 Coming up on DTNS what Germany thinks is the most secure browser. Do you need to worry about your VPN provider getting hacked and artificial skin for your phone? This is the Daily Tech news for Monday October 21st 2019 in Los Angeles, I'm Tom Merritt and from studio feline I'm Sarah Lane and I'm the show's producer Roger Chang We were just having a very productive discussion of the metric system and its uses On our good day internet show if you'd like to get that and more in our expanded show Why not become a patreon? patreon.com slash DTNS gets you that and more let's start with a few tech things you should know a Huawei executive told Reuters on Friday that the company is in early-stage talks with US telecoms about licensing Huawei's 5g technology the company's senior vice president Vincent Pang said that telcos had expressed interest in both a long-term deal or a one-off transfer Google says that in the coming months It will issue a software update for the pixel 4 phones that will give users the option to require eyes to be unopened To unlock the pixel 4 with your face in the meantime if pixel 4 users are concerned about somebody unlocking their phone You know by pointing at them while they're asleep or unconscious They can long press the power button and choose the lockdown option that would require a pin or a pattern or a Password the next time the phone is unlocked Microsoft is acquiring cloud file migration provider mover for an undisclosed amount Microsoft executives said that the goal is to help customers migrate to Microsoft 365 plus Windows Office 365 and Intune bundles other Microsoft tools for cloud migration include fast track and the SharePoint migration tool So they've got some already there But mover supports migration from cloud services providers like box dropbox ignite and Google Drive as long as mover doesn't stop letting me go from Dropbox to box etc. Then that's fine a test from YouTube channel phone buff Indicates you might get more battery life out of your iPhone with an OLED screen if you turn on dark mode OLED screens can turn pixels off unlike LCD screens So there's a bigger difference there phone buff compared to iPhone 10 s maxes running iOS 13 They had an automation to do activities like watch YouTube Twitter and maps identically on both phones did it They set up the test for two hours At 200 nits of brightness the phone using dark mode still had 30% of its battery life when the phone running light mode died Before the two hours was up more tests would be needed to confirm the real level of difference and eliminate alternate causes But it seems like it does make some kind of difference You know, I'm all about dark mode on OS 10. Haven't tried it on iOS yet. Yeah I I've noticed that iOS 13 wasn't as bad on my battery life as usual iOS updates are in my older phone So, yeah, maybe maybe that's because then I turned on dark mode. So maybe that's why alright Let's talk a little more about Nord VPN's troubles Let's do it Nord VPN says that one of its VPN services at a date servers rather at a data center It was renting in Finland was accessed without authorization The attacker exploited an insecure remote management system that Nord VPN says it was unaware of left on the server by the data center Operator Nord VPN says no user logs or credentials were available on the server The attacker could have performed a man in the middle attack though to intercept a single connection That tried to access Nord VPN through that server the attacker would have not Would not have been able to access VPN traffic on any other server However, TechCrunch has seen similar records indicating other providers including TourGuard and Viking VPN may have been breached around the same time TourGuard told TechCrunch a single server was compromised in 2017 But no VPN traffic was accessed at that time and TourGuard did reveal that back in May. So It that was a previous revelation, but but to the Nord VPN situation, it's not great there are things that that a An attacker could have gotten if they knew a lot if they knew that Their target was using Nord VPN and connecting through Finland and hit that server Then they could have intercepted some traffic They could have just done, you know Kind of just random sampling to see what they could find there too that that's possible as well I I do believe Nord VPN when they say it wasn't us it was a remote management software unaware was on there just points out the importance of Working with your hosting provider to make sure that there's nothing unexpected running on a server you rent. Yeah, no kidding This is this is something I don't think should put in question the idea of using a VPN But it does highlight the fact that when you are using a VPN, you're not default secure You are trusting your security to the provider of your VPN. So it's it's good that Nord VPN found this It's good that it's been fixed But but yeah, it's not like VPN is a magic bullet that protects you all the time Right, especially when you like Google in free VPN server. Yeah, definitely when you're on vacation Don't do that Or do it with caution extreme Roger you were pointing out that the actually the most secure VPN or is probably to run it yourself, although You would not necessarily be more secure. You just have only yourself to blame Yeah, I mean I run open VPN server off my router and I only use it when I'm traveling like Sarah So I've never had any issues with it and it works pretty well, but if you have any security lapses I mean, it's really just on your shoulders Yeah Twitch is testing something called watch parties. Here we go again It would allow streamers on Twitch to screen Amazon Prime video content some Amazon Prime video content to viewers of Twitch Provided that the viewer also has an Amazon Prime subscription The feature is currently in testing for select streamers invited by Twitch We've seen so many versions of this over the past decade where YouTube Xbox Blu-ray all said we're gonna let you watch movies with your friends over the internet at the same time and none of them have Caught on Sarah. Do you think this one could be any different? Well, I don't think that the concept is really that different But but I but I have always liked the concept the concept of okay. We're in a A world where it's everything's on demand and we no one's watching things at the same time I mean most things at this point some things are still live But but the idea that you can kind of like get some camaraderie by all getting together and watching something in unison and Chatting about it. There have been many apps and services. I mean Twitter had its own version of this that never really got off the ground I can't even remember the one that was the idea of like checking into a show When when you would be watching it back in the day Facebook watch has a system that does this Watch video. Yeah, but you know, it's sort of like okay. Well, if the twitch User content creator has enough Folks that are interested in watching something, you know, they promote it ahead of time And then it's sort of this fun thing where you all sort of sit back and not unlike watching somebody play a video game I guess yeah, and then you got your chat going and it's good, you know, it's kind of lively that sounds fun to me Yeah, I mean, obviously you have to care about the content. I suppose but I Think twitches They they will be as successful as this at this then probably any other platform I can think of right now Yes, oh, no, I was about to say like You know, it's a very interesting that on the on the polygon article that that the buzzer story to use an image of the movie Oh Criminie Johnny Johnny dangerously. Yeah, and this is where I think This will be the most benefit is if you can do something start like a mystery science 33,000 where someone is watching a movie that people have already seen But then adds the commentary the unique take on it It adds a lot more because you're you don't need to have people like why I've never seen this before It's all brand new to me. You pick you pick cult movies are quick movies that are it be seen It it could be a veritable goldmine of content Who have done MST 3k will tell you though not everyone can do what they do it may look easy But it took a lot of work to make that come off So I I think it's smart for twitch to target this as streamers though because even if it's not an MST 3k thing Just saying oh, I'm gonna watch a movie or a TV show with this person that I enjoy watching on twitch Is more compelling there's already a diamond club Watch along that happens sort of ad hoc where they all just have to press play at the same time And watch along with each other. This makes that easier so so having it be community oriented and Personality-led I think is if this is going to catch on the thing that would make it work although I think you know Roger's point of the idea of having commentary from one of your favorite creators be somehow part of this is Not everybody's gonna be able to do this with success like you said Tom You can't just like be like oh, you know, we're gonna like provide commentary and it's gonna be great But some people will do that quite well. Yeah, and I think that if you know with Amazon's library thinking Do we give this movie a second life by you know offering this kind of You know another layer on top of it is really smart And so many people are more likely to have Amazon Prime video because they already pay for free shipping Or they want to pay for Twitch Prime because they're on Twitch So so I think it has fewer of those roadblocks of like yeah, but I don't have that service and I don't want to sign up for it Yeah, I want to talk about human skin on phones. Oh my yes Yes, I mean you have to say yes So we're gonna do it scientists at the University of Bristol and Sorbonne University have developed a skin-like inputs interface for use with phones and also computers so a multi-layer silicone membrane has a textured surface Electrode layer and also a hypodermis it can differentiate actions like tickling or caressing or twisting Even pinching the scientists created a phone case computer touchpad and also a smartwatch for demonstrations For instance with the phone touches and grip strength were interpreted as different emotions Expressed as emojis such as surprise laughter or anger the scientists are ready to work with developers and want to research adding things Like hair and temperature Just a disclaimer right now. We already know what a lot of you are thinking this is going to be used for and we'll just leave That to your imagination. Yep. Yep, that's that's you know, that's that's on you. That's the non-adult oriented uses of this I Think the that if you get past the creepy factor like let's just say like right now This is gonna catch on if it doesn't look like skin For most cases like if it's like oh We have this new interface that that you can like grip your phone to provide interface or or have more delicate touch Interactions we already have force touch long press things like that If you could have a wider vocabulary of touch interactions not just for a phone But for a computer as well, I think that could be put to a lot of interesting uses Yeah, and I think you know a lot of people like well, why would I ever want to tickle a smart device? Well, you know, you know, it's like I think Again, this is it sort of goes back to a conversation. We were having on the show last week It's like this is one of those things we were like Well, why would I ever want to do that? But the once you have it you're like Oh remember when we just had to like press a button and that was the only option that we had and maybe like force touch Like made it a little bit cooler When you watch the demo video of this in action, it's very skin-silly putty looking You know and and somewhat off-putting Yeah, you're kind of like oh, I would anybody want this but just the idea of the the the you know Next evolution of haptic feedback being something that is smart enough to discern between these things based on your mood as a human is Really cool. Yeah, I mentioned video game Interactions or or just even things like video editing or or CAD design where you you just want to have a more precise Interaction where you're like I just want to lightly brush here art For illustration, there's all kinds of things like if this is just a if you're angry twist it You know non-hairy Interface I think I think I could get accepted quite easily for sure. Yeah, I Would like skin on my phone in those cases just I was about to say no hair for me, but again, you know Show me how it's cool as long as it doesn't look hairy. I think that's the key You might want the hair to be detecting things sure researchers at Germany's security research labs developed for Amazon Echo skills and for Google home skills that passed through both companies vetting processes got into the stores and were demonstrations of the ability to Listen in on people without them knowing it and fish their passwords Users would trigger the apparently innocent app by saying something like ask my lucky horoscope to give me the horoscope for tourists That was one of the versions. The apps was a horoscope app The apps then gave the respect expected response and went silent. So you as a user would not necessarily Think anything was amiss if you're not paying close attention, but the apps were not silent They were speaking an unpronounceable character Particularly the uplus d801 dot space character, which is the question mark in a box that you see sometimes when stuff is Uninterpreted that kept the app running without making noise now After these apps were reviewed They were modified. This is the first part of the problem, which was they were vetted through the app review Process, but they weren't vetted after modifications. The modifications added things like the stop command Would no longer stop the app, but was programmed to say goodbye But keep those invisible characters running and further voice commands were met with more silence So some of the apps would just record what they heard during the silence and then send a transcript to the developer Those were for eavesdropping others Followed a period of silence with a fake error message or an alert for a fake device update Both of which asked the user for their password So it's a way of phishing the password out of somebody security researcher labs took down all the apps and Privately reported the results to Google and Amazon Google and Amazon in some cases say they took down the apps But the apps are not there anymore was for research purposes They alerted the companies about this and both companies say they have taken steps to prevent apps from exploiting these measures in the future Yeah, I mean the when I first read the story this morning. I was like, oh, here we go I knew it. It was just a matter of time my smart speakers, you know phishing me but but it sounds like Everything that at least could be done with this particular method of spying on people and gaining information that that a user did not explicitly say was okay Has now been shut down doesn't mean there aren't others totally and I'm sure there won't be yeah I'm sure there will be rather in the future, but this is, you know, all Altogether a good thing Things I am pleased about or as as Bart Buschatz might say fire extinguisher are That that this was caught by researchers It was privately disclosed and fixed This is mostly good news like researchers found a thing stop the thing from happening before it could be exploited Things that might set my hair a little on fire is my gosh Amazon and Google Why aren't you vetting updates and please could you clearly state that you're now vetting updates? Which they haven't done in any of the things that I've read Because that's a that's a huge and obvious way to catch these sorts of things And then yes further things that say ah these characters that don't make any sound Should just be blanket kept out of the ability to be spoken because they don't make any sound That's probably a good thing too. I'd like some clarification that that has been done They're they're saying that they fix this is a little bit vague for my tastes, but overall mostly a good story You know, it's interesting how not I mean people get confused all the time But we are becoming more and more savvy to what something in an app store kind of looks fishy, you know Whether it's iOS or Google Play or whatever. Yeah, you know or another you kind of go Yeah, I don't know sometimes something's kind of weird about this developer You you can do a little bit of due diligence and and and hopefully make the right choice, but like the skills Amazon App Store for lack of it. Whatever they call it is, you know, it's still very Wild Westie my Fitbit Versa App Store And there's quite a bit in there is very Wild Westie and it kind of just highlights how much Consumers when you have something new you're like, oh cool. These are cool. These are fun new things and people Yeah, exactly. You tend to want to you know, give it a go and ah horoscope great You know that kind of thing And in many cases it's not doing what you think it's doing look none of us in this audience Obviously would be fished by this but there's a lot of people who don't realize like oh wait speaking my password out loud Is that weird? I mean it's Amazon asking me, right? Must be fine. Yeah. Yeah I mean I speak it out loud when I'm logging into stuff on Apple TV every now and then kind of feels weird But also easier than typing David Marcus head of Facebook's Libra project told a banking seminar that Libra was a open to alternative approaches to its currency token Including a series of stable coins each paid to a specific currency Rather than a synthetic Amalgamation as Libra initially outlined Marcus said that this isn't Libra's new preferred format Method and its ultimate goal is to create a more efficient payment system Marcus also told Reuters that uh June launch for Libra is still the goal But the association will not move forward without regulatory approval Yeah, if you're if your head's spinning a little bit on these stories, uh, Libra was going to peg the value of its coin To multiple currencies at once they call it a basket of currencies to try to defend against market manipulation or fluctuations Uh, but now they're saying like well if regulators don't like that because it seems like a competitive currency We could just peg it directly to the currency in the market it operates So in the u.s. It would be peg to the dollar and uh, England It would be peg to the bounce sterling in europe it'd be peg to the euro So they're they're starting to bend over backwards to say whatever gets you to let us launch We'll do that and if you don't want us to launch a june great. We'll wait till you give us the go ahead We're willing to do whatever we want. It's just not looking good for Libra. Yeah, it really isn't The german federal office for information security carried out an audit of browser security testing for browsers firefox 68 esr google chrome 76 microsoft internet explorer 11 and microsoft edge 44 now You may notice that those tests do not include all the browsers They do not include safari brave opera or vivaldi. So if you use or promote safari brave opera vivaldi You get to say well our browser is also great. You just didn't test it but Of the ones they did test the audit evaluated how well the browsers complied With the office's very extensive guidelines for secure modern browsers The the guidelines are way too long for us to tell you here You can find them in the zd net article and elsewhere But it's things like, you know support for tls icons for secure connections Signed and verifiable browser updates user control of your browser history user control blacklist And it gets way more detailed and way more techy and wonky than that This is a tough list to meet But firefox was the only browser that met all the requirements chrome i.e An edge all three failed for lack of support for a master password mechanism And no option to block telemetry collection i.e failed the most requirements and chrome and edge were We're pretty much neck and neck and they're failing a few The even i.e only failed like a dozen or so of the requirements So so they all did pretty well on what's a pretty exhaustive list, but uh, but firefox aced the test So there you go. Well, congratulations firefox. It also it makes me chuckle a little bit We had a discussion last friday about uh, the idea of uh, you know cognitive bias in humans And browsers are a great example of that at least in my world where i'm like Yeah, chrome is probably not the best firefox seems cool, but like I don't know. I know how chrome works. I'm just going to go ahead and stick with this less secure version of what I could be using macaque monkeys are all using firefox now Well, they switched right over see friday show to understand what i'm talking about there But yeah, it's uh, it's it's another point in firefox's favor. If you look closely at this It's not like chrome and edge did horribly. No one should be using i.e 11 unless they absolutely have to these days It's not that it's insecure by you know by most Measurements, but it's it's on its way out and it's obviously not going to get better I don't think so you got edge if you just want to use the microsoft default browser Just use edge and if you're like, but i'm on windows xp. Maybe you should think about upgrading If you want to get all the tech headlines each day in about five minutes be sure to subscribe to daily tech headlines dot com Also, thanks everybody who participates in our sub reddit whether they are stories about browsers or monkeys or skin on Smartphones will take them submit stories and also vote on others at daily tech news show reddit.com We're also on facebook. We got a great group there facebook.com slash groups slash daily tech news show All right, Nate linkson is back with us with a preview of what's coming up in the next text message podcast Including the future of retail tech stores in britain Thanks guys Well, this week tom joined me to discuss some transatlantic issues such as whether the uk's complaining about facebook's tax bill is justified And whether high street gadget shops are as doomed in the us as they seem to be here in britain So if you want to know what dtns might sound a bit like if tom hosted it once a week with an english guy Do check out text message at uk tech show dot com and look for episode 182 Yeah, and if you're a patron of uh text message, you even get a little bonus topic That was a lot of fun The only negative at all of doing that show with nate uh last week Was that now i couldn't listen to it over the weekend because i already knew what it was about Bummer I wrote the news again Let's check out the mailbag Let's do it. This one comes from comey who had a really good tip for me because i'm in the middle of moving Anybody who's watching the video feed can sort of see things disappearing behind me and in my studio here But uh when it comes to box and everything up Got a really good tip here before closing each moving box take a picture of what's inside the box Take out some stuff lay it next to the box for the picture if you have to so nothing's hidden Most people will write down what's on the box either on the box itself or maybe in a separate list But they often forget to note small little things like that stapler that's you know spare battery Box that's under some stuff after you moved you get overwhelmed by the stack of boxes rather through going all the box Going through all the boxes looking for something you end up ordering a new one from amazon one day delivery Comey, you're absolutely right and this is the great tip and you know I'm I'm a few boxes in now, but I've got quite a few more to go and I'm absolutely going to use this technique I was originally thinking when I read comey's email like Ooh, and then you could get like one of those little wireless photo printers that print stickers And you could actually print the photo and stick it to the box And then you which is probably way too much work for somebody who's packing, but buy things to move But then you could but you could just like put a number I was thinking you put a number on the box and make sure that number is visible Maybe you write it on the inside flap at the top of the box when you take the picture And then you could just be like, okay look through my phone find. Oh, there's the stapler It's in box six. You know find box six exactly You know, there's no foolproof way, but this is pretty genius when I when I moved last time Um, I had gifted some really nice speakers that had real nice cables and you know, I had the whole thing To a friend of mine, but the the The cables that would go into a receiver Kind of went missing when I moved and I was like, let me just move and I'll find them and then I'll you know I'll mail them to you and he was like, yeah, that's fine It took me a while and you know why because I put them in a box that I had labeled so now Because at the time I was at the time right because I was like av stuff Yeah, but just put it all in there But I just kind of like didn't really get around to like putting together my sonos situation You know for like a month after I lived here and you know, he kept saying like, you know, you still got those cables And I was like, I don't know somewhere. I hope so I had them. Yeah, they were just miss marked. So that that would have helped me a lot To come to this point. I've definitely had the experience where I move and as I'm packing Find the thing that I couldn't find the last time I moved Right like the entire time I lived in a place had thought I had lost this thing and like you say probably replaced it And then you move you're like, oh, that's where that was the lens cap For the camera I used to shoot my tech republic top five videos for instance I think showed up because I was moving Yeah, it's one of the things we were like, I didn't throw it out, but I don't know where it is No idea where it is. Yeah, it's somewhere in here. I just don't know where it is Hey, shout out to our patrons at the master and grand master levels including de gradia a daniels John and becky johnston and chris smith Yeah, thanks to everybody who's uh, who's been popping in and checking out the new patron rewards If you've never been a patron of dts you can get all kinds of cool things including a commercial free version of the rss feed If you're brand new that that may be something that's worth checking out But there's also other rewards like access to our show doc So you can you can check in and see the rundown as we're putting it together each day or just page back through the tabs and Look at all the stuff that we've done in the past. It's it's an easier way to find the show notes So please consider signing up patreon.com slash dtns Our email address is feedback at daily tech news show dot com Please send us email early and often. We're also live monday through friday at 4 30 p.m. Eastern That's 20 30 utc and you can find out more at daily tech news show dot com Slash live back tomorrow with patrick beija talk to you then This show is part of the frog pants network get more at frog pants dot com Ironman club hopes you have enjoyed this brover