WEBVTT - Tech News: Twitch Gets Hacked 0:00:04.400 --> 0:00:07.800 Welcome to tech Stuff, a production from I Heart Radio. 0:00:12.080 --> 0:00:14.960 Hey there, and welcome to tech Stuff. I'm your host, 0:00:15.080 --> 0:00:18.079 Jonathan Strickland. I'm an executive producer with I Heart Radio 0:00:18.120 --> 0:00:20.240 and I love all things tech. And this is the 0:00:20.239 --> 0:00:24.119 tech news for a Thursday, October seven, twenty twenty one. 0:00:24.600 --> 0:00:27.640 And before I get to the news, uh, I need 0:00:27.640 --> 0:00:31.920 to issue a correction because I totally bungled something in 0:00:32.120 --> 0:00:35.600 yesterday's episode. So if you've already listened to that one, 0:00:36.080 --> 0:00:38.440 there was you know, I was talking about space navigation 0:00:38.440 --> 0:00:42.519 in that episode, and I made a dumb mistake on 0:00:42.600 --> 0:00:45.519 my part, totally me and then I doubled down on it, 0:00:45.560 --> 0:00:50.440 which made it worse. But fortunately Twitter user Charlie Tango 0:00:50.640 --> 0:00:55.200 Bravo pointed this out to me. And the issue was 0:00:55.280 --> 0:00:59.200 I was describing the inverse square law, and what I 0:00:59.240 --> 0:01:02.440 said was that the intensity of a signal goes down 0:01:02.480 --> 0:01:04.560 by half upon the square of the distance. This was 0:01:04.680 --> 0:01:08.000 a complete misunderstanding on my part about the inverse square law. 0:01:08.280 --> 0:01:12.959 I mean, yes, the strength of a signal decreases over distance, 0:01:13.040 --> 0:01:16.800 but not that's not the relationship. Anyway. I could have 0:01:16.800 --> 0:01:19.560 avoided this entirely by just taking a little bit more 0:01:19.600 --> 0:01:23.160 time to make sure I understood the inverse square law 0:01:23.200 --> 0:01:26.880 before I included an explanation of it in my podcast. 0:01:27.120 --> 0:01:30.840 So again, this is all on me, and that stinks. 0:01:31.319 --> 0:01:33.480 I never want to get something wrong, and of course 0:01:33.520 --> 0:01:35.560 it's even worse than I could have avoided it if 0:01:35.600 --> 0:01:38.360 I had just been a little more careful, so my 0:01:38.400 --> 0:01:41.440 apologies to all of you for that. It also means 0:01:41.480 --> 0:01:44.480 that the example I gave was fundamentally wrong. I have 0:01:44.640 --> 0:01:49.440 recorded an updated segment that Tari is putting into yesterday's episode, 0:01:49.720 --> 0:01:52.120 so that doesn't solve the problem for everybody who's already 0:01:52.160 --> 0:01:54.080 listen to it, but it does mean that at least 0:01:54.120 --> 0:01:56.560 in in the future, should someone be going back and 0:01:56.600 --> 0:02:00.400 pulling up that episode, they won't have the wrong definition 0:02:00.440 --> 0:02:03.600 and explanation in there. And again thanks to Charlie Tango 0:02:03.640 --> 0:02:08.399 Bravo for the heads up. Uh and I I'll try 0:02:08.440 --> 0:02:11.639 to do better. I'm gonna make mistakes. I just hope 0:02:11.639 --> 0:02:14.000 they're not as embarrassing as that one. But let's get 0:02:14.080 --> 0:02:17.240 to the news. First up, A hacker pulled more than 0:02:17.280 --> 0:02:21.120 a hundred gigabytes of data down from Twitch, the video 0:02:21.160 --> 0:02:24.880 streaming service that Amazon owns and caters, primarily to gamers. 0:02:25.600 --> 0:02:28.679 That data included source code for the platform itself, so 0:02:28.960 --> 0:02:32.680 like the actual code that Twitch runs on. Uh. It 0:02:32.720 --> 0:02:37.280 included records showing how much top streamers were making due 0:02:37.280 --> 0:02:39.560 to the platform. So we're talking about, you know, like 0:02:39.720 --> 0:02:42.960 top performers making millions of dollars. Not all that information 0:02:43.120 --> 0:02:46.160 was you know, new necessarily, but it was all in 0:02:46.200 --> 0:02:48.520 one place. So a lot of people have been shocked 0:02:48.560 --> 0:02:53.919 by that. Also, stuff like user data, including potentially encrypted passwords. 0:02:54.280 --> 0:02:56.960 Now passwords being encrypted, that's a good thing. It that 0:02:57.080 --> 0:02:59.720 means that, you know, you can't just immediately read them. 0:02:59.720 --> 0:03:03.119 But however, with enough time and effort and a sufficiently 0:03:03.720 --> 0:03:07.800 powerful computer system, you can break encryption. It's just a 0:03:07.919 --> 0:03:10.400 question of how good was the encryption That will tell 0:03:10.440 --> 0:03:12.280 you how long it will typically take for you to 0:03:12.320 --> 0:03:14.680 break it. And for that reason, a lot of folks, 0:03:14.680 --> 0:03:17.640 including myself, are suggesting that anyone who has a Twitch 0:03:17.680 --> 0:03:21.040 account should go in and change their password. Hopefully you're 0:03:21.080 --> 0:03:23.160 not using the same password on Twitch as you are 0:03:23.240 --> 0:03:26.480 for other sites, because that could potentially mean that all 0:03:26.520 --> 0:03:30.560 of those accounts are now vulnerable to right, because if 0:03:30.760 --> 0:03:33.840 the hackers and all the people who are purchasing this 0:03:33.919 --> 0:03:37.880 information on the you know, digital black market. If they 0:03:37.880 --> 0:03:41.160 are all aware of the password you used and use 0:03:41.240 --> 0:03:43.960 it everywhere, well, now you've just you know, you've handed 0:03:43.960 --> 0:03:46.880 a skeleton key to people who just need to try 0:03:46.880 --> 0:03:49.840 it in all the different locks. While you're at it, 0:03:49.920 --> 0:03:52.320 while you're changing your password on Twitch, you should probably 0:03:52.400 --> 0:03:56.000 also go ahead and activate two factor authentication. That way, 0:03:56.360 --> 0:03:59.000 should someone ever get your password, they would still need 0:03:59.040 --> 0:04:01.560 your phone before they could access your account. So it's 0:04:01.560 --> 0:04:05.080 a good thing to have that active. Uh. It appears 0:04:05.120 --> 0:04:08.040 that the hacker was taking advantage of a vulnerability that 0:04:08.120 --> 0:04:12.720 was created when Amazon was doing some reconfiguration of Twitches servers. 0:04:13.120 --> 0:04:18.920 We've seen a couple of examples of server reconfigurations leading 0:04:18.920 --> 0:04:22.440 to big issues. In this case, it created an opportunity 0:04:22.480 --> 0:04:26.599 for a hacker to attack. In Facebook's case, it led 0:04:26.640 --> 0:04:30.520 to a situation where the internet essentially forgot that Facebook 0:04:30.720 --> 0:04:34.760 and all of its services existed for like six hours. 0:04:34.839 --> 0:04:39.360 So it really does tell us that you know, these processes, 0:04:39.800 --> 0:04:42.640 even when they are routine and mundane, you have to 0:04:42.680 --> 0:04:45.760 do them with a lot of care or else you 0:04:45.760 --> 0:04:50.000 can introduce some pretty big problems. Facebook founder Mark Zuckerberg 0:04:50.040 --> 0:04:54.760 attempted to downplay some statements that were made by the 0:04:54.920 --> 0:04:59.520 whistle blower and former Facebook employee Francis Hogan that she 0:04:59.640 --> 0:05:02.840 was making to the United States Senate. Zuckerberg said that 0:05:02.920 --> 0:05:07.120 the research Hoggan was citing had been taken completely out 0:05:07.160 --> 0:05:10.120 of context, and that it was painting a misleading portrait 0:05:10.279 --> 0:05:14.560 of what Facebook is, and he should know because he 0:05:14.720 --> 0:05:17.240 and other Facebook executives have made it kind of an 0:05:17.320 --> 0:05:21.320 art form to present, let's call it a highly curated 0:05:21.440 --> 0:05:26.440 image of Facebook, highlighting stuff that appears positive and then 0:05:26.520 --> 0:05:31.120 downplaying or even ignoring stuff that's negative, and meanwhile the 0:05:31.279 --> 0:05:34.080 entire time claiming that the company is operating in a 0:05:34.080 --> 0:05:37.599 transparent way. At one point, when The New York Times 0:05:37.640 --> 0:05:41.440 published an article that showed how Facebook was being selective 0:05:42.160 --> 0:05:44.400 to choose, you know, what kind of data to report 0:05:44.440 --> 0:05:48.320 and what data not to report, a Facebook spokesperson brushed 0:05:48.320 --> 0:05:50.440 it off and said, we're guilty of cleaning up our 0:05:50.480 --> 0:05:54.159 house a bit before we invited company. Okay, so here's 0:05:54.200 --> 0:05:58.440 the thing, though, Um, that's not what transparency means. Transparency 0:05:58.440 --> 0:06:01.920 doesn't mean let's just show you the pretty stuff. That's 0:06:01.960 --> 0:06:05.440 not transparency Facebook. Well, anyway, I suspect we're going to 0:06:05.480 --> 0:06:07.520 see a lot more scrutiny into the company in the 0:06:07.560 --> 0:06:11.480 weeks to come, and probably more examples of spin and 0:06:11.600 --> 0:06:14.960 damage control from the company as well. But I think 0:06:15.600 --> 0:06:20.200 tolerance for Facebook's shenanigans is at kind of a low 0:06:20.240 --> 0:06:22.400 point right now. I'm not saying it can't go lower. 0:06:22.800 --> 0:06:26.240 It might, but um, yeah, I think Facebook is kind 0:06:26.240 --> 0:06:28.080 of treading on thin ice at the moment. I think 0:06:28.080 --> 0:06:32.040 the government is of the United States in particular, is 0:06:32.360 --> 0:06:35.680 UH is kind of gearing up to to lay the 0:06:35.720 --> 0:06:38.640 smack down on Facebook, and the same is true in 0:06:38.680 --> 0:06:40.800 other parts of the world. By the way, all right, 0:06:41.080 --> 0:06:43.640 let's get back to hoggins testimony for a second. At 0:06:43.640 --> 0:06:47.880 one point, she talked about how Facebook's algorithms have exacerbated 0:06:48.000 --> 0:06:53.080 xenophobic rhetoric and made dangerous situations a whole lot worse 0:06:53.160 --> 0:06:55.320 in different parts of the world. One of the things 0:06:55.320 --> 0:06:59.160 you refer to was the coup in Myanmar, the military cue, 0:06:59.279 --> 0:07:02.760 and how face books algorithm pushed posts that turned the 0:07:02.800 --> 0:07:07.039 dial up with calls for things like ethnic violence within 0:07:07.120 --> 0:07:10.400 that country. And she also warned that the same thing 0:07:10.520 --> 0:07:14.080 is kind of unfolding now in Ethiopia. Researchers with the 0:07:14.160 --> 0:07:18.400 human rights organization Global witness back up that statement. They 0:07:18.400 --> 0:07:21.720 conducted a study in the mean Mar case. They actually 0:07:21.720 --> 0:07:25.320 looked to to a Facebook page that was a page 0:07:25.360 --> 0:07:29.360 dedicated to Myanmar's military, and that page didn't have any 0:07:29.440 --> 0:07:33.720 violations to Facebook's policies on it. They then liked that 0:07:33.760 --> 0:07:37.080 page to see what would happen next, and then Facebook 0:07:37.080 --> 0:07:41.560 started to suggest other pages that they might want to follow, 0:07:42.280 --> 0:07:46.200 and among those pages there were a bunch that had 0:07:46.360 --> 0:07:49.720 abusive content in them, stuff that was calling for like 0:07:50.600 --> 0:07:57.080 violence against specific ethnic minority groups. And even if you 0:07:57.120 --> 0:08:00.560 start from a place that doesn't violate Facebook's terms of service, 0:08:00.600 --> 0:08:03.160 it does not take long for stuff that is not 0:08:03.280 --> 0:08:07.480 playing by the rules to pop up, promoted by Facebook itself. 0:08:07.520 --> 0:08:10.040 I mean, you wouldn't necessarily even know it existed except 0:08:10.120 --> 0:08:12.840 for the fact that Facebook's algorithm is suggesting it to you. 0:08:13.240 --> 0:08:15.920 So this can quickly lead to a situation where a 0:08:16.000 --> 0:08:19.800 person sees frequent posts calling for violence or discrimination or 0:08:19.840 --> 0:08:25.280 promoting harmful and hateful ideologies, and it gets reinforced with 0:08:25.320 --> 0:08:28.840 every visit to Facebook. And now, I don't think anyone 0:08:29.400 --> 0:08:31.560 would go so far as to say that Facebook is 0:08:31.600 --> 0:08:36.120 the root cause of these problems. That is far too simplistic. 0:08:36.240 --> 0:08:38.760 It's just not reflective of the truth. But I think 0:08:38.800 --> 0:08:42.760 it's fair to say that Facebook is acting like an amplifier. 0:08:42.960 --> 0:08:47.320 It's taking a signal and boosting it. U S Senator 0:08:47.400 --> 0:08:52.199 Elizabeth Warren and House Representative Deborah Ross have introduced proposed 0:08:52.320 --> 0:08:56.760 legislation that they're calling the Ransom Disclosure Act, So they're 0:08:56.800 --> 0:09:01.040 calling for companies to have a legal obligation reveal when 0:09:01.080 --> 0:09:04.000 they have paid off a ransom as a result of 0:09:04.000 --> 0:09:06.400 a ransomware attack. Now, if you've been listening to my 0:09:06.440 --> 0:09:09.480 show for a while, you know I mean I I've 0:09:10.200 --> 0:09:13.520 beaten this dead horse so many times that I always say, 0:09:13.920 --> 0:09:18.079 never pay the ransom, because paying a ransom means you're 0:09:18.120 --> 0:09:23.040 sending the signal this criminal activity is profitable that encourages 0:09:23.360 --> 0:09:27.600 future attacks both against you and other entities. Plus, you 0:09:27.600 --> 0:09:30.800 can never guarantee that the attackers will actually return to 0:09:30.840 --> 0:09:34.320 you whatever it is that they have locked down, just 0:09:34.400 --> 0:09:38.040 in case. Ransomware is something you're not really familiar with. Typically, 0:09:38.040 --> 0:09:42.360 this involves hackers gaining access to a system and then 0:09:42.440 --> 0:09:47.200 they will encrypt large amounts of data and file folders 0:09:47.200 --> 0:09:50.000 and things like that in the system. So without a 0:09:50.040 --> 0:09:54.360 decryption key, without a way to reverse that process, all 0:09:54.400 --> 0:09:59.440 that data becomes unusable. It's it's it's gibberish, so you 0:09:59.520 --> 0:10:03.439 can't do anything with it. Um. Now, there are some 0:10:03.920 --> 0:10:07.000 different variations on this attack, but they all basically boiled 0:10:07.040 --> 0:10:09.319 down to a hacker trying to make critical systems or 0:10:09.400 --> 0:10:13.720 data inaccessible to the rightful owners. And then the hackers say, 0:10:13.840 --> 0:10:17.120 fork over the money, usually in the form of cryptocurrency, 0:10:17.200 --> 0:10:20.120 and then we'll hand you the decryption key so that 0:10:20.200 --> 0:10:24.160 you can get all your stuff back. So this bill, 0:10:24.640 --> 0:10:28.800 if passed into law, would require companies to disclose any 0:10:28.920 --> 0:10:32.320 ransom payment they made to hackers within forty eight hours 0:10:32.320 --> 0:10:36.240 of having made that payment, including how much they paid 0:10:36.400 --> 0:10:39.800 and in what format they paid it in. I imagine 0:10:39.800 --> 0:10:42.559 that if this bill does become law, it will discourage 0:10:42.559 --> 0:10:46.640 companies from trying to quietly handle these sorts of matters 0:10:46.679 --> 0:10:48.679 in the hopes that no one finds out about it, 0:10:49.080 --> 0:10:53.360 because if the government does find out that a company 0:10:53.400 --> 0:10:56.319 paid a ransom and that it did not comply with 0:10:56.400 --> 0:11:00.840 the rules, there's going to be some pretty serious consequences. Uh. 0:11:01.120 --> 0:11:03.720 Of course, this has not been passed into a law, 0:11:03.800 --> 0:11:07.200 it may never make it to a law, but is 0:11:07.280 --> 0:11:10.880 interesting to see the proposal over in Europe. A majority 0:11:10.920 --> 0:11:13.720 in the European Parliament voted on a band throughout the 0:11:13.760 --> 0:11:17.480 EU with regard to police using facial recognition surveillance to 0:11:17.600 --> 0:11:21.440 identify people who are not suspected of committing a crime. 0:11:22.160 --> 0:11:25.840 And as we've seen many times through lots of different studies, 0:11:26.160 --> 0:11:30.720 facial recognition technologies are incredibly prone to bias. Bias tends 0:11:30.760 --> 0:11:35.800 to disproportionately affect people in ethnic minority groups, and the 0:11:35.840 --> 0:11:38.960 European Parliament also released a statement that said, at least 0:11:38.960 --> 0:11:43.199 in part quote, to respect privacy and human dignity, m 0:11:43.240 --> 0:11:46.800 EPs ask for a permanent ban on the automated recognition 0:11:46.840 --> 0:11:51.079 of individuals in public spaces, noting that citizens should only 0:11:51.120 --> 0:11:54.760 be monitored when suspected of a crime. Parliament calls for 0:11:54.800 --> 0:11:58.559 the use of private facial recognition databases like the clear 0:11:58.640 --> 0:12:02.360 View AI system which is already in use, and predictive 0:12:02.400 --> 0:12:06.680 policing based on behavioral data to be forbidden end quote. 0:12:07.280 --> 0:12:10.000 And we've seen a growing concern around the world regarding 0:12:10.000 --> 0:12:15.319 how various authorities, particularly in law enforcement capacities, have been 0:12:15.360 --> 0:12:19.160 relying upon facial recognition technologies and how the technology can 0:12:19.200 --> 0:12:22.400 cause harm to innocent people. Even if everyone's using the 0:12:22.440 --> 0:12:27.000 tech correctly, the tech itself can just be wrong. So 0:12:27.360 --> 0:12:30.440 that's assuming if you're using it correctly. That's a big assumption. 0:12:30.480 --> 0:12:32.320 There are a lot of cases where people are just 0:12:32.440 --> 0:12:35.840 not using tech the right way. I'm sure you've encountered 0:12:35.880 --> 0:12:39.760 this just in general. Well, when you're talking about people 0:12:39.760 --> 0:12:43.160 in positions of authority who are using that to be 0:12:43.280 --> 0:12:49.079 part of a surveillance package on citizens, that becomes an 0:12:49.080 --> 0:12:54.800 incredibly dangerous situation, one that can lead to an authoritarian 0:12:54.960 --> 0:12:58.559 police state, uh and a lot of human rights being 0:12:58.679 --> 0:13:01.839 violated in the process. So I think this is an 0:13:01.880 --> 0:13:07.080 important point and something that I'm seeing pop up in 0:13:07.200 --> 0:13:11.280 other places around the world. Well, we have a few 0:13:11.280 --> 0:13:13.640 more stories to go through, but before we get to 0:13:13.720 --> 0:13:25.280 any of those, let's take a quick break. BlackBerry, which 0:13:25.800 --> 0:13:28.640 is a name I've not heard in a long time, 0:13:29.520 --> 0:13:35.440 A long time anyway. BlackBerry has a research team that 0:13:35.520 --> 0:13:40.200 reports that it discovered a Chinese state sponsored hacker group 0:13:40.640 --> 0:13:44.560 that was using three different fishing schemes, all targeting companies 0:13:44.559 --> 0:13:49.080 and individuals in India. The BlackBerry researchers say that it 0:13:49.160 --> 0:13:52.800 looks like the hackers were operating both as spies, so 0:13:53.000 --> 0:13:57.280 conducting espionage on behalf of the Chinese government and also 0:13:57.440 --> 0:14:02.520 pursuing quote financially motivated operations end quote. So you know, 0:14:02.840 --> 0:14:06.720 tricking people out of money and stealing and also spying 0:14:06.840 --> 0:14:09.600 on behalf of an authoritarian government. You know the usual. 0:14:10.080 --> 0:14:13.800 The name of this hacker group is APT forty one, 0:14:14.080 --> 0:14:17.800 and they lured in targets by sending out messages claiming 0:14:17.800 --> 0:14:20.840 to be related to official matters like you know, taxes 0:14:21.360 --> 0:14:25.600 or COVID nineteen measures. These are common tactics, right. You 0:14:25.600 --> 0:14:29.600 You set the bait by picking something that is likely 0:14:29.760 --> 0:14:33.120 to get a reaction from your target, something that that 0:14:33.280 --> 0:14:35.720 they would be concerned about. If you send them a 0:14:35.720 --> 0:14:39.160 message saying, hey, you know, we found some money that 0:14:39.240 --> 0:14:43.000 we owe you in taxes because you overpaid, a lot 0:14:43.000 --> 0:14:45.400 of people are gonna think, oh awesome and just open 0:14:45.480 --> 0:14:50.080 that up, right, very common tactic, or sometimes they pray 0:14:50.120 --> 0:14:53.160 on fear. Right, They say, it looks like you underpaid 0:14:53.360 --> 0:14:56.280 and if you don't pay this fee, then you're going 0:14:56.360 --> 0:14:59.320 to end up facing jail time and you're scaring them 0:14:59.320 --> 0:15:03.240 into a opening up the the attachment, which typically has 0:15:03.280 --> 0:15:06.040 some form of malware on it, or it lures you 0:15:06.120 --> 0:15:10.320 into sharing information you really shouldn't. The researchers showed that 0:15:10.400 --> 0:15:13.760 these hackers weren't being particularly careful about disguising the fact 0:15:13.840 --> 0:15:17.280 that a single group was behind the different fishing schemes. 0:15:17.760 --> 0:15:20.080 They were kind of using some of the same assets 0:15:20.120 --> 0:15:24.080 across the three different types of attacks. And they also said, like, 0:15:24.120 --> 0:15:26.160 there's not a whole lot they can do in these 0:15:26.160 --> 0:15:29.480 cases because you know, it's a it's an organization that's 0:15:29.520 --> 0:15:32.960 within China. It's you know, kind of you know, untouchable. 0:15:33.400 --> 0:15:36.480 So the best thing to do, you know, you can 0:15:36.480 --> 0:15:38.640 start to try and block IP addresses and stuff, but 0:15:38.640 --> 0:15:40.600 there are ways around that. So the best thing to 0:15:40.600 --> 0:15:43.000 do is to raise awareness in as many people as 0:15:43.000 --> 0:15:46.840 possible to try and decrease the number of positive attacks. 0:15:47.040 --> 0:15:49.320 If you can make it to the point where hackers 0:15:49.360 --> 0:15:51.920 just aren't getting that many hits, you can get it 0:15:51.960 --> 0:15:54.200 to a point where where the return on investment is 0:15:54.240 --> 0:15:57.760 so low that there's no point and even bothering. Uh, 0:15:57.840 --> 0:16:00.400 it's unlikely to ever reach that point, but it's a 0:16:00.400 --> 0:16:03.400 good gold strike for In past episodes, I've talked about 0:16:03.440 --> 0:16:07.000 the Pegasus software that's you know kind of it's really malware. 0:16:07.760 --> 0:16:11.520 It's software that uses a zero click attack through iOS 0:16:11.560 --> 0:16:16.000 and I Message. In particular, Apple includes I Message by 0:16:16.000 --> 0:16:19.560 default in all iPhones. You cannot uninstall it, at least 0:16:19.560 --> 0:16:23.680 not under normal conditions, and I Message will automatically accept 0:16:23.720 --> 0:16:27.840 any messages sent from other iOS devices that have sent 0:16:27.920 --> 0:16:31.600 a message to that phone's specific phone number. So really 0:16:31.600 --> 0:16:33.760 you just need your Targets phone number, and you need 0:16:33.880 --> 0:16:37.040 an iOS device that has the Pegasus software on it, 0:16:37.400 --> 0:16:40.040 and you can send an attack that effectively turns your 0:16:40.040 --> 0:16:43.560 Targets phone into a spying device. It can give you 0:16:43.600 --> 0:16:47.120 access to stuff like that phone's camera and microphone. Essentially 0:16:47.120 --> 0:16:49.880 you can operate the phone as if you were in 0:16:49.960 --> 0:16:54.960 direct possession of it. It's a powerful malware tool. This 0:16:55.080 --> 0:16:57.760 product comes from an Israeli company called n s O Group, 0:16:58.400 --> 0:17:01.320 and they say that the purpose to the malware is 0:17:01.360 --> 0:17:06.159 to give governmental authorities their customers a tool to infiltrate, 0:17:06.280 --> 0:17:09.200 you know, like criminal and terrorist organizations. You use this 0:17:09.560 --> 0:17:12.439 when you're doing like a sting operation. But you know, 0:17:12.680 --> 0:17:15.520 it doesn't really matter what the company says the tool 0:17:15.680 --> 0:17:18.879 was intended to do. It actually matters how people really 0:17:19.000 --> 0:17:22.200 use the tool. So the whole thing was to set 0:17:22.280 --> 0:17:25.600 up the fact that a UK judge has said that 0:17:25.920 --> 0:17:30.880 Sheik Mohammed bin Rashid al Maktoum, the ruler of Dubai, 0:17:31.720 --> 0:17:36.200 used Pegasus to infect the phone belonging to his ex wife, 0:17:36.280 --> 0:17:40.879 the Princess Hya bin al Hussein. And I should also 0:17:41.119 --> 0:17:44.879 add that he targeted, according to the judge, her entire 0:17:44.960 --> 0:17:49.159 legal team. And this was all during a very acrimonious 0:17:49.200 --> 0:17:52.280 custody battle between the Sheik and the princess over there 0:17:52.359 --> 0:17:57.199 their two children. Um So the UK Judge Andrew McFarlane 0:17:57.720 --> 0:18:01.199 factored this into his ruling on that case. Now, that 0:18:01.240 --> 0:18:04.720 whole judgment was done a year ago, but it was 0:18:04.840 --> 0:18:08.359 held in private. It was it was under lock and 0:18:08.480 --> 0:18:12.000 key for a full year before being published this year. 0:18:12.359 --> 0:18:16.200 The chik has subsequently denied the allegations and also argued 0:18:16.240 --> 0:18:18.440 that the court didn't actually have the authority to share 0:18:18.480 --> 0:18:21.320 that kind of information anyway, and also heads of foreign 0:18:21.320 --> 0:18:24.560 state or exempt from inquiries into the legality of their actions. 0:18:25.480 --> 0:18:28.439 That doesn't really say to me, hey, I totally didn't 0:18:28.440 --> 0:18:31.040 do that thing you accused me of doing. And the 0:18:31.080 --> 0:18:33.600 story actually gets worse from there, but it also gets 0:18:33.600 --> 0:18:36.440 away from the tech angle. So I'll just say there's 0:18:36.440 --> 0:18:40.399 a lot more to it. But it's another example of 0:18:40.480 --> 0:18:45.240 how a tool could be, you know, made to do 0:18:45.320 --> 0:18:49.080 one specific thing and maybe that that effort was sincere. 0:18:50.160 --> 0:18:54.320 But if people start turning it to another use, that's 0:18:54.359 --> 0:18:56.920 still that's still a bad thing, right, Like you still 0:18:57.000 --> 0:18:58.800 have to look at the company that's making the tool 0:18:58.840 --> 0:19:04.560 and say, hey, you are propagating a piece of malware 0:19:04.600 --> 0:19:07.919 that is causing an enormous amount of harm, And it 0:19:07.960 --> 0:19:12.000 doesn't really matter what your intent was anyway. Have you 0:19:12.040 --> 0:19:15.040 ever found yourself waiting into a flame war on Twitter? 0:19:15.359 --> 0:19:18.320 Maybe you got your dander up and you jumped into 0:19:18.440 --> 0:19:22.040 a hotly contested thread before you really thought it over. 0:19:22.560 --> 0:19:24.359 Maybe you even did it by accident. You were just 0:19:24.400 --> 0:19:27.240 replying to someone cheekily and then it blew up in 0:19:27.240 --> 0:19:30.239 your face, and maybe you regretted it afterwards. Maybe you've 0:19:30.280 --> 0:19:33.480 got all these different replies and retweets and stuff, and 0:19:33.520 --> 0:19:37.240 maybe just going on Twitter now is stressful and upsetting. Well, 0:19:37.359 --> 0:19:40.119 now Twitter is rolling out a feature to folks using 0:19:40.160 --> 0:19:44.359 the Android and iOS Twitter apps that could help prevent 0:19:44.400 --> 0:19:48.080 this from happening. The apps will now occasionally show prompts 0:19:48.359 --> 0:19:50.080 when it looks like you might be engaging in a 0:19:50.119 --> 0:19:53.920 Twitter thread that appears to be quote unquote intense. One 0:19:53.960 --> 0:19:57.880 example they gave was a prompt that reads, let's look 0:19:57.880 --> 0:20:01.400 out for each other and the mess our values make 0:20:01.440 --> 0:20:05.800 Twitter better. And then they includes some reminders to maybe 0:20:06.119 --> 0:20:09.000 convince you to act like, you know, a compassionate human being. 0:20:09.119 --> 0:20:12.440 Like it says that, you know, chances are the person 0:20:12.480 --> 0:20:14.440 who's on the other end of that Twitter handle is 0:20:14.480 --> 0:20:18.160 a person that ignores the fact that there's like a 0:20:18.280 --> 0:20:21.800 rampant bot problem on Twitter, but you know, you get it. 0:20:22.320 --> 0:20:26.560 And it also says, hey, you know, we shouldn't ignore facts. 0:20:26.840 --> 0:20:29.840 Facts are important. Facts are facts, and even if they're 0:20:29.840 --> 0:20:35.080 inconvenient to our own perspective, we cannot just dismiss a fact. Uh. 0:20:35.119 --> 0:20:38.400 It also says, yeah, having different perspectives is a good thing, 0:20:38.480 --> 0:20:40.280 you know, Like you can get people who have different 0:20:40.320 --> 0:20:44.280 perspectives having a conversation, and new ideas can develop and 0:20:44.320 --> 0:20:46.960 people can be opened up to other points of view, 0:20:48.600 --> 0:20:52.240 which is sometimes true. Essentially, what Twitter is trying to 0:20:52.240 --> 0:20:54.600 do is to remind us not to go nuclear on 0:20:54.640 --> 0:20:57.159 the platform, and I think that is good advice. But 0:20:57.200 --> 0:21:00.000 I also think this is important for Twitter because social media, 0:21:00.000 --> 0:21:02.920 your platforms can really come under fire if it looks 0:21:02.920 --> 0:21:06.959 like they're facilitating stuff like hate speech and misinformation. Apple 0:21:07.000 --> 0:21:09.680 has established a new policy that app developers will need 0:21:09.760 --> 0:21:13.439 to follow starting January thirty one next year. Uh at 0:21:13.480 --> 0:21:16.639 least any app developers who release apps that require users 0:21:16.680 --> 0:21:20.480 to create an account of some sort. Apple wants all 0:21:20.520 --> 0:21:22.760 of those kinds of apps to include an option to 0:21:22.880 --> 0:21:26.640 delete user accounts if the user wants to do that. 0:21:27.280 --> 0:21:29.520 Uh So, like if you just delete an app off 0:21:29.520 --> 0:21:34.119 your phone, that doesn't delete your account, The account is 0:21:34.119 --> 0:21:37.760 still sitting there on the servers of whatever developer I 0:21:37.800 --> 0:21:40.600 created the app for you, and it's still holding all 0:21:40.600 --> 0:21:44.200 that data, So you might want to close an account 0:21:44.200 --> 0:21:47.080 out entirely. Apple wants that to be built into the 0:21:47.119 --> 0:21:50.159 apps themselves, so that you're not just saying I'm not 0:21:50.200 --> 0:21:52.960 just using this app anymore. You know, you're saying I 0:21:53.000 --> 0:21:56.080 don't want to have an account anymore. The Verge has 0:21:56.080 --> 0:21:58.520 pointed out that Apple's policy has some wiggle room in it. 0:21:58.560 --> 0:22:01.320 For example, there's nothing thing that would stop a company 0:22:01.359 --> 0:22:05.760 from routing any sort of cancelation request to a customer 0:22:05.800 --> 0:22:08.639 service agent who then tries their best to talk you 0:22:08.760 --> 0:22:12.080 out of canceling your account, which reminds me of every 0:22:12.160 --> 0:22:14.960 experience I've ever had while trying to cancel cable service. 0:22:15.440 --> 0:22:18.440 But I think that generally speaking, this is a good move. 0:22:18.560 --> 0:22:21.879 It's not going to solve every problem, of course, but 0:22:22.200 --> 0:22:24.199 it at least gives users a chance to make a 0:22:24.240 --> 0:22:27.080 cleaner break when they decide they no longer want to 0:22:27.359 --> 0:22:31.200 rely on a specific service. Speaking of Apple, I've talked 0:22:31.200 --> 0:22:33.479 before about how a US judge has ruled that Apple 0:22:34.040 --> 0:22:37.119 must allow developers who want to use a different in 0:22:37.200 --> 0:22:42.560 app purchase option besides Apple's official one to be able 0:22:42.560 --> 0:22:44.520 to do so. That's what the judges said. They said 0:22:44.520 --> 0:22:47.080 that these developers, if they want to sell stuff within 0:22:47.119 --> 0:22:50.840 their apps, you know, like a video game app, offering 0:22:51.080 --> 0:22:54.119 things like character skins, that they are not required to 0:22:54.160 --> 0:22:57.159 go through Apple's own system to do that. That Apple 0:22:57.240 --> 0:23:00.600 should not require that to be the case. This is 0:23:00.640 --> 0:23:02.560 at the heart of how Apple makes a ton of 0:23:02.600 --> 0:23:06.359 revenue through the app store. It's not by creating apps, 0:23:06.400 --> 0:23:10.520 but rather by taking a chunk out of you know, 0:23:10.600 --> 0:23:12.960 taking a cut of up to like out of these 0:23:13.000 --> 0:23:17.040 in app purchases. And a Dutch antitrust authority has made 0:23:17.080 --> 0:23:20.760 a similar judgment against Apple. The authority has said that 0:23:21.480 --> 0:23:24.440 the rules that Apple had in place are anti competitive 0:23:24.480 --> 0:23:27.160 and that Apple must allow developers to offer their own 0:23:27.200 --> 0:23:29.919 in app purchasing options if they want to. So it 0:23:29.960 --> 0:23:33.399 looks like there's a growing movement to push back against 0:23:33.400 --> 0:23:37.560 Apple's policies. South Korea made a similar ruling, which affects 0:23:37.600 --> 0:23:40.239 not just Apple but also Google because Google does the 0:23:40.320 --> 0:23:43.880 same thing. So we're starting to see more countries say, 0:23:44.040 --> 0:23:46.959 you know, you can't do this. It's anti competitive and 0:23:47.000 --> 0:23:51.040 it's harmful to developers who you know, are really reliant 0:23:51.119 --> 0:23:54.119 upon those in app purchases to generate the revenue they 0:23:54.200 --> 0:23:57.320 need to stay in business. Finally, someone managed to get 0:23:57.359 --> 0:23:59.680 access to the Facebook profile page for the U S 0:23:59.800 --> 0:24:03.480 n V ship the U S S Kid. The person 0:24:03.600 --> 0:24:07.639