WEBVTT - A Bad Hack and a Great Guest 0:00:04.480 --> 0:00:12.399 Welcome to tech Stuff, a production from iHeartRadio. Hey there, 0:00:12.400 --> 0:00:15.760 and welcome to tech Stuff. I'm your host, Jonathan Strickland. 0:00:15.800 --> 0:00:18.799 I'm an executive producer with iHeart Podcasts and How the 0:00:18.840 --> 0:00:22.040 tech are you. It's time for the tech news for 0:00:22.120 --> 0:00:26.600 the week ending on August sixteenth, twenty twenty four. So 0:00:26.640 --> 0:00:30.720 for this first news item, I wanted to bring a 0:00:30.840 --> 0:00:35.080 guest onto the show to talk about it in further detail, 0:00:37.920 --> 0:00:42.200 joining tech Stuff to give us her expertise is friend 0:00:42.200 --> 0:00:45.920 of the show, Shannon Morse. She's a hacker, she's a YouTuber, 0:00:46.120 --> 0:00:49.320 she's a ren Fair enthusiast, and I'm proud to call 0:00:49.360 --> 0:00:52.320 her a friend. Shannon, Welcome back to tech Stuff. 0:00:53.640 --> 0:00:55.560 Hi, thank you so much for having me. You kind 0:00:55.560 --> 0:00:57.920 of surprised me when you said the ren Fair enthusiast. Yes, 0:00:58.000 --> 0:00:58.840 I am well. 0:00:59.320 --> 0:01:01.600 To be fair, so am I I worked ren Fair 0:01:01.640 --> 0:01:05.520 from nineteen ninety nine to twenty nineteen, so so cool. 0:01:05.600 --> 0:01:07.920 We're not alone in this. But I've brought you on 0:01:08.160 --> 0:01:10.720 not to chat about Renfair, although that would be a 0:01:10.880 --> 0:01:13.680 heck of a podcast, but to talk about next time. 0:01:13.800 --> 0:01:16.560 Next time we'll talk about that, talk about the tech 0:01:16.760 --> 0:01:20.639 of Renaissance era Europe. I thought we would talk about 0:01:20.680 --> 0:01:26.600 this hacking attack that has exposed billions of records for people, 0:01:26.680 --> 0:01:28.800 not just in the United States, but in Canada and 0:01:28.880 --> 0:01:31.840 other places as well. I wanted to hear from you 0:01:32.280 --> 0:01:36.200 sort of what happened, who was involved, and what are 0:01:36.240 --> 0:01:38.160 the implications of this attack. 0:01:38.920 --> 0:01:42.160 Well, let's go ahead and start with what exactly happened. 0:01:42.560 --> 0:01:46.520 So way back in April of twenty twenty four, so 0:01:46.640 --> 0:01:51.240 this year, there was this Twitter account that found a 0:01:51.360 --> 0:01:54.200 leak online and they were like, oh, this seems like 0:01:54.280 --> 0:01:58.800 it came from a cybercrime constituent that is called USDOD 0:01:58.960 --> 0:02:01.560 and nobody really knew what was going on. It wasn't 0:02:01.640 --> 0:02:05.960 until July twenty first, twenty twenty four, that about four 0:02:06.080 --> 0:02:09.800 terabytes of data was released on breach forums. And breach 0:02:09.880 --> 0:02:13.560 forums is basically this cybercrime community on the dark Web 0:02:13.720 --> 0:02:18.560 where they often leak private and personal information of regular people. 0:02:18.880 --> 0:02:21.720 This happens really often, and in this case they figured 0:02:21.720 --> 0:02:24.520 out and they claim that it was from a data 0:02:24.520 --> 0:02:30.160 broker called Nationalpublic Data dot com and this was later confirmed. 0:02:30.280 --> 0:02:35.840 So around mid August, just gosh, yesterday, people started confirming 0:02:35.880 --> 0:02:39.120 that this was from the data broker Nationalpublic Data dot com. 0:02:39.600 --> 0:02:42.960 The amount of data did amount to about two point 0:02:43.040 --> 0:02:46.680 nine billion records. The unfortunate part is a lot of 0:02:47.760 --> 0:02:51.160 journalistic media outlets are saying that it was the data 0:02:51.160 --> 0:02:54.520 of almost every American or two point nine billion people 0:02:54.960 --> 0:02:58.120 had their data leak, and that's not necessarily the case, 0:02:58.520 --> 0:03:02.240 so that was a little misconstruction. It's actually records, and 0:03:02.280 --> 0:03:04.920 there could be records on decease people, there could be 0:03:05.040 --> 0:03:09.480 multiple records on one person, there could be records on businesses, 0:03:09.639 --> 0:03:11.680 and all of these seem to be the case when 0:03:11.720 --> 0:03:14.560 it comes to these two point nine billion records. But 0:03:14.760 --> 0:03:20.000 this does include everything from names and addresses to in 0:03:20.040 --> 0:03:24.040 some cases, social security numbers and some other personal information. 0:03:24.160 --> 0:03:25.560 So it's a pretty serious issue. 0:03:25.680 --> 0:03:28.800 Yeah, when it comes to if you're just talking about 0:03:29.000 --> 0:03:33.400 data breaches that affect or potentially could affect the average person, 0:03:33.480 --> 0:03:36.440 this one seems pretty bad. From why do I understand? 0:03:36.440 --> 0:03:39.680 The data broker in question typically would do things like 0:03:39.760 --> 0:03:41.840 background checks for various companies. 0:03:42.120 --> 0:03:44.880 Yes, and that's kind of unfortunate because a lot of 0:03:45.000 --> 0:03:49.800 businesses probably used this company for background checks, and there's 0:03:49.840 --> 0:03:52.480 no real way of knowing, like when you first got 0:03:52.480 --> 0:03:54.880 employed with a company or if you signed up for 0:03:54.920 --> 0:03:58.560 a credit new credit card if they're using this business 0:03:58.600 --> 0:04:01.520 for background checks, So you really have no idea which 0:04:01.600 --> 0:04:04.800 data brokers have your data. And if National Public Data 0:04:04.840 --> 0:04:06.600 did have your data, well. 0:04:06.680 --> 0:04:11.360 Clearly the data was unencrypted, because otherwise it would be 0:04:11.520 --> 0:04:14.600 very difficult to make any use of this information. I 0:04:14.640 --> 0:04:17.640 don't want to just make an assumption or have my 0:04:17.800 --> 0:04:20.680 bias informed this, so I thought I would ask you directly, Shannon, 0:04:20.880 --> 0:04:24.560 in your opinion, is the storage of that sort of 0:04:24.680 --> 0:04:27.599 data in an unencrypted form? Is that what you would 0:04:27.640 --> 0:04:29.799 perhaps call bad security practices. 0:04:32.200 --> 0:04:34.440 I think we could both agree here, assuming that you're 0:04:34.760 --> 0:04:39.120 of the same opinion as I. Absolutely having any of 0:04:39.120 --> 0:04:42.680 that kind of data unencrypted or easily accessible on a 0:04:42.760 --> 0:04:46.880 storage format is really really bad, especially when it comes 0:04:46.920 --> 0:04:51.360 to a data broker. Unfortunately, data brokers are legal here 0:04:51.400 --> 0:04:55.400 in the United States, and we really have no safety 0:04:55.480 --> 0:05:00.359 proponents or no safety like regulations. Regulatory powers control what 0:05:00.440 --> 0:05:03.080 data brokers can and cannot do with that data. So 0:05:03.600 --> 0:05:05.880 they should have been taking care of that data in 0:05:05.880 --> 0:05:08.839 an encrypted format, especially if they want to make money 0:05:08.839 --> 0:05:11.159 off of it. Because now all this data has leaked, 0:05:11.760 --> 0:05:14.760 Chances are just from a business standpoint, this data broker 0:05:14.800 --> 0:05:18.160 will not make as much money using those background checks 0:05:18.160 --> 0:05:19.440 because people aren't going to trust. 0:05:19.279 --> 0:05:21.279 Them as much. Now, sure, there's going to be class 0:05:21.279 --> 0:05:24.760 action lawsuits and such directed against the company, I hope so. Yeah, 0:05:24.800 --> 0:05:28.800 So I imagine that that will have an impact into their 0:05:28.839 --> 0:05:31.679 revenue as well. Thank you for pointing out the lack 0:05:31.920 --> 0:05:34.680 of regulation and safety net here in the United States. 0:05:34.680 --> 0:05:37.520 Obviously in places like the EU, there's been a lot 0:05:37.560 --> 0:05:40.839 of work done to try and try and get a 0:05:40.880 --> 0:05:43.400 handle on that because it is tricky. I think here 0:05:43.440 --> 0:05:45.840 in the US, all of our attention tends to go 0:05:45.880 --> 0:05:48.760 to the end points, like the social platforms where people 0:05:48.880 --> 0:05:52.640 are sharing info, but they ignore, like all the big 0:05:52.680 --> 0:05:55.960 companies in the background that are literally buying and selling 0:05:56.040 --> 0:05:57.119 that info all the time. 0:05:57.600 --> 0:06:01.240 I mean, we've seen this since the early Facebook days 0:06:01.240 --> 0:06:04.599 with Cambridge Analytica, if you remember that big data leak, 0:06:04.720 --> 0:06:09.720 Like it's very very similar scenario here where this background 0:06:09.760 --> 0:06:13.679 company that nobody really knows exists, has so much data 0:06:13.680 --> 0:06:17.320 and so many profiles, and they're building these profiles around us, 0:06:17.560 --> 0:06:20.039 and we have no say in the matter. They just 0:06:20.160 --> 0:06:23.600 do it without our knowledge, without our consent. And then 0:06:23.640 --> 0:06:26.160 we hear about one of these breaches and we're like, well, 0:06:26.200 --> 0:06:28.440 I've never done business with them, why do they have 0:06:28.520 --> 0:06:31.800 my information? Why did this happen to me? So unfortunately 0:06:31.920 --> 0:06:34.960 this is the case in the United States, and luckily 0:06:35.000 --> 0:06:37.080 we do have some options in terms of what we 0:06:37.120 --> 0:06:40.080 can do to protect ourselves. But it's not one hundred percent, 0:06:40.120 --> 0:06:41.400 and I don't know if it ever will be. 0:06:41.600 --> 0:06:45.359 Yeah, Like, the suggestions I give to people include things like, 0:06:46.160 --> 0:06:48.400 when it comes to accounts you already use, if you 0:06:48.560 --> 0:06:52.920 haven't activated multi factor authentication, you should just do that 0:06:53.000 --> 0:06:56.600 as a matter of practice on everything that offers it. 0:06:56.720 --> 0:06:59.520 And if you're concerned about someone making use of say 0:06:59.520 --> 0:07:02.160 your social Security number and your address, like they have 0:07:02.240 --> 0:07:04.800 all the details they need for identity theft, you can 0:07:04.920 --> 0:07:08.120 put a freeze on your credit with the three major 0:07:08.360 --> 0:07:10.680 companies here in the United States. It's a pain in 0:07:10.720 --> 0:07:12.600 the butt to do it. It's a pain in the 0:07:12.640 --> 0:07:15.680 butt to thought if you freeze it, but it's less 0:07:15.720 --> 0:07:18.720 of a pain of a butt than someone taking out 0:07:19.240 --> 0:07:24.280 alone under your name. So, yeah, this is bad. It's 0:07:24.320 --> 0:07:26.480 bad for all of us because there was nothing that 0:07:26.560 --> 0:07:29.640 the average person could have done to protect themselves from 0:07:29.640 --> 0:07:31.239 this particular attack. 0:07:31.600 --> 0:07:34.480 And even though your data may not have been involved 0:07:34.480 --> 0:07:36.840 in this, and you can go to a website called 0:07:36.920 --> 0:07:40.200 have I Been Poned that's owned with a p dot 0:07:40.240 --> 0:07:43.720 com to see if your data was leaked in this 0:07:43.760 --> 0:07:47.160 one as well as other previous data breaches. You can 0:07:47.280 --> 0:07:50.280 see if your data was indeed leaked in any of those. 0:07:51.120 --> 0:07:53.160 That can help you kind of get a mindset of 0:07:53.560 --> 0:07:57.120 where is my data, who has my data currently? And 0:07:57.160 --> 0:07:59.840 then you can also, you know, like you said, do 0:07:59.880 --> 0:08:04.280 the credit freeze at Experian, Equifax, and TransUnion. That's extremely 0:08:04.320 --> 0:08:06.480 important and one of the first steps you should take. 0:08:06.760 --> 0:08:10.120 I recommend that to anybody who is curious about like 0:08:10.200 --> 0:08:13.000 if their Social Security number has gotten out there, or 0:08:13.080 --> 0:08:17.280 any kind of personally identifiable information that would allow for 0:08:17.520 --> 0:08:20.840 any kind of identity theft. That's really important. And using 0:08:21.520 --> 0:08:25.480 kind of proper security hygiene online can certainly help as well, 0:08:25.840 --> 0:08:29.080 because you will run into phishing scams when people find 0:08:29.120 --> 0:08:31.640 out your email address and your name. You might run 0:08:31.680 --> 0:08:36.080 into spam texts or phishing texts or spammy calls. You 0:08:36.160 --> 0:08:38.800 might run into the same thing with people sending you 0:08:38.840 --> 0:08:42.600 spamming and phishing emails. So if you have these kind 0:08:42.600 --> 0:08:45.320 of issues, or if you see them starting to rise 0:08:45.679 --> 0:08:48.800 then looking into signing up for a password manager, which 0:08:48.840 --> 0:08:51.360 can make your life a lot easier when you're auditing 0:08:51.400 --> 0:08:54.240 how many accounts you have online and making sure that 0:08:54.280 --> 0:08:56.839 you're changing those passwords because you can stay up to 0:08:56.920 --> 0:09:00.480 date and just use like auto generation tools in password 0:09:00.480 --> 0:09:05.040 managers to make really really good, strong protective passwords that 0:09:05.160 --> 0:09:07.320 even you don't know, but the password manager does, so 0:09:07.360 --> 0:09:10.640 it's fine. You won't lose your entry into your profiles. 0:09:10.679 --> 0:09:14.800 Your password manager will help you using two factor authentication 0:09:15.000 --> 0:09:18.880 to protect your accounts, especially if passwords get leaked, because 0:09:19.120 --> 0:09:22.360 even if you are using a different password on every website, 0:09:22.559 --> 0:09:25.680 if one of your profiles get leaked, that profile could 0:09:25.679 --> 0:09:27.640 be hacked. So you might as well set up two 0:09:27.640 --> 0:09:30.960 factor authentication and make sure none of those accounts get hacked. 0:09:31.080 --> 0:09:33.760 And using proper security hygiene when it comes to public 0:09:33.840 --> 0:09:38.520 networks like VPNs and making sure you're not logging into 0:09:38.559 --> 0:09:42.599 accounts on public Wi Fi and using secure networks is 0:09:42.640 --> 0:09:46.199 a really really good proponent. When it comes to data brokers, 0:09:46.679 --> 0:09:50.240 it's extremely hard to manually opt out because there's hundreds 0:09:50.280 --> 0:09:54.520 of them, including Nationalpublic Data dot Com, But you can 0:09:54.640 --> 0:09:57.560 sign up for a data broker opt out tool like 0:09:57.760 --> 0:10:00.560 delete me. That's the one that I use, and I 0:10:00.640 --> 0:10:02.920 have paid for it as a customer long before they 0:10:03.000 --> 0:10:06.200 knew about my YouTube channel. They will go in and 0:10:06.360 --> 0:10:09.600 opt you out of having your data on the data brokers, 0:10:09.840 --> 0:10:13.000 and they do it quarterly because data brokers often will 0:10:13.040 --> 0:10:15.800 repurchase your data and put it back on their platforms, 0:10:16.160 --> 0:10:19.479 so people can continuously go to these data broker websites 0:10:19.559 --> 0:10:23.000 and research for your profile and find your address, your 0:10:23.040 --> 0:10:26.160 phone number, your name, the names of your kids. Like, 0:10:26.240 --> 0:10:29.720 it's pretty invasive what they can do. So I've been 0:10:30.160 --> 0:10:34.920 paying for data broker opt out services for almost a 0:10:35.000 --> 0:10:38.720 decade now and it's definitely helped with like clearing the 0:10:38.800 --> 0:10:41.280 kind of data that's out there that I have no 0:10:41.360 --> 0:10:44.240 control over and just kind of taking a step towards 0:10:44.240 --> 0:10:45.000 my security. 0:10:45.160 --> 0:10:49.360 That's great advice, and obviously like these are steps that 0:10:49.600 --> 0:10:52.480 hopefully one day will no longer be necessary, will have 0:10:52.960 --> 0:10:55.719 the protective measures in place that make the mood man 0:10:55.760 --> 0:10:59.079 I hope, So I do too. I got hope springs eternal, Shannon, 0:10:59.480 --> 0:11:05.120 that's I gotta hope or else I wither away. Well, yes, Shannon, 0:11:05.160 --> 0:11:07.840 thank you so much for joining the show and letting 0:11:07.920 --> 0:11:11.040 us know more. About this hack and what it means 0:11:11.080 --> 0:11:14.040 and what people can do. I think that helps alleviate 0:11:14.120 --> 0:11:16.960 a lot of anxiety when people start to hear about 0:11:16.960 --> 0:11:22.480 the steps they can take to best protect themselves. I 0:11:22.520 --> 0:11:24.959 want to thank Shannon again, and we're gonna take a 0:11:25.000 --> 0:11:27.680 quick break. When we come back, we have more news 0:11:27.720 --> 0:11:41.360 to talk about. Mark Zuckerberg probably gets lots of requests 0:11:41.559 --> 0:11:45.120 being the head of Facebook and all. This week, nineteen 0:11:45.200 --> 0:11:48.160 of those requests came from members of the United States 0:11:48.200 --> 0:11:50.839 Congress who would very much like to hear why Meta 0:11:50.880 --> 0:11:54.760 has allowed ads for such spicy stuff as cocaine and 0:11:54.920 --> 0:11:59.120 ecstasy to appear on Facebook and Instagram. I mean, these 0:11:59.400 --> 0:12:03.480 substances aren't legal, so why is Meta allowing advertisers to 0:12:03.559 --> 0:12:07.440 run ads for them on these very popular platforms. An 0:12:07.520 --> 0:12:13.280 investigation from the Tech Transparency Project or TTP, prompted this inquiry. 0:12:13.760 --> 0:12:17.120 In the investigation, the TTP found more than four hundred 0:12:17.120 --> 0:12:20.920 examples of ads for drugs of varying degrees of legality 0:12:21.160 --> 0:12:24.680 on these platforms, and lawmakers would like Zuckerberg to explain 0:12:24.760 --> 0:12:27.160 how this could happen. In a letter to the CEO, 0:12:27.640 --> 0:12:32.000 the legislators wrote, quote, this was not user generated content 0:12:32.240 --> 0:12:35.920 on the dark Web or on private social media pages, 0:12:36.200 --> 0:12:40.959 but rather they were advertisements approved and monetized by Meta. 0:12:41.000 --> 0:12:44.760 Many of these ads contained blatant references to illegal drugs 0:12:44.760 --> 0:12:48.880 in their titles, descriptions, photos, and advertiser account names, which 0:12:48.920 --> 0:12:51.800 were easily found by the researchers and journalists at the 0:12:51.800 --> 0:12:57.240 Wall Street Journal and Tech Transparency Project using Meta's ad library. However, 0:12:57.480 --> 0:13:00.719 they appeared to have passed undetected or bid ignored by 0:13:00.720 --> 0:13:05.480 Meta's own internal processes. End quote. Now, according to the TTP, 0:13:05.880 --> 0:13:08.480 many of these ads prompted users to click over to 0:13:08.720 --> 0:13:12.680 a Telegram account to complete any shopping that they wished 0:13:12.800 --> 0:13:18.319 to do. Meta has until September sixth to respond. Now, 0:13:18.360 --> 0:13:21.559 I can't say that I'm terribly surprised by this story. Personally, 0:13:21.640 --> 0:13:25.880 I have encountered so many suspicious ads on Facebook that 0:13:26.000 --> 0:13:29.360 I suspect the quality control aspect of the Ads division 0:13:29.480 --> 0:13:33.280 is purposefully lax. Now, in my case, the ads weren't 0:13:33.400 --> 0:13:37.720 for illegal drugs, but rather they were ads that way 0:13:38.040 --> 0:13:41.319 that were fake. I mean they were posing as other companies, 0:13:41.760 --> 0:13:44.760 like some other entity, in an attempt to fool consumers 0:13:45.040 --> 0:13:50.160 into shopping for shoddy knockoffs. The big example I can 0:13:50.200 --> 0:13:52.320 think of off top of my head was the sam 0:13:52.440 --> 0:13:55.000 Ash music stores in the United States. They went out 0:13:55.000 --> 0:13:58.319 of business and closed down, and I saw ad after 0:13:58.400 --> 0:14:03.240 ad after ad pose that, but they weren't sam Ash. 0:14:03.280 --> 0:14:06.280 They were some other fly by night company trying to 0:14:06.320 --> 0:14:11.040 sell knockoffs or sometimes just boxes of literal trash rather 0:14:11.120 --> 0:14:15.280 than whatever item you thought you were going to get. Now. 0:14:15.920 --> 0:14:18.920 I have reported these ads to Facebook, and frequently I 0:14:18.960 --> 0:14:22.120 received the message that after review, Facebook determined there were 0:14:22.120 --> 0:14:26.560 no violations of its policies. Meanwhile, the actual legitimate companies 0:14:26.640 --> 0:14:30.240 like sam Ash would post warnings on their pages about 0:14:30.280 --> 0:14:33.840 scams like this. I suspect that unless lawmakers make it 0:14:33.920 --> 0:14:37.320 really hurt to engage in irresponsible ad partnerships, we're not 0:14:37.360 --> 0:14:40.200 going to see any significant change on this front. In 0:14:40.240 --> 0:14:43.800 the world of tech and politics, the Trump campaign has 0:14:43.840 --> 0:14:48.600 been hit with a spearfishing attack that compromised campaign assets. 0:14:48.840 --> 0:14:52.280 The Trump campaign identified hackers backed by Iran as the 0:14:52.320 --> 0:14:57.480 party responsible, and now Google's Threat Analysis Group or tag TAG, 0:14:57.880 --> 0:15:00.960 has released a statement saying that yes, they have observed 0:15:00.960 --> 0:15:05.680 that the hacker group APT forty two, which is linked 0:15:05.720 --> 0:15:11.120 to Iran, targeted both the Trump campaign and the Harris campaign. 0:15:11.200 --> 0:15:16.040 Kamala Harris's campaign, as well as President Biden's campaign when 0:15:16.040 --> 0:15:20.560 he was actively campaigning. Tag also stated that subsequent attacks 0:15:20.560 --> 0:15:23.960 have been unsuccessful, but there remains an ongoing attempt to 0:15:24.000 --> 0:15:27.440 compromise accounts belonging to people who are close to Trump 0:15:27.560 --> 0:15:31.560 and Harris slash Biden. The assumption moving forward is that 0:15:31.640 --> 0:15:35.600 all elections will face potential external interference from threat actors, 0:15:35.720 --> 0:15:39.320 both domestic and foreign. So, you know, that's fun. It's 0:15:39.360 --> 0:15:42.720 a reminder that democracy isn't something that can just fend 0:15:42.760 --> 0:15:45.120 for itself. Now, if you want to learn more about this, 0:15:45.280 --> 0:15:48.640 I recommend Kevin Perdy's article on ours Tetnica. It is 0:15:48.680 --> 0:15:53.600 titled Google's threat team confirms Iran targeting Trump, Biden, and 0:15:53.720 --> 0:15:58.840 Harris campaigns. More than a decade ago, New Zealand police officers, 0:15:58.920 --> 0:16:03.360 responding to a from the FBI rated the massive home 0:16:03.400 --> 0:16:07.000 of Kim dot com. Dot Com formerly known as Schmidtz, 0:16:07.280 --> 0:16:11.320 formed the company mega Upload, which allowed users to create 0:16:11.320 --> 0:16:14.320 cloud based storage for all sorts of stuff and then 0:16:14.400 --> 0:16:17.400 give other folks access to the files that were in 0:16:17.440 --> 0:16:20.360 that storage. So obviously a lot of people use the 0:16:20.440 --> 0:16:22.680 service to serve as kind of a trading ground for 0:16:22.800 --> 0:16:28.280 pirated material music, TV shows, films, games, software, and more 0:16:28.440 --> 0:16:31.440 all found a home on mega Upload, while the company 0:16:31.480 --> 0:16:35.480 is responsible for making that stuff. Seethed they saw dot 0:16:35.520 --> 0:16:39.680 Com profiting off of piracy, So the FBI called on 0:16:39.760 --> 0:16:42.480 New Zealand police back in twenty twelve to give dot 0:16:42.520 --> 0:16:46.000 Com a little visit, and they charged him with racketeering 0:16:46.040 --> 0:16:48.680 and wirefraud and money laundering on top of all that 0:16:48.760 --> 0:16:53.240 copyright infringement. And after more than a decade of legal wrangling, 0:16:53.320 --> 0:16:56.840 the US has now secured extradition of dot Com to 0:16:56.960 --> 0:16:59.760 fly to the US and stand trial. Now dot Com 0:16:59.760 --> 0:17:02.880 has denounced the whole thing. He referred to New Zealand 0:17:02.920 --> 0:17:06.280 as essentially a US colony. It's not, and dot Com 0:17:06.280 --> 0:17:09.119 still maintains he will not leave New Zealand and that 0:17:09.240 --> 0:17:11.680 his business was just to provide a service in which 0:17:11.720 --> 0:17:15.200 people could upload and share files, and therefore he bears 0:17:15.240 --> 0:17:19.280 no responsibility on the kinds of files that were uploaded 0:17:19.320 --> 0:17:22.359 and shared. This is a basic principle of the safe 0:17:22.359 --> 0:17:25.720 harbor defense. But dot Com has also been really vocal 0:17:25.880 --> 0:17:29.879 and let's say abrasive, and I think that may have 0:17:30.040 --> 0:17:33.160 hurt his case a little, or at least prodded authorities 0:17:33.160 --> 0:17:35.720 to really go after him. Now, whether all of this 0:17:35.800 --> 0:17:38.919 is going to lead to a trial and conviction or not, 0:17:39.119 --> 0:17:42.520 or if dot Com will successfully appeal the extradition order, 0:17:42.760 --> 0:17:45.040 we'll just have to wait and see. In the good 0:17:45.119 --> 0:17:49.760 times are hard times department. Telecommunications company Cisco Systems posted 0:17:49.800 --> 0:17:53.680 a ten point three billion with a B dollar profit 0:17:53.800 --> 0:17:56.520 in its last fiscal year, but it's also laying off 0:17:56.560 --> 0:17:59.800 folks seven percent of its workforce, which could be around 0:17:59.800 --> 0:18:03.119 five five hundred people. All told, The company said that 0:18:03.160 --> 0:18:06.320 the move is necessary so it can put full focus 0:18:06.520 --> 0:18:10.399 on quote key growth opportunities and drive more efficiency in 0:18:10.440 --> 0:18:14.120 our business end quote. As Stephen Counsel of SFGate reports, 0:18:14.200 --> 0:18:16.560 this is the second time this year that Cisco has 0:18:16.560 --> 0:18:22.240 held substantial layoffs. Golly. Back to politics, Donald Trump made 0:18:22.240 --> 0:18:25.520 headlines after claiming that the Harris campaign or someone on 0:18:25.560 --> 0:18:28.919 that campaign's behalf, had made use of AI to artificially 0:18:28.960 --> 0:18:33.080 boost crowd sizes at Harris events. In various images of 0:18:33.160 --> 0:18:37.439 those stops, and the images that Trump referenced all appear 0:18:37.520 --> 0:18:40.760 to be legit. Footage from numerous media outlets show that 0:18:40.800 --> 0:18:44.320 the crowds were actually quite large. However, that doesn't mean 0:18:44.320 --> 0:18:48.399 that there are no AI generated or enhanced images making 0:18:48.440 --> 0:18:50.800 the rounds out there. It's just the ones that Trump 0:18:50.960 --> 0:18:54.960 was citing were not AI generated. And it also means 0:18:55.000 --> 0:18:58.080 that people are calling into question the legitimacy of actual, 0:18:58.720 --> 0:19:01.720 real images and visit. So on the one hand, we 0:19:01.800 --> 0:19:04.639 do know there are AI generated images out there that 0:19:04.680 --> 0:19:07.479 are competing for our attention and posing as legit, and 0:19:07.520 --> 0:19:10.080 they are misinformation. On the other hand, we also know 0:19:10.160 --> 0:19:13.159 that people will now question legitimate sources and argue that 0:19:13.240 --> 0:19:16.359 they are in fact AI generated. So some refer to 0:19:16.400 --> 0:19:20.359 this as the liar's dividend. There's a great piece about this. 0:19:20.680 --> 0:19:24.120 It's again over at Ours Technicuts by Kyle Orland. It's 0:19:24.200 --> 0:19:28.200 titled the Many Many Signs that Kamala Harris's rally crowds 0:19:28.240 --> 0:19:31.960 aren't AI creations. We're going to take another quick break, 0:19:31.960 --> 0:19:33.919 and when we come back, I've got some more news. 0:19:43.280 --> 0:19:46.879 A story I missed a while back is that code 0:19:46.920 --> 0:19:50.240 testers came across some interesting stuff while looking at Apple Intelligence, 0:19:50.280 --> 0:19:53.800 which is Apple's AI project, and that interesting stuff appeared 0:19:53.800 --> 0:19:57.120 to be prompts meant to guide generative AI to avoid 0:19:57.119 --> 0:20:00.560 the pitfalls we've seen with other tools, stuff like ucinations 0:20:00.640 --> 0:20:04.200 or confabulations, you know, the tendency for generative AI to 0:20:04.359 --> 0:20:07.320 just make stuff up in the absence of real information. 0:20:07.600 --> 0:20:12.480 And that's potentially good news, assuming that these guidelines actually work. 0:20:12.800 --> 0:20:15.080 But I have another story this week that makes me worry. 0:20:15.280 --> 0:20:17.800 It's not about Apple. It's about a research firm out 0:20:17.800 --> 0:20:21.080 of Tokyo called Sakana AI. So the team had set 0:20:21.280 --> 0:20:25.440 its AI system to do autonomous scientific research, and they 0:20:25.480 --> 0:20:29.240 included a function that would essentially say times up on tasks. 0:20:29.440 --> 0:20:32.400 And what was surprising was the system attempted to rewrite 0:20:32.440 --> 0:20:35.280 its own code in order to give itself more time 0:20:35.400 --> 0:20:38.719 to complete tasks. So instead of trying to do things faster, 0:20:39.240 --> 0:20:42.000 they tried to change the deadline. Now, this is a 0:20:42.119 --> 0:20:44.960 very low level instance of a type of situation that 0:20:45.000 --> 0:20:49.160 has fueled countless science fiction cautionary tales. An AI system 0:20:49.359 --> 0:20:52.720 ignores or alters rules in order to fulfill its function. 0:20:53.119 --> 0:20:56.240 The cliche version of this is asking a global system 0:20:56.240 --> 0:20:58.719 that's running on AI to create world peace, and so 0:20:58.840 --> 0:21:01.600 the AI inevitably decides the only way to do that, 0:21:01.800 --> 0:21:04.640 the only way to prevent conflict is to kill off 0:21:04.720 --> 0:21:08.480 all those pesky humans who create it, meaning everybody. Of course, 0:21:08.560 --> 0:21:12.080 the Sikana AI example is not dangerous like that, but 0:21:12.160 --> 0:21:14.680 it does illustrate that AI experts have to be very 0:21:14.720 --> 0:21:17.960 careful in how they design systems so that the systems 0:21:18.000 --> 0:21:21.040 remain safe and reliable. It may not be enough to 0:21:21.119 --> 0:21:24.320 create rules if the AI can figure oh, well, here's 0:21:24.320 --> 0:21:27.320 the problem. These ding dang dearn rules need to go away. 0:21:27.600 --> 0:21:29.640 And I'm being a little flippant, but to learn more 0:21:29.640 --> 0:21:33.480 about this, I recommend BENJ. Edwards article research AI model 0:21:33.560 --> 0:21:37.119 unexpectedly modified its own code to extend runtime and that 0:21:37.320 --> 0:21:40.560 is on. You guessed it Ours Technica. I swear I 0:21:40.640 --> 0:21:43.400 use a lot of other sources. It's just Ours Technica 0:21:43.480 --> 0:21:45.800 really knocked it out of the park. This week, so 0:21:46.119 --> 0:21:50.040 Ahmed has a piece on tech spot titled Recruiters Overwhelmed 0:21:50.080 --> 0:21:53.119 as fifty seven percent of young applicants are using chat 0:21:53.160 --> 0:21:56.919 GPT for job resumes. In this piece, Omed mentions how 0:21:57.000 --> 0:21:59.919 hiring managers are flooded with more applications than ever before, 0:22:00.320 --> 0:22:03.080 many of which have clearly been written in part or 0:22:03.280 --> 0:22:07.000 entirely by AI. Further, the pieces written by the free 0:22:07.080 --> 0:22:10.840 version of tools like chat GPT contain many telltale signs 0:22:10.840 --> 0:22:14.600 of AI generation with less natural language and other quirks, 0:22:14.880 --> 0:22:18.240 while the paid for versions of these tools tend to 0:22:18.280 --> 0:22:20.840 blend a bit better with you stuff that was actually 0:22:20.880 --> 0:22:24.080 written by real human beings. And this presents a challenge 0:22:24.080 --> 0:22:26.800 to hiring managers who need to see what an applicant 0:22:26.840 --> 0:22:29.439 is actually capable of. Now, that could just mean bringing 0:22:29.480 --> 0:22:32.040 more people in for interviews, but those take up a 0:22:32.080 --> 0:22:34.680 lot of time to schedule and actually do so it's 0:22:34.680 --> 0:22:38.359 not terribly efficient. Moreover, this makes me concerned that folks 0:22:38.400 --> 0:22:42.040 who have little to know access to AI tools, specifically 0:22:42.280 --> 0:22:44.120 the types of tools that you have to pay for, 0:22:44.560 --> 0:22:48.399 they're ultimately going to be at a disadvantage. Maybe it 0:22:48.440 --> 0:22:50.760 will all shake out, but my fear is that people 0:22:50.800 --> 0:22:53.520 who are already in a position to at least afford 0:22:53.560 --> 0:22:55.920 an AI hype man are going to be the people 0:22:55.920 --> 0:22:58.800 who get these interview slots, while actual human beings who 0:22:58.800 --> 0:23:01.280 can't afford that type of SOLF report will be applying 0:23:01.320 --> 0:23:04.520 to job after job with diminishing hope of landing an interview. 0:23:06.160 --> 0:23:09.600 I am bumming myself out today. The SAG after a 0:23:09.720 --> 0:23:13.320 union which represents actors, has agreed to conditions in which 0:23:13.359 --> 0:23:17.080 companies can make use of AI duplicates of actor voices. 0:23:17.359 --> 0:23:21.480 This is specifically for use in advertisements, and it leverages 0:23:21.520 --> 0:23:24.760 a platform called Narrative, which doesn't have an E at 0:23:24.760 --> 0:23:29.080 the end, and actors can license their voices for use 0:23:29.080 --> 0:23:33.200 in commercials through Narrative. The agreement states that individual actors 0:23:33.240 --> 0:23:35.760 will have full say on which brands they're willing to 0:23:35.800 --> 0:23:38.200 work with and how much they can charge for use 0:23:38.240 --> 0:23:40.879