 I'm going to tell you guys a story today. I'm going to tell you a story about the evening of October 29, 1969. This is roughly 100 days after the first moon landing. And I find that juxtaposition interesting because we're talking about two very, very important moments in technology history, but also human history. But before I tell you that story, I'm going to tell you another story. I'm going to tell you the story of a guy named Bob Taylor. So Bob was the director of the Information Processing Techniques Office of the United States Department of Defense's Advanced Research Projects Agency, ARPA. And as the director of the IPTO, Bob was responsible for overseeing a lot of time sharing research projects at different universities around the United States. So early computers were entirely oriented around batch processing, which is to say when you wanted to run a program on them, you submitted a job request. And that job request would get queued early, early on in computing history, queued by a human being, later by a job scheduler, a software job scheduler. And then the program would eventually run. And then the output of that program, whether it was a printout or a tape or a deck of punched cards or whatever, would be delivered to you. But around this time in the late 1960s, there was a lot of research around this concept of time sharing, which is building a computing system that allows multiple users to connect to it at the same time and interact with the computer in a simulated real time. So we think about every modern day Unix system that you use, we think about every modern day like Linux style, Unix style computing system that you use, these are all time sharing systems. So multiple users log in at the same time, you're typing commands, you're running programs and getting the output from those commands, from those programs, more or less in real time. So as part of that oversight that ARPA had over these different research projects, Bob Taylor had to have access to these computing systems. And in order to access these computing systems, he had to have terminals, physical dumb terminals installed in his office. And each one was individually wired directly into one of these computing systems. And he noticed two very important things about this arrangement. First, at each of these universities centered around this time sharing computer, there had grown up a community of engineers and mathematicians and computer scientists that were driving this research forward and sort of building this culture around this computing system. And if we could possibly find a way to network these computers together, these communities could be merged into one grand umbrella community that would help push this important research forward even more quickly. And the second thing that he noticed is that those terminals, first of all, took a lot of space in his office. And that when he wanted to switch from computer to computer, he physically had to move to another terminal, which was a giant pain in his neck. So if networking these computers together couldn't create some broader, stronger community of engineers and scientists, at the very least it could save him some space in his office and some annoyance. So I'll leave it up to you to decide whether this anecdote points to community being the great driver of innovation or annoyance being the great driver of innovation. I won't make a judgment. But Bob Taylor kicked off an effort to build a network that would allow these time sharing systems to talk to one another. So we take it for granted now. In the 1960s, computers were not considered communications devices. They mostly did math. There were some researchers that were experimenting with some interesting things like hypermedia and graphics and sound. But for the most part, computers were designed and built the idea of doing complex mathematics as quickly as possible, right? Getting them to talk to each other, therefore, was not a huge priority for the industry or even for computer scientists. If you think about it, in the world of the 1960s, things like packet switching were still theoretical, right? Getting two computers of the exact same make, running the same software to talk to each other was a monumental task. How could you possibly get two completely different computers to talk to one another? There were no hardware interfaces. There were no software protocols. ARPA reached out to the tech giants of the time, the IBMs and the AT&T's, and they refused to bid on the contract to work on this problem because it wasn't worth their time. There was a small company in the United States, Bolt, Bearmac, and Newman, now they're still in business. They're BBN technologies. They did bid on this contract, and they won the contract, and they built a machine called the IMP, the Interface Message Processor. These machines were essentially packet switching nodes. They are the predecessors of all modern-day internet routers. The very first of these machines was delivered to the University of California in Los Angeles in August of 1969, and a little less than a month later, a second one was delivered to the Stanford Research Institute. So this is the IMP, the one in the middle, obviously. On the left is Charlie Klein. He was a student of the famous Leonard Klein Rock at UCLA. And then on the right, Bill Duvall, who's working under Doug Engelbart, who I think we mostly remember is like the inventor of the mouse, but a pioneering researcher in the areas of hypermedia and hypertext. The modern web may not exist without Doug Engelbart's efforts on the right. He was working at SRI. And both of them, when their universities had received these IMPs from BBN, set out to connect them to their host computer. So in the case of UCLA, they had an SDS Sigma 7. SRI had a much more powerful cutting-edge SDS 940. So if you're a student of computing history, like I am, and especially the work that the Augmented Research Institute at SRI did in the 60s, this is the famous genie machine. So going back to October 29, 1969, it's about 10.30 at night. And these two programmers are about to execute one of the most important experiments in human history. They had built this primitive network to host machines behind IMPs connected over phone lines. And they had developed some software that would allow Klein, at his terminal in UCLA, to type commands into his terminal and have those terminals sent to the IMP over the phone line to the IMP at SRI, where they would be sent into genie. And then genie, of course, would respond back to its IMP over the phone lines, back to the IMP to the Sigma 7 at UCLA. So genie was, for its time, a very advanced computer. It supported lots of different commands. But before you could do anything meaningful with them, you had to log into the system. You had to type log in, L-O-G-I-N. So imagine this scene. You have these two programmers sitting in their respective computer rooms about 400 miles apart. And they're talking on the phone. And Klein types an L. And he says over the phone, I typed the L. Did you get the L? And while this was going on, the L was being sent to the IMP. And it's being sent over the phone line. So the other IMP into genie. And genie, because terminal echo is this old, prints back an L to the terminal to the IMP over the lines, Sigma 7 at UCLA. And Duvall says, yeah, I got the L. And Klein types an O. Did you get the O? Got the O. And Klein types a G. And Duvall says, wait a minute, the system crashed. I'll call you back. So genie was a very advanced computer. It was also a very helpful computer. And it was so smart that it knew when you typed L-O-G, there was no command you could possibly be typing other than log in. So it completed it for you. And the software that Klein and Duvall had written was not set up, was not designed with the idea of sending multiple characters over the line all at once. And it caused the system to crash. But anyway, they were able to get around autocorrect. Yes, programmers have been trying to work around autocorrect for that long. But they were able to patch the program. And a couple of hours later, they got the link working. So that night, October 29th rather, 1969, Charlie Klein did something pretty revolutionary. He logged into a computer hundreds of miles away and used that computer's resources in real time over a common interface. And he certainly wouldn't be the last. Millions more would follow. By the end of this year, by the end of 1969, this network doubled from two nodes to four nodes. By the 1980s, there were over 100 nodes connected to this network. And other agencies within the United States government were starting to adopt these technologies and started building ARPA-like networks out, using things like TCP-IP that was coming out of this research. The early 1990s brought about legislative efforts, first of all, to combine these networks and then to open them up to non-governmental authorities. So it was at this point at the end of the 80s, early 90s, where we started to see a network emerge that we would recognize more or less as the modern day internet, although greatly compressed. With this new legislation in the 1990s, access to the internet to just the general public and to commercial interests was opened up. The internet was not only going to be for academics and for the government. The last 50 years have been as much defined by this moment in history as by the fall of the Berlin Wall, by the eventual crumbling of the British Empire. This has changed everything about the way we live. We have been a part of this revolution that Bill DeVall and Charlie Klein and Doug Agilbart and Leonard Kleinrock and Bob Taylor and hundreds of others started. And today we are charged with carrying it forward. I mentioned that in the early 1990s, the internet was opened up to hobbyists and to corporations. I was one of those hobbyists. I was a very active BBS user in the early 1990s. So those of you who are not familiar with the BBS culture, BBSes were run on individual computers, personal computers, and often only allowed one person to connect to them at a time and you would dial in, you would connect. You would play games, you could download files. Some of these BBSes connected up into other networks like FidoNet, so you could send messages across the network to other people. It was like email, except it took days to get where it was going. And in the early 1990s, I would spend literally hours every day dialing into different BBSes. One of my favorites was an Amiga file sharing BBS. Now I never owned an Amiga, but this particular BBS had really cool games that reset pretty frequently. I was a teenager. But in 1993, the owner of that BBS had an interesting business idea and he set up a Skow Unix Wear server and got a least subscriber line, a fractional subscriber line, and started selling Shell accounts for $10 a month to anyone who wanted one. So Shell accounts were really great. You dialed in over a modem and you got connected but instead of seeing a menu like this, you got a terminal prompt, a bash prompt. You could use Usenet, FTP, IRC, right? You could use Gopher to search for information, Gopher and Wwise. This was how I first experienced the internet, late 1992, early 1993 at a bash prompt. Even then, we kind of had this sense that we were merely ahead of the curve. Something dramatic was happening. There was a shift coming. It was young and it was raw, but you could tell it was going to change everything. And I don't want to give you the idea that we were all prescient geniuses. I distinctly remember the first time I used, well, the first time I used the web was in links in this Shell account and I thought it was interesting, but there was no real way to search at the time. There was no Google yet. There were indexes, Yahoo was an early one, but they were often very incomplete. Websites had to be added to them manually. There was no way to crawl the internet to collect this information quite yet. But the first time I saw a graphical browser. So I was at a tech meetup, and one of the members of the meetup dragged their desktop computer to this meetup to show off this new feature that their ISP was offering slip accounts. It's a serial line internet protocol. It's a predecessor of PPP, which was what dial-up internet was for all those years. And using slip, you could connect, make it actually a wind-sock connection, and have a real internet connection without a shell. And I can remember very, very clearly sitting at this tech meetup while he started up Mosaic, the Mosaic browser, and loaded a picture of some flowers. And I remember watching that fairly low-res image of a bucket of orchids rendering almost line-by-line on the screen, and thinking, wow, this is pointless. I mean, I guess it's a cute toy? But who would use this for anything important? Turns out a lot of people would use that for some important stuff. Over the course of the 1990s, the internet grew at this stupefying pace, mostly because of the web. And companies started seeing the commercial potential that existed there. And we started seeing the first signs of how disruptive this technology was really gonna be. The internet had been prior to kind of its being open, like the home to this subculture of engineers and scientists and researchers and hackers who, despite their differences, held some core values around the idea of sharing, sharing knowledge, sharing code, sharing information freely. It was actually very easy for those of us in the BBS world to integrate into that community. We were probably much less academic-minded than the people who were on the internet before us, but we also had a very strong culture of sharing. Like, when you downloaded a file from a BBS, you were expected to upload one in return. If you had written a neat program that did something amusing or interesting or helpful, you were expected to share it so other people could use it or learn from it, right? But that is not the culture of corporations. And the first attempt at commercializing the internet was kind of a dismal failure. The institutions of the old economy poured billions of dollars into this young internet. And they saw it really as sort of like an untapped goldmine, like this source of wealth. And all you have to do is get on this internet and you're just gonna have this money flowing at you. And urged on by a lot of well-meaning dreamers and a lot of really nasty charlatans, they attempted to force the internet into a shape that was familiar to them. And the internet violently rejected that attempt. The internet was decentralized and anonymous. Users could avoid all accountability. In 1996 in the United States, there was a huge debate over changing copyright laws for this upcoming internet thing. Those laws have largely been ignored to this day. As the population increased, and in 1995, it was up to about 75 million users in the world by 2001, that number had increased to about half a billion. It's a pretty ridiculous amount of growth. But despite that growth, the profits just never appeared. In fact, what people were introduced to things like decentralized distribution for the first time, Napster and the sharing of music files was huge. Like most people had never encountered free things and they weren't free. Obviously there were all of this old economy, legal constraints around it, but this was free. And people were happy for free, they took free. From 2000 to 2002, the global stock market lost $5 trillion in value. The staggering amount of wealth that was destroyed. Most of the companies involved in this first tech boom failed dramatically. I worked for one of the ones that survived. For those of you who don't know me, my name is Samantha Canunas. I am a secretary of the PHP Framework Interoperability Group. Assuming the election goes my way tomorrow, I will continue to be one. I am a Principal Software Engineer at AOL. AOL was the king of dial-up internet in the late 1990s and early 2000s. I am a mom, most importantly. A lot of the things that I'm going to be yelling angrily about in this talk, stem from that part of my life. But I work at AOL, and I love working at AOL because AOL survived this by reinventing itself. So we were the king of dial-up media, of dial-up internet. AOL bought Time Warner, AOL bought Time Warner. This was a moment, wow, this internet company, this internet thing just bought up one of the old, old-economist, old-media-ist entities in the world. Everything was changing. No, nothing was changing. There was nothing wrong with the old economy. It was very, very healthy. And a couple of years after that, Time Warner spit out what was left of AOL. But AOL was kind of scrappy. I'm not gonna talk too much about AOL a little bit. We're a media company. We're a big media company. We reach, our properties reach about half a billion people every month. So we have a fairly large global reach. It's a cool company to work for. If you're interested in hearing about it, please find me. But I wanna talk about AOL and I wanna talk about some other media companies. And I wanna talk about media because I work in media. I'm a media person. And it's an industry that I understand really, really well. It's also one of the industries that's been most affected by this cultural shift that the internet had brought about. So they talked about decentralized distribution. Well, newspapers and television and radio rely very much on controlling the means of distribution. The internet broke that. Anyone can publish in the late 90s text, now video and audio very, very easily. Anybody can be a media producer. The companies that are managing to thrive in media understand the need to innovate. And they understand the need to contribute. Right? They realize that it's not enough to look back to the days of centralized distribution but to try to understand the internet and work with the internet to make a profit and to survive. It's easy to poke fun at a company like AOL for investing in virtual reality technology, right? It's kinda silly. But we can't predict the future. Immersive content may be a huge thing. It may be a giant success. It may be a tremendous flop. I don't know. Clearly I don't have a very good track record for predicting these kinds of things. But I see it as a good example of a company that's embracing experimentation. And there are some other companies that are active in this space, that are doing some incredible things. Vox has built themselves around data-driven tech forward tooling. They produce long-form content. They produce short, shareable videos. Netflix, which I think for us probably means more, well, I don't know. You probably all watch Netflix, I don't know. But it means a tremendous amount as a technology company. Like if you're in the ops world, the DevOps world, the Netflix blog is this rich source of information about how to build highly fault-tolerant, highly reliable, highly scalable distributed applications. Refinery29 represents this vanguard of this breed of digital new media companies that are very, very tech-focused and working to apply the kind of organizational agility that we've learned to appreciate in software engineering. To developing their market. So like, why is this all important? Well, I said that in 2001, we reached about half a billion internet users. The number is somewhere around 3.4 billion now. Staggering number. My grandfather was born in 1911, right? 1911, there were about 1.9 billion people on the planet. So this is just the number of people that have internet access now. Today, we're going through this debate about whether or not internet access is a human right. So we think about access to education, access to clean water, access to the internet. We're talking about these things as being on par with one another. AOL used to have this mission of becoming as vital a part of people's lives as the telephone and television. The internet has far surpassed those things. I haven't had a landline telephone in probably a decade. We have a television. We use it to stream Netflix. We can't even get over-the-air broadcasts on it. We don't have an antenna. The internet has become the way we communicate. It has become the medium of communication for this huge growing plurality of humankind. Like I said in the previous slide, to the point where the United Nations, like the body of, body politic of humanity is wondering if you can be a full and complete human citizen without access to it. But it's more than that. Think about the stone axe. Go really, really far back. Said I was going to talk about history. The stone axe is a tool, but it's part of us. It became an extension of the human hand and the human arm. It made us stronger. It made us better hunters. It made us better butchers. It made us more capable of feeding ourselves and our families. It changed who we are. Developing farming, the domestication of plants and animals, changed who we are. It let us settle. It let us divide our labor. Let us build complex societies. Let us start passing knowledge down between generations. It changed what it means to be a human being. For nearly all of our history, when a person died, their thoughts, their ideas, their memories died with them, but the written word changed that. The written word gave us a form of immortality. We can preserve our ideas. We can learn from the ideas that came before us. It lets each generation start with a leg up standing on the shoulders of the generation that came before it to use a cliche. So what is the internet? The internet and the devices that are connected to it are becoming an extension of our own neurology. So a couple of months ago, my fiance and I took a road trip with our two boys, four and six-year-old. And the older one has an old hand-me-down smartphone which in itself is kind of a ridiculous thing to think about, an old hand-me-down smartphone. And he doesn't have a data plan on that phone, obviously, because he's a little baby child. His phone only works on Wi-Fi. So as we're driving through the countryside, he would ask Google for pictures of what animal or insect he was obsessed with at the moment. He doesn't understand that his phone can't answer questions in the car. For him, the internet is not this thing that's bound up inside of wires and cables like it is for me. And I can say, I grew up with the internet. I've had internet access, I was about 15 years old, but it's still a thing that exists inside the computer or it's in my phone. For our boys, it's something that just around them, it surrounds them, it permeates their world. He's never known a world where he isn't connected to the sum of human knowledge, where he can't just have his questions answered for him, where he can't ask for pictures of crocodiles and get pictures of crocodiles. And I'm not bemoaning that. I don't think information should be locked away in a library. I think it's terrific. I can't imagine how different my life might have been if I had access to that much information from that age. I was one of those kids that just used to read all the time. I was buried in books constantly. My mother, it was a very poor kid, my mother had scraped up for years to buy me a set of encyclopedias, like one volume at a time. And I would read them from cover to cover until some of them covers came off. Our kids and our grandkids are growing up in a world where knowledge flows almost like tap water, right? And my heart swells when I think about that because they're gonna be able to do amazing things with that. And the smartphone is not just a device. It has become an embedded tool of cognition. It changes the way we think. It allows us to be upgraded, more powerful thinking machines. You think about like when I went to school, you know, when we were learning math, we learned about times tables and we learned mnemonics and things to remember things. They don't need these things anymore. The internet continues to grow at an obscene pace. Mapping it really defies geography. It's become fractal and alive. I love this image. That is a visual representation of what all of the connections on the internet look like. We've already outgrown a numbering system that had billions of addresses. We're now using a numbering system or trying to get people to use a numbering system that has 3.4 times 10 to the 38th power available addresses. That is a ridiculous number. There are more potential IPv6 addresses than there are stars in the observable universe. We work with technology that is so much more complex than we're really capable of understanding. There is no person alive who understands how every single component inside of a cell phone works from the hardware up to the software. It's more complex than our minds can handle. We're already starting to talk about a technological singularity, the point where we start building machines that are able to expand themselves exponentially. And this is not something we're talking about as an element of the far-off future, but something that may happen in our children's lifetimes or our grandchildren's lifetimes within a few generations. We in this room are building that future. In the end, we're the ones that will shape what that future looks like. And we're the ones who are close enough to the beast to see the warts. So we all know how bad we are at writing software. We know how much terrible code there is in the world. We have seen the broken authentication systems. We've seen the misguided attempts at cryptography. Ugh! We've seen the dirty hacks, the temporary workarounds that last for years and years and years. We know how badly it can go wrong. Who remembers the PlayStation Network breach a few years ago? OWASP, number nine, I think, failure to patch known vulnerabilities. They were down for 25 days. They lost $170 million. Because they didn't patch their servers. And that's not counting the PRMS. For the Mars climate orbiter, right? So I can make fun of the United States because I'm Puerto Rican and in Puerto Rico, we actually use the metric system, but the United States still uses a modified version of the old Imperial British measuring system. And the engineers, the software engineers who were responsible for writing the guidance software for the Mars climate orbiter, their spec told them to deliver output in terms of Newton seconds. They gave the output in terms of pound seconds. So this $300 million Mars climate orbiter that was meant to glide into Mars orbit and give us all this rich information about the Martian atmosphere, instead plummeted into the Martian atmosphere and burned up. $300 million device loss, plus you can't put a price on the scientific knowledge that we lost. And that's just losing money. The Therac 25 radiation machine in the 1980s was a new design that replaced the hardware safety interlock with a software safety interlock, but it turned out there was a buffer overflow. And that buffer overflow would cause the interlock to fail under certain circumstances. And under those certain circumstances, the operator would be very easily able to unintentionally overdose a patient. We know of at least three patients that died, at least three more that were injured. There's no way to know for sure how many were involved. And it only gets more depressing. In the early 1990s, during the Gulf War, a software rounding error in the guidance system for the Patriot missile system caused it to inaccurately track incoming missiles. So this is a missile defense system. It's missiles that you fire at missiles. And the guidance system had a rounding error that caused it to miss those missiles and one of those missiles hit a US Marine barrack, killed 28 marines, injured almost 100 more. We're not getting any better at this. We, software engineers, continue to release code that is riddled with bugs and vulnerabilities. At the last DEF CON in the United States a few months ago, researchers demonstrated an exploit that let them take over a smart thermostat and install ransomware on it. And it was kind of funny to say, you know, ha ha, pay us a Bitcoin or we won't let you control your own thermostat. But before we came to Singapore, we had a very bad heat wave in New York City. Last Sunday, the temperature hit 43 degrees, so centigrade was very, very high for anywhere in the United States. We have a lot of elderly, poor people that live in New York City and temperatures like that can be deadly. My mother was actually visiting us that weekend. My mother's in fairly good health, generally speaking, but she's an older lady. She was struggling and we have an air conditioned department. But if we look past the ransomware issue, we're increasingly comfortable with bringing devices like this into our home. These devices contain sensors. They are designed to collect information about us. Thermostats like this, and I guess I should disclaim it, was not a nest that was exploited at DEF CON. But devices like this are designed to learn our habits. They're designed to learn when we're at work, when we're at home, when we're sleeping. That is not information that you want strangers to have. And if that device is not designed to protect that information, it's putting you at risk. Last year, Mattel released an internet connected Barbie doll. The doll contains a Wi-Fi radio. It comes with a companion app for the iPhone. Both of these things were gigantic messes. The Wi-Fi device inside of the doll will connect to any SSID, any Wi-Fi network that has a certain name. It has no authentication. So you can very easily spoof that companion app, which means a person, any person within Wi-Fi range, can talk to your child through their doll, which is a horrifying thing to think about as a parent. The app itself leaked credentials. It's not the only toy. The VTech has a whole suite of internet connected education toys. OASP, I can't remember the number. SQL injection, vulnerability on their website, leaked six million accounts. These are accounts that include identifying, personally identifying information about children and their parents. Addresses, phone numbers, terrifying stuff. Getting past like abstract thoughts of security and safety. So I have diabetes, I monitor my blood sugar, and I have an internet connected blood sugar monitor. It's really, really cool. I can upload all of my blood sugar results. I can give them to my doctor. I can email them to my doctor. It's fantastic. Stuff like this is great for healthcare. And that's the reason that the health technology sector is growing so fast. But recently, researchers published a paper about how they were able to exploit experimental wireless health devices. An interesting quote from the paper was, the simulator had a pacemaker, so we could speed the heart rate up. We could slow it down. It had a defibrillator. We could shock the heart repeatedly. If we had the intent, we could definitely do harm to the patient. Later on in the research, they talk about how they were able to control infusion pumps. So you're a person, especially type one diabetics, often rely on an infusion pump to control their insulin. An overdose of insulin can be very immediately deadly. We're talking now about a device that we rely on to keep us alive, keep us healthy, potentially being used as a tool of assassination. Let's talk about the Jeep. The Jeep hack. I don't know if people heard about this. This is another vulnerability, instead of vulnerability researchers, that we're looking at the Wi-Fi network in the Jeep Cherokee's new entertainment system. It turns out that when the way that this works is it generates a random password the first time it's activated. But we're software engineers. We know that not all randoms are equal. Some randoms are not particularly secure. It based its random on the date and time when it was manufactured, which means that the password is guessable. Of course this gives you access to the entertainment system. So what can the attacker do? They can change the radio station. They can turn the volume up and down. I guess you could do that to cause some havoc. Like if somebody's driving down the road at 80 miles an hour and you turn the volume up to the maximum change it to a station where there's no signal so it's just loud static. That might be pretty dangerous. But you can also access the car's GPS navigation. That's not even exploiting anything. It's designed that way. So you can access where the car is, where it's going, and how fast it's going. But naturally the important systems in the car are protected, right? The entertainment system is not connected directly to something called the CAN, the CAN bus, so just how all of the internal components in this machine talk to each other. There's no better security than an air gap. But we know, cause we're software engineers, that not every air gap is perfect. The entertainment system doesn't talk directly to the CAN bus, but it does talk to a V850 microcontroller. The V850 microcontroller talks to the CAN bus. But it talks to it in a read-only mode, right? So you can read messages coming over the bus to get right to the bus. Unfortunately there's a software vulnerability in the firmware of the microcontroller. It allows for remote code execution and privilege escalation. So from the entertainment system we can connect to the microcontroller. We can now make that connection to the CAN bus a right connection. Which means we can send commands to the CAN bus. So what can we do with that access? Well, we can control the steering wheel. We can kill the engine while it's running. We can apply the brakes. We can disable the brakes. We can play with the windshield wipers. In a real attack this car can be turned into a remote controlled murder weapon. And it can be accessible over a Sprint 3G network. So you don't even have to be within Wi-Fi range of the car to do this. Thankfully it was a vulnerability researchers, good guys who figured this out. And were able to publish on this. But it's terrifying to think about how these devices that we trust implicitly can be used to harm us. It's not just errors that are dangerous. Our capacity to collect and manage data has absolutely kept pace with the internet. So I've been working on data projects for about 20 years. It used to be that data sets that were only about a few terabytes in size were very, very difficult to manage. We had, when I worked at Visa, early in my career we had data centers filled with like tape robots used to manage multi-terabyte data sets. Today we can do that with open source tools. We can do it in AWS. We can do it relatively cheaply. And we do it with data sets that are petabytes in size. The capacity that we have to do good with this is pretty immense. So I think I look at something like healthmap.org. This is a massive data mining project that looks at the way journalists are talking about or reporting on health issues. And it uses this to create a real-time epidemiological map of the Zika virus outbreak. Right? So there's no one feeding data into this. We're just monitoring how journalists are reporting on this outbreak and using that to kind of map geographically where this virus is. This thing is a triaxial accelerometer. It's a fascinating little device. About 15 years ago they were the size of a fat house cat, big. Now they're tiny. They're tiny enough to fit on your wrist. I wear this almost 24 hours a day. And it generates a stream of data. Basically on where the device is in 3D space, where it's moving, the direction that it's moving. On its own, that data is almost completely meaningless. But if you can develop an algorithm to analyze that data, you can figure out lots of information, like how many steps I take in a day, how many floors I climb. Connected to a GPS record, you can track my movements throughout the city. I can see when I bike across town how long it took me, how fast I was going, what my heart rate looked like. I can look at how many calories I burned. This is a vital tool today for managing your fitness. I can combine this, like I said, with an optical heart rate monitor. I can get a snapshot of my day, of my body throughout the day. I can share this information with my doctor. And together we can use this to improve my health. Like I said, I have diabetes, exercise is important. It's important for my doctor to see this kind of information, right? Who watched Star Trek? Right? This is science fiction. This is Dr. McCoy's bio bed, except it's on my wrist and it costs $199 from Amazon, next day shipping, free. But that leaves us asking a lot of questions. Do I own the data that this device generates? Does Fitbit own it? Right? Do I have any say over how they use it? How much control do I have over my health information if it lives in some cloud-based system? I use a cloud-based blood glucose monitor. Who owns that information? Right? Can I be sure that the companies are being responsible? Can I be sure that my data's being anonymized and protected and secured? Is it even possible to do a cost-benefit analysis from way the risks and the potential benefits of these things? And while we're thinking about that, what about the folks who are trying to do things at least somewhat responsibly? I don't, I'll let you decide if you think Apple fits into that mold or not. But then they have to contend with governments that are scared of strong encryption. That's good reason. I mean, it's very easy for us on one side of this debate. I don't want to say what side anyone's on, but I'm very much on the team strong encryption. But I understand the other side of the other standpoint. Strong encryption is scary for governments that are used to being able to get access to information perhaps through reasonable court procedures through the process of law. But once they go through that process of law, they get access to the information. Encryption can make that impossible. A little bit ago I mentioned the technological singularity. Right now, every single computer on the planet is nothing more than a complex set of abstractions on top of these logic gates. When we say we're running up against Moore's law, the approximate doubling of computational density every two years, it's because our ability to miniaturize these logic gates is now running up against the barrier of physics. We're having to devote almost as much space on a silicon wafer to correcting for probabilistic errors due to the quantum nature of the universe, which again, ridiculous to think about. But this is coming. It's still in the lab now, but practical quantum computers are probably no more than a few decades away. They're gonna be expensive, they're gonna be complex, but they'll be within the reach of governments and large corporations, and quantum computing completely changes the game when it comes to cryptography. Any cryptography algorithm that relies on factorizing numbers, or discrete logarithms, and the fact that these are very hard things for computers to do, is done. RSA, DSA, Deffie Hellman, they're done. There's quantum algorithms like Shores that just defeat them. Symmetric encryption models, data hashing functions, that stuff that we rely on, password hashing functions. They're not completely destroyed, but they definitely have the teeth knocked out of them. Some of the more common hashing algorithms lose that half of their address space when we try to brute force them with quantum algorithms, theoretically. So what do we do? My boss. What does this new revolution look like? I don't really know. The technology's gonna continue to grow. It's gonna get more powerful, more complex. Our ideas about privacy are already starting to change. I worry because sometimes I think that our kids have almost a concept of it. They'll share anything. The corporate components of the digital world can be partners, or they can be enemies. The future can be one of tighter control, or it can be one of greater sharing and collaboration. But I do know that we have seen the power that open source has to transform. And this is what I'm gonna leave you with. I remember what our industry looked like 20 years ago. Everything was built in-house. Every line of code was a closely guarded secret. But over time, we've started to make a real difference. We have pushed open source software into that corporate world. We've made the case for it. Made the case for broader networks of contributions. Made the case that makes platforms stronger, more secure, more eyes are better. We've mostly held true to the idea that what you use, you also support. We've fought to be allowed to commit back to those open source platforms. If you work in the corporate world, sometimes that's a big fight, but we're mostly winning it. And we've taught the corporate world that open source is far more than just code. It's a lifestyle, it's an ideology. It's supporting open source doesn't just mean supporting code. It means supporting standards bodies. It means supporting conferences and experimentation. It means supporting innovation. It means supporting bloggers. And it means supporting tech meetups. Honestly, I'm even starting to see banks get into this, to understand why that they need to become part of our community, understand our ways if they want access to our ability and our talent because they need our ability and our talent. The thing is, what we do is largely magic. Anyone can learn to write code, but to be a software engineer requires a commitment to lifelong learning. To facing tough problems and never backing down until you solve them. What we do is hard. We build software. Software continues to rule the world. And as software engineers, we see failure as an opportunity to learn. We see success as a way station on the way to greater success. So what do we do in this room right now? I assume that most of you are software engineers or you manage software engineers or support software engineers in some way. And you are an elite group among software engineers. Most of the people who work in our industry will never attend a conference like this, but you're different, you showed up. Showing up means a lot. You aren't content with what you know. You're driven by your curiosity. You're driven by your desire to get better, to learn. So take what you've learned here in the last couple of days about building better software, about protecting your user's data, about security and operations, about testing, code quality, and practice it until it's second nature. Find the hardest parts, the parts that you just can't grapple with and bash your head against them until you understand. Embrace the ethic of our open source heritage that do it, see it, teach it, ethic. Share what you learn with your colleagues and your coworkers. Find a mentor, find someone you can mentor. Share what you learn by blogging. Give a talk at a meetup, give a talk at a conference. Demand better code reviews, both for the code that you write and from yourself when you're reviewing code. Talk to your non-technical friends. Help them understand why this is important. Help them understand why privacy and security is vital. Help them understand how they can protect it, how they can protect themselves. Share what you learn with your family and your friends but also with your government. A lot has changed in the last 47 years. We're standing at a very pivotal moment in history. Charlie Klein and Bill Duvall connected the first two hosts on the internet. A lot of people have come in since then and done a lot more work and we're continuing that work. This digital revolution has really changed our lives. This new revolution that's coming may change our very understanding of existence. I think it's very easy to lionize the achievements of people like Bill Gates and Steve Jobs. But they're heroes of a world that is changing. It's changing so quickly we may not recognize it before too long. We're building a culture, an open source culture that is a culture of service. The heroes of our revolution are the people who share, who build up their colleagues and coworkers and friends tirelessly. People who work for hours and hours to prepare their talks for this conference. People who struggle through a problem and when they find the solution, they write about it on their blog. People who organize meetups, mailing lists, people who answer questions on Stack Overflow and an IRC. The heroes of our revolution are not going to be found in board rooms. They'll be found in auditoriums like this. Thank you. Thank you, Samantha. Okay.