 02:16:37.574 --> 02:16:37.613 Um, 02:16:37.834 --> 02:16:39.014 And I still get notifications. 02:16:39.534 --> 02:16:41.575 So it falls back to its own services 02:16:41.615 --> 02:16:42.736 if it doesn't detect Google. 02:16:43.778 --> 02:16:44.237 And it's also like, 02:16:44.278 --> 02:16:45.058 what do you need them for? 02:16:45.519 --> 02:16:47.159 I'm thinking about MySudo, for example. 02:16:47.239 --> 02:16:50.561 So I pretty much use MySudo for anybody 02:16:50.582 --> 02:16:52.083 who's not on Signal. 02:16:52.823 --> 02:16:54.404 And like, ninety percent of the time, 02:16:54.443 --> 02:16:55.825 I don't really need to get the call 02:16:55.864 --> 02:16:56.465 in real time. 02:16:56.524 --> 02:16:57.945 Like, again, I mentioned I'm with the VA. 02:17:00.086 --> 02:17:01.188 they do call me sometimes, 02:17:01.747 --> 02:17:03.049 but ninety percent of the time it's a 02:17:03.109 --> 02:17:03.988 text that's like, hey, 02:17:04.029 --> 02:17:05.010 don't forget you have an appointment on 02:17:05.049 --> 02:17:05.309 Monday. 02:17:05.350 --> 02:17:07.011 Click why to or like text why to 02:17:07.050 --> 02:17:09.332 confirm or text and to reschedule or 02:17:09.352 --> 02:17:09.691 whatever. 02:17:10.233 --> 02:17:11.873 And so like I don't really need that 02:17:12.074 --> 02:17:13.293 notification in real time. 02:17:13.334 --> 02:17:14.534 It's OK if I get that later in 02:17:14.555 --> 02:17:15.034 the evening. 02:17:15.094 --> 02:17:16.835 So, yeah, I mean, 02:17:16.876 --> 02:17:18.297 there may be certain situations where you 02:17:18.356 --> 02:17:20.997 don't necessarily need the play services, 02:17:22.379 --> 02:17:24.819 but I would look into if RCS because 02:17:24.860 --> 02:17:25.480 that is a good point. 02:17:25.501 --> 02:17:26.801 I don't know if RCS would be required 02:17:26.842 --> 02:17:27.182 for that. 02:17:27.262 --> 02:17:27.402 So 02:17:28.765 --> 02:17:29.467 Definitely interesting. 02:17:29.887 --> 02:17:30.288 Good thought. 02:17:33.970 --> 02:17:35.753 Yeah. 02:17:35.772 --> 02:17:37.274 So it's been kind of a slow week, 02:17:37.295 --> 02:17:38.736 or like this week, 02:17:39.377 --> 02:17:40.837 with people leaving comments. 02:17:40.878 --> 02:17:42.620 But if anybody has any last minute 02:17:42.659 --> 02:17:44.141 questions, be sure to let us know. 02:17:45.614 --> 02:17:45.735 Yeah, 02:17:45.754 --> 02:17:46.815 we definitely tried something a bit 02:17:46.855 --> 02:17:48.615 different with the highlight story this 02:17:48.656 --> 02:17:48.876 week. 02:17:48.995 --> 02:17:50.176 We kind of wanted to see if people 02:17:50.197 --> 02:17:51.958 would be interested in something that's a 02:17:51.977 --> 02:17:52.698 little bit different. 02:17:53.118 --> 02:17:54.138 We kind of try that some weeks, 02:17:54.177 --> 02:17:56.359 like some weeks we know that the highlight 02:17:56.379 --> 02:17:57.739 story is going to like be a banger 02:17:57.819 --> 02:17:58.860 and everyone's going to click on it. 02:17:58.920 --> 02:18:01.200 But, you know, we do try things. 02:18:01.281 --> 02:18:02.381 We want to try and, you know, 02:18:02.461 --> 02:18:03.402 experiment a little bit. 02:18:03.422 --> 02:18:04.441 We don't want to keep doing the same 02:18:04.481 --> 02:18:05.442 thing over and over again. 02:18:05.483 --> 02:18:07.183 It's not fun for us. 02:18:07.224 --> 02:18:08.144 It's not fun for you. 02:18:08.304 --> 02:18:10.305 So we're trying our best with different 02:18:10.344 --> 02:18:10.665 things. 02:18:12.691 --> 02:18:13.593 And we want to make sure we don't 02:18:13.632 --> 02:18:14.313 stagnate, right? 02:18:14.333 --> 02:18:16.074 We're always trying to reach new people 02:18:16.975 --> 02:18:19.796 with privacy messages and that requires us 02:18:19.856 --> 02:18:23.459 to try new things. 02:18:23.638 --> 02:18:24.179 Oh man, 02:18:24.699 --> 02:18:26.340 the million dollar question from Yumi. 02:18:26.379 --> 02:18:28.162 Why can't we agree on which standards to 02:18:28.441 --> 02:18:28.842 use? 02:18:29.002 --> 02:18:30.243 I mean, it's... 02:18:33.197 --> 02:18:33.837 in my opinion, 02:18:33.897 --> 02:18:35.579 it's because there are usually pros and 02:18:35.620 --> 02:18:36.841 cons like, okay. 02:18:36.921 --> 02:18:37.481 Every once in a while, 02:18:37.502 --> 02:18:38.843 you definitely get somebody who's just 02:18:38.882 --> 02:18:40.845 like stuck in their ways and they just 02:18:40.886 --> 02:18:42.307 don't want to grow and adopt. 02:18:42.566 --> 02:18:43.528 But I think a lot of the time 02:18:43.548 --> 02:18:46.631 there are like situations where, um, 02:18:48.157 --> 02:18:50.039 I know this isn't a standard, 02:18:50.058 --> 02:18:51.578 but just to talk about something that I 02:18:51.599 --> 02:18:52.318 actually know about, 02:18:52.779 --> 02:18:54.860 we'll take SimpleX versus Signal. 02:18:55.100 --> 02:18:56.840 They're both really good choices, 02:18:56.920 --> 02:18:59.101 but they're different use cases and 02:18:59.120 --> 02:19:00.261 they've got different advantages. 02:19:00.861 --> 02:19:02.781 SimpleX has the whole decentralized 02:19:02.822 --> 02:19:05.102 architecture and it's supposed to be a lot 02:19:05.121 --> 02:19:06.583 more censorship resistant without having 02:19:06.602 --> 02:19:07.382 to set up a proxy, 02:19:07.423 --> 02:19:09.243 which we made a video about that. 02:19:09.523 --> 02:19:10.244 At the same time, 02:19:10.384 --> 02:19:12.523 it's missing a lot of the features that 02:19:12.943 --> 02:19:14.184 the quote-unquote normies would come to 02:19:14.225 --> 02:19:14.825 expect and 02:19:15.886 --> 02:19:16.066 you know, 02:19:16.085 --> 02:19:17.246 it can be harder to get your family 02:19:17.367 --> 02:19:17.947 onboarded. 02:19:18.066 --> 02:19:18.227 Like, 02:19:18.266 --> 02:19:19.167 I remember that was a big thing when 02:19:19.208 --> 02:19:20.808 Mastodon kind of had their fifteen minutes 02:19:20.828 --> 02:19:21.469 is everybody was like, 02:19:22.209 --> 02:19:23.331 I don't know what instances are. 02:19:23.370 --> 02:19:24.451 I don't know what server to sign up 02:19:24.471 --> 02:19:24.592 for. 02:19:24.631 --> 02:19:25.632 Like, I'm really confused. 02:19:25.673 --> 02:19:26.773 And, you know, 02:19:26.894 --> 02:19:29.216 it's things like Signal don't have that 02:19:29.236 --> 02:19:29.575 problem. 02:19:29.636 --> 02:19:31.156 You just download it and start using it. 02:19:31.197 --> 02:19:34.680 And so there's a lot of the time 02:19:34.940 --> 02:19:35.841 standards are 02:19:37.897 --> 02:19:41.179 built for certain use cases but I would 02:19:41.218 --> 02:19:42.218 venture to say that a lot of the 02:19:42.259 --> 02:19:43.620 time they can also especially when we talk 02:19:43.639 --> 02:19:44.840 about tech and this kind of stuff they 02:19:44.860 --> 02:19:47.960 can apply to multiple use cases and so 02:19:47.980 --> 02:19:49.441 there's like advantages and disadvantages 02:19:49.481 --> 02:19:50.861 so there's not always a clear like well 02:19:50.881 --> 02:19:52.643 this one is obviously better it's like no 02:19:52.683 --> 02:19:55.283 it's obviously better in certain ways and 02:19:55.584 --> 02:19:56.703 you know this other one is obviously 02:19:56.724 --> 02:19:58.905 better in certain ways but humans are 02:19:59.024 --> 02:20:00.986 incredibly emotional creatures and so 02:20:01.185 --> 02:20:03.906 sometimes we uh have a hard time agreeing 02:20:03.947 --> 02:20:05.666 on this kind of stuff I think that 02:20:05.686 --> 02:20:06.888 would be my guess I don't know if 02:20:06.907 --> 02:20:07.548 you have a better answer 02:20:09.630 --> 02:20:11.412 yeah it's kind of frustrating it's like 02:20:11.472 --> 02:20:14.034 every every single thing we've got has got 02:20:14.075 --> 02:20:16.856 like some some argument about standards 02:20:16.877 --> 02:20:19.418 happening like which you mentioned like 02:20:19.459 --> 02:20:21.720 mastodon oh mastodon i don't like that 02:20:21.761 --> 02:20:23.621 it's like the standard is so bad like 02:20:23.682 --> 02:20:25.724 the fed the federated protocols are so bad 02:20:25.804 --> 02:20:28.345 i prefer blue sky i prefer uh what's 02:20:28.365 --> 02:20:30.166 the other one nosta i prefer blah blah 02:20:30.186 --> 02:20:30.948 blah like it's 02:20:31.618 --> 02:20:34.279 yeah people have always kind of argued 02:20:34.299 --> 02:20:37.021 about this stuff um you know i think 02:20:37.060 --> 02:20:38.801 there's not many protocols that we could 02:20:38.861 --> 02:20:40.743 argue are like actually standard at this 02:20:40.782 --> 02:20:43.103 point like email comes to mind like 02:20:43.224 --> 02:20:45.344 everyone is like kind of on board with 02:20:45.364 --> 02:20:47.606 that unfortunately it's like the worst 02:20:47.666 --> 02:20:49.227 it's really bad it's a really crappy 02:20:49.266 --> 02:20:50.968 protocol but everyone uses it so i mean 02:20:52.369 --> 02:20:53.889 i guess it doesn't really matter if a 02:20:53.930 --> 02:20:55.851 protocol is actually good or a standard is 02:20:55.931 --> 02:20:57.211 actually good it doesn't mean that it's 02:20:57.252 --> 02:20:57.531 going to be 02:20:58.231 --> 02:21:00.533 adopted um i think it also is just 02:21:00.593 --> 02:21:02.695 a legacy thing too but like same with 02:21:02.736 --> 02:21:05.799 phone numbers it's a standard everyone's 02:21:05.859 --> 02:21:08.842 using a phone number and it's not a 02:21:08.861 --> 02:21:11.665 good way um i guess also here there 02:21:11.684 --> 02:21:14.948 was a question from mike uh last name 02:21:15.028 --> 02:21:16.789 with about session session is about to 02:21:16.828 --> 02:21:19.291 close shop soon um i know nate you've 02:21:19.332 --> 02:21:20.813 definitely got more experience with this 02:21:20.833 --> 02:21:21.793 so you want to handle this one 02:21:23.326 --> 02:21:23.968 Yeah, I mean, 02:21:24.087 --> 02:21:26.890 I actually found this out from Kerry from 02:21:26.911 --> 02:21:28.371 Firewall's No Stop Dragons, but actually, 02:21:28.412 --> 02:21:28.871 thankfully, 02:21:29.272 --> 02:21:32.334 Session is not shutting down right away. 02:21:33.095 --> 02:21:35.278 They were able to get enough support, 02:21:35.858 --> 02:21:37.559 not as much as they hoped for, 02:21:38.281 --> 02:21:39.461 but they will be able to continue 02:21:39.481 --> 02:21:40.823 developing past July eighth. 02:21:41.263 --> 02:21:43.245 A smaller team will continue development 02:21:43.364 --> 02:21:44.345 into twenty twenty seven, 02:21:44.726 --> 02:21:46.247 focusing on strengthening the project and 02:21:46.288 --> 02:21:47.968 building a foundation for its long term 02:21:48.148 --> 02:21:48.510 future. 02:21:49.409 --> 02:21:51.672 Um, so yeah, they say, 02:21:51.711 --> 02:21:52.672 although procedures, 02:21:52.731 --> 02:21:54.032 shutdown procedures have been canceled, 02:21:54.353 --> 02:21:55.654 the shape of the project is still changing 02:21:55.674 --> 02:21:56.194 considerably. 02:21:56.555 --> 02:21:58.015 The project will now be led by Jason 02:21:58.056 --> 02:21:58.536 Rhinelander, 02:21:58.595 --> 02:22:00.316 longtime chief software architect and 02:22:00.358 --> 02:22:01.918 member of the session technology fund. 02:22:01.939 --> 02:22:02.959 Uh, 02:22:02.978 --> 02:22:04.420 currently donations received are enough to 02:22:04.440 --> 02:22:06.120 support critical infrastructure to retain 02:22:06.181 --> 02:22:07.903 Jason as developer and possibly to add one 02:22:07.983 --> 02:22:09.042 other full-time developer. 02:22:09.424 --> 02:22:11.065 There's also still a small team of 02:22:11.084 --> 02:22:12.865 volunteers contributing to other aspects 02:22:12.925 --> 02:22:13.685 of the ecosystem. 02:22:13.765 --> 02:22:17.049 So, um, session will continue to exist. 02:22:17.168 --> 02:22:18.670 It's just, they've unfortunately had to 02:22:19.611 --> 02:22:21.534 dramatically stripped down their team. 02:22:22.576 --> 02:22:25.141 Um, which is really, really unfortunate. 02:22:25.563 --> 02:22:26.144 And, uh, 02:22:27.283 --> 02:22:27.763 Yeah, I mean, 02:22:27.783 --> 02:22:29.726 they're still they only raised just shy of 02:22:29.786 --> 02:22:31.106 two hundred thousand dollars and their 02:22:31.127 --> 02:22:32.047 goal was one million, 02:22:32.287 --> 02:22:33.227 which they did explain. 02:22:34.189 --> 02:22:35.168 This is right on the front page, 02:22:35.189 --> 02:22:35.450 by the way. 02:22:35.469 --> 02:22:36.970 If you go to get session dot org, 02:22:37.191 --> 02:22:38.492 you can read the appeal up top and 02:22:38.951 --> 02:22:39.772 it'll take you to this page. 02:22:39.813 --> 02:22:41.213 So, yeah, 02:22:41.234 --> 02:22:42.754 they definitely do still need donations. 02:22:42.834 --> 02:22:43.854 If you believe in session, 02:22:44.415 --> 02:22:45.296 if you are a fan of them, 02:22:45.496 --> 02:22:46.096 please donate. 02:22:46.117 --> 02:22:46.958 They do still need it. 02:22:46.997 --> 02:22:48.058 They're not out of the woods yet, 02:22:48.177 --> 02:22:50.959 but thankfully they are not shutting down 02:22:51.100 --> 02:22:53.182 as of this point in time. 02:22:54.783 --> 02:22:56.445 Yeah, it's really unfortunate when we see, 02:22:56.666 --> 02:22:56.887 you know, 02:22:56.926 --> 02:22:58.188 I think it's really hard for a lot 02:22:58.208 --> 02:22:59.831 of these projects to get the funding that 02:22:59.851 --> 02:23:00.271 they need. 02:23:00.752 --> 02:23:01.413 And, you know, 02:23:01.452 --> 02:23:02.754 unless you're like the big player, 02:23:02.793 --> 02:23:04.316 which currently right now is Signal, 02:23:04.697 --> 02:23:05.778 they get a lot of donations. 02:23:05.817 --> 02:23:07.120 But like all the other projects, 02:23:07.740 --> 02:23:09.542 I'm not really sure what SimpleX's deal 02:23:09.583 --> 02:23:09.743 is. 02:23:10.943 --> 02:23:12.806 I believe they did take on venture capital 02:23:12.845 --> 02:23:13.286 funding, 02:23:13.466 --> 02:23:14.968 so they're probably going to work out some 02:23:14.987 --> 02:23:16.789 way to monetize their product eventually. 02:23:19.050 --> 02:23:20.852 Raya is definitely more of a 02:23:20.891 --> 02:23:21.952 community-based project, 02:23:22.032 --> 02:23:23.915 doesn't see as much development as Signal. 02:23:25.456 --> 02:23:25.636 You know, 02:23:25.656 --> 02:23:27.397 we've got all these different messengers, 02:23:27.496 --> 02:23:30.159 and if you do, like, personally, 02:23:30.340 --> 02:23:32.922 I'm on Signal every day. 02:23:33.242 --> 02:23:34.222 I'm sending messages. 02:23:34.343 --> 02:23:36.164 I'm on voice calls for, you know, 02:23:36.704 --> 02:23:37.524 hours at a time. 02:23:37.565 --> 02:23:37.725 Like, 02:23:37.786 --> 02:23:39.566 I think this is an important opportunity 02:23:42.550 --> 02:23:43.511 important thing to do, right? 02:23:43.550 --> 02:23:45.752 If like you use a product or use 02:23:45.791 --> 02:23:47.192 a service and you get a lot of 02:23:47.212 --> 02:23:48.834 value from it, then, you know, 02:23:48.953 --> 02:23:50.834 maybe consider donating because it is 02:23:51.534 --> 02:23:53.515 expensive to run all this infrastructure. 02:23:53.615 --> 02:23:54.775 And I don't know, 02:23:54.855 --> 02:23:56.217 I've always had kind of a soft spot 02:23:56.236 --> 02:23:58.097 for Session because they've been an 02:23:58.218 --> 02:24:00.578 Australian based company originally. 02:24:01.918 --> 02:24:02.418 And I don't know, 02:24:02.439 --> 02:24:03.360 I was kind of sad to see that 02:24:03.399 --> 02:24:05.900 this happened because I thought they had a 02:24:07.587 --> 02:24:09.148 thought they were receiving enough um 02:24:09.189 --> 02:24:11.150 through cryptocurrency donations but it 02:24:11.171 --> 02:24:12.691 seems like they have kind of been 02:24:12.731 --> 02:24:15.074 struggling so i don't know this is kind 02:24:15.113 --> 02:24:16.615 of sad but i hope that they can 02:24:16.956 --> 02:24:19.058 work out some other sustainability like 02:24:19.077 --> 02:24:21.058 some some other way to sustain their 02:24:21.099 --> 02:24:23.742 project because it's never been an app 02:24:23.762 --> 02:24:25.963 that i've used a lot but it's always 02:24:26.004 --> 02:24:27.944 been nice to have that extra option like 02:24:27.965 --> 02:24:28.906 a lot of people were like oh i 02:24:28.925 --> 02:24:30.747 don't like signal because it requires a 02:24:30.788 --> 02:24:31.188 phone number 02:24:31.962 --> 02:24:32.663 Here's session. 02:24:32.802 --> 02:24:33.884 Doesn't require a phone number. 02:24:33.984 --> 02:24:35.064 Or here's simple X. 02:24:35.084 --> 02:24:36.664 Like there's other options for people. 02:24:38.045 --> 02:24:39.885 It's better to have more options than not. 02:24:40.225 --> 02:24:41.626 So if session does go away, 02:24:41.665 --> 02:24:42.986 we're going to be kind of stuck with 02:24:43.585 --> 02:24:44.926 the only one I can think that really 02:24:44.947 --> 02:24:46.486 compares is simple X. 02:24:46.606 --> 02:24:49.507 Simple X is kind of session adjacent, 02:24:49.608 --> 02:24:52.248 but it has a different direction, 02:24:52.408 --> 02:24:54.569 certainly. 02:24:54.989 --> 02:24:55.250 Agreed. 02:24:59.450 --> 02:24:59.851 All right. 02:25:00.432 --> 02:25:03.235 I think that might be all we got 02:25:03.274 --> 02:25:03.715 this week. 02:25:04.075 --> 02:25:05.115 You think it's time to close out? 02:25:06.538 --> 02:25:06.997 All right. 02:25:08.680 --> 02:25:09.180 All right. 02:25:09.560 --> 02:25:11.182 All the updates from this week in privacy 02:25:11.242 --> 02:25:13.203 will be shared on the blog every week. 02:25:13.404 --> 02:25:15.466 So sign up for the newsletter or subscribe 02:25:15.486 --> 02:25:17.147 with your favorite RSS reader if you want 02:25:17.167 --> 02:25:17.868 to stay tuned. 02:25:18.349 --> 02:25:19.350 For those who prefer audio, 02:25:19.389 --> 02:25:21.672 we also offer a podcast available on all 02:25:21.691 --> 02:25:22.593 podcast platforms. 02:25:22.673 --> 02:25:23.453 And again, RSS.com. 02:25:23.953 --> 02:25:25.594 This video will be synced to PeerTube as 02:25:25.655 --> 02:25:25.954 well. 02:25:26.514 --> 02:25:28.415 Privacy Guides is an impartial nonprofit 02:25:28.456 --> 02:25:29.996 organization that is focused on building a 02:25:30.057 --> 02:25:32.337 strong privacy advocacy community and 02:25:32.358 --> 02:25:33.917 delivering the best digital privacy and 02:25:33.958 --> 02:25:35.498 consumer technology rights advice on the 02:25:35.519 --> 02:25:35.838 internet. 02:25:36.218 --> 02:25:37.120 If you want to support our mission, 02:25:37.200 --> 02:25:38.520 you can make a donation on our website, 02:25:38.559 --> 02:25:39.441 privacyguides.org. 02:25:40.460 --> 02:25:41.182 To make a donation, 02:25:41.242 --> 02:25:43.022 you can click the red heart icon located 02:25:43.042 --> 02:25:44.283 in the top right corner of the page. 02:25:44.664 --> 02:25:46.264 You can contribute using standard fiat 02:25:46.465 --> 02:25:48.085 currency via debit or credit card, 02:25:48.486 --> 02:25:50.447 or you can donate anonymously using Monero 02:25:50.528 --> 02:25:52.728 or your favorite cryptocurrency. 02:25:52.789 --> 02:25:54.629 Becoming a paid member unlocks exclusive 02:25:54.649 --> 02:25:56.470 perks like early access to video content 02:25:56.550 --> 02:25:58.031 and priority during the This Week in 02:25:58.072 --> 02:25:59.352 Privacy livestream Q&A. 02:25:59.612 --> 02:26:01.454 You also get early access to our show 02:26:01.475 --> 02:26:02.555 notes and the stories we might be 02:26:02.594 --> 02:26:02.956 covering, 02:26:03.355 --> 02:26:04.877 and a cool badge on your profile in 02:26:04.897 --> 02:26:06.497 the Privacy Guides forum and the warm, 02:26:06.518 --> 02:26:08.019 fuzzy feeling of supporting independent 02:26:08.058 --> 02:26:08.299 media. 02:26:08.500 --> 02:26:09.843 So thank you guys so much for watching 02:26:09.944 --> 02:26:11.029 and we'll be back next week.