 Coming up on DTNS why the messenger revamp could mean better code in the future for Facebook a smart way to get your local news and Security stories from RSA including the man who sent his mom to do pen testing at a prison This is the Daily Tech news for Tuesday March 3rd 2020 in Los Angeles. I'm Tom Merritt and from studio Redwood I'm Sarah Lane And I'm the show's producer Roger Chang We're very happy to welcome Seth Rosenblatt editor-in-chief and founder of the parallax at the dash parallax Dot-com welcome back Seth. How's it going great great to talk with you all again? We were just talking with Seth about Japan and some of the the highlights of his time living there as our visits there Do you want to get that expanded show you got to become a member at patreon.com? DTNS and choose one of the good day internet tears. Let's start here with a few tech things you should know Hancelations keep coming Google announced will not host an in-person Google I owe event on May 12th out of concern for the COVID-19 virus Google is looking into an alternative format for the event However, tickets will be refunded on March 13th If not before Facebook and Twitter have both pulled out of the South by Southwest conference in Austin, Texas Due to virus concerns although organizers of the event say that it is still proceeding as planned in March in addition Facebook is restricting visits to its offices and conducting job interviews primarily by video conference and Twitter is encouraging It's 4,800 employees to work from home Yeah, if XZ net put together a whole page of all the tech conference Cancelations and travel restrictions if you want to keep track of that Meanwhile, Major League Baseball is replacing Amazon web services with Google Cloud as its new data and analytics partner It's a multi-year pact that now means you'll see this is stat cast powered by Google Cloud Instead of stat cast powered by AWS Stat cast is of course the service that analyzes player performance and abilities MLB will also use Google ad manager and its dynamic ad Insertion feature for its digital ads business for the third year in a row Foxconn expects revenue to drop 15% in the first quarter due to shutdowns and travel restrictions related to the COVID-19 outbreak However, the company believes normal production should resume by the end of March Foxconn operates several factories in China and Apple is of course one of its biggest customers and it was mostly good news Google announced pixel owners were getting new update features including additional music controls emoji more photo and video features expanded emergency help features though Google's personal safety app through Google's personal safety app Google Play improvements bunch more unless you're on AT&T Google has pulled the update for AT&T pixel 4 and pixel 4 XL phones. No official word on why yet All right, let's talk a little bit more about Amazon's plans Sarah Amazon announced that by adding smaller fulfillment centers in certain metro areas Philadelphia Phoenix Orlando and Dallas all US cities It can increase same-day deliveries in those areas by 3 million items Which is a really big increase because prime now, which is the existing same-day service offers about 20,000 items for rapid delivery along with groceries So customers will now see a new today buy tag-on items that are eligible Not all items are but quite a few are now and then there's an overnight Delivery option as well. So if you ordered something before midnight, you could get it at 8 a.m. The next morning, for example Different than one-day delivery, which they're trying to make standard where one day could mean at the end of the day the next day Overnight means you get it earlier, right? Basically, you get this first thing in the morning as long as you order, you know at a reasonable hour of the night before which There are a lot of items where I would I would really prefer that And Amazon says this would cut down on fuel use because you're ordering from things that are close to you So they don't have to they don't have to go by plane to get to you except they had to go by plane at some Points, I'm not sure how much how much that that washes of the Seth. What do you do you have any feelings about Amazon cutting down delivery time? Given how many packages get stolen, how can you tell? If they're there before you order it and yet it's not there when you open the door It doesn't matter. You'll be able to know whether it was stolen faster now. Oh, that's exciting It's worth every prime penny But yeah, I mean the the whole idea of these kind of super huge fulfillment centers Which you can't just plop down in the middle of a city But you have to have you have to have room for them that you know the company over time Especially because Amazon now has a lot of other competition for all of the goods that you want as quickly as possible for the right price Has figured out, you know, we don't always need all that stuff in the big old super Huge warehouse. It's better to figure out. Okay. Well, what is a you know an average customer in Philadelphia? for example ordering enough that the smaller fulfillment center let's just stock it with that and you know, we save on fuel and Amazon is of course pushing its whole reduced carbon footprint initiative as are many other companies, but this is one way that you get there or get closer a new lightweight version of Facebook Messenger for iOS is live Rolling out slowly so you may or may not have it already the iOS version has shrunk from 130 megabytes to 30 megabytes and Is going from 1.7 million lines of code down to 360 thousand if you remember f8 last year They called this project lightspeed It was supposed to ship last year But it missed its deadline because it was more complicated than they thought in fact VP of Messenger Stan Chodnofsky told Fast Company it was like remodeling a house and discovering new problems when you open up the walls Like oh, there's there's dry rot crap. We need to rip out these lines of code now It doesn't look too much different if you get the new version other than the Taking up less space and launching faster. The discover tab is removed. That's one noticeable thing The people tab got a redesign inbox read receipts and polls are temporarily gone They say they're going to come back But Facebook intends to incorporate some of the updates into future Android versions So the Android version of messenger should get lighter as well. What I found most fascinating about this is not So much that they changed anything in the way messenger works It's a little bit impressive that they were able to cut down the code that much But if you read the Fast Company article it talks a lot about what they found When they focused on this because they had such a huge group of engineers working on this over time Oh, there was a lot of redundant code, especially picking people They found that there was like multiple ways that the code could pick a person And so they were able to just rip all that out and put one object that said here's the people picking code ever every call should use that Microservices were replaced with sq. Light database, which brought down a lot of the code base as well Set that feel like this. This is something that they'll be able to learn from in other projects and be able to be more efficient in coding in the future Well one could hope I mean I think that there's something really really interesting about this and it's not often that Average consumers like us encounter technical debt, right? We just know that Facebook runs slower a messenger runs slower or we're having difficulty with an app That's just not behaving the way it should or a website, but this kind of technical debt I think is actually a huge huge problem in how you know systems and services get developed and the fact that messengers only been around for What maybe ten not even ten years as a stand-alone 2012 so eight years it's been in development and then they sort of created it as a as they integrated it and then they Ripped it out. Yeah, and so it's been what less than five years or maybe around five years as its own thing And they were able to shave three quarters of the code off I think that's remarkable and I think we're gonna see huge problems in Services that people are using that are far more Dependent on on their code bases and have far bigger code bases than messenger when when the technical debt in those comes calling I just I think it's really neat and I think we're all gonna be in Some deep trouble because of it Yeah, I did one one last point on this I think I was most entertained by what Chodnofsky was saying about or not entertained But most interested in Chodnofsky saying that they really learned better Practices to prevent the code from getting so bloated in the future And I'll be curious to see if that plays out if they're able to make that happen I'm gonna need those inbox read receipts back though Very important for passive-aggressive pensions Analyst Ming-Chi Quo sent a note to investors saying that his sources indicate that Apple has six products coming this year And next year that will use mini leds those products include 12.9 inch iPad Pro a 27 inch Mac iMac Pro a 14.1 inch MacBook Pro a 16 inch MacBook Pro a 10.2 inch iPad and a 7.9 inch iPad mini Many LEDs are smaller so they can use more backlights and control local dimming better and deliver improved contrast brightness and black levels Yeah, 14.1 inch MacBook Pro I mean that in itself is is an interesting quo Prediction here that we get get a smaller version of the MacBook Pro similar to the 16 where it's gonna take up the same size But have a larger screen and just you know better-looking screens put many LEDs in there I I'm not sure how much this matters to the average person But a lot of people are screen nerds and you know what the best-looking screen they can get and this could help with that What do we think about pricing for something like this? Let's say all of these products come Yeah, how much should this add to the price? Because that's you know, that's the consumer is probably well Maybe it's a little bit like retina display where if you don't have it You're like is it really that great and then once you have it you're like yes, it is I'll never go back So maybe it's one of these things, but yes does does the price Of this better technology end up being a higher price for a product because it's an apple will you notice Seth? What do you think? I I'm I Hate to be such a Debbie downer except I don't really hate it But I'm curious to see how many like how many of these are are even gonna ship because of the impact of corona And COVID-19. I think there's there's just there's so many unknowns that are happening this year because of it Even if they've got them designed and ready to be built in the factories It may be the factories aren't gonna be able to handle building them Price points could be wildly changed because Apple may either want to move product or they may not be able to ship enough product And that could affect what they're charging for it. I mean, I have no idea I wouldn't be surprised in a normal year if they wind if they would wind up charging an extra hundred bucks For for the latest. I think historically that's sort of what we've seen from them But in terms of like what's the impact this year? I think it's a lot of Who knows? Yeah, no, I mean quo said that given current situations the supply chain for these shouldn't be affected But you're right. Yeah, that's current situation. We don't know what the situation is gonna turn into. Yeah Local US news apps smart news announced it has now reached to partnerships with publishers in more than 6,000 cities Smart news has a tab for local news based on location sharing from the apps user articles are picked by machine learning But only from source aces curated by a team of journalists smart news claims It wants to break users out of media bubbles by doing this the election news tab For instance has a slider that lets you choose to see news for each presidential candidate from a left right or center perspective You can kind of experiment how that changes what you would see members of the smart news engineering product data and marketing teams Have also gone on listening tours where they go to Minnesota, Iowa, Nevada and California so far to just hear local concerns Like what what don't you get from your news? What would you like to get from your news? They're planning to do that for Michigan of Florida Particularly for election coverage not just local. These are these are important electoral states. You may recognize there But this is this is an interesting app because it kind of to me strikes a difference a middle way between Google news and Apple's news app. So Apple's news app to me is very magazine heavy It doesn't really have all the sources I want in it because Apple hasn't been able to strike all the partnerships Whereas Google news has everybody in it, which means that it's often Polluted by a lot of things that are unreliable or click-baity Well, you just don't care about yeah, or I just don't care and smart news I've tried it for a little bit now seems to have a really good handle on these are good reliable sources that you can trust But our machine learning is good at showing you important things showing you things that you might be interested in reading about today Yeah, the local news angle. I think oh go ahead, Seth Sorry, I again like these these machine learning AI generated Curated stories really really worry me especially with with local news There were two big reports in the New York Times and the Atlantic at the end of last year focusing on how Disinformation campaigns are pivoting to use local news sites Given how machine learning algorithm algorithms tend to be black boxes that we don't have a lot of independent In insight into we don't have a lot of independent sources looking at how they're constructed. I Think it's gonna be really easy to manipulate these well That's why I like about that I like that smart news doesn't just rely on the machine learning they have a human team Monitoring it and I think that's super smart to say we know this is a black box and can be manipulated So we're gonna have humans looking at it on on the lookout and I have to say so far It's way better than what you see from a Google news I I hope so. I mean, I hope that continues. I just I know, you know, we all know that that Facebook had, you know people or has Theoretically people sitting in on its algorithm helping curate things Google is supposed to be doing that as well with Google news YouTube videos. I I'm just I'm I'm Very cautious about how we are moving forward and there's not a lot of independent authorities saying yes This is this is being authentically chosen or being manipulated And it's those manipulations that that worry me because what we saw on Facebook is that once somebody gets used to seeing a news from a particular source Then and even if it looks completely Legitimate it can be exploited to help spread misinformation and disinformation And if it's a site that they're using to replace the local news that they used to have You know, but but some big conglomerate bought the TV station or the newspaper and gutted it I think this is a you know Something we should be very trepidatious about Though the one thing to remember when you're thinking about this and Seth's bringing up some very good things to think about is What Facebook and Google news do is let the machine learning spew out the stuff and then the humans are on the other end Looking for problems what I like about smart news may or may not work is that they have the humans at the beginning And then they are feeding what they think is good information into machine learning and if we've learned anything about ML It's that it's only as good as the data you put into it Facebook and Google are letting anyone put anything into it Smart news is saying we'll feed it We think is a good diet so that it hopefully puts out better stuff. We'll see yeah, but it's an interesting thing to keep an eye on Payment service Boku has noted that 30% rising payments over the last two months do in part to the effects of You guessed it the COVID-19 virus in South Korea, right Hong Kong Thailand Taiwan The Philippines the United Arab Emirates Kuwait and Oman Boku is an online payment system tied to a mobile number accepted on many entertainment websites like Spotify PlayStation gambling websites use it as well and Google announced it will make advanced hangouts meet video conferencing capabilities Available to all G Suite and G Suite for education customers until July 1st of this year The features include larger meetings and live streaming and the ability to record and save meetings for later viewing This is interesting because we were almost sort of saying I wonder what the rise in Remote conferencing software is going to look like there probably will be some but we're already seeing the effects of of how this works Yeah, I mean it's a good PR stunt for Google, but it also benefits companies that are like we're going to have to make people work from home But we didn't pay for the capacity to have meetings with more than 250 people or you know More than a thousand people live streaming it at a time And so Google is making that easier for them first a period of time With the idea that maybe once the virus scare has passed, you know fingers crossed it doesn't Continue past July 1st. Maybe they can get some of these companies to stay on with the paid plan The the Boku note is interesting because we've seen a lot of companies impacted negatively by this But there are also companies that provide a service, you know If somebody in China particularly right or in Korea now Italy has to stay inside They're gonna look for things to entertain themselves and Boku happens to be benefiting from that as a payment service Hey folks, if you want to get all the tech headlines each day in about five minutes Be sure to subscribe to daily tech headlines dot com Well, we heard at the beginning of the show of the cancellations of conferences that are happening But the RSA conference went on as planned even with a few companies pulling out of it And Seth you were there first off How was the mood there? What was it like being at this conference in the middle of this kind of concern? Sure, I mean for me it was really interesting just as someone who who has been going long enough that they hand me a legacy Pin every time I go now and and I feel very awkward about that Because it's been Think a decade or so of attending these things maybe more And and then in the new Moscone center, you know, they they revamped it There's now a third floor on the on the south building and and there's connection bridges and everything And so the conference which had begun to spread out to nearby hotels and and and conference areas in those hotels Now sort of recondensed back into Moscone and so I was expecting it to be very crowded and very tight And that just wasn't the case walking the halls was quite easy the show floor which I really try to avoid like the plague Was sorry Was also fairly easy to maneuver around on And I thought that was different And I asked the conference if they could tell me how many attendees they had this year compared to previous years They have not yet shared that information with me They had more than a few sponsors pull out. They had 14. I think it was at the last count sponsors pull out I think six were from China and the rest were Western Western companies So there was definitely a a different tone on the show floor people were very cautious about using Hand sanitizer, there's a lot of washing of hands a little bit of gnashing of teeth as well Yeah, but there were still some good stories and one that I've seen a lot of people talking about this today is The penetration tester whose mom was his was the CFO at his company And he sent her in to do pen testing at a prison with this. This is an amazing story. Yeah, it's a lot of fun So so for the people who don't who don't know or don't understand why they do this penetration testers are often hired by organizations can be small companies can be municipalities to test their networks and a lot of that also means going into a physical space and Dropping USB keys into every open USB port you can find See what kind of data you can exfiltrate from that and this is usually on the up-and-up recently There was a problem with I think it was an Iowa courthouse Where there were the communication was not great and the pen testers were actually arrested for doing what they had been hired to do I think the case was finally thrown out But this is a very common thing in cyber security, especially in this space where cyber security and physical security intersect Can you make a fake badge? Can you social engineer your way into a building? Or are they more cautious about it? Financial services companies actually tend to be very good about this. They're very worried about You know people breaking into a building, especially, you know Wall Street style companies Silicon Valley because teams tend to be More disparate you've got people working remotely from home from a lot of different satellite offices tend to be more lax about these things and so There was actually a talk just about this at B sides, which is a RSA sort of side conference not officially related to RSA and So this guy sent his mom in and she was able to To put USB keys on every open computer that she could find She got in with a fake badge and fake business card Pointing to her son as her manager, which I'm sure tickled them to no end And he was able to talk about it now I think because the NDA had finally cleared on that. Yeah, they didn't mention the actual prison still As mom has passed away since then as well sadly, but yeah, anybody who knows Darren kitchen and hack 5 they were using rubber duckies by name So it was like Angela from mr. Robot like they sent mom in to just stick rubber duckies In into as many things as possible. It was pretty crazy Also, we mentioned the crook vulnerability earlier this week on the show But but if you could real quick set is is there anything that people need to realize this is a vulnerability and a couple of different chipsets, right? Two chipsets it affected Broadcom and Cyprus and the in Cyprus used to be part of Broadcom There are the IOT division that got spun out and I think acquired by Cyprus in 2016 I think it was and You know, it sounds pretty scary There were there were more than a billion devices affected Including basically everything that Mac make that Apple makes most of what Amazon makes and as well as Huawei routers ASUS routers a bunch of others The routers I think people should still be very concerned about the consumer Devices that you've got in your hand less so because those have automatic updates or at least they should if you've disabled automatic updates I hope you have a very good reason for that. Please go do your updates patching is is a complicated business In and part of it is because Devices like routers still to this day don't have automatic updates the way that your phone does or the way that your laptop does You know and it used to be a big deal. I remember when browsers started suddenly having automatic updates that was a Google Chrome thing and it was up for debate and It's amazing how important but it became in shutting down vulnerabilities But these other devices that don't have auto updates Patch, you know patch early patch often There's it's one of the you know core tenants of keeping your stuff safe Finally you you wanted to note a keynote from Wendy nather from what is she from Cisco? Is that right? Yes? Yeah Go on She from what I'm reading here was talking about Changing up how you I don't want to say market But how you how you get people to pay attention to security one of the things that caught my eye was was saying we really need to make User design better for security so that people want to use it so it's easy to use And I want to I want to find her quote here about the spoon She says what if they could design security to be easy as a spoon. We don't need annual spoon awareness training Well, I've I've seen some people eat and I have to say some people awareness training and perhaps bibs But but I you know what Wendy was talking about I think is really important because it's something that came up at the enigma conference in San Francisco at the end of January with a talk from Leah Kisner Where security products are designed to fail? And the fact that we have we continually have to this day the same problems that we've had in cyber security going back more than two or three decades and the this this belief that it's Part of it is because the products are not being designed to be usable. They're being designed for security And that's and and Wendy had a great turn of phrase. She said that we need to think of security as a service and who are we not not just a service that gets pushed out to consumers, but a service that is Providing an important need but something that you don't really want to be thinking about right? We don't think about software as a service It just is there and I think the same thing with security is a really important point I hope it's the start of a change in philosophy as to how Security experts are approaching the products that they design Because there's so much failure in telling people, you know, don't click on this link in your email And people and this was sort of a shock to me, but people have been fired for that It's you know, it's really kind of horrific. What's being expected of the average Employee of a company, especially now that software is in everything. So, you know focusing on this I think is is going to be huge If it felt like she was saying let's stop telling people They should be better at security and make it really hard for them not to be good at security Yeah, yeah Well, thank you Seth appreciate the the updates from RSA and and braving a conference at this time in our history So far I seem to be okay My dog is happy the girlfriend seems to not be angry at me for going so good. There are worse things Thanks everybody who participates in our subreddit lots of security stories there every day among others You can submit a story that you care about and vote on others at daily tech news show dot reddit dot com You can also join in the conversation in our discord and you can join discord by linking to a patreon account at patreon.com Dtns. What's in the mailbag Sarah? Oh Tom? I'm glad you asked James wrote in and said the loss of support for Google reader may not be comparable for the prospects of Stadia is a conversation. We were having yesterday, but James says the drop of support for daydream VR I think is I was one of the people who bought into daydream and Google has drop support There are no longer involved in developing apps They have cut support for the device and their most recent phones and they're letting the platform die I thought daydream worked really well would have done much better if it had been supported by Google better If Stadia doesn't perform as quickly as expected, how long will Google's attention span linger before they cut and run like they did with daydream? James that is an excellent comparison, especially on the developer. There's there's a little difference in that daydream was never Marketed as as much as Stadia to the end user, but a lot of interesting parallels there So thank you for that also shout out to Scott operations engineer with a Canadian city Who wanted to thank us for talking about the dangers of improper lithium-ion battery disposal? He basically says he primarily deals with landfill operations and the frequency of landfill fires being caused by batteries Has to be increasing just from his personal experience He said our last fire I had the luck of actually being the first person to spot and respond to and the mangled remains make it hard to determine What it was but the number of cells makes me think it was something like a lawnmower battery pack The ability for these batteries to put out an extreme amount of heat is impressive Especially because it's chemical energy landfill operators develop a quick eye for these things One of our incidents a few years ago was a mophie pack that was spotted smoking and removed before anything else caught fire It was able to be spotted among all the waste with really no sign of smoke from the cab of a landfill compactor While in most industries a fire is a rare emergency event in the waste industry I now consider a fire an event that is to be expected not a potential event So yeah, be careful. Don't throw those batteries into the trash or the recycling either one literally a dumpster fire Yeah, yeah, yes Literally hey shout out to patrons at our master and grand master levels including Jeffrey Zilks Michael Keper and Paul Reese Also, thanks to Seth Rosenblatt for being with us on DTNS today. Such a pleasure, Seth Thank you so much for bringing the knowledge and letting us know how ours they was also let folks know how they can keep up with the rest of your work Yeah, I'm on Twitter at Seth are the parallax Publishes on Twitter at the parallax no hyphen and our website is the hyphen parallax calm We have a weekly newsletter as well Because you don't need yet another website to go to all the time, but we appreciate it when you do Thanks for having me on yeah, thanks for being here man And thanks to everybody who makes it possible for us to do these shows It is your direct support that provides the vast majority of our budget So if you want to continue to make this content possible and power other content We do product reviews with live with it. We do Editors desk for more opinion-oriented content. That's all available to patrons as a bonus as a thank you at patreon.com DTNS our email address is feedback at daily tech news show dot com We are live Monday through Friday at 4 30 p.m. Eastern That's 21 30 UTC and you can find out more at daily tech news show comm slash live back tomorrow with Scott Johnson talk to you then This show is part of the frog pants network get more at frogpants.com I hope you have enjoyed this bro