 For you to kind of glue that together about trust. Yeah, either about trust or convenience. Mm-hmm I mean Hansel and Gretel comes to mind. Okay. That's that's when I hadn't considered. I was looking at some of the grim fairy tales the other night and One of them was this this one of a cat and a mouse that were friends And they were hanging out they were living together that I think they were like just roomies or something They're trying to save on rent because it's by the Bay Area. They're just yeah, there's roommates. Yeah Well, but it was like getting winter time and so they're like oh winter's gonna come and you know We don't want to starve. So let's let's hide some fat So they they jarred some fat and they they hit it in the church as you do because they're like, well No one's gonna mess with it. We just church house. Okay. Yeah. Yeah, it's a church cat and mouse and So they hid this and what would have ended up happening and was the cat kept on sneaking off to the jar and sneaking some of the fat the notes to the mouse and it was really unfortunate because here came winter and and The mouse goes oh man. I'm so hungry and the cats all like oh well Let's go get some of the fat and so they all they they both go down to the jar and lo and behold jar is empty cat eats the mouse Yeah Had a backup plan I can steal this fat because guess what mouse Yeah, although I don't know what happens next winter, you know That's when the cat made friends with the cricket and the ant from e-sups fables. Oh, there you go And then ate them both. Mm-hmm. Do you think he like rings them up? There's like a fable directory Yeah. Yeah. Hey guys. I hear you're like figured out some things about preparing for winter I learned some lessons last winter myself, right love to love to swap ideas. Mmm. And then the fox is calling up being like hey, so Yeah, there were these pigs, but they're all in this brick house now. I need a place to crash I heard that you like roommates It says here on your referrals that you lived with a mouse, but I had a hard time getting in contact Yeah Hmm Hmm, I mean you've got excellent credit. So we'll give it to you. But yeah, you're like a you're like scores amazing Hmm. I don't know how you were able to save up so much fat to pay back those debts All right, let's get going. It lens said he'll just pop in. Oh Let's do a podcast he gets. Yeah Here we in a world where technology Changes faster than the human race can adapt There's only one place to turn The Daily Tech news show with Tom Merritt and guests But they need your help Go to Daily Tech news show comm to find out how This is the Daily Tech news for Friday March 4th 2016 I'm Tom Merritt if you're not watching House of Cards. This is the Daily Tech news show. Hello, Darren kitchen. How are you today? I Am epic and so is Nick serve because he just told me that we're friends. So there you go Yeah, so so I'm here way back. I hope the Len pops in with Chan serve and then we're all gonna have a party Yeah, Len Peralta is illustrating the show today, but he had a little computer trouble. So he's rebooting He should be popping in here at any moment He'll let you know when he's in here But we he will be illustrating the show Len Peralta store.com to see his great works folks Go check them out buy yourself some prints. They're not that much game by digital ones back. I'm on patreon all that kind of stuff But speaking of epic Darren from hack 5.org Our first headline is a is pretty epic Shall we yes, we shall That was Sweeney of you Epic games co-founder Tim Sweeney is what that means wrote an editorial in the Guardian criticizing Games written for Universal Windows platform saying because they must be sold through the Windows Store that gives Microsoft a cut 30% cut and Yeah, there is a setting that allows side loading, but it's buried Most people won't bother to turn it on Sweeney claims that some new Windows features are available Exclusively on the wind Universal Windows platform and he fears that that will only get worse trying to force developers into the Microsoft Ecosystem at the same time UWP does not yet support things like SLI or crossfire Making developers choose Compromises Kevin Gallo VP of Windows told the Guardian the Universal Windows platform is a fully open ecosystem available to every developer That can be supported by any store Oh Finally man, we were in a slump there You know at the the Microsoft since bomber left has just been like very confusing and there's like cross platform stuff going on I say if this is 2003 Everyone just doesn't believe Gallo They're just like for yeah, what of course it's gonna be open But there is a there is like Phil Spencer saying we plan to improve Gallo saying no the other stories can use this So maybe there's a chance Darren that Microsoft comes out With some details that show that hey, no you can you can publish on the Windows platform and still publish in Steam And we made it easy. We just didn't give you the details before It's at least conceivable, right? It's happened before with Vista when they tried to you know take over gaming Oh, yeah, you know Right, and you know, here's the thing. It's not even just like Microsoft trying to do this It's it's everyone wants to be a platform. Yeah, I mean look, it's you know You've got steam certain steam games aren't available if they're from EA you have to get origin, right? So everyone wants to be a platform. It makes sense. It's just I'm just heart-warmed Because this is the anti-competitive Microsoft that I know and love that you've come to you've come to love over the 90s And early 2000s. Yeah, I have a feeling there's some more shoes to drop here Phil Spencer very famously has been very user centric and also very developer friendly There is a tension to be served here, which is the Windows store If it's going to compete with Android and iOS Needs to lock people in that's what and Sweeney even brings that up He's like that's the problem with Android is that even though it's supposedly open Google locks you in You have to develop it for Android Microsoft coming out with these platforms that they're saying look you can develop You know, they just bought Xamarin you can develop on this platform and publish everywhere They've been putting their software on non Microsoft devices It wouldn't be fitting with their recent performance for them to lock you into the Windows store when they're really trying to pitch themselves As the solution to make things easy for you Right and isn't that the whole idea of the PC anyway is that as opposed to the proprietary nature of consoles that it is an open platform So Yeah, that's kind of hindering the whole I my take on this is Sweeney is asking Exactly the right questions bringing up exactly the right criticisms and it's now in Spencer's court Or in Microsoft's court to answer that and go like, okay How are you how are you gonna make this work because I love the idea of the universal Windows platform where I can buy a Game on Xbox play it on Windows and vice versa. That doesn't mean I want to be locked out of other stores I still want to be able to buy stuff on steam I still want developers to make it easy and that's Microsoft's advantages They could say hey right at once it'll go to the windows store and steam and everywhere else like that's the message I want to hear we'll see Let's not also forget that when I say like the PC is an open platform Windows is just one of those components of it and we see awesome stuff happening in gaming like vulcan being supported on Linux So there you go Oculus founder Palmer lucky has been making his own public comments about platforms Regarding why Oculus is deferring support for Linux and particularly OS 10 he told Shaq news if they meaning Apple ever release a good computer We will do it ouch and then added if they prioritize higher-end GPUs like they used to for a while back in the day We'd love to support Mac Basically pulling no punches and saying you you're putting mobile GPUs in your laptops and that's not gonna be good enough for an Oculus thanks to cold spring for posting this on the subreddit the rift is launching only on windows development kits had supported OS 10 and Linux, but only got a launch on windows see all you have to do Tom is put a GTX 980 PCI card in your Mac book or your iMac you can do that right oh Well, you might need to solder Hmm, but maybe there's a way. I'm not gonna say there isn't a way Yeah, I'm sure you could in a Mac Pro, but still yeah, it's got very good points and Looks like Len Peralta has has jumped in and is is drawing away So so good for Len we will get to him at the end of the show. Thank you for joining us Len I don't know if he can hear us though. He may still be have he's all tk421 Yeah, why he but he is at his post good ours technical reports that France's National Assembly passed an amendment yesterday that would penalize companies that do not Provide access to encrypted data during terrorism investigations Get back to that in a second Penalties for not doing this include fines up to 350,000 euros and up to five years in jail The amendment is part of a bill to combat terrorism and organized crime So they passed the amendment being added to the bill, but the bill itself has not been passed National Assembly will vote on that bill March 8th, and then it would move on to the Senate So there's a lot of debate to be had about this But they're trying to get it in under these other protections that they want to pass and essentially this would say Any company that makes an encrypted product has to keep the key. You can't let the user have the key and nobody else Yeah, okay, so Real quick how I feel Governments of the world France included our attack vectors on secure systems and that any entity What wanting to develop such a secure system needs to factor that in and build it in such a way that compliance is impossible period Well, but then the company that that allowed that encryption on their product if they were in France would have to pay 350,000 euros and spend five years in jail or they might have to just leave France and France might have to say oh You know, we don't allow perfect encryption systems So we'll just ban those importing to our country and then France will be stuck in 2015 for the rest of their lives And that's okay Well, it's not okay if you live in France. I wouldn't think well, we'll hear from Patrick He's and he doesn't even live in France. No Encryption stuff now and I'm joking. Yeah. Yeah, the San Bernardino district attorney filed an application for an amicus brief So you'll see it reported that they filed an amicus brief They actually filed the application to file an amicus brief in the Apple case Stating that the iPhone 5c that Apple has been asked to help break into may have been used quote To introduce a lying dormant cyber pathogen that endangers San Bernardino's infrastructure That's one of the things they're looking could be on there. They don't get in the phone They might not know Security researcher Jonathan Jarski told ours Technica quote the world has never seen what he is describing coming from an iPhone Thanks to carry out of for posting this on the subreddit. I mean, I I'm new to this So maybe I just missed it, but I have never heard of a cyber pathogen before no no cyber pathogens are Something that only DA district attorneys are able to come up with when they're up late at night watching bad 1990s era cyberpunk the movies got something. I mean, there may be that there may be the plans for an Intergalactic highway that will go through earth I mean IRC can probably tell us all sorts of things that might be on the phone as well But this is classic for this is fear. This is uncertainty This is doubt and it's being used to to sway the opinion and to make claims of some sort of cyber bomb And it seems like a tactic that almost like someone trying to use fear would use some something like a like what do we call those? Like terrorists like I think that's what terrorists usually try to terrorize someone into do. Yeah It's interesting Well, this is just a filing for an amicus brief not an actual amicus brief nor an actual filing from one of the plaintiffs or defendants in the case But Jonathan Jarski did say there also might be a unicorn on that phone That I was like, well, wait a minute now. Maybe we should get into you know who else Put their name on an amicus brief recently was Amazon And I hear that things are changing up with them and they fire OS Yes, we did I did I skip past that or something? Yeah, it's okay Yeah, thanks for catching that My scrolling has been off lately Amazon told TechCrunch quote in the fall when we released fire OS 5 We removed some enterprise features that we found customers weren't using All fire tablets communication with Amazon's cloud meet our high standards for privacy and security including appropriate use of encryption Thanks to Captain Kipper for posting this on the subreddit this in response to the Mainstream discovery that fire OS 5 said hey, we're removing encryption So you can either not upgrade to fire OS 5 or you can not have your device be encrypted. It's a stupid thing I got to get a new one Hey, Len Sorry, actually that actually is a lot of people's reaction when Amazon said that they were removing encryption from fire OS 5 It is a thing. I got to get a new one. It's stupid You're right and this coming from Amazon who put their name on an amicus brief and supportive Apple in this FBI thing So I'm the one hand is like how do you do that? But then remove encryption from fire OS because I'm not buying the whole concept of oh, but you know It's an entertainment device. It doesn't need security You know a lot of people we heard from people DTNS heard from people by email who use their Amazon tablets in enterprise situations So I have a feeling that this is not I think it's easy to the knee-jerk reaction is the NSA made him do it or Amazon is turning against the users One of those situations actually make any sense especially because they filed that amicus brief I have a feeling that this is just a poor decision on Amazon's part To improve performance on fire OS because they couldn't tweak more performance out of it And they probably legitimately said not that many people are using the encryption if we got rid of it The performance numbers would go up. Yeah, don't get me wrong I mean I I do I would say consumer electronics the hacker electronics And I know all about prioritizing features and things of that nature But to but security never goes to the bottom just because few people are using it Yeah, I'm not saying it was a wise decision. I don't think it was a malicious decision It was an incompetent decision at best, right? So what I'm thinking is you know how you can walk into a grocery store And you can see the USDA organic logo on something you're like, oh, okay, you know, you know what you're gonna get I'm not in favor of lots of regulatory bodies or anything of that nature But wouldn't it just be nicer you're shopping through the stores and there's just like a nice little badge on the On the fire slates that said inherently insecure. Yeah does not support privacy Unless you're talking to the Amazon cloud in which I do believe that they do encrypt that connection Which is like that's that response was even more hilarious like oh well when you're sending things to the internet It'll be it'll be Private we just don't believe in protecting your privacy on the device Totally and credit where credit is due, you know, but the difference between like for instance the new Echoes Versus the fire OS is like one hasn't had Encryption where else the other one has and it's now removed. Well the echo has encryption actually Well, okay, we'll learn something new every day. That's fantastic. Yeah, I know like and that which also makes this whole situation We'll remove that next like of the echo probably if you had to say between the two needs encryption less than the other one But it has it. Yeah, which is great because you can say okay, Alexa shop to 56 e EF five to zero for D. No, no, no, you're probably setting up somebody's exact Amazon echo right now Never mind it happens a lot Finally Sony announced a new research and development group Thursday called future lab program promising to share concept prototypes which users Will see while still in the development stage Although they got off to a weird start by showing a really vague video that doesn't tell you much For a project that is being touted to be transparent The first project is going to be called and promises to deliver audio without having to insert an object in your ear And in the video a woman wears a device around her neck So maybe it's some kind of bone induction I don't know Sony says it will show up the end and a few other prototypes at South by Southwest Interactive in Austin next week Oh, man I for one hope so desperately that in the future devices like headphones or VR headsets that we have today that go over your eyes and ears look as ridiculous as I don't know what VR headsets did in the 90s and Just I guess I guess if this worked I could wear it under my shirt Maybe I don't know. I'm just I also think it's really awesome to just see R&D labs opening instead of closing Yeah, and I think the idea is at South by is when they'll actually be opening this was a little bit of a teaser but it's kind of funny when you're being transparent to then also be vague about what You're about to be transparent about mm-hmm Reuters reports Facebook said quote from the start of April UK sales made directly by our UK team will be booked in the UK Not Ireland the move comes in response to changes to tax law in the UK regarding profits shifted offshore Facebook did not clarify if that meant that before now Sales booked by UK staff to UK clients went through Ireland because that would break UK and international tax laws So suddenly a bunch of MPs are not are not saying good job Facebook for for changing your the way you work to be more tax-responsible They're saying oh, so you were breaking the law up to now. Maybe we should investigate that mm-hmm UK those guys are still in the EU, right For now. Yeah, okay Google confirmed that starting next week It will delist right to be forgotten links from all its search results worldwide if The user making the search is detected to come from the EU Google said it will quote use geo location signals like IP addresses Unquote this will be in addition to the current practice of delisting from all European versions of Google search engine Yeah, you know further fragmenting the web and creating into lots of little silos But it's okay because geo location as we know is physically being there. It's a kid If that's the case if that's the case when I if I have an IP address that says I'm in the UK That means I'm in the UK, right? Oh, yeah, if it's a VPN No, no if you're if you're there watching the iPlayer Tom, you're not here So those crimes that you could I mean that somebody else committed were not committed by you If it maybe it was a crime in the state of California, but it's not a crime in the UK I know exonerated because my IP address clearly shows That I was in the UK. Yeah, and I've just been I've been in Moscow all week buying MP3s. Have you doubt? Yes, don't do that. No, that's a good way to get a virus. Hmm. Yeah, and I don't need a computer Nintendo announced a new 3ds XL variant sporting a super Famicom color and graphics scheme For those of you who know the way back day is of the old Famicom It's set for an April release in Japan and we'll retail for around 21,600 yen That's equivalent to about 190 dollars US Nintendo also announced it would be releasing classic SNES games like Super Mario World and F zero for the updated 3ds XL with two analog sticks in the e shop Well, first off F zero is just like about the best game Nintendo's ever done period And you have to use the pink one because that those blue and yellow ones suck anyway If you've ever played it, you know what I mean But also I love the like throwback Famicom stuff. I would like to see one using floppy disks Because those are retro enough to be cool again. Aren't they three and a half? Yeah Well a long time ago I did a mod where I took a floppy disk case and put it around a USB stick I made like a crazy USB drive essentially that was a floppy disk hanging off your USB port and I had more than 1.44 megabytes There's a guy recently did one way better, which was put the USB internals inside The the floppy disk then created a draw a USB drive a USB port that you put the disk in Like you were putting it into a floppy drive and then it worked It does have more than 1.44 megabytes. Nice. Yeah, bring them back Finally Xiaomi CEO Lee June has softened his stance against a possible IPO Tech in Asia reports that June said in a speech that he is quote Considering following Alibaba's lead and setting up an internal options trading system to incentivize employees while we haven't listed and Then said but because we have investors and employees Xiaomi is not ruling out an IPO now if you haven't followed this you may say well all he said is they're not really not an IPO Why is that news? He has been very adamant. We will not do an IPO We are not going public and so having him change the tune to like we're not ruling out an IPO is a big change for him Hmm Thank you to everybody who submitted stories at our subreddit dailytechnewshow.reddit.com It definitely helps us put the show together every day. So get in there and join in do some voting make some comments Have a discussion T.G. Steller is great about putting comment threads in there that relate to our day's discussions So get in there and have some fun dailytechnewshow.reddit.com and that is a look at the headlines Have an interesting story from Bloomberg businesses Selena Wang About alternatives to Apple assistance now Patrick Beja and I were having a conversation earlier this week about whether you could actually image the iPhone drive and then try your 10 password attempts it Deletes its data, but that's an image copy and then you go back and make another copy Ms Ms. Selena Wang went and talked to Jonathan Jarski who is a forensic security researcher and he's been weighing in quite a bit on The Apple controversy he pointed her to a Shenzhen YouTube video of phone drives being upgraded and how they pull the drive the drive out of the iPhone Make a copy onto a 120 like taking a 16 gig drive putting it on 128 gig flash drive Putting the 128 gig flash drive into the iPhone and he says look, you know, yeah If you do that hundreds of time you might damage the chip But they could do this they could research how to do this and get around the problems He says you could also just try to find an exploit software vulnerabilities He said and other options that are brought up in the article is asking the NSA for help Although Susan Landau in her testimony said the NSA may not want to make their methods known even to the FBI FBI director James Comey says that they've asked everybody We have engaged all parts of the US government to see does anybody have a way short of asking Apple and we do not But Landau recommends that the FBI create and fund an investigative center She says bring FBI investigative capabilities into the 21st century, which goes back to what Jarski saying is there are ways This is a hackers race. There are always raised ways Darren what how possible is that how how practical is that forget the side of whether Apple should comply or not? Yeah, I mean could FBI get into this if they put enough elbow grease against it Yes, this is nothing new dumping the ROM off of a chip is standard practice That's how you do it and if you damage the chip you just solder on a new one. It's not rocket science You just make a good pristine backup copy you put that when your cute little envelopes that say is evidence or whatever I know you guys love those and then you just keep trying and every ten times it wipes big deal You pop on a new chip or just do a copy of it Like people that run ROMs on emulators do the same thing with Nintendo's so But that that misses the point the thing Tom is this is has nothing to do with the technical feasibility of Actually hacking this phone. This is all about using the terrorism card to put the push the FBI backdoor agenda You know and you know he has Go ahead. I'm just saying whether or not they have the technical chops It doesn't matter what they you know One is to have Apple do the dirty work for them and set a precedent because these these cases have happened numerous times before But now they've waited until there's a you know a terrorism case with a US company I know this might go down a little differently if this were Samsung for example and as we can see from the hysteria of You know like well Francis National Assembly that we were just talking about in regards to encryption, you know, the terrorism card works Hell we even passed the Patriot Act after 9-11 So, you know, it's obvious that that works and the FBI in this case are just wolves and sheeps clothing So but but hold on let's let's go back to to the technical aspect because you sort of said well That's easy. They could do that. I I've heard several people say it's not that easy Even Jonathan Jarski says well, you'd have to work at it So you're saying it's possible It's but how how difficult would it be? I mean Steve Gibson says that this is actually that that the key is combined with the you with the ID of the phone essentially so you how you could it would be difficult to Make just make an image and use it But this video that Jarski pointed out actually shows them cloning the the phone ID and then putting the the chip back So conceivably you could do that Jarski says usually it only takes about 200 times to guess most passwords Because most people don't use complex passwords because this was the second phone of the suspect. Maybe that's true. Maybe not But Jarski says look They could also ask Apple to make an image for them But Apple could definitely image this and he's like I wondering and this is where we go back to a little bit of what You're talking about of why what the possible motivations might be here Why wouldn't they just ask Apple to make an image that then they could try to brute force and every time that image got locked up You just you know, you have a copy of the image and you try again Especially since as Jarski points out even if they get Apple to make this tool that lets them brute force and get into the phone You don't want to use the phone to examine the data You're gonna have to make an image of it anyway, which would require them to go back to Apple and ask for an image No, no see that's the thing is if that's a very It's a great question and there are many technical reasons why they could just you know break into this phone and use their own Chops to do so, you know dumping the ROM is not impossible and then re-flashing the ROM is not impossible either So there's no reason why they couldn't just you know hack the silicon to get into this device They could even just try pulling off a encrypted file and throw some of those CIA super computers at them to brute force them Instead of brute forcing the lock screen. So they're going about it. They're trying to go in Obviously the front door has got a pretty decent lock on it But they're like hammering on this for some reason and the reason is that they want to set a precedent And it's not even about this lock screen on you know tries and unlocks It's setting a precedent that we can have you develop software to our Specification when we need to break into stuff and that's why this case is being used and and that's why Jarski Says about the imaging is you you ask the court very specifically for software that can brute force a password Not because you want to use it on this particular phone But because you want to have that tool in your arsenal to use later down the road He says you should you should fully expect them to need to go back to Apple and ask for a tool to image the drive Again something they could do on their own But it's going to be faster and more efficient to have an Apple approved version that then they can legally ask for again Because and and if people are wondering well wait a minute if you just get into the password. Why don't you just open the phone and look around? Jarski calls that the equivalent of dumpster diving background processes start to run once you log in They potentially clean up data older Twitter messages get tossed out Just doesn't matter of course and keeping your phone running nicely wicker and telegram support self-destructing messages as soon as you opened up one Of those apps they would start to delete certain messages that were older than a certain age Which is at this point they want the older messages. So what Jarski saying is look to have a forensically sound Investigation of this phone you you need to have an image of it, right? And they not only that but they needed to have not altered and in this case they've altered the evidence I mean if the FBI wanted to they could have already had this but they were completely incompetent with it letting the phone die For instance letting the other sorry letting the battery run run flat you know changing the password when they could have done a Synchronization to iCloud and even Apple said hey we've seen failed attempts to authenticate with iCloud so the FBI It's almost like they purposely blocked themselves. So that The thing is like it's either that they're completely incompetent and maybe they do need better cyber capabilities But it sounds like that's not what they want what they want is citizen cyber crippling So let's set aside like I know I know how much you want to talk about the motivations We've talked about most possible motivations a lot And there are a lot of people in our audience who believe that the FBI has pure motivations that they're not trying to do something Malicious here that they just really want to crack down on crime. So let's let's let's set that aside for a moment In the end is Susan Landau, right if Congress gave them a few hundred thousand dollars or maybe a million dollars Could the FBI create a task force who would be able to get into Fully encrypted phones like this and not need to go to companies and ask for special keys and backdoors Yeah, if I can like sign up for a sands course on hacking iOS there's no reason why the FBI couldn't just put some money in their like cyber training budget and Learn these skills and develop these skills and contact Security researchers and say hey, can we have your proof of concept code to see if we can use it to hack on this thing? That I would much rather see them do that because ultimately that makes for better products anyway when you start hacking on these things and breaking them That's when you know where the vulnerabilities are to fix Exactly they're just going about it the easy way not even the easy way They're just saying hey Apple do the dirty work for us Well, it is more efficient if you can get someone else Fish and what they should do is learn how to fish I think that was Susan Landau's testimony It may beat out word for word, but that was essentially what she was saying is look there We've got this video that Jarski pointed out of a guy copying over the UUID and everything on a phone saying look you can do This you can you can copy these drives? It just takes a little more work to figure this out people jailbreak the base bands of these things if you get Into the base band it doesn't matter what's going on with the operating system. There are loads of ways to get it at that point The the underlying aphorism In the hacking world is generally it's an arms race Somebody's trying to lock you out you figure out how to get around the lock they come up with a better lock Etc etc etc etc nothing is this whole debate is premised on the idea that apple could make encryption so good That no one in the entire world could ever figure a way around it Sorry, there's no such thing. Yeah, but I never would you can you can get good You can get good it you know quote-unquote good enough you can layer enough security you can feel confident but it's it's always about mitigating that risk and You know here what's crazy is that Congress is completely ignoring the incompetence on their level on on the level of the FBI and It's just like to the FBI dude Apple isn't your IT department. You know you broke it fix it And and that really does bear on the case the case itself is saying should a company a private company be compelled To create tools And and again, I go I hate to keep bringing up Susan Landau like it's a broken record But I thought her testimony was very apt, which was you don't need them to do that You you should you should create this yourself. You can create this yourself No, you can't create it the same way because you don't have the the key But there are plenty of ways for you for you to do this and I think that's important to note No matter what side of the debate you're on is is that this we're talking about well, that's how it's traditionally done This is the first time we're instead of just hacking it Yeah, with traditional means you go like hey, we went the easy way Can you just do that and and that's the thing is that's what had been happening previously Was when Apple could just give them the keys? That's what they were doing saying right and well, we can just get the keys. Why would we buy? Yeah, exactly It's like we don't want to you know buy the cow if we can just keep coming to apple and say give us some more milk I get that and apples like we're tired of giving you milk So they make a system that's uh, you know that's designed in such a way that they can't just hand it over and they're like But come on you've been giving us milk this whole time And Susan Landau's like congress just give him money for a cow. Well, yeah, let him buy a cow It's always not the FBI buy a cow Uh not buy a cow who is an excellent member of our community but buy a cow Yeah, like they could get a gateway 2000 and start, you know trying to break the encryption with that Yeah, they could get that kind of cow too. That's I guess that's a good point. Uh, so this this is a Here here's where I'm gonna end my my point on this What I feel like should happen not not regarding the particular case in San Bernardino. I think that's separate what I think should happen is that uh, the FBI should cultivate Relationship with someone who actually knows a lot about encryption how to get around encryption And is experienced in the forensic part of it Which is how to make sure you get the information in a way so that it can still hold up in court Which is a trickier thing and that guy's Jonathan Jarski Hmm, and you know, maybe they should also teach their agents not to ruin evidence I'm just saying maybe the FBI should hire Jonathan Jarski. There you go All right Our pick of the day comes from tim carrying on our theme of a router week We we didn't mean it to be but it has definitely become router week Uh, and tim wanted to offer up his favorite router dtwrt Open source firmware replacement for a large range of routers common chip sets Roger chang was uh recommending it in our post show the other day as well He uses it based on linux has a large range of advanced networking features not commonly found in most routers One of the best features is policy based routing the ability to send certain traffic Out of a different interface such as a vpn connection that is hosted on the router The usual warnings apply being an open source and community supported project It may not be for everyone, but it does have a decent web GUI And he also said he spends a fair amount of time at a bash prompt So don't let that turn you off. But thank you tim. I'm sure you use dtwrt, you know Yeah, I've used a dtwrt. I actually like the open wrt Uh Distribution instead that's actually what we build our wi-fi pineapple firmware on top of But it's a very similar, you know, linux embedded linux distribution and they're both really great And home users should try them out even though it's like oh server linux sees stuff It's it's not scary at all The modern web interfaces that they put on them are actually better In most cases than what you find off the shelf from the likes of linksys and tp link and such Yeah, I have definitely used dtwrt I think it was back before when wrt was around yet But I I have used it to great effect to repair routers that were having problems So I'll put a link to open wrt in the uh show notes as well. It's on your face to us folks I just hope that it continues to be an option for this is a discussion for another time But I'm now I'm sure in june when the fcc rules on their new proposed regulations when it regards to 5 gigahertz spectrum that uh That was a lot of fun. There's a lot of good going around Uh in that discussion So yeah fingers crossed that that doesn't get f'd up as badly as some people are afraid Send your picks to us folks feedback at daily tech news show dot com You can find more picks at daily tech news show dot com slash picks a couple messages before we get out of here regarding The six flags virtual reality roller coaster. Did you hear about this darin? Oh, hey, does this wait wait wait wait Is my production about to become true? Well, you will go to six flags in nine other parks You'll be given a samsung gear vr that you'll put on your head and you will be on a physical roller coaster But having virtual reality paired up with it So the motion of the roller coaster pairs with the virtual experience you're on So what you're saying is six flags is actually using vr in one of their rides Yes So what you're saying is if I want my prediction to come true, which is that That a company will sue someone over using their vr intellectual property because it's so much like the real thing that all I have to do Is make a copy of that video and release it so everybody else with a gear vr can experience it sands the Motion of the roller coaster Technically speaking. Yes, although I would do this while vpn'd to the uk so that obviously it wasn't me It wasn't you obviously that wasn't it Dr. Hill shows clearly that uh, hey The fear that justin and I were talking about is how do you keep these things on your head? so they don't go flying off when you're going loop to loop on the roller coaster and we were Contemplating the idea of bob and fred in the break room discussing this before they put it up Sean Who I believe is an employee of six flags Says bob and fred here from the break room to answer your six flags samsung gear vr questions The devices will be the new galaxy s7 phone inside of a gear vr They are secured with an additional chin strap so that they don't fly off You'll need to be 13 years or older. It's optional and free There are already a bunch of parks in europe and asia that offer vr coaster rides They originally experimented with the oculus units but have since switched to gear vr devices as they are easier to maintain and keep clean We are just brought it. We have just brought it to the united states Added some characters from dc comics and the fighter jet along with the best g force coasters on the planet Here is what we saw at the iappa trade show and sold that sold our team to do this and there's a youtube video there as well So, yeah Got the word straight out of the flags. Wow, so in america So I can I can only imagine how this is going to slow down uh passenger rates on those, uh I wonder coasters, but also it's really interesting to think of a future where there's an option to b y o v r And just you know show up connect to the wi-fi network or whatever have you and how the app installed i'm good Yeah, you'd have to get their harness so that it would get you secure. Yeah. Yeah, if you don't have the chin harness Yeah And joe from huntsville was speculating This will allow them to rebrand and change the ride complexion with just software changes a new adventure each year without having to Risk adding or changing ride tracks. They could put in advertisements. You think nascar could sell advertisements This could allow six flags to place the ads as part of the ride experience And eventually they could allow passengers to select from multiple trips that kind of ties into what you're talking about darin So even if you're in the same ride car with your friend, you could experience different visual environments Oh, yeah, it'd be like the indiana jones ride where you don't know which Which one you're gonna get you know, there's multiple tracks you could take You know your body could be telling you you're going left But you could be your vr could be telling you you're going right and your chin I really need to puke right now, but it can't open my mouth Uh ashish wanted to let us know why he thinks apple has passed jaume as the sixth best selling phone in tier one cities in india He says the brand like everyone else in the world has impeccable brand value talking about apple brand And carrying an iphone is considered a status symbol by many in india not everyone Especially not the savvy folks, but many of the same older versions of the iphone are available in india Way after they stop selling them elsewhere The iphone 4s is still available here today And those who don't understand the fact that it is over four years old or don't care buy it just to have the apple logo on the back Uh resale value is another consideration used iphone sell like hot cakes with much less devaluation than other brands So many simply buy the latest ones then sell them six months or a year later and move on This is my take on the situation. It might be completely wrong. Of course, just my two cents But he is in india. So uh, he's got a better perspective on it than most I think I think we all know the apples of fashion statement And that's not devaluing them in any way. That's a good thing brian says on top of their recent security issues nesan just informed me that my 2014 leaf will no longer have wireless access Over atn t's 2g edge network after december 31st 2016 The letter talks about covering a substantial part of parts and installation of a new telematics control unit But it's vague about the timings and details and he's upset. He's like, I just got this car. It's 2014 Why did you put edge in it? First of all and like really now? We got a we got to worry about buying cars and having to go into the repair shop to get our modem connections replaced This is this is troublesome like no joke On the one hand, you want to see the carriers constantly up their game They can't keep hold of 2g spectrum when they need to roll out 5g But at the same time you want a long-term solution for things like whisper nets that you would you would hope that you're Your kindle for instance your first gen kindle still has access to a very slow version of the internet Much into the future So I hope that somebody can crack that one because there was especially with iot You know like we don't want landfills full of iot gear that could never connect again And especially with cars the car manufacturers are not even if they could make it as easy as popping in, you know One of those. Yeah, one of those modules. They're not going to want to let you Because of the liability So it's going to be a bulky process of like, you know, we got to swap out the modem unless you just let the Liability that would prevent them. I mean there's there's many economic reasons why they wouldn't want you to be able to Well, there's that too But honestly if they say if they recommend like you can just pop out this module and replace your modem And it doesn't work they get sued right and then there's you'd have to think about other things like on star for instance and other Safety features that rely on these connections and you're like well Do we really want to you know? You get to a point where and this is actually scary this happens all the time and in it where it's like Hey, we have this aging infrastructure That we don't want to support anymore And we'd like to replace it with something else But we have all these old systems using it in many cases those things get hobbled together and kept going You know, I know that uh FAA uses tons of old systems like this because it's too expensive to replace them And this is the same kind of growing pains that we're seeing with cars and we will continue to see with iot And then finally Byron was listening to our discussion of the amazon echo yesterday and started wondering if something like that Could be achieved with a raspberry pi and sure enough somebody's done it There's even a few tutorials on how to set up the Alexa voice assistant on your raspberry pi He included a couple of youtube links. We'll throw them in the show notes. That's good stuff Yeah, that's good. Good stuff. There's lots of good stuff like that at hack 5.org HAK 5.org g you guys have been covering the apple encryption debate as well good breakdowns of what all is going on with that Thank you. Yes. There's a lot of shows within the hack 5 uh, uh brand I guess you could say and uh threat wire is one of those that you should check out is just uh It's a weekly dose of technolest from Patrick Norton, Shannon Morris and myself, uh, basically covering security privacy and internet freedom And you can find that at h a k 5.org along with all the rest of our shows like metasploit minute Uh, if you're interested in learning that tool hack 5 uh, shannon. Patrick do tech thing So there's all sorts of good stuff h a k 5.org. Thank you, tom You betcha brother. Thank you. Len peralta for persevering through your reboot Thank you so much and I apologize for interrupting the show. I need a lot of things Uh, well, I guess one of the things i'm going to need is a brand new usb hub Because uh, that was the problem with my headset. It was not uh, connecting and I could not you could hear me But I could not hear you so stupid stuff. Anyway, uh, I have been drawing the uh, the show I was working while and listening while you guys were we're uh, we're talking and um, uh for the video viewers You can see what it is. They uh, it's a uh, I channeled my inner scott johnson with this I think it looks a lot like scott's art. He does a little of the scott style a little bit a little bit And it's a fbi hacking tactics revealed and you have to uh, you'd have to check it out at the store and see what those are Just as a uh, just as a little a hint It's an fbi agent who's saying the fruit device has been cord repeat the fruit device has been poured You know these high level type of government type things. So that's a law enforcement officer type of phrasing I think so I think we have a uh, we have a term that we use in in it and hacking And that is when when everything when all you have is a hammer everything looks like a nail Yeah, that's right And also I wanted to do this at the top of the show, but I forgot I'm going to turn off my video here for one second It's just so because I'm so excited that uh, if you guys are anywhere near a, uh, a Game shop or anything like that. You can go pick up my the new uh star munchkin guest artist edition Illustrated by myself. I saw this on the shelf last night. I had to buy it. It's so exciting. This is a It's a it's the 15th anniversary of munchkin and I'm I'm one of the guest artists They've asked a lot of different artists and this is my I've redrawn the core set of star munchkin It's available at your store at um at any good game store right now very exciting I was excited when I saw your snapchat about that Yeah, it was uh, I was so I you know, I'm waiting for them to Send it to me, but I'm like I couldn't even wait because I heard that it was uh, it was available So I wanted to did that Um, yeah, so that's kind of cool. Oh and finally if you want to get this thing go to my online store Len Peralta store.com and get the thing I just drew Or you could go to my patreon patreon.com forward slash len and you can uh, you can pledge and get Get it as a high res image that you can put all over the place and show you feel about the fbi and hacking Just go to Len Peralta store.com if only to gander at the amazing hammer and agent Yes as well as all the other ones I've done for the show over the past two years Thanks to everybody who supports the show daily tech news show dot com Support is the place where you can find out how to do that. Uh, we appreciate every single one of you It's the value for value model if you like the show We just say Give it a little money back in the amount that you like the show and help us keep going We're trying to get to the next milestone of a weekly day six episode from australia with peter wells And a new milestone to be announced soon after that Also, don't forget if you're going to be at south by southwest in austin texas Or if you just live in austin texas and you're not going to be at south by southwest Come out to the diamond club party on saturday march 12 from two to five p.m Pacific or central time with justin robert young brian brushwood myself and a bunch more people Our email address is feedback at daily tech news show dot com. You can give us a call 51259 daily It's 5125932459 catch the show live monday through friday 4 30 p.m Eastern at alphacake radio dot com and diamond club dot tv And visit our website at daily tech news show dot com back on monday with lamar wilson as our guest talk to you then This show is part of the frog pants network get more at frog pants dot com Diamond club hopes you have enjoyed this brover Good show gents What should we call it fbi's image issues Oh, that's beautiful beatmaster. That is really good. I haven't even seen the others and I love it Uh, the fruit device has been quarried is not bad Uh new microsoft same as the old. I like the fbi. I don't have a cow I don't have a cow is good That's really good the federal bureau of precedence is precedence precedence The new microsoft same as the old apple is not your it department. Yeah, yeah pardon my french anti-terror Fbi wants magic beans Oh All right, we'll let that we'll let these percolate a little go go to show about the tv and and make some votes The fbi some code and they'll hack for a day teach them how to code and they'll hack forever Actually, I kind of want this on a t-shirt and I know I said it but apple is not your it department Yeah, you should create a stick or sell that in a hack shop. Yeah I like that You know what the fbi just needs to go to the genius bar had they just gone to the genius bar within be like it broke No, no work. I can't get into it. No problem. Be right back. We have a special tool. Don't tell the fbi. We wrote it Yeah, yeah, this is not that phone. No, hang on. Let me uh, yeah a broken iphone. Uh, just one second in this Uh evidence bag, uh, don't mind that I just do that for a stick. I'm not an fbi agent as far as you know I'm wearing my i'm not a fed Yes Yeah, your government issue suit. Yeah Actually, when you spot the fed at defcon both you get the i spot the fed t-shirt and the fed gets the i am the fed t-shirt So, uh, that's actually pretty poor uh, lots of uh Lots of department and defense people coming out in support of encryption They won't go as far as saying we support apple but making strong statements about encryption Uh, former nsa people saying the same thing. So Well, you know it protects us. It protects them. It's an even playing field. Have it both ways Maybe they already figured a way to crack in they just don't want people Well, that was my thought was like the people who who figure feel confident enough In their teams to be able to get around strong encryption Are in favor of strong encryption and the people who don't understand it Uh fear it are the people against it Tom, this is why they let us win the crypto wars in the 90s No, no joke. It's just whatever. Okay. You know what actually? Yeah, you can have that By the way, we've got a great idea for a random number generator. Yeah, yeah, exactly Uh, check out our rainbow table. Yeah, we just came up with this. It's awesome Dude, this thing generates numbers randomly. Yeah, so random. I mean the the random enough Random to the human you should implement this in all your juniper network routers This is a great find. Thank you. We at juniper networks. Thank you Well, that's what you want them saying that's the thing. Yeah All right, I am going to All right tonight yes tonight is spaghetti night by the way just All right It's spaghetti night today is a fantastic day. It is this is we're back. Everything is right with the world We're back on track You're like a fuller house in real life All right guys, we'll see you next week. All right. Thanks again, line. Bye. Bye I can't wait for the day that I meet Len in rl Oh, yeah No For it's been years now and I've still not met him I'm going with fbi's image issues I met a man uh Was he a nertacular the other way? Probably how'd you meet him? I met him at podcast expo For real. Yeah like in ontario like back in the day. Uh, it was either ontario or the first las vegas one But it was yeah, it was that era. Whoa. That's rad. Uh, I know at the the one in las vegas He introduced me to jonathan colton Oh It's cool. That's how I met jonathan I wish I hadn't been too cool for school back in 05 I wish I hadn't been too cool for school back in 1996. So I get okay. Well, there you go. All right fair enough Wait, were you too cool for school or are you too? I mean, I wasn't I was being too drunk That's the problem. Yeah, but that doesn't really make you too cool for school. No, but it makes you think you are I think that was my point anyway Mm-hmm Nobody is too cool for school. They just think they are yeah All the cool kids end up in continuation school for at least a summer Yeah, it wasn't that I thought I was cool. What I thought I was was punk rock Right. I was so not now I picture your head with a mohawk like a purple mohawk I cut my own hair back then Well, what you do need to do is is go back and see some of thom's original videos I hear the one of them's on uh vimeo right now. Oh, yeah, those are some austin 1996 era ones Lookups a brilliant tv ah And then what's beautiful is it's on the internet so it will it'll never go away Nope, even if it's encrypted. Mm-hmm Yeah, I was trying to get us to that that point that was the big point that I wanted to get us to today was There's never perfect encryption No, that's what that's that's okay. But that's there's nothing wrong with that. That's just called It's an imperfect life. It's an imperfect system because it's created by humans imperfect beings And here we are having these imperfect arguments and it's all about percentages, right Strong encryption will keep 99 of the people out what susan landau was basically saying is fbi You need to be the 1% Yeah, stop at 99% and it's still whole true to my statement that you know in this case governments They're just an adversary like anyone else. Yeah, you know just because they can oh, we've got court orders We can make you do something. It's like well Yeah, how is that any different from the black hat that like, you know breaks in anyway and puts up on ransomware and makes you Do something exactly So don't don't let they're like, you know golden tickets of court orders national security letters Break your security your security should be nsl proof your security should be warrant proof your security should be Just it should be rubber hose proof really Because that's the thing is if this goes south, you know, the next step is, you know, the men in black show up with the rubber hoses and Although in this case that person has already passed away. So they're not gonna Oh, really? Okay. Well, yeah, all right, but Uh for precedent for the sake of precedent. Yeah, uh I do I I was throwing out the idea of like no wait a minute if we're worried about going dark No one should be allowed to delete anything because as soon as you delete something They the fbi can't see it if they need it in a case Oh, hey, just think about that terabytes on your phone in the future What would you say 16 terabyte ssd's last week or yesterday? I mean, yeah, we need that in our phones To be standard so we can never delete anything. There you go. Uh the right to be forgotten. I forget that Well, the right to be forgotten publicly But we still need to keep a copy and the uh in the boondestog somewhere I'm just saying how long do you think tim cook would hold up to the rubber hose? You know, he might surprise you and so actually this brings up the even more important discussion Which is don't rely on a tim cook to stand up to the rubber hose for you You need something that is uh rubber hose agnostic that would attract the rubber hose to you though No, but that's like saying don't use encryption because then you're going to be in a database That's no reason why I don't use pg if you want to email internationally. I know I'm in the database That's okay. We should all be in the database. We should be encrypting all the things even our fire os tablets They should be on the show that one's still the fire os one's still The fun fine modeling like the only thing I could think is that they just Like that is that is a developer mindset Who's not thinking about implications going? Nobody uses this feature and this feature slows it down. Let's get rid of this feature Like I could I could see that hey that makes sense of quote-unquote this feature But you so nobody looked at that and said wait a minute in today's climate getting rid of encryption Even if it does improve performance is probably a really bad pr move Even if it's just opt-in, you know, yeah, although I have to say wow major strides I just set up the galaxy s7 and not only was it encrypted out of the box Too too opt-in features that you should turn on if you get a modern smart phone. First of all I had the ability to require a password to unlock the encryption Which by the way if it's encrypted and it doesn't require the passcode to unencrypted What's the point of the encryption? So it was out of the box encrypted but not out of the box secure Anyway, there was that to be said and then the other Thing that was interesting coming out of this android phone first time I've ever seen this Maybe it's part of the marshmallow now the option to opt into the ability to wipe the device after 15 tries Oh, we're now at last 10 because currently that's a knocks thing It could be I need to find out if this is the Samsung thing because we're doing this on hack five We just did a demo of breaking into any android phone with a four digit pin code in in As up to 16 and a half hours And and there's you know, I literally have a screenshot from or not screen I have a photo of my phone saying you've mistyped your password over 9,000 times You're gonna have to wait 30 seconds. Oh, no. Oh 30 seconds We you need to get a quarter order to disable the 30 second Yeah, exactly because otherwise going to take the fbi 16 and a half hours I mean in that time they could have called a security expert or something They could have hired jonathan jarsky There you go or jonathan jarsky will gladly take contract work from them. I am sure I think you become an employee, but They should get both jonathan jarsky and jonathan colton Doesn't they could get a decent song out of it? They could spend it get some good pr You know, this is a this is a triumph Right, this could be an fbi triumph and in their uh, their In their image, right this could make their image look good by imaging it And then getting a song out of it There is a common workplace environment where you have a way of doing things and that way stops working And there is a way to make somebody else do that thing For you so that you don't have to relearn something from scratch Uh, and that's what I feel is going on with the fbi. I I honestly and you could mock me for being naive I honestly think the fbi really does just want to catch the bad guys. I don't think they want to spy on me But they have a way of doing things that no longer works And they don't want to have to expend the money and effort in this budget constrained time to come up with new ways And this is a lot easier Yeah, no, I court precedence They'll use their powers for good they think I agree with you that they all believe that that they all want to do good But it's much easier to get the dirty work done for you than learn as you were saying totally And the other thing is that doesn't make it any less scary that the fact that they have good intentions Would you say Roger? Oh, sorry. I had to uh do an emergency change on my daughter. So I'm logging on go ahead. Thanks, man. Talk to you next week Yeah, I'm just I'm just saying it doesn't make it any less terrible even though they have good intentions, right? Absolutely I mean We could come up with example of example after it doesn't even it doesn't make it the right way to go There are lots of times when really good people want to do something because it's easier and People outside go wait. No, that's not that's you shouldn't be allowed to do that That's not the right way to do it because it has these other effects That's what I'm saying And you know surprisingly lots of people have their side Or have apple side saying like hey, you know Um It's not that and I don't think any of the other people supporting apple with amicus briefs and stuff are saying No, we shouldn't fight crime You know, no, they're just saying this is not the way to go about this All right. Well, that is it for this week ladies and gentlemen. Thanks for watching and listening and we'll talk to you next time I hope