 Well, I still do that. I'm you know, maybe that's maybe that's why I'm I'm dying of dying So, I mean, you know, it's like it's around Well, you have kids you're gonna have kids too. You're not gonna give her cocoa puffs ever You know, I got I got in the bandwagon when they brought back Boo-Berry and Count Chocula. Oh, yeah, those are all suck Like these aren't they do suck now They they're not as good as they were when you were a kid They have that they have that weird corn syrup be where they taste real good But then it just has a steep like off the cliff like that doesn't taste good anymore Yeah, it's not as good as they used to be They're not as good as they used to be and especially as you get older you're gonna your billy your ability to taste subtle Differences and all that goes out the window, but like yeah, I'm ridiculous if I Love donuts. I honestly do love donuts. Donuts are never you know what? I never liked with sugar corn pops Oh, I hated those sugar corn pops. They taste like sugar bear. You mean you mean? Yeah, with sugar bear was the was the yeah, those aren't great. Those aren't great What about just corn pops, you know, the yellow ones, right? Yeah. No, those were great No, I don't like them anymore. They just taste like Styrofoam to me now, but Well, if you if you got like the the the six, you know, you remember they used to have those six bundle of of Serial the little box cereal. Yeah, right those those were the ones the cocoa puffs for always not not the cocoa It's the cocoa pops were always the first ones to go You were always upset because they would always throw in one of those just plain corn flakes Like it's the one it's the one six I would eat those before the sugar corn pops really the special K Yeah, you did you take the special K over because all the other ones were special and you look forward to this is the one It's like alright. I just get another way first my sister over the cocoa Krispies Cocoa Krispies. I think they're only two's okay. I'll admit they're only two serious. I really really hankered for one was Fruit loops and the other one was Not kept in crunch It was like cinnamon toast crunch but not a cinnamon mini was that oh waffle crisp Have you ever had waffle crisp? Oh, I've heard of that. Did I ever have that? That's good I can't remember if I ever had it though. I don't even know if they make it anymore. Yeah quisp What's your favorite donut just out of curiosity? I like an old-fashioned. Oh, so do I but I like old-fashioned with chocolate Chocolate ice rings. Yep. Same here chocolate ice rings. That's filled. I like filled ones But either jelly or custard custard jelly custard, but I also jelly's real close See The powdered sugar is like a no-go again. Yeah, they can it depends on the place too custard is only good in the maple bars All right, here we go. You guys ready? We're not done talking about this. Sorry. We have important donuts to talk about Tom. We can't do this techno show I'm fly. All right. All right, so no face, right? I'm doing the screens. Yeah, that's that's your call. Okay. That's fine. Here we go Daily tech news show is powered by its audience not outside organizations to find out more head to daily tech news show comm slash support This is the Daily Tech news for Friday August 19th 2016 I'm Tom Merritt joining me today Roger Chang Producer of the Daily Tech news show filling in Darren kitchen got called away at the last minute unfortunately So Roger's gonna be here with us today. How are you Roger? I'm good I do not have my face because I'm doing the screens for anyone who's watching on the street He didn't have time to put on his face before the show if you're watching the video if you're watching the audio You would you would never have guessed also with us Len Peralta is back from a vacation and some conferences and ready to illustrate Yes, two weeks gone. It was my longest time gone off this show But thank you so much in Indianapolis in Michigan, and I'm ready to do some some great arts for you guys Well, we tried to make the hardest That's good, you know, I was happy to see this today's top story So a little later in the show Dan Tentler founder of Phobos Group is gonna join us to help explain man in the middle attacks in relation to some hacker tools that have been revealed Not only from the leak we talked about earlier in the week But also by some confirmation and some student documents that the intercept had access to Just coming in right before the show Google is ending support for Chrome apps on Windows Mac OS and Linux Although they'll remain for the time being on Chrome OS. Here are some more top stories 30 technology companies are partnering in a US FCC plan to combat Robocalls this is for those not in the United States is not when a robot calls you It's their automatically dialed calls often pre-recorded companies include telephone service providers like AT&T Comcast and Verizon along with phone providers like Apple and Google the robocall strike force Held its first meeting Friday really should be about robots to be honest with that name among the goals are collar ID verification standards a do not Originate list so the do not call list says you shouldn't call these numbers The do not originate list says if a carrier sees that a number is being spoofed of a government agency or a bank You wouldn't let the call start because a lot of people will spoof the numbers group will make its first report on October 19th This is something that ironically are actually coincidentally enough has been plaguing me for the past Three months like I'm getting these weird robocalls. I'm not sure if anyone else does Literally I pick up the phone and I know it's a 1,800 number and I should pick it up But it's like hello, and there's nothing that happens for 10 seconds So I hang on home warranty is about to expire Well, I've gotten those two like you know your your home warranty. It's like listen. I'm a renter I doubt I have a home warranty right now Or I get something with a very vague Like oh, what is it solar panels? That's the other one. I get a lot of solar panels It's really obnoxious, and it's like please don't call me again And that was the whole thing about the do not call list And after pretty sure we were talking about now. I know why they still call me Even though I've told them not to but they're just breaking the rules basically But now they do robocalls where you know It's a machine that calls and you don't pick up I hang up and then I have a voicemail of this thing Yeah, I think this is a good plan I think a lot of people will like the way the US the FCC is going about this because They are convening the people Responsible for the phone calls from end to end the carriers and the devices that you use to say hey Come up with a solution rather than just imposing some kind of regulation that may or may not work And you know really regulation wise I think it's all there really It's the mechanism the implementation that these companies as well as the the federal government Will use in order to kind of sift through this because you don't want to block legitimate calls Yeah, exactly like Randall Stevenson from AT&T said exactly that He's like you have people following the rules and they should be able to use the system since they're following it I Wait with bated breath and I hope that they come to something because at some point It's just obnoxious Wall Street Journal reports Pandora is signing deals with record companies to launch a $10 a month on-demand Streaming tier with unlimited access to songs on the platform. Remember Pandora bought Ardeo's remains a while back So this may be the resurfacing of that Pandora has a current $5 a month ad-free Pandora 1 radio tier that's also going to get some new features like allowing you more skips and allowing offline listening The new plans are expected to launch sometime in September Yeah, I mean for the longest time people have always people been wondering like what's Pandora up to? I mean like not growing. I mean are they just kind of floating along with this giant wave of Streaming radio services and unlike like Spotify where you can kind of pick like you know with this particular artist Pandora has always initially has always been about cultivating and curating like a genre or style of music and they would and you know what they used to Flog was the fact that they had a Intelligent system that would yeah the music genome projects the music genome project. So and you know I have to admit it was something that I was very attracted to where you would find music that you may have not ever listened to But you would enjoy based on your history of of style of music you're listening So so I'm very curious to see if this is a an actual shift away from that That core concept of the business and moving out into a generic like we're gonna be another streaming radio Yeah, I wonder if this is Pandora sort of giving up saying you can't survive or we can't survive Just being a customizable radio Maybe if we can get the record industry a little more money from a sales based or at least a rental base $10 a month based system that they'll let us do a few more cool things on the radio side Then they would under the current licensing scheme remember Pandora just pays a mechanical royalty like a radio station would I'll be it online So they have to pay more money than an over-the-air radio station would over the air radio station is exempted from paying any kind Of copyright license whereas online they they have to and that's when Pandora is complained for years Is we can't make enough money to sustain the company if we have to pay those royalty rates So this may be either hedging that bets or starting to admit that a radio Station just doesn't make enough money. Like I said, they've had stagnant revenue and You know, I mean outside of the peer monetary aspect. I'm wondering if this will solidify Existing popular artists and where do you go to find new and upcoming Bands that you have never heard of that no one's ever spotified as they have their discover weekly and now this new radar List that's that's trying to expose you to new things. Well, no, I that's exact. I'm like Where does Pandora go like in order to do that? Do they just continue with their existing model? Which seems like yeah, like maybe the original Pandora that we've come to know just becomes its own discover weekly for a Pandora streaming service on Thursday in federal district court for the Northern California District Judge Edward M. Chen overturned an April class action lawsuit Settlement between uber and a class of drivers. We talked about this settlement when it was originally agreed to by both parties It's the one that creates a drivers Association. It allows the uber drivers in Massachusetts in California to acknowledge that they would like to have tips the judge Rejected the settlement even though both sides agreed because it's a hundred million dollars Although it's really only eighty four million dollars guaranteed another sixteen million is dependent on Ubers performance as a stock and the judge said that's going to I'm only going to consider the eighty four million That's going to represent only zero point one percent of the potential full verdict value for the case Which the judge said is quote not fair adequate and reasonable lawsuit regards the classification of uber drivers as whether they should be employees or Contractors the objection to the settlement was brought by a group of two hundred uber drivers. Now. There's four hundred thousand in the class 200 brought an objection with the assistance of the National Taxi Workers Alliance drivers attorney Shannon list Reardon says a revised settlement may yet be reached But she's willing to go to court if she has to Yeah, you know uber uber has been in the position of forgive the pun a little bit in the driver's seat when it came to a lot of this stuff and I think what we now see is kind of the a Collected push a collective pushback before it was here and there was either one municipality or one Taxi or or livery Organization against him now. It's kind of like oh, let's let's combine our collective interest together. It's very interesting because You know will uber be remembered as the business that started this whole kind of ride-sharing thing or will they be considered like you From the from the prism of history or will they be considered the watershed moment where how the the ride-sharing markets finally got A set of rules and they got, you know standardized things. I think it doesn't have to be an either or I think uber Maybe it definitely will be remembered as starting the ride-sharing movement Also will probably be remembered as the company that inspired the rules about contractors and employees in this new sort of gig as They call it the gig economy where you you don't sign up for a 40-hour a week job But should you still be treated like an employee and that's that's what's going on here? I have a feeling That uber will just agree to more money to end this case because they the last thing they want is a court to decide That all of these drivers are employees and if they can get a settlement with more money Then and get the judge to sign off on it. They'd much rather do that But do I mean I what do you doesn't that just kick the can down the road? Like we'll at some point eventually they will have to make Well, the the other thing uber is doing is lobbying Congress If they can get a legislation passed at some point, which is going to take a long time that clarifies that these are not employees They're contractors if they can do that Then they want to kick the can down the road until they get that taken care of Can kicking. Yeah, so much can kicking Brad Sam's at therat.com notes that many people have reported their webcams stopped working with the windows 10 anniversary update And there's a reason for that apparently windows stopped allowing MJ peg or h264 encoded streams on the windows 10 anniversary update only allowing why you why to encoding? Microsoft did this with good reason They wanted to stop duplication of encoding streams in some of the new scenarios that windows uses But it had the unintended effect of causing a webcam that tries to use MJ peg or h264 to freeze after about a minute Mike M of windows camera team says a fix is coming in September Microsoft has not issued its own workaround But if you're comfortable editing the registry Raphael Rivera has a workaround on his Twitter feed at within Raphael and Brad Sam's also has Raphael's fix in the therat.com article, which we'll have in our show notes. Cool. It's it is sort of a legacy effective you know when webcams were new and everyone was trying to figure out the most effective way of Transporting that data from your camera out to the internet and all that and what form factor format should we use? It's it's interesting. I mean it's Essentially, they're they're dealing with what a decade plus worth of Different solutions and they said, oh, you know, maybe we don't need five different encoders running parallel While they were where you're trying to rinse Skype And it's interesting because I wonder because This is not unusual when although not directly related actually not even directly related When they came out with Windows Vista, they literally killed the whole concept of having accelerated hardware accelerated audio by pulling it out of the kernel stack and The the short end of that was that you didn't need to buy a fancy sound card to get any benefits from it And the downside was there are all these people's legacy hardware. It's like, well, how am I gonna get all these really cool like 3d effects that I paid money for back in like 2004 is like one, you know, and that's a while and at some point You do kind of have to cut off some of these solutions Sounds like Microsoft underestimated the amount of people out there using Logitech C920s at H.264 encoding and and now they've been put on their back foot Of like, oh, we thought we could just not support them and they would quiet down and go away and that's not happening You know, I think I think a lot of it must be just kind of Apple envy because Apple can kind of seem to do that It's like, you know, we're moving processors will give you a bridging solution I think Microsoft is envious of Apple's arrogance Is that what you're trying to say? I would say arrogance, but they're I would say they're They're they're probably less frictionable. Yeah, maybe arrogance is too loaded of a word but apples sort of Ability to just do what they want and damn the consequences Bloomberg's Mark Gurman report sources tell him by the way that Apple has not been able to add data connections to its watches Because it can't get the battery life at once now they could put the data connection in there It's not technically impossible. In fact, lots of Android watches are coming out with data connections but it doesn't give enough they've not been able to ensure enough battery life to Satisfy Apple engineers, so they're still studying low-power cellular data chips New Apple watches are still expected this year, but they would just integrate GPS They wouldn't at this point integrate any kind of data connections I Don't know. I mean this is Kind of shoe horning in the the smartphone aspect of a smartphone into a watch necessarily the most oh, yeah, no, I absolutely want I I Tried an Apple watch for a month and one of the biggest Complaints was I have to have my phone around to use it So I definitely want the data connection in there, but yes I also want the watch to last for days because it's a watch I don't want to have to like be out halfway through a day and go. Oh wait my watch died. I have to recharge. I Forsee the solution being kind of so remember when they had the self-winding watches and those things were like Oh my god That's you know most creative use of technology they have the whole research going into bio Biogenerated electricity where you can just walk and generate power you do that and just Cramming into a watch or maybe you have to wear a pad on your skin in two places You can generate enough electricity from say like a jogging like a Two-hour jogging stretch that you could conceivably at least keep you know the watch charged longer than it would have been if You didn't that's a cool idea The other thing might be just a better battery now We said Apple is working on low power cellular data chips Rogers got another interesting idea that I know some people are working on MIT news Reports that lithium metal batteries developed by solid energy can deliver the same energy as lithium ion batteries at half the size So and apparently the way it works that also means that you can have double the battery life at Equivalent size new batteries use lithium metal instead of carbon for the anode Solid energy CEO Keech how who and team solved the overheating problem that plagued previous lithium metal batteries by coating the anode With a solid electrolyte that functions at room temperature and doesn't create some harmful filaments the filaments would kind of build up They they called them dendrites because they look like oh, yes I remember those those are an issue with was it nickel metal high-trade Yeah, they used to be an issue with that as well and they they would cause overheating that could maybe a fire risk And so they figured out how to stop those from building up and not only that but this is a one of those rare battery technologies Roger where we'll actually get to see it solid energy plans to launch batteries for drones by the end of the year They want to have battery cells for smartphones and other electronics in 2017 and they want to bring electric vehicle batteries in 2018 which if that happens could double the range of your electric vehicle That would be awesome. I mean People may not be aware one of the biggest issues with battery technology was the heat generation I mean, that's just a consequence, especially when you're drawing a current and one of the The huge kind of seismic shifts that Tesla did was with the battery was Let's not just create one large battery that you have to pull from one point and have a single anode and cathode We'll build an array of very small batteries so we can pull a much larger Current from it without necessarily having the same heat issues and of course fire risks that you get so if they if they can Follow through on this and make a commercially viable product I know that's it works in the lab, but a commercially viable product I think we could definitely see this in cars within a year or two years afterwards Yeah, I mean huge that could be that could be really huge someone without a username in the chat room says I'll believe it when I can buy it We'll know by the end of the year whether you can buy it That is the shortest timeline I've ever seen in one of these these battery technology stories yet. So fingers crossed Thanks to all those who participate in our subreddit You can submit stories and vote on them at daily tech news show dot reddit calm We had PC guy eighty eight and eighty eighty eight in there another Jay Martin AJC 87 ICU SP Sheridan three one three C seven and more join them and vote at daily tech news show dot reddit calm and that is a look at the top stories All right, so as I mentioned at the top of the show the intercept has a story out today Where it is comparing The hacking tools that were leaked online Monday with some NSA documents leaked by Edward Snowden They found an NSA manual in the Stoden documents for implanting software that describes a 16 character string That is needed to use if you want to track your second date Implementation second date is the name of a hacker tool that the NSA Delineates in its manual the tracking prevented re-exploitation from a target hitting the back button That code that is described in the manual shows up in 14 files in leaked tools Including a leaked tool from Monday called second date 302 one dot exe So this would be the first leak of an NSA tool to the public to the general public Second date was allegedly according to the documents used against Pakistan's National Telecommunications Corporation VIP division and a Lebanese ISP In the 31-page document titled the Fox acid SOP for operational management second date is described as a component of something called bad decision Which is an infiltration tool that acts as a man in the middle attack on 802 dot 11 wireless So will essentially trick your browser into thinking it's connected to a safe website While redirecting the payload to a fox acid server that delivers a bunch of malware and that malware can then be exploited down the road Joining us to explain a little bit about how this might work Dan Tentler founder of Phobos Group is on the line How are you doing Dan? I'm doing not bad. How are you? Thank you so much for stepping in and helping explain this So second date sounds like a typical man in the middle attack. How how do those work? So and It's pretty straightforward If you can imagine Your typical connection. Let's just say You live in an apartment and you have a laptop and your laptop talks to your call it the links is or d-link wireless router And that wireless router is connected to your cable modem your DSL modem and then that takes you out to the internet Those devices the the links is or the d-link and the cable modem Those are we call them infrastructure devices and they were there they are what allow you to get to the internet and do all The things that you do when you're on the internet If somebody were to say gain control of one That would make them quite literally the man in the middle They are physically between you and the internet that you so desperately desire That being the case there's a lot of ways to mess with that traffic to mess with that connection and to do things That are very shady So in this particular case from what I've been able to read the modus operandi of the NSA in this case is very similar to your typical pen tester to You know to your 15 year old kid who just figured out what a pineapple was and took it to a coffee shop That sort of thing right yeah, yeah one of those right? It's literally that except spit-shined and polished by the NSA with all of their funding on and all of their devs by the sounds of it From what I've been able to grok reading this documentation the last couple days The NSA has has invested significant time in finding browser odys which are their top tier Problems I mean problems to be exploited for the purpose of gaining access to other people's computers There's a conference called Ponte or I'm sorry Kansak West and during Kansak West There's a contest called Ponte owned where some of the biggest prizes that people walk away with which is either hundreds of thousands And I think sometimes millions of dollars I forget that they're huge bounties, but if you can find Ode in Firefox and Chrome you're walking away with you know a a Basically a condo on the beach in Santa Monica like yeah Would you say Ode you're referring to zero-day exploits which exploits that nobody knew about until the day they were discovered correct? Sorry, that's my my yeah, no worries. No worries, right? Hey, but yeah, I'm previously undisclosed currently unknown exploits that are exploiting vulnerabilities that only the NSA knows about it has been Suspected that they have what's called a fuzz farm Which is if you're familiar with the term fuzzing which is effectively throwing random garbage at stuff until it breaks and then seeing how it breaks And then trying to turn those break points into buffer overflows stat You know heap overflows and all sorts of stuff to try and Have functional working exploits They have their own the presumption is they have their own fuzz farm and they just sit in fuzz browsers And when they find problems in the Tor browser or in chrome or an IE or what have you they just hang on to those and then based on what we've read about Fox acid Fox acid seems like the NSA's version of Metasploits browser auto-pwn which is basically if you can get though the page that somebody is visiting To load one line of JavaScript which tells the browser. Hey, you should look at this JavaScript over here from the other server Which the pineapple is capable of doing this at the device you just showed on camera You can do this with that device. All you need to do is intercept HTML and inject one line of text to say hey go over to that server and load that JavaScript So in the case of us civilian types that don't have access to the NSA goodies. It would be something like Browser auto-pwn out of Metasploit and I say has their own much more interesting version of that and for all intents and purposes This thing just compromises the browser and gives them access to the computer So essentially what's happening is you don't notice anything because CNN comm loads like it normally would but Fox acid is putting in that JavaScript Which then injects a bunch of malware that is being put on your machine while you're just reading the latest story from CNN And you don't notice the thing correct Now is second date then the thing that is injecting the JavaScript? I think second date is the is the they have a so the pineapple actually It seems like different components of of what they're describing a lot of which are sort of there's little Fisher price babies first hacks version of it that live in that in the pineapple The pineapple is capable of doing what's called a deauthentication attack Which will take a machine and knock it off the network and then the idea is you try to Intercept the machine that you've just knocked off the network with the pineapple making you the man in the middle So what it seems like second date does it's a little vague It doesn't outwardly describe it but based on the operational documentation. We've seen it seems like second date is a combination of hardware and software that the NSA is using to effectively do exactly the same thing as the pineapple to Deauthenticate a target from the wireless network to have it authenticate to it and or Either that or break into the wireless network and gain access to the network at which point you can do Arp man in the middle or other types of man in the middle attacks that would allow you to gain control of that connection to then subsequently inject text into browsing sessions Now one last thing before we let you go Snowden has been commenting on this and said NSA lurks on systems controlled by others all the time They're supposed to clean up after themselves if they use a compromised server Maybe somebody didn't and that's how these tools I got out there rather than someone actually hacking into the NSA He wrote NSA malware staging servers getting hacked by a rival is not new a rival Publicly demonstrating they have done so is and that's I think what's grabbing the headlines is this Cut this organization putting these tools out on the internet on Monday. What do you think the? Upshot of them doing that would be does does it give a lot of tools to people who other would lies wouldn't have them or are these just kind of Older 2013 era versions of things that are already out there Okay, so let me let me try and hit all your talking points. Okay. I'll go backwards Are these new well for the NSA not so much because some of the dates in these files are from 2010 So these things are six years old However, just because the NSA has had it for six years doesn't mean the rest of the world even was aware that that these existed Um Cisco crapped a diamond on Monday when this stuff was released because they had absolutely no idea that SNMP was being used to exploit Cisco equipment and That this has been an active use exploit for you know, probably six or more years So as far as you know, the rest of the world is concerned. This is new to us It's not new to the NSA, but it's definitely new to us And in terms of is it plausible that an operator just left their stuff on somebody else's machine? That seems like the most likely scenario I presume that You know if they're talking about hacked servers Then the presumption is they are doing what your typical black hat would do is they're gonna find some server somewhere some website with a Wordpress 1.0 Installation that's riddled with vulnerabilities that never gets updated with a person that never looks at their logs And their password is password one two three and they're gonna say oh this is nice And they're gonna set up shop there on that person's blog and that blog becomes a fox acid server So what they do is they man the middle somebody and they redirect the browser in the background using JavaScript to go hit that fox acid server and bam You have an a they call it whacked a whacked computer and now that computer is effectively part of their botnet For lack of a better term and not necessarily saying that the NSA is using all their compromised machines to conduct Additional attacks, but sure that's that's the first step to having a botnet you hack a bunch of machines And you have them all phone home to the same command and controls servers So so it seems like that's probably what happened It seems like though that this is pretty significant that these tools are out there for people to use that They wouldn't have been able to use otherwise there and like you say in cases like Cisco Maybe there's even a positive aspect where they are now patching of older ability. They didn't know existed. I don't know Yeah that and to that end it's an interesting point is that when we had no idea what the NSA was doing It was all we would perceive, you know, we're groomed by Hollywood right to understand that what we don't understand has to be Magical and like black magic wizardry and there's cloak and daggers and like You know your typical sort of Hollywood ask stuff and then you see a leak like this come out and say oh Like their ops people are doing exactly what we do on pentest gigs like almost to the letter Yeah, just call it different things and they have their own custom tools, but operationally they have C2's they use the same They mean they have their own version of browser auto-pwn The way that they conduct themselves based on this document is very similar to like your typical pentest chop like wow That's it sort of it it takes away that it demystifies the NSA it makes them Like they're just a government institution that does what? Pentester types do they just have different people they target and they obviously bend slash break the rules Typically on the pentester, you know attack sim inside of the house We're not allowed to just go and hack some random blog and use it as a staging server for our malware during assessments Do as they say not as they do. Yeah pretty much. Yeah Well Dan, thank you so much for joining us and giving us some insight in that that's extremely interesting and very helpful Dan is the founder of the Phobos group as I mentioned Phobos I owe anything to tell people about before we let you go Sure, so Phobos group is basically well the easiest way to describe it is to ask have you heard? Did you hear what happened to Sony pictures? We'll say yes. Oh my god. I remember and I say that's what we do. That's exactly we do what's called attack simulation So some shops are the help their clients with compliance some shops do vulnerability assessments We actually be bad guys and we show your staff and your blue teams What it's like when a real bad guy decides they want to get into your stuff not what a pentester is going to do But we're real bad guys going to do so so you you you act like the bad guys Without restraint but in service of letting people figure out how to stop that word to really happen Right, so like one of our last clients was a power company and they and they said we want you to shut off one of our Power plants so we did wow that first of all bold move on their part to say yes We want to do that and and and and really for those freaking out in the audience Crazy good that you were able to do it because now they'll figure out how to stop someone from doing it that way Right and now the incident response people know what it feels like to get that five in the morning phone call Where it's before they never have before and now there's a whole bunch of stuff happening in terms of eyes being opened And now there's an incident response plan And now they have an idea of what to do if somebody goes in and shuts off all the breakers of solar plant so a lot of learning experience because most businesses are very apprehensive at the idea of and What other places would call like conducting a disaster recovery drill which is shutting off all your Production systems and seeing if the disaster recovery side of things actually turns on wow excellent If people want to find out more about what you do What's the best way to get get a hold of you follow you find you on the internet? So I'm this on Twitter vi SS and the website is phobos.io phobos.io I'm online all the time come find me and say hello. All right. Thank you again, Dan I really appreciate having you on the show. It's been a good. It's been a great time. Um, I'll be I'd love to come back Someday. All right. Go attack something. Have fun. Thanks. I'll talk to you soon Let's get to our pick of the day from Mark in Detroit, Michigan Who said I'd like to suggest a podcast called song Exploder if you like music and want to know how songs are made it can be very enlightening recently They did the Bojack Horseman theme song and a while ago. They did the theme to Game of Thrones good stuff I've heard of song exploder, but I've never listened to it and essentially I guess they just do a breakdown Roger Where they like go through the song and explain all of the pieces of it musically Which is something I think is super cool because For example, you've seen a lot of something similar when people break down the special effects Sequence in a movie like this is what they did. This is these are the various elements But people really never done it with music and it's actually really cool to just to know That there are people willing to kind of present that because like like any good art You know music is a layered tapestry of various elements that you put on top of each other to create That final piece and that's pretty neat I mean it like it's funny because you guys were just talking about penetration testing and how like you unveiled the mysticism of the secrecy of what the NSA does in a way This is what this site does is it takes away some of the the elements that make it seem like such a magical Magical tool and it's like how do people do that like how do people create this amazing piece of? Of art that I'm so you know I'm in a day-to-by because I really enjoy the show or this movie The one I can't get over is the one still is a stranger things Change the stranger things soundtrack at least the the opening. Yeah. Yeah, and because it sounds familiar one But two it's not something that you Recognize immediately, but it feels familiar and that's how they do that still beyond me Thank you mark for sending that along send your picks to us folks feedback daily tech news show calm You can find more picks at daily tech news show comm slash picks We'll probably have to put a line under all of the responses to USBC versus the traditional audio Input jack after a while, but we got more good one So I wanted to give another representative sample Justin wanted to know what becomes of FM radios and phones that use headphone Jack's tuners he says I know this is probably a small use case But sometimes you just want to listen to local radio or if traveling with spotty data You can still get FM stations almost everywhere I think it's vanishingly small the number of people in fact even the number of phones that take advantage of those FM tuners But is diminishing. Yeah, it is a nice backup that will probably just go away sadly Ned is an audio engineer with 15 years experience in broadcast and is very pro USBC His full email is in the show notes But the highlights are that the headphone amplifier in any consumer grade device makes me want to cry Upgrade ability and analog signal loss. He asks would you prefer a world where we all use composite video instead of hdmi? I he does bring up a very good point There there are limitations To that amplifier because you know, you cram it into a very small thin flatten device Uh, there's only so much you can do with it. I'll be honest Um, I kind of prefer component video to hdmi only because I'm a philistine who cares less about quality than I should Uh, but also Because it actually allows you to do what you want with that analog signal Whereas hdmi will tell me I can't be played on that monitor That's not hdmi. It's it's ectp That makes you if a ccp implemented through the hdmi. Yeah, but you can't implement hgcp through the component You know what? We could have all moved to b and c connectors and used an sdi jack and have all that awesome raw video But you know what? Stakeholders said no and there you have it Heather from charleston, south carolina very sensibly asked why they don't just give us phones with two usbc ports She said if a manufacturer came out and said we'll have two usbc ports on our phone It sounds like scott's main objection and mine would be dealt with and when she says mine She means hers. Uh, she says sorry about all your old mini jack cables though It's probably because it would cost them an extra quarter per device I I bet you I bet you we see phones that come out with two usbc part of it is because when they want to get these out as quickly as possible and Wine complicate things Immediately like as you said eventually there will probably be one or two models, but you know from their standpoint It's not a huge margin maker for them. So why do it? And then sheila in georgia said wouldn't making the battery bigger be negated by the power You need to send to a bluetooth signal and she's suggesting like if I use bluetooth headset instead of a Headphone either usbc or audio jack She says I leave bluetooth off because it helps drain my iphone battery My guess is The battery increase would make up for it, but maybe not by much. It's a fair point I mean she does is actually a very good point. Yeah t2 t2 wrote in regarding the overwatch GGE z replacement that we talked about yesterday to to sort of discourage trolley's behavior And he has an excellent description of the league of legends system for fighting toxic behavior You can read the full version at our show notes, and I recommend that you do it's very well researched He's got links and everything, but the summary is in 2015 They started using machine learning to analyze toxic behavior that was identified by players That even accounted for regional variations So something like your mom is just kind of funny in the united states and is extremely offensive say in korea Would get identified as people over here aren't as offended as people over here He writes uh, or he writes about that example in the uh, the korean I should have read his code. He says isn't the worst thing to be said, but in korea It's considered the worst behavior and the system by itself. Uh, was able to figure it out. So anyway, uh Apparently it's only had one mistake In 10,000 cases You know what I affirmably believe this this basically screams The this this there's a market here for gamers a guide to etiquette or gaming etiquette Yeah, where you would actually go to eat it though Well, you would No, it would be an online school. It'd be like linda.com. You would go certification that you'd have to say like you're i'm certified non-jerky And then I get two extra privileges. That's an interesting that's an interesting way to go the blizzard academy The league of legends academy like like this guy this guy is like You ever so I'll be honest though as much as that's a good idea I would not want to go through it in order to play a game Well, then that that separates the wheat from the chaff and it's already working tom. It's already working You're saying i'm a troll though. I'm not so it's just it's all it is It's a 21st century of gufis and gallant for anyone who doesn't know what that is That references a child your highlights magazine highlights magazine in the back They would have a low cartoon of what not to do what not to do in the right way to do something With two boys gufis who did everything wrong and gallant who did everything, right? Well, I certify roger chang is non-jerky right here on this very show Uh, thank you also for stepping in uh and filling in of course daren kitchen hack 5.org HAK5.org or or g where you can get A wi-fi pineapple as described earlier in the show when we talked about pen testing with dan templer But roger anything to let folks know about on your end? Uh, you know just follow me on twitter at jolly roger I am on the show pretty much every weekday. Yep always on the pre and post show Which you can get if you're a patron or in the post show you can watch on video Len peralta so good to have you back and you're scaring the crap out of me with your art Oh, well, I don't know if that's a good thing or a bad thing. No, it's a good thing in this case. Yeah It's working. Yeah, you know, uh, you mentioned at the top of the show. It's a very difficult Thing to draw and we could talk a little bit about this after the after show as well, but uh All I'll say this is a terrifying second date. You ought to check it out at my online store Len peralta Store.com. Yeah, because there's a syringe and a box of chocolates and people in hoods with scary eyes syringey chocolate Miss it If you want just the headlines of the day you can get them at our headline show daily tech headlines dot com Of course, if you would like to support the show you can do so at daily tech news show dot com slash support and be Like the thousands of people who make this show possible Thank you to each and every one of you who makes daily tech news show happen Our email address is feedback in daily tech news show dot com You can catch the show live monday through friday 4 30 p.m Eastern at alpha radio dot com and diamond club dot tv And visit our website daily tech news show dot com back on monday with biz veronica bell bot Talk to you then This show is part of the frog pants network get more at frog pants dot com Diamond club hopes you have enjoyed this brover Good show awesome show I We need a title, but I want to rave about that pick poster. This is this is awesome You know, it's funny. It totally reminds me of uh young adult book covers Like like if someone were to do sweet valley high then did a crossover with uh, I know what you did last summer The dark reboot of sweet valley high. Yeah, it's kind of like what would I imagine it would look like Well, I thank you so much. What was kind of cool is with I personally, you know, I think the the little the yellow glow on their faces kind of makes it pretty like, you know, pretty cool um Yeah, this was a tough one to do because It you know, I was thinking well, maybe I'll do something with snowden, but it really wasn't about snowden It was just about this, you know, the hacker is getting this um This thing so the name second date was kind of a neat little Little thing to kind of uh to glam on to so I just you know, I thought of this Hackers I'm always represent these hackers as sort of ringwraiths sort of even though I know that that's not necessarily hacker culture, but it's sort of fun to you know It's a lot more fun to to represent them that way There's the malicious hackers, right or right crackers sometimes, uh, and and that's what you're depicting here Right and I'm sure they don't see themselves this way or maybe they do maybe they like well I think they would find it would be pretty cool. It's a pretty cool thing because they're they're I mean What is it shadow? What are they called shadow? Um race? No, no, no, the the the actual group themselves. We're calling themselves the uh shadow. Yeah No, they were called the shadow broker shadow brokers, right? Oh, I'm sorry. That is a reference. I believe to A downloadable content for mass effect three shadow brokers It's it's one of it's like an additional level the shadow broker in the game is essentially this person that is like your master information collector If you need information on how to like about a government or how to get something that that's the broker Are you looking for a shadow call the shadow broker? five five five seven two hundred We're working for you We'll get you the best deal on a shadow. You can find this side of the alligator And you know what it's so I wouldn't I wouldn't say terrifying, but what's so appropriate Is in the game in the in the mass effecting where they use it The ship or or the the ship where the shadow broker lives and operates from is constantly moving And it orbits this planet that has a huge electrical magnetic field. So the ship can never be detected Uh, and it's I don't want to spoil the game portion of it. So I won't go too far into it But I I totally know why they use that name because it's totally fitting It's awesome. Yeah, this is a lot of fun. Hopefully um, hopefully people, uh, will want to get it at the online store Yeah, go check out ledbroffestore.com This is definitely one I want up on my wall. It's cool. I was kind of hoping I was I had I was kind of hoping that Darren would have been able to see it because I know yeah It's sort of kind of up his alley, but uh, but yeah, it's it's fun. It's fun to draw I you know, it's fun to draw these hackers. It's kind of scary scary Scary well the second name is just lends itself perfectly Oh, absolutely. Absolutely. And the other thing too what I when I tried to do I added those little yellow Glow to their faces, but I also wanted to do something I didn't make the heart like like red it's sort of like faded and then the actual the flowers are sort of this grayish Yeah, yeah, yeah So, you know, it's these kind of scary things that they're bringing to you that aren't really nice on a date But there's one huge ass syringe too And yeah, yeah, that was the Hawking gun The syringe was was from reading the article they talked about it. You know, I just thought well infecting So the best way to yeah So so there you go great titles Uh, I'm going to go with whacking the system. Yeah, I like that one too Uh, you could go through some of the others that were in there just to give them a little uh Following up whacking the system, which came at the top with apple envies Uh Slash root of this problem is nsa. Oh, that's pretty good Someone at the FCC got robo called Is releasing second date a bad decision? Ah Nice warning warning warning a warning warning incoming scam call Pinsa pinza apple oh pie nsa apple Shadowbroker second date with eligible bombshell at polar sneeze your mama son pitted chrome Relocking pandora's box Every lawsuit goodbye ain't gone Cool watch the apple watch never should have given the nsa a second date A pineapple that's root for you And certified non-jerky Certified non-jerky I so it looks like whacking the system is winning. I like it. I'm gonna go with that. It's a good whack Although the last one Definitely tugs at my heartstrings as well Well tonight is going to be a gaming night Uh Coming back from gen con and tonight's gonna be a game Is gonna be a game night I don't know if you guys have ever heard of a game called two rooms in a boom. I don't know if you've ever heard of that game I haven't uh, it is a blast and it's a lot of fun if you have a lot of people Um, basically six or more. Definitely. Uh, we played at gen con. We played with 22 people So 11 on both sides, but I think it was like it was like a football team Yeah, it's super cool, but essentially what it is. There's a president. There's a bomber. Uh, there's a red team. There's a blue team Uh, the blue team is trying to keep the president and the bomber in separate rooms The bomber is the red team the red team is trying to put the bomber in the same room as the president Um, but what makes it a lot of fun is that there are all kinds of other story lines going on So everybody has their own card and their role playing and they have their own thing that they need to try to do Like for example, there's an engineer the engineer has to meet with the bomber at some point And uh, or there's a the first lady and the mistress and stuff like that. So A lot of people Exactly, so the the mistress needs to get the the wife into the room with the bomb Vice versa that kind of stuff. Oh, so you've got competing motivations. Exactly Like It is a blast now you can go to uh, two rooms in a boom Dot com I think you can actually download the game play it for free But I they I recommend that you actually purchase the game because there's there's all kinds of like there was a kickstarter thing So there's all kinds of extra cards like zombies and stuff like that Like the zombie card you have to infect everybody and the zombie wins if everybody gets infected It's a blast. Did you hear the uh, did you hear him mention the red team when he was talking about pen testing? Uh, that's the red team blue team is a typical Way of describing like the red team is what he his group does Which is try to get into the system and turn off. Okay. Oh, they're doing trying to do the bad thing And the blue team and he mentioned is like and their blue team will try to stop us And that they're the ones trying to stop the bad thing from happening. Oh, how funny is that? No, I didn't even catch that. No, it's um, but yeah So it's it's a total geek thing if you have a lot of people it's great to play Tons of new games actually that we picked up at gen con So, uh, hopefully we'll get to play a lot of them tonight. So who who's all coming out? You got a big group or yeah, some family members are coming over. It's been kind of a tough week this week So I think people need a break People need a little bit of a break and just sort of not have to think about things, but uh, It was uh, it's cool. It's cool. I highly recommend that game and uh Uh, if you ever if anybody ever gets to go to gen con Um, I was wanted to it's just it's in that It always used to be in that time of the year where it was very different to get away Yeah, it's it's always the beginning of august, which is really tough But um, it's a lot of fun. It was cool and it was actually cool this year to go because a lot of like downtown Indianapolis. Yes. Okay. Yes. It's right there. It's right there. I actually have a towel from the embassy suites downtown Oh, nice. Yeah, it is it's enormous. Uh, it's about I mean, I want to say it's larger than than dragon com But it's more spread out. So like even though so is it is it the same kind of thing where it's in hotels then or Yeah, yeah, and they're all connected, right? So you can see 1,423 people Yeah, it's it's big but what's cool is that it's all interconnected, right? So like part of gen con takes place this year at least Um, uh underneath lucas oil stadium where the colts play So you walked all the way through to lucas oil And they had a like a dungeon. It's called a live dungeon And you could actually go in there and larp and stuff It was it's pretty cool. Yeah, it's already colts fans realized that there was larping I don't know man. You'd be surprised Actually, you know what I wanted is how many colts fans were larping underneath That's a good question. Yeah, that's a good question. Um, I don't know But it was it's up. It's so much fun Um And if anybody gets a chance to go to to gen con definitely go it was a lot of fun too I was gonna say just because couple of my games were out and It actually felt like I was there for a reason. So yeah, that always helps So like so like banners with my with my art and stuff were up. So it's pretty cool So you had a booth booth. Uh, well, I was part of steve jackson games. Oh, cool Um, so yeah, so they were they were pushing munchkin apocalypse A bunch of munchkin things I did this year and the big thing was bill and ted's excellent board game bunch of bunch of munchkin I remember they got raided by the fbi back in the Yes, the 90s. Yeah Steve jackson is the reason why the eff is around uh, because uh, because it was that case that um, That made the eff. Uh, it was the first case they they took up, right? Yep. That's it. That's it Super cool super cool. Anyway, so I got to get ready for game night and Yeah, for sure. Excellent. Thank you so much. We have the president out of the bomb room Well, it depends that if I'm going to be on the red team. Oh, yeah, unless you're on the red team Yeah, I gotta I I may want to blow that guy up. So we'll see how it goes Or girl, yeah exactly All right, guys, we advocate anyone in reality doing anything even close. No, we do not do that It's just yeah a board game a tabletop game. Yes two rooms and a boom definitely go and check it out if you have a big group of people All right, take care. We'll see you. Thanks, Len. Bye This is great. This was a great interview with uh, dan. That was awesome. Yeah, it was great. Awesome Awesome content that worked out well His I wonder you did you did a great job with the top stories and stuff. That was fantastic It's good It was a good show top to bottom Stop top show topping a top shelf show ladies and gentlemen A great way to finish the week. Uh, if anybody follows me on current geek the show I do with Mr. Scott Johnson I will not be doing current geek today. So there will be no current geek show Because I am going to be at a wedding rehearsal for one of my best friends in the world who's getting married on saturday Uh, and scott had some other things as well. So he took the opportunity to say well, let's just not do a show We will have a current geek next friday And then there will not be a current geek for two weeks while i'm away in japan But those of you worried about dts. It is well in hand. Roger has been working overtime Booking in guests making sure we've got people to fill in Uh, and we pretty much I mean We pretty much have Almost everything. I think it's filled. Wow. You're right. Yeah, it's pretty much. Yeah, it's filled. Look, it's all it's all good I just week in advance Some of these people are new so i want to want to follow up with them a week before Yeah, yeah, just to be sure just to be sure but yeah, it's it's looking good. Uh We've got Justin and veronica on monday august 29th jocelyn moffat Of the gamers in and the angry chicken with patrick beija on august 30th Uh, evan coblance with scott johnson. What are they going to talk about vintage computers, right? Uh computers And essentially how long does technology last before we consider it obsolete? Like, you know, so patrick beija with jen cutter coming back to the show talk some e-sports on thursday september 1st scott johnson and Once i09 editor-in-chief now ars technica writer annalie newitz Uh, it'd be i'm a little jealous that i'm missing annalie on the show scott gets to talk to her. She's great Uh, jonathan strickland back with scott johnson on tuesday september 6th Lloyd case with scott johnson on september 7th. It's good to see him coming back to the show Scott moulton with justin robert young. What are they talking about? So scott moulton is a Data forensics guy and his line of work essentially is pulling off Data for law enforcement from suspects hard drives or whatever. So we're essentially going to talk about Data forensics and exactly what in this day and age Is considered to be Useful in in law enforcement in the last day. I'm gone september 9th. Justin robert young Len pralto be in and terry johnson. Yes, he is from uc berkeley and he wrote a book about uh, bioengineering and so we'll be looking at Kind of the technology not the technology. Let me pull it up real quick. You're talking about Biotech it'll be a biotech topic Classes essentially things like services like 23 and me What he digs about them, but what he also does them like in terms of Basically medical data infotainment like what to know if you're going to use these kind of services. Yeah, like, you know, that there is a lot of miss I don't want to see Misrepresentation, but there's These companies don't necessarily disabuse people of the notion of what they can get from these services Excellent. Well, thanks everybody for watching or listening and uh, I will be back next week So we you've got some time before all of that stuff's coming But it's going to be a good couple weeks even with me gone and you won't even miss me It's going to be fantastic and I will be back on monday with veronica. See you then