 Daily Tech News show is made possible by its listeners, thanks to all of you, including Jeff Wilkes, Dr. X17, and Entropy UK. Coming up on DTNS, a new data spoofing scheme hits Apple and Metta, and maybe others. Instagram wants your DMs to be better. And which emerging technologies are Americans most afraid of? This is the Daily Tech News for Thursday, March 31, 2022. From Studio Redwood, I'm Sarah Lane. From Austin, Texas, I'm Justin Robert Young. I'm drawing the top tech stories from Cleveland. I'm Len Peralta. And on the show's producer, Roger Chang. Let's get into it with a few tech things you should know. Microsoft announced it will hold its Build 2022 conference as a virtual event from May 24 through May 26. Registration opens in late April, and the event will be free to attend. Intel intends to acquire the Israeli startup Granulet. Tech Crunchy sources say it's a $650 million deal. Granulet uses AI to optimize how high priority workflows travel across cloud and on-premise networks, claiming it improves response times by 40%, at least up to that. While big tech platforms often build their own such optimization tech for the cloud, Intel could offer this to smaller organizations. In other Intel news, the company announced its first ARC-A series discrete GPUs, which support DirectX 12 and include dedicated ray tracing hardware and full AV1 acceleration support. This launches with the entry-level ARC-3 series meant for ultra-portables, which offers twice the performance of integrated Z graphics. More powerful 5 and 7 series will be available in early summer. ARC GPUs also feature Intel's DeepLink technology to optimize power sharing with the CPU based on workload. The first laptop with an ARC GPU will be the Samsung Galaxy Book 2 Pro. Have you ever searched for a news story and found that the top link might be very good at SEO, but is linking to three other sources because they didn't write or report it? Well, Google's got a solution for it. Google is adding the new quote-unquote highly cited label in search, indicating links frequently used as sources by publications. Google hopes is that this highlights who wrote the thing first. The label will apply to news, interviews, announcements, and press releases. How tech meme of them. Dell introduced new UltraSARP monitors, including the new 30-inch UltraSARP U3023e. This offers 2560, rather by 1660 resolution in a 16 by 10 aspect ratio with multiple displays able to be daisy chained together over USB-C. It can also connect to two different PCs with an AutoKVM feature, letting you use just one keyboard and mouse between multiple devices with support for picture by picture and picture in picture to view content from both machines simultaneously. It is available now for $785. All right, Justin, let's talk about the latest in really bad security news. Indeed, the security firm Bitdefender published a post outlining vulnerabilities in IoT cameras from the company Ys that is Ys with a Y in it. That would allow for a remote user to access content from the camera's SD card without authentication. Now, that obviously sounds and is bad, but security issues happen, and we do cover them regularly here. This is how the bug works. Remote users can access the contents of an SD card in the camera using the web server listing on port 80 without requiring authentication. If an SD card is in the Ys cam, a sim link to it is automatically created in the WWW directory, which is served by the web server but has no access restrictions. This SD card can include video images and audio recordings, but could also include other personal info. Now, here's the rub. Bitdefender notified Ys of three flaws in this chain on March 2019. Oh, how young we were. Ys patched them on September 2019, November 2020, and the latest in January of this year. However, the Ys cam v1, which was originally released in August of 2017, reached its end of life in 2020 and the company didn't patch the discontinued product. Bitdefender advises that users stop using the v1 hardware. So the question is, what happened? I mean, the fact that, okay, so just to kind of break this down a little bit. So Ys is, you know, v1 hardware devices, they're old, long in the tooth, companies made newer versions, those have been patched. Fine. This happens all the time, but five years, five years old, ancient and old made in the world. A relic, if you will, something that may be an archaeological find. But turns out, plenty of people are still using these devices and did not realize that this sort of thing was possible. And the fact that Ys knew about this and just was like, oh well, old hardware. I mean, this is a huge security problem. I mean, it's sort of your worst nightmare for people who say, security cameras, but what could they do with that information that would be nefarious and would make me think twice about getting one of these? This is that. This is exactly that. As Roger figures out his mic, I will say that this is something that while I understand it as a tech decision from Ys's point of view that, look, this is end of life. And so we are going to get to that level. And then that means that we don't update it anymore. You have to understand your business. And this is something that's going to come up later in the show. But their business is having people be able to look at their children, right? Is safeguarding the thing that the most expensive item that they will ever buy in their entire life, their home. This comes with a level of responsibility beyond just the regular tech element of, well, it's on the schedule, so we're no longer patching it. I think that they're going to get to a situation where they have to have some kind of reckoning. I own four Ys cameras, one's underneath my house, and the other three face outwards towards the street. I will say this. I have the version two of this camera. So oddly enough, this past Sunday, I had to update the firmware, which is, and this is what's so puzzling, Ys is so good through the app of nagging you to update constantly. It literally seems every month I'm pushing out a new firmware update to one of the cameras. Honestly, I don't think pushing out a firmware is going to do it. I think they're just going to have to do, well, if version one does not accept any of the new firmware, we're just going to swap cameras. You send in your old camera, and we will give you a version two of the same camera, and then you can update and you'll have all the same features. And I think it's important because at this stage, I think they've burnt enough of a bridge or bridges that this is the only way I think they would be able to gain customer trust back by going on the limb and saying, hey, you know what, we're going to eat this cost, but we will swap your old version of this camera with the new version, no cost to you, and you can be safe and assured that it will be fully updated when the patches come out. But also, there's no guarantee that they would do that. If the cost differential, if they're not willing to write and push a firmware update, then the likes that they're going to do a swap. While I do agree, it would engender goodwill from people. What Wise wants to do is compete on price. And yes, this is going to be something that's ugly, but they're not here to necessarily be the top of the line. What they want to be is the affordable thing. So like you, Roger, you can, in your mind, justify buying four of them. I can. And you know what? They could give you a $30 coupon. So great. You can buy one for 10 bucks. You know what I mean? When your business is based on reasonable amount of security, and you don't have that as a feature anymore, I don't think your business case is as compelling, even if you do compete on price. I agree. Oh, yeah. I know it's totally dead in the water, really. And I think the kind of IoT product category as a whole suffers a lot from this. It's not just like, Oh yeah, I see what we did here with Wise. It's like, this is supposed to be, I mean, sure, like you said, Roger, your cameras are facing towards the street. It's not necessarily getting that much personal information about you, but people use cameras like this in all sorts of ways. And so many other people don't even want a smart speaker in their home because they don't feel comfortable with what's going on. One last thing on this, but I do want to also underline the fact that these things do happen. It's not like we're in a world where IoT devices have not been exploited before. While I think that there's a reputational harm, the only real reason that it would affect Wise is if all of a sudden they start getting one-star reviews on Amazon when somebody's looking for a smart camera, and they, a very cost-effective option, are looked at as unsafe in that process. As for an online reputation, you know, again, I think they're there to get, you know, a certain kind of customer. And real quick, I will add that the SD card is optional. Like you can take it out. The camera will still function. You just need to pay for the service. So the SD card's there if you don't want to pay for the, because there's a basic service that's free and it can record to the SD card if you don't want to pay for the full two weeks of backup recording, but just keep that in mind. Well, Bloomberg sources say that Apple, Meta, and possibly Snap all provided customer data in mid-2021, including addresses, phone numbers, IP addresses, and sensitive information of the like two hackers that were masquerading as law enforcement agencies. You might say, what? How does that work? Ordinarily, law enforcement needs to submit a court ordered warrant or subpoena to obtain this kind of information from a company like Apple, Meta, or Snap. But in cases of imminent harm, authorities can submit what's called an emergency data request without prior court approval. Security researcher Brian Krebs reports, it would be extremely difficult for platforms to determine if these requests are indeed legitimate if a threat actor obtains access to a law enforcement email account. Bloomberg also reports that cybersecurity researchers think some of the hackers sending the forged requests are minors located in both the UK and US, one of which is also thought to be a juvenile behind the cyber crime group Lapsis behind the Microsoft, Samsung, and NVIDIA hacks that we've talked about recently. City of London Police recently arrested seven people in connection with that investigation into the Lapsis hacking group. That case is ongoing. Whether or not this indeed is the same group or group of individuals. Yeah, I was trying to think about this today like, okay, so if somebody poses as a law enforcement, from a law enforcement agency saying, we need this information, there's imminent harm happening, and the company goes, okay, you're allowed to do that. We bypass certain otherwise proper channels in order to keep everybody safe. I mean, what's a company to do? Justin, what do you think? I don't know. And not knowing the full amount of resources that these companies which have more money than they know what to do with is something that we can all speculate on, but we can understand that it is authority problem. That being said, specifically, META and possibly SNAP, they are advertising companies. That's how they make their money. META specifically is an advertising company that is reliant on data. If you are giving that away, even if it's by way of a crafty loophole, you are endangering your core, core business. So that being said, there is culpability also on the law enforcement side, because if they are using a law enforcement email address, and that is partly how they were able to create these very effective forgeries, then I also think that there is culpability there. It is not just on these tech companies. Yeah, I feel like the solution is like, well, if an email account can be accessed, so I as a threat actor am now pretending that I'm a police officer and I need information from SNAP, let's say, and that's not legit. It's sort of like, okay, if you need to submit an emergency data request, what's a better option that we have? Is there a secure phone line? That doesn't sound very secure either. I don't know what happens besides me showing up maybe at SNAP's headquarters and saying, hi, I'm a police officer, and then they can determine whether or not I really am. But yeah, we definitely have to figure this one out. It seems like a loophole that if it hasn't been figured out yet, there could be a lot of other information that gets out before it does. I don't think that this is a massive zero day exploit in the way that anybody can do it. It's very, very simple to do. You do apparently have to have access to a law enforcement email address, right? And that is something where you are coming at a considerable risk attempting to impersonate a law enforcement officer at the beginning, let alone what you do from it. Like that ability gives you the tool to do a lot of things up to and including exploit these tech companies. Hey, speaking of social media companies, Instagram is rolling out new messaging features, including letting users share music previews in DMs, send a message silently by adding at silent to the message, see who's online to chat with, and the ability to reply to messages while you browse your feed. Instagram said these features will improve how users connect and share with friends. Instagram also recently launched a new chronological feed option so users can see posts ranked without algorithms. You know, none of this strikes me as anything that's going to radically change my Instagram experience. The chronological feed, I appreciate just having an option, even though it's not on by default, but that was a welcome addition or rollback, I guess, to some users. But there are other things that are slightly lost on me because, yeah, I DM people and they DM me using Instagram's platform here and there. I mean, I have two accounts. Well, I have account and my dog has an account. I obviously don't run his account. He runs his own account, but there are DMs that go back and forth, but it is just not a primary way that I talk to people. I even had to look up, like, silent message. What is that? And it's, yeah, it's sort of a do not disturb that you would use in lots of other text messaging apps. I just don't use Instagram that way, but apparently I know people do that these are welcome additions. I think that there is an entire generation of users that rely on Instagram and Snapchat specifically to communicate in a way that my generation relied on AIM, for example. This is an entire, you know, the ability to advance this product is something that is very important for their core business. At least in terms of keeping their demo younger. Sure. Well, and Instagram has Instagram is still, I don't know. I mean, I was about to say Instagram is still the king of social, but I don't even know if that's really true. Depends on who you are and how old you are and where you hang out in the world. But I think Instagram is experiencing more of its market share being chipped away at the TikToks. And of course, Snapchat's always been a pretty obvious competitor to Instagram. But adding a lot of these features in order to keep people, yes, using the service, as you're describing it, Justin, as this is where I talk to people. Whether or not we're sharing photos or not, this is how we're communicating. Yeah. If it's where your friends are, then that's where you are. Yeah. Well, if you're feeling social, maybe you hang out on Instagram. We've got good news. You can get a touch with the DTNS audience on the socials, DTNS show on Twitter and on Instagram, DTNS pics. That's PIX. And Gadget posted a story this morning about the levels of trust that Americans have in six emerging technologies in the field of robotics and AI machine learning. The data is from recently published results from Pew Research that was conducted in November of 2021. The survey asked a pretty large number of people, 10,260 adult Americans, what their opinions are on six technologies. So driverless vehicles, the use of AI and machine learning by social media platforms to find false information. Facial recognition by police. Gene editing to reduce a baby's chance of serious disease. Computership implants in the brain to let people process info more accurately and quickly. And finally, the use of robotic exoskeletons for manual labor. The broad demographic trends that the Pew Research team found were that college-educated white male millennials and Gen Xers comfortable with technology were most willing to ride a driverless taxi or have a brain-computer interface implanted. Conversely, women, baby boomers, and folks who considered themselves less well-versed in technology were less willing to use this technology. The team also noticed a correlation between a person's religious and political affiliation and also level of education and their acceptance of a particular technology. Any of this jump out to you, Justin, Roger, as particularly odd? I looked through the numbers and most of this tracks to me, but it's always a good reminder to remember who you are and where you're from and what you do for a living and how much technology affects your life is going to greatly impact how these technology companies can proliferate going forward. Well, yeah. I mean, I think as technically a college-educated millennial who surrounds himself with many Gen Xers, I think that that tracks because everybody that I know is really excited about these kinds of things and is more willing to be an early adopter. There is a lot going on here. There is a lot at play, specifically when you talk about things that for driverless cars and AI, beyond, I mean, we can say emerging technologies, but there really is a line in the sand in the replacement of human ability, the mind of a human, the physical ability of a human. That is something that is a line yet to cross in terms of its ubiquity and it will be something that will take a while for many people to trust and some won't do it at all. I am not at all shocked, specifically at the religious correlations, especially when we were talking about more invasive elements like a brain enhancement, for example. What I notice is, for example, with the driverless cars, a lot of that segmentation was more age-based, generational. There was less of a difference on the kind of religious political in the same way that you would have with AI machine learning filtering out false information on the social media platform. I think what it does indicate is that there is a very complex intersection of demographics, whether it is age, political affiliation, racial educational background, that all kind of determine how people view this technology. What was most telling is that with the facial recognition, while 46 percent of the respondents thought a facial recognition would be for the police, would be a good way to implement the technology, it was those at the age of 50 and those with high school diploma or less education who thought that way in plurality. People who knew more about the technology were a little more hesitant to indicate that it would be a positive benefit. There's a lot of things here, but it stands to reason, the more you know about something, the less you're afraid of it. I think some of this, like the police recognition stuff, taps into other elements. Whether or not you are trusting of the technology, your opinion on the police factors into whether or not you believe that this tool, or any tool, should be at their disposal. I think we talk about this so much is, okay, AI starts with humans, then it kind of does its own thing, and then humans can come and intervene and make it better. We've talked about biases that are built into these sorts of systems, and I think many people who are very familiar with these complications don't necessarily think that they're doomed, it's just that you've got to be really careful. Then you certainly get a group of folks going like, robot's taking jobs, good, what's happening here? The more you know is more or less always better, but because of the more some folks know and what they're bringing to the table, the more that they don't want the technology that they actually understand the best. And I think both of you hit the nail on the head, like when it comes to social media platforms using AI, automating the moderation process, there's a visceral divide that you can see, at least in the peer research, about how people think like, well, it's great that you have something to automate, but who gets to write the algorithm, who gets to decide how do you filter this? And it goes back to what Justin was saying, do you trust the people making those decisions who are developing those tools, or don't you? And that will interpret or affect your interpretation of whether or not it's good or bad. I think that specifically is also something that we are currently in a political fight about. The idea of what is censored, what is elevated is something that is a very prescient thing in a lot of people's minds in a way that driverless cars are. Hey, there's this new Android app, Sarah. Oh, tell me more. Yeah, us big Android people. So I figured we should know. Camelion developed through the European Space Agency's Navigation, Innovation, and Support Program. And with the support of the agency's GNSS Science Support Center, you can turn your smartphone into a way to crowd source science. What you do is you put the app by your window at night with your sat nav positioning turned on, provided your phone has a sat nav receiver. Your phone then records little variations in satellite signals pulling data for machine learning analysis of meteorology and space weather patterns. Those participating can also win prizes like new phones and Amazon vouchers. Now, this is a four month citizen science campaign. It runs till the end of July. So get on it now. Yeah, I wish I could participate. This would be easy for me. I mean, depending on, I don't know, maybe your bedroom doesn't have a window or something. But you could you could a lot of folks could could make this work and participate and I don't know, feed the hive mind of science of the sky. I suppose that leaving it by the window is just kind of code for have it be in a place where you are getting enough of a signal that that the data is worthwhile. So you put it on your roof too, if you really want to. Yeah, exactly. Yeah, raccoons can steal it. Yeah. Yeah. I don't know. I love stuff like this. It kind of reminds me of steady at home. Something where it's not going to really impact you all that much, but it can greatly impact the data of science, particularly as it relates to satellites and weather. And I mean, I think we can all agree that the more we know about that, the better. Agreed. All right. In the mailbag, we've got a mail from M. We'll just call you M. M says, I'm a returning listener from a number of years ago and I found your show again. Well, thank you. I'm glad to have you back. M says, this has coincided with my new role as the head of an IT department for an NHS trust in the UK. My first show was episode 4235. So that was just over a week ago. I was particularly interested in the segment about replacing passwords. Well, not exactly the same. We're implementing an NFC solution for NHS staff along with their ID badge to help speed up their ward rounds by logging on with NFC dot rather than a username and password. This coupled with a Citrix account allows their desktop session to follow them to any desktop or laptop setup with the solution, thereby continuing exactly in the same place in a document or a patient note or an email, et cetera, and not having to restart every application each time of the login. I'm now listening in daily whilst I'm on, I'm driving to the hospital or taking my dog out for our morning walk. Well, first of all, I'm so glad to have you. Great to have you back after perhaps some time away. Congratulations on the new job. And yeah, I think what you have described as implementation where you work makes a lot of sense, especially in that field where you are doing a lot of moving around and opening things on different machines. That is a great, very ingenious idea. Indeed. Well, Len Peralta has been behind the scenes drawing like mad as he does each week. Len, let's check in with you. What do you got for us today? Well, I took on distrust in technology. I can understand that, but I am also a Generation Xer, so I am an adopter of this stuff. So this is the piece that I came up with. It's called Tech Me Up, and this is the flip side of what this looks like. I think this would be a Gen X person or millennial who really loves brain implants, facial recognition, exoskeletons, and driverless cars. Yeah, I say, Tech Me Up, baby, I'm ready to go. It's sort of like if Mean Girls was made in the future. This would be a little clip from the movie. Yeah, for sure. I say I'm all for it. Just put those implants right into my brain. Let's do it. This image is available at my patreon, patreon.com forward slash Len. You can get it if you're a subscriber, or you can just go the old-fashioned route. Go to lennproaltestore.com and go ahead and purchase it the old-fashioned way. Thank you so much, everybody. Well, thank you, as always. Good stuff. You're a talented individual, Len Peralta. Also, talented is Justin Robert Young. We're always privileged to have you join us. Let folks know what is new with you. Well, the second season of World's Greatest Con has all but ended. We have a Q&A episode still to come. But if you want to binge this narrative series, now is the time. Just go ahead and find World's Greatest Con wherever you get your podcast. And I know this show did not have any Tom Merritt. However, if you are hungering for more Merritt, then you can head on over to the Politics Politics Politics Patreon page where I produced audio book style with an intro and an outro. Tom's College Essay, read by the author about the fate of Crimea. So if you've been following a lot of what's happening in Ukraine with Russia, and you want a little bit of context as written by Tom Merritt and read by the author, head on over to takepoliticsseriously.com. Well, we've got two new bosses to thank today. Boy, are we excited about you, Austin and Tamara. They both just started backing us on Patreon. Thank you, Austin. Thank you, Tamara. Stand innovation. Reminder to folks, there is a longer version of the show called Good Day Internet. It's a lot of fun. It's available at patreon.com. We just sort of, you know, we roll right in. You get twice the show. Speaking of DTNS, though, we are live Monday through Friday on this show at 4 p.m. Eastern at 2,800 UTC and you can find out more at dailytechnoshow.com slash live. We are back tomorrow with Rob Dunwood joining us. Talk to you soon. This show is part of the Frogpants Network. Get more at frogpants.com.