 This 10th year of Daily Tech News show is made possible by you listening right now. Thanks so much. Maybe you're James C. Smith, or Miranda Janell, or Justin Zellers, or our new patron Barry, who I'm pretty sure isn't really new, but they told me he's new. So welcome, Barry. On this episode of DTNS, longtime VR skeptic Allison Sheridan tells us why she's finally on board, thanks to the Apple Vision Pro. Plus, CNET tells everyone when it will and will not use AI to write its content and an effort to stop hard drives from going to waste. This is the Daily Tech News for Tuesday, June 6th, 2023 in Los Angeles. I'm Tom Merritt. From lovely Cleveland, Ohio, I'm Rich Straffolino. And this is Allison Sheridan of the PodFeed Podcast. And I'm the show's producer, Roger Chang. Hey, did you hear password manager? One password finally launched its public beta PASCII support? Whoo-hoo! Yay! I know a lot of you were waiting for that. All right, let's see what else is new in the Quick Hits. After filing a lawsuit against Binance on Monday, the U.S. Securities and Exchange Commission, friends call it the SEC, continued its crypto crackdown filing a lawsuit against Coinbase in the southern district of New York. This lawsuit alleges the crypto exchange acted as an unregistered broker across its trading platforms and wallets seems to be becoming a theme here. The SEC is also suing over Coinbase's program that let customers earn a return for participating in proof of stake blockchains, arguing that investors had no protection from loss in those accounts. In a similar move, the Alabama Securities Commission alleged that Coinbase's staking reward system violates Alabama's security laws. Coinbase now has 28 days to show why it should not be ordered to cease and desist from selling unregistered securities in Alabama. Microsoft agreed to pay the U.S. Federal Trade Commission $20 million to settle charges it violated the U.S. Children's Online Privacy Protection Act or COPPA if you're into the whole brevity thing. The FTC alleged that from 2015 to 2020, Microsoft violated COPPA by collecting phone numbers and advertising consent from children setting up an account before it asked them to have a parent finish the setup process. It also allegedly failed to delete the collected information if the parent didn't get around to finishing the setup process, holding onto that data a big no-no. Microsoft has already updated its account creation process to ask for birth date first, so get around that, and then will resolve its data retention policies to keep in line with COPPA. Gigabyte issued a firmware update to resolve that security issue with its motherboards. We told you about that last week, researchers at Eclipseum found Gigabyte's firmware updates lacked proper authentication mechanisms and were downloaded over unencrypted connections, which resulted in the possibility, the potential for man in the middle attacks that could put a backdoor on a system. Gigabyte says the update added verification checks for any firmware updates and that it now uses encrypted HTTPS connections when connecting to a server to download an update. Linda Yackerino tweeted, it happened first day in the books. It's a pretty clear signal she started her new role as Twitter CEO unless she got a new gig over the last four weeks. Elon Musk said on May 11th that Yackerino would start in the role in about six weeks, so it's looking like she started work about two weeks early. Ah, she's not the Yackerino on time. She's the Yackerino early. When Apple releases a new operating system, there are always a few devices that it considers too old, too old to begin the training for the new operating system. Apple doesn't stop providing security updates for those older devices, but they don't get the current OS. So time for the roll call of devices that can't get the next generation of Apple's OS coming this autumn. iPhone 8, 8 plus iPhone 10, 5th gen iPad, first gen 12.9 inch iPad Pro, 2017, 2018 iMac, 2017 MacBook Pro, and the MacBook, the just MacBook. Good news for watch owners though, anything that is running WatchOS 9 will be able to run WatchOS 10. And good news for everybody, apparently Apple is granting everyone access to the developer beta of its iOS, macOS, and WatchOS 17 updates. Just go look at your settings. But of course, installer beware, that is a developer beta. The actual public beta was not supposed to come until July. And who knows, Apple may have pulled that back by the time you hear this, I don't know. Can I throw in one quick yay for the fact that the the iPad mini 5th generation did not get dropped? It's still there. Hey, good for the iPad mini. It survived. It's too fast. They couldn't catch it. All right, let's get to the CNET publication of guidelines, how it will use AI in its stories. If you are unaware, last November, CNET started publishing articles with staff bylines that when you clicked on the staff byline would say this article was generated using automation technology. Futurism wrote a story about the practice on January 11th. A whole backlash ensued. CNET changed how they displayed the disclaimer. Then they said they were going to stop using the AI stuff. Well, now CNET has posted a memo called How We Will Use Artificial Intelligence at CNET. The tool it uses is called Ramp, which is a name for Responsible AI Machine Partner. I would have called it. No, I wouldn't. I see why they dropped the AI out. Never mind. All right. Here's what they said in their post. CNET will not use machine generated images or video as of now, unless they're doing a story about them, then they'll use them as examples, of course, but they're not going to make their own graphics using mid-journey or anything like that. Product reviews and testing will all be done by humans just as it was before. Here's the big one. No story will be written entirely by a machine. They are saying parts of stories may be written by a machine. They gave some examples. They might use tools that sort and analyze data so they can go through larger amounts of data than a human could. Pricing, availability. They talked about doing some geo-location to make that stuff work for you in your location, show you just pricing and availability and stuff like that to create outlines for stories that would suggest where a story would go, analyzing existing text to just kind of give recommendations and things that a writer could use or not, and to generate explanatory material that then would be edited and fact checked, et cetera. How does that make you feel, Allison, to quote Blade Runner? Well, I actually really like this. I think this is just kind of a maturing of how we look at these tools. And what I've become aware of is there's a lot of people who have really good ideas, and they can express them perhaps verbally, but they're not actually great writers. And so the ability to use these tools to help you develop even in your own style to develop what it is you want to say, using AI, I think that's actually a really valuable thing. So instead of having a clumsily written article by someone who actually knows what they're talking about, this can be a better combination. Jill from the Northwoods did a great piece on the Nocella cast with a blog article about it where she does her podcast on the Small Steps podcast. She talks very articulately and has these great podcasts, but she's not a good writer. So she had the AI just create the blog post for her, did use whisper to do the transcript, but then she goes through it by hand. She goes through it and checks it and makes sure it's saying what she wants it to say. And then it creates the opening little blurb for the beginning of before the blog. And it does it really, really well for her. And she's obviously very, very hands on with it. But it was that perfect combination where somebody who speaks well maybe does it right. Well, it can be a good combination. And I think there's nothing wrong with a company like CNET doing something like that as well. As long as like it says it's human interaction with it, I think. Yeah, I really hope the emphasis here then is if you're going to be doing this and part of this was it was like, this will allow us to cover more things, right? If we're not spending human hours doing things like pricing and availability, like doing, like if we can just very quickly have like spec comparisons and stuff like that, that'll allow our writers to be doing this. But I really hope this does is empower its editors and hopefully this leads to them continuing to employ like top tier editorial talent because that's what really puts the onus on here, right? Is to not just to make sure that your facts are in order, but to add that element, that human element of style and of readability and that kind of stuff beyond just this, you know, just the mechanical nature of writing. But like my problem, I guess, with this is like all of this has a loophole that's, you know, that's about the size of Wisconsin that they can drive through because they can update this and they don't have to publish the blog. Okay, that's why I think this is horrible. AP, Bloomberg, Buzzfeed have all been doing machine generated content and haven't had the problem seen it has seen it has these problems because they lost people's trust with the way they were using it. They were using it for SEO optimization. They had a but they had 70 articles about half of them had factual errors. This is not a series of guidelines that says here's what you can expect. This is a series of promises of like, Hey, we might use it for stuff like this, but we promise not to be bad. Frankly, it doesn't I don't care if they use machine tools. All I care is everything was fact checked. Everything was edited. If you used a machine and in part of the generation of it, great. And that I think that all I need is those two things. And they did say that in here. But frankly, this is more of a marketing post than it is a series of journalistic integrity ethics statements. And that's what bothers me about it. I guess I was wrong. I feel terrible now, Tom. No, no, no, that's just me. You don't have to feel terrible. If you still feel good about this, I'm glad. Keep your editors great and it will be great. All right. Well, when you save something to cloud storage, whether that's your AI generated article or anything else, it most likely eventually gets saved to a common old hard drive. Despite increasing drive density and complex technologies like compression and deduplication, data centers still need to use thousands and thousands of these drives to store all of your precious data. Most of the time when they reach an end of warranty, they're just pulled out. Even if they're fully functional, it's not worth them to keep running. They'll just pull them out, put a fresh one in there. Most data centers hire outside firms to destroy these drives and the reason data security concerns, it has sensitive data on it. You don't want that falling into the wrong hands. Well, the BBC's Sean McManus wrote a piece about the circular drive initiative or CDI, which is trying to reduce this e-waste. Well, data security is often cited as the reason for not reusing drives. As Rich just said, CDI Secretary John Michael Hans notes that this is often an overly aggressive risk management strategy. However, Hans notes that IEEE published standards for sanitizing storage last year that provides the way to make drives unreadable without wholesale destruction. Yeah, so I'm fascinated with this. Usually we're always on the side of security, right? Like, yes, trust no one, get your risk as close to zero as possible. Here's a downside of that. If you get your risk as close to zero as possible, it's wasteful and it may be unnecessary. You may be overdoing it. The IEEE stuff that Allison just referred to involved clearing the data. That's where the data is deleted, but you can still recover it, especially if you're only deleting the tables. But even if you're just deleting the data, there's some forensic tools out there that can reconstruct stuff. Purging would be making it not possible to get the data. Either you do a lot of overwrites, 10 or 15 overwrites, or you just delete the encryption key. If the drives are encrypted to begin with, you delete the encryption key. And then if they're properly encrypted, they're gobbledygook and nobody can read them. That to me is the best one. And then the other one is destruction, obviously. If you shred them, sometimes you can still recover bits and pieces, burning them or melting them are really the only way to make sure that nobody's going to get anything off that drive. Ceramic and ball-peen hammer does a real good job, but maybe that's just like shredding. Yeah, it's like shredding though. If there's a little bit of it, they might be able to recover something. Again, when we're talking about getting as close to zero risk as possible, I feel like that encryption key is the solution here. Delete the encryption key and then send that drive off to be wiped and reused. These drives are still very useful. Even when you get past actually reusing the drives, there's heavy metals inside these drives, so if you want to be able to get to that too. Even if you want to melt the platter in a mechanical drive, you could recover a lot of other elements and things that could be reused out of that. That's a great point. And there's a difference here also between risk management or risk avoidance versus security. Because security is all about compromises. There's usually not like a 100% secured, 100% insecure option. It's an entire spectrum of things of being like, here is what is likely to affect me. Here is what is worth our time to investment. Whereas risk management is something on your accounting table that you are accounting for that you can insure against and stuff like that. So that is the difference in how this is being treated. Because I'm sure if you talk to a lot of security professionals, they would, with the right controls in place, obviously you want to make sure that there is a process of handling all this using a trusted vendor or something like that. But there is not a security reason strictly speaking that the vast majority of these can't, maybe in very sensitive industries, defense or something like that. Maybe that would be called for. You're going to have potentially targeted nation states that are going after that. Like you said, Tom, when a disk is shredded, if they want a very specific piece of that platter, that could still have some value to it. But from a security standpoint, the actual risk of these is going down. In fact, we've seen much more security risk from routers getting out that haven't been wiped, that have entire network maps with credentials and stuff like that on them. Those aren't getting destroyed. Those just get sold on eBay. And if people missed it, the reason this is a problem is because a data center doesn't want to use a drive that's out of warranty. The drive may last 15 years past its warranty. But once it's out of its five-year warranty, the data center is like, well, I'm not going to get made whole if that fails. So I'm not going to use it anymore. And then the question becomes, what do you do with it after that? And if it's still a perfectly good hard drive with lots of life left into it, Backblaze says that drive failure rates for these drives after 60 months in service range from 0.41% up to 5.27%. But for some non-critical uses, that's even tolerable. Yeah. And in a lot of cases with these refurbished drives, those are coming with warranties from that company anyway. So as an individual, one, you are not putting the same amount of strain. I mean, if you're putting this in your NAS, maybe you are putting it under a ton of strain. But for a lot of consumer use cases where you're writing to it in bursts, not constantly for surveillance or NAS work or something like that, you are not putting nearly the strain on a mechanical hard drive that you would be if you were a hyperscale data center or something like that too. Yeah. So circular drive initiative is doing a good thing here, which is providing some pressure to do the right thing. Because I get where if there's no benefit to reusing the drive, destroying it, it fulfills your risk management strategy and keeps your security level close to zero risk, I get why you would do it. So there needs to be a little push from the other end to say like, Hey, but you don't need to do that. Let's give you some motivation there. Folks, if you have thoughts about this, maybe you work in a data center and you're like, Hey, but there's one other thing you need to consider. Let us know in our Discord. You can join that by linking to a Patreon account. Just go sign up at patreon.com slash D T N S. Hey, did you hear there was an Apple announcement yesterday? Really? Yeah. It was mostly about MacBooks from what I understand, but they also announced this there were some desktops too. Yeah, but they also announced this Vision Pro mixed reality headset. Did you hear about this? Yeah. Well, the first round of journalists have now reported on their impressions of the headset after a quick test drive overseen by Apple. They didn't get to take the thing home yet. The overall reaction seems to be it is a solid piece of hardware and Apple has made great strides in the engineering. Eli Patel over at the Verge had a pretty representative evaluation. He says Apple seems to have solved some of the trickiest hardware interaction problems with VR headsets, motion control, latency, things like that. A lot of the things it does are no different than what the Quest does, but this does them very well. It has not answered what the Vision Pro is for yet. None of these people who took it for a test drive had any more insights on that. The Verges Tom Warren actually wondered what makes it a pro at all given that most of Apple's examples showed home use and consumption and pro is usually for business use and creation. Further clouding the picture is the news that the Verge reports Apple just acquired a company called Mira. Mira makes AR headsets for the US military as well as the Mario Kart ride at Nintendo World if you've done that. So I don't know if this means Apple's gonna make some specialty hardware for amusement parks and armies. I have no idea. Allison, we know what the headset is now. We got a fair idea of what it can do. You have been very skeptical about VR. Do you want this? So my skepticism about VR specifically as opposed to AR has been that I don't see what problems it solves. And what I saw yesterday to me solved a lot of problems and more in the AR space than the VR space. And I don't need it to be perfect. I don't need the headset to be light. I don't need it to be perfect vision, the sound. All of those things are technical problems that will work their way out. What I've been having my issue with is why. Why are we so excited about this? What I saw yesterday though was a combination of things that like you said there's pieces of this that have been in other other headsets. Probably the single biggest thing I was excited about was being able to sit down, plug it into my Mac where by the way you don't need to use the battery pack because you're plugged into the Mac and gets power there. And all of a sudden I've got a 75 inch monitor or I've got spaces open. So I've got two giant displays in front of me and I've got the space that I've always wanted. Everybody wants a bigger display, but they're very expensive. And of course this costs a fortune, but let's let's set price aside for that. The ability to see a giant display when you're maybe you're stuck in a little tiny cubicle. The fact that they did these demos in somebody's living room, that doesn't matter at all. They were doing real work. They were doing presentations. They were doing FaceTime videos or Zoom calls, that sort of thing with the headset. And those are businessy things. I mean we do it for fun too. But I felt like all of these pieces started to come together that were more of solving real problems. Now like I said, I don't need it to be light. I don't need it to be perfect. Technically it did need to be perfect. I am dubious of my ability and anyone else's ability to look directly at say the notes icon floating in space in front of me and then tap my fingers just once, not twice, to open it and have it move out into a separate window. I heard a lot of people, I think you guys said it on the show yesterday, was, oh well, Apple will do this really well. But how many times have your fingers kind of double tapped? That is one of the things I addressed in his review, which is like, yeah, he's like, that worked really well. It worked better than any other demo he has seen, where he could have his finger down on the sides and click them. And Apple's hardware still noticed it, knew it was a click. And the predictiveness of where you're looking and it knowing what you meant. One of the things he said he audibly gasped about was that he started talking to a person and it knew he was looking and talking at that person and made them appear. Because that was a question Steve and I were having was, was how would you be switching back and forth between being able to see people in real life? Yeah, one of my complaints about the headsets is you're isolating yourself from your family. If you're home alone in your own house and nobody else is around, that's great or you're on an airplane and you don't want to be with any other people. But how does it work when you're with other people? And that that's why it is important to have that high resolution screen and that low latency pass through because it allows you to just see the world around you normally. Because Allison, what you are describing is like the dream of the hollow lens. Like, I mean, I remember the first time I saw that demo, I remember I was I was working at a desk job and I was in an office and I was and I had two terrible low res monitors and all I could think of when I saw that hollow lens demo, I was like, yes, I can have these two giant virtual monitors. This makes perfect sense. We can if we're all wearing these, then we can have like shared displays that we can all see and all interact with. And this is the dream of that where it's like, okay, they figured like someone figured out, okay, here's how we can do a very immersive field of view. We'll like just go so overkill on the resolution that even though you're looking at a subset of that 4k panel, it probably works out to about 1080p. That's good enough for for like a lot of of those use cases. But it's like that to me, this is why this feels almost like this almost feels like the first gen Apple watch where it was like, okay, we figured out the platform like we figured out. We're figuring out like the paradigms with which we are going to interact with this new product. We kind of don't know how the software is going to work out. Here's like I message from your Mac in a little virtual window. That to me is not convincing. But I also know in gen three, there's going to be a totally they're going to revamp that concept totally when they like figure out the the sort like the software elements of that. But like, you know, the like this is like the tapping and stuff like that being very reliable. I am not surprised that Apple has that figured out. It kind of reflects what we've heard from Mark German and others of Apple saying like, we don't have the killer app. But we like Apple knows how to make a good consumer product that other than Siri, that works reliably. Yeah, and I think you're right nailing it on the head. And that's why I don't I'm saying I don't even care about the hardware details all that much. It's it's the vision of what it can do and how it can do that. But do you need $3,500 of machine to do what you're talking about? Like it if you're just plugging it into a MacBook, you don't need to have all of that hardware that's running apps and everything. So that's just the one piece that I talked about that excited me. It's a lot more than that. Obviously, it's okay, but you're also excited about some of the other stuff. Oh, yeah, all of the things that it can do the home theater. And I mean, I want Mickey Mouse running around on my desktop than anybody. And that's that's obvious. That's worth the $3,500. But I really again, I want to set aside the $3,500 that that's going to work itself out the the hardware details, they're going to get better over time. And they have been getting better and better. And they're not, you know, maybe they're not perfect yet. I did want to say one hardware thing Lauren Good did a review of her experience with it. And she said when she took the headset off, her face felt cool, which is a huge thing, not sweaty. However, she said her face was very tired. And I think that's something, you know, that as the goggles evolve into something lighter and easier and and maybe this new company that they bought that does the heads up displays for the for the military might help with that. But those things can all those can all work themselves out is they have a vision of things that wasn't I'm going to play games. And that's it or I'm going to do exercise. And that's it. In fact, it wasn't even about running around the room. They're not the first one to show using a headset as a monitor. Facebook meta meta did that too. Yeah, sure. It's all the pieces together. Yeah. A couple of couple of notes here to add before we we move off of this in case you didn't hear it because they weren't in the in the announcement yesterday, the Zeiss lens for corrective vision will be sold separately. So on top of your $3,500, if you want to have those corrective lenses in there, you're going to have to buy those separately. And when you want to plug it into power, you plug the battery pack into a USB C adapter into the power. So when when Allison wants to plug it into a Mac, that that's how that works. All right. Well, one of the notable things not mentioned though, by Apple in its Vision Pro announcement was the metaverse, the old metaverse. Well, Bandai Namco walks where Apple fears to tread. The toy company announced the Tamagotchi Uni, its latest virtual pet gadget. The device looks like the Tamagotchi you're probably thinking of. And then it connect to Wi-Fi, letting owners play together in various online venues called the Tomaverse. And in case that's too subtle, Bandai Namco said it's the metaverse of the Tamagotchi world. While these devices connect online, there are no direct player-to-player chat options. So you're it's not like a chat client or anything like that. The Uni also includes a wristband, so you can wear it as a conversation starter and presumably as a watch. It's available for $60 shipping July 15th. See, now this is why you listen to the Daily Tech News show because everybody else is missing the lead story here, right? Because they're off talking about Apple. This is the stuff we need to know. Finally arrived. And Tamagotchi is the one. I just want to configure Wi-Fi settings on the Tamagotchi screen. That sounds like a double life. People are very excited about the fact that this has Wi-Fi. I looked at some subreddits and the fact that it's got Wi-Fi in it is the big revelation. And if you don't know, Tamagotchi kind of had a comeback in 2004, I think, and it's been going strong ever since. So yeah, it's not just for the 90s anymore. Tamagotchi Uni. But when do we get a Tamagotchi young? I don't know. Let's check out the mail. Well, on-device security is much better for privacy, but that doesn't mean it's perfect. With all of Apple's talk about processing data on-device, that's kind of their whole thing. Technomanche, aka Marquet from Nova, put forth a couple of examples where on-device means less convenient. He cites Google's now playing feature. That can identify songs around you and that keeps a record of that. Mark writes, I discovered that there is no method of transferring this data from device to device. I was hoping this was resolved by the time I upgraded to the Pixel 7. No luck. Now I have two pixels, a 3A and a 5A, with almost two years each of now playing data. That's not recoverable. And then he was also talking about Google Wallet on-device cards, and Mark's local metro system requires the cards to be tied to a device. But Mark says, unfortunately, when my Pixel 5A screen died, there was no way to disassociate that card from that device. Basically, the local transit authority support team told him that he would need to add a new card to a new device, transfer the ballot to the new card, and then disable the old card. So the old security versus convenience, very much on display there. Sorry, Technomanche. Neither one of these are disastrous, but it does show that security, again, two times in this episode, security does cause there to be other problems. There is a balance there. I feel like with the transit authority, that's like if you lose your card, you're going to have to transfer the balance. It's essentially what happened when the 5A screen died. I mean, I hope their Starbucks card transferred. I hope that was okay. Well, the rewards. Let's forget the money. The stars. Yeah, that's all kept in the cloud insecurely though. That won't get hacked in five minutes anyway. Don't worry about it. Big thanks to Allison Sheridan for being here as always, Allison. What you got going on these days? Well, I am proud of you for not mocking me too much for all the times I've said that VR is stupid. We did once point out that VR was stupid until Apple did it, and someone with a slight Apple bias now likes it. But yes. It's amazing now. Well, this afternoon, I have scheduled to have basically what is possibly the interview of a lifetime on Chitchat Across the Pond, but I'm not going to tell you who it's with. I've been trying to arrange this for a year and a half, and it's supposed to happen today at five o'clock. It should be published today. If it doesn't, you're just going to hear the sounds of sobbing. But if I can pull this off, this is going to be amazing. So keep an eye out for my podcast, Chitchat Across the Pond Lite, which will possibly have an amazing interview today. We expect an award-winning episode. I can't wait. I hope so. Patrons stick around for the extended show Good Day Internet. We're going to be talking about Apple news coming for the New York Times, where it lives, crossword puzzles. Apple, what are you doing? Remember, though, you can catch the show live Monday through Friday at 4 p.m. Eastern, 2100 UTC. And if you desire to find out more, you can do so at dailytechnewshow.com slash live. We shall return tomorrow with Scott Johnson. See you then.