 Coming up on DTNS, what nation state attackers do with the info they access, what Apple fitness users, or at least Allison, do with their fitness app, and whether you want your phones back to turn colors. We'll, we'll, we'll explain. This is the Daily Tech News for Monday, December 21st, 2020 in Los Angeles. I'm Tom Merritt. And from Studio Redwood, I'm Sarah Lane. And this is Allison Sheridan from the Potfeet podcast. And I'm the show's producer, Roger Cheng. We were just talking about everything from hypnagogia to old fashioned webcams. If you want that wider conversation, get good day internet. Become a member at patreon.com slash DTNS. Let's start with a few tech things you should know. TikTok users are getting a year in review feature with the launch of Year on TikTok, a video highlight reel that showcases individual users own TikTok, TikTok moments. It also IDs your vibes. That's what it's calling the videos that you liked the best in 2020. In categories such as crafts, cooking, animals, travel or cottage core. If you haven't been on TikTok long enough to get your own vibe, TikTok will include other top videos from its year in TikTok. Top 100 list. Instead, the tip top TikToks. An update to Samsung's Galaxy wearable app lists some of the new features on the company's upcoming Galaxy Buds Pro. That includes spatial audio for a faux surround sound when connected to a supported Samsung phone and voice detect, not ace detect, voice detect, which lowers volume and turns on audio pass through when the Buds detect that you're speaking. Adobe released betas of Premiere Pro, Premiere Rush and audition for Mac OS all optimized for Apple Silicon. The Premiere Pro beta is focused on core editing functionality with support for H.264, HEVC and ProRes codecs. Third party integrations will need to be updated to be compatible with the new versions. Zoom also announced the release of its universal app for Mac OS for its video conferencing clients. Security researchers at Citizen Lab at the University of Toronto detailed an espionage campaign that uses an iOS exploit against the personal phones of 36 Al Jazeera journalists. This appears to have been a no click exploit, meaning that journalists didn't have to do anything except connect to an unknown server after malicious code was sent from Apple. The report claims the code for the exploit belongs to the spyware company NSO Group. NSO Group said it does not have knowledge of who its clients use its software, which of its clients use its software, but investigates any credible charges of misuse. The report found the exploit was effective on almost all iOS devices, not updated to iOS 14. All right, everybody, brace yourselves. This may be startling to here, but there is yet another reported technical glitch with Cyberpunk 2077. I know players are now reporting that game saves over eight megabytes in size result in warnings that, quote, saved data is damaged and cannot be loaded. According to the game's developer, HD Project Red, these saves can't be recovered, but the issue may be resolved in a future patch. The developer recommends using an older save and to keep a lower amount of items in the game to avoid the issue. I feel like I was like, we can update just now, or I just can't even get through it without laughing a little bit. By the way, real quickly, I just want to point out that when we say it was sent from Apple, Apple says that it is investigating this, that it protects people's data. So I think it should have read appeared to have been sent from Apple. We'll dig into that a little more. All right, let's talk a little bit more about the US relief package and what it means for technology. Let's do it. Part of the coronavirus relief package deal reached by Congress over the weekend includes $7 billion for broadband Internet access. The largest allocation will fund a $3.2 billion emergency broadband benefit, providing $50 per month for broadband for low income families with an additional $1 billion in grants for tribal broadband programs and $300 million for rural deployments. The package also includes $1.9 billion for RIP and replace efforts meant to replace Huawei and ZTE equipment from US networks. The FCC recently voted to approve the Secure and Trusted Communications Networks Act of 2019, which requires US broadband and wireless carriers receiving universal service funding to remove Huawei equipment. So there's a lot of money for energy tech, energy grid technology, including $3.4 billion for energy storage and transportation, as well as smart utility and distribution. $4.1 billion for new energy technology, photovoltaics and other solar tech, transportation and energy efficiency and weatherization. There's also some funding, all less than $1 billion for offshore wind energy, geothermal energy, marine and hydropower. And there's $6.6 billion for modernization of existing nuclear plants and development of advanced reactors and $6.2 billion for carbon capture and storage rollout, as well as some development money for carbon removal projects. Finally, $2.9 billion is going to ARPA-E. That's the Energy Advanced Research Division. And there's a directive to the Department of the Interior to generate 25 gigawatts of solar, wind and geothermal production on public lands by 2056. The package also provides funds for the Federal Communication Commission's telehealth program. And for a pilot program to improve broadband access for communities around historically black colleges or HSBCs. By the way, that geothermal production on public lands would be 2025, not 2056. That would suck. Yeah, that was my fault. I'll take I'll take the typo excuse there. But but yeah, this is this is a lot of energy tech, a lot of energy tech money out there. But I think, you know, the thing that the people hope impacts the most is probably U.S. broadband to to kind of bring that to people. So, you know, I am not the skeptical kind of person. I'm usually the optimist that always sees the best in everything. But I sort of feel like, you know, Charlie Brown with the football and Lucy and all that, every time they say they're putting money in for broadband for low income families. I mean, big broadband rollout. How many times have they claimed that money was actually going to go to that and then it didn't? Yeah, I feel a little little faked. The $50 per month will go to people. That those generally end up being used by people for credits. The 300 million for the deployment, on the other hand, doesn't seem to always pan out. Yeah, that's the one. But I'm excited about all the energy tech stuff. None of that was going towards large oil companies. It seemed to be going the other way around. If if it was going to companies involved in carbon creating industries, it was going to make carbon free energy. At least it seemed like all of it was for that. Or carbon removal projects, like they said. Yeah, that sounds pretty good. I mean, the whole broadband for low income families, $50 per month, you kind of go like, I mean, it's sort of bare bones broadband. But with all the kids being in school from home now, you know, it used to be something where it was, I think a lot of people who were in more positions of power would say, well, yeah, sure, it'd be nice if everybody had broadband. But when it actually means your child is either going to school or not going to school, then this is really, really important. And will we ever forget those two little girls sitting outside of a Taco Bell trying to get free Wi-Fi so they could go to school? This is good. I had not heard about the providing direct relief where they could get $50 per month for broadband. I mean, that'll make a dent in the bill. That's not bad, really. Yeah, certainly, if you qualify. All right, let's talk about a concept phone, Allison. All right, OnePlus revealed another concept phone this time based on the OnePlus 8T. This concept phone has a back that can change color. The back uses a film with metal oxide under a glass panel. The film changes colors when you apply voltage. And it's simplest this could be used for notifications like turning green if you had a text message, for example. But the phone also features a rear millimeter wave radar precise enough to detect breathing, and it can track objects as well. That could be used for gesture control, but also could do some biofeedback. For instance, a color could pulse along with your breathing. Or perhaps if your breathing rates gets problematic, the back of the phone could turn red. And no, this is a concept, so OnePlus gave no indication of when it might show up in an actual phone you could buy. My first reaction to this was like, who puts their phone face down on, you know, the desk, you know, the desk that I'm working at right now. I would never do that because the top of my phone is where I get my notification. So I want that facing up. And also the front of my phone is the one that I want scratched less. However, with a lot of these concepts, they sometimes seem silly at first until in practice, people go, oh, this actually is super helpful. And here's why I like the idea of being able to have not so much about the not so much about the breathing stuff, but just the idea of getting notifications that are color coded in a way that would be pleasant. See, I put my phone face down a lot, Sarah. When I'm in a conversation with someone, I'm sitting at the dinner table. Maybe I want my phone in case, you know, an argument comes up or something. You need to look up a fact to prove somebody wrong. But if you can face it, you put it face down, you're making a statement that says I'm paying attention to you. Now, if it can go green, I can stop paying attention to you and have my phone down. You're polite and yet not missing a beat. Exactly. Exactly. Yeah, I mean, it was a year ago that one plus showed us the camera under the display. By the way, somebody else beat him to it. We'll get to that later in the show. So so one plus likes to do this. They don't always come out with the stuff. But a lot of what they showed up, they showed off the the telescoping selfie cam that would pop up and that has made it to market does end up. This is one where I'm not sure. I'm not sure we'll make it to market because I'm not sure what it's good for. I mean, they've told us what it could be used for. But none of those seem like compelling cases. On the other hand, companies will try this because they want to differentiate themselves from Apple and Samsung. And if they can say like, yeah, but look, ours turns colors on the back. And what now breathe, look, see, it's in sync with your breathing. Isn't that cool? That's kind of stuff that convinces people in a store to buy a phone that they might not otherwise buy, even if it's not that practical. Yeah, I actually really like the sorry, sir. The fun part of it. Oh, no, go ahead. I was just going to say, I really do like the idea of the glowing back. I think that could be that could be kind of interesting. I mean, maybe it's just fun, too. Right. I mean, we like having glowing lights in our background that are changing colors for the holidays and things. So it could just be fun. But I do sort of feel like one plus is the research arm for everybody else and their stuff doesn't actually end up coming to market a little bit cooler stuff. I think, you know, you know, just thinking about this a little bit more. I my original thing was, well, when am I ever putting my phone face down on a desk? And Allison, to your point, it would be a polite thing to do at Thanksgiving dinner, for example. But maybe it's in my purse, you know, or it's in a bag of some kind. You know, I'm always carting around things. We got masks on these days. And, you know, it's it's I'm constantly like, where's my phone? Where's my phone to have it glowing in a way where I'm like, oh, my phone's trying to tell me something. And the color lets me know that it's a text message or there's some sort of breathing information that I might be aware of. That really does come in handy. All right. One of the things we know about the SolarWinds attacks that we talked about all last week is that the attackers do not appear to have access, classified information or the nuclear codes or anything like that that seem to have been after email, maybe some other documents in nonclassified systems. So what is that good for? Foreign Policy magazine interviewed more than three dozen current and former US intelligence and national security officials for a three part series about spies battling it out over big data. And it shed some light on what a foreign government can use this kind of information for, identifying spies. In 2013, the USCIA noticed that its agents in Africa were almost immediately like the moment they stepped off the plane, being identified by the Chinese for surveillance, and they tried to figure out why rather than hunt for a mole like they might have in the 1960s. The CIA determined that China was analyzing stolen data. This is something China has become an expert at in the past 10 years. Back before 2010, the Chinese government was angry over the infiltration of the party and government by CIA assets. So the Chinese launched a program to discover and exploit a flaw in the CIA's online system that was used by its operatives and they succeeded and rooted out a lot of the CIA's spies. As a result, the party discovered that the prevalence of dirty money in the Chinese system, bribes and stuff like that, was helping spies hide because there was so much you couldn't say just because there was a money thing that they were a spy. Too many people were involved in dirty money. So President Xi Jinping began an anti-corruption push in 2012, not just a coincidence. It may not have been only for this, but it definitely was partly because of this. In 2013, the Snowden leaks came out revealing how far into Huawei's Chinese based servers, the CIA had penetrated and that further spurred China to start collecting data beginning with tracking flights and passenger lists to try to figure out, OK, if we know somebody is a spy, where are they going? It also went after biometrics data at airports like Bangkok. So maybe they could try to figure out like, OK, we think that person's a spy. Is that the same person traveling under a different name? China had stolen information before, of course, but now it was building the infrastructure to process it, data analysis. Intelligence facilities began to be located near data processing centers in China. The travel information was helpful in uncovering spies, but another piece of the puzzle made it much more effective. An attack on the US Office of Personnel Management in 2012 leaked personnel data from 21.5 million people, including myself. That had health, residency, employment, fingerprint and financial data. Background checks that included mental health, sexual histories, drug use were also in the data that was accessed by the attackers. That data could be analyzed to figure out who was a US agent, just based on what you could find in there, as well as pair that information with the travel data. And then you could figure out who from China those agents met with. The background data particularly could be used to cultivate China's own assets abroad. For instance, recruitment of American translators at US intelligence agencies increased shortly after this attack, as did much faster recruitment and harassment of spouses of US officials by Chinese and Russian officials. And Russia coincidentally, or maybe not, used information in payroll payments that it had to identify the real state department employees from the more highly paid CIA operatives at the US Embassy in Moscow. And that's what they did with the data from one database in the US government in 2012. So you can imagine with email communications and more from multiple government agencies, multiple corporate clients around the world, what they might be able to tell about who's out there. Yeah, no kidding. And especially the classified documents versus non-classified email documents and other correspondence being able to infiltrate that gives you a great idea of where people are going and when. But also, yeah, who their families are, where they live, where they're going, where they've come from. It's very mind blowing to me. And I know we had somebody on our show last week who said, can't wait for the movie on this, who's getting the movie rights because that this is a good one. I mean, not good in the sense that any of this happened. But boy, talking about some espionage stuff, it does not get any deeper than this. Allison, what did you make of it? Well, Tom mentioned at the beginning that they didn't access classified information, so we're all happy about that. But there's kind of an analogy when you look at classified information in my previous work employment, we would have seemingly innocuous information about something that was going on in a classified program, like, let's say, how many licenses of X type of piece of software? And it was and we were told we weren't allowed to document that in any way. We weren't allowed to report on it. We weren't allowed to track it. And I would say, well, but how could this piece of software tell you anything? And they explained, if you take this piece of data plus this other piece of data, plus this other piece of data, you start putting it together. Now, you know what kind of engineers we have in this program that are doing this kind of work. And by that, you can start putting together what kind of work are we doing? And so it's this aggregation of data together that each individual piece, not that interesting, not that useful, but when you aggregate it all together, that's when you can build this bigger picture. Also, Tom, bringing up the Office of Personnel Management loss, I'm still angry about that. Additional information that was in that database, in addition to what Tom said, was it's not just the information about us. It's information about everybody we know, because one of the things that we had to fill out in our security clearance paperwork was things like birthdays and addresses of all of our relatives, of any of our foreign contacts. I mean, if there is a single thing you could have stolen that was the most valuable to me, that was the single thing. You know, obviously aggregating all this stuff together is even more powerful. But that one thing by itself, yeah, that's the whole kitten kaboodle. I mean, that was the money steal right there. And imagine with machine learning being what it is now and how well Chinese companies are doing above board with machine learning, how you can train a system to look at a huge pile of data and tell certain things about it that you want to find out. You know, you don't even have to do the correlation of it anymore. You just turn the algorithm on it and say, find me the spies. And it's likely with a high level of accuracy to be able to tell you like these people are likely spies. Yeah, and maybe we're going to need a whole new batch of spies. If you want a positive take on this in this foreign policy article, Dwayne Norman, a former senior CIA official, said, you operate under the assumption that good tradecraft, not secrecy, will protect your assets and operations. So OPM wasn't some kind of eye-opener. It was confirmation of new threats we already knew existed. He's not saying that it's not bad. He's saying like, but it's not new. We deal, we operate under the assumption that the enemy is going to figure out stuff all the time and we should always be figuring out how to counter them before they do it. Hey, folks, if you want to join in the conversation in our Discord, link your Patreon account, become a patron, and then link that account to Discord and you'll get the Daily Tech News show server. You can become a patron at patreon.com slash D-T-N-S. Well, last week we talked about the launch of Apple Fitness, plus we all kind of kicked around, whether it seemed worth it, whether those of us who don't have Apple Watch used to get them so we can get on board, whether it is a good service at all. And we're happy to have Allison with us today because you've actually done that. You have actually taken Apple Fitness Plus for a test drive. So let us know how is it? Well, one of the first things I wanted to talk about was people are questioning the need for an Apple Watch and it turns out with the phone app and the iPad app you can do it without an Apple Watch, but with the Apple TV app you do have to have an Apple Watch. But to me, there's actually no point to this if you don't have an Apple Watch because otherwise why aren't you just watching YouTube? You could be watching anything. The key feature that makes this unique is that on screen the entire time you're working out you get to see a whole bunch of data. You can see always on screen is your own heart rate how many calories you've burned in that workout and some other things that are also useful like if you're doing a high-intensity interval training you can see the total clock. So if you sign up for a 30-minute class you can tell I'm only 10 minutes into the torture I get a long way to go, but during the intervals there's also a clock showing you how much time you have left. And to me there's nothing more aggravating than when they tell you okay we're going to do this 40 seconds and they don't give you any feedback during that 40 seconds. That 40 seconds just stretches out to an hour when you're in agony. So this you can always tell exactly how long that's going to go. So I think the Apple Watch is a really key feature otherwise why are you bothering with this? Go watch some YouTube, you're fine. I could see people saying yeah but the Apple is probably better than what I would find on YouTube. But that's not the product Apple is making. Apple is making a product that relies on the tracking to be at its best advantage. They're not making YouTube videos. Yeah and I mean it's hard to say it's better than YouTube because YouTube has a lot of content, right? I'm not saying it's better than, I'm not saying it's better than YouTube. I'm saying a lot of people may say I believe it will be better from Apple. So I would like to sign up even though I don't have my Apple Watch. Yeah, maybe. I mean they got real nice wood backgrounds and stuff. Maybe their trainers are even more fit. I don't know. Yeah, Leo Laporte did say that one of the things he doesn't like is the trainers are all fit and thin. I hate that. It felt very much the ones that I did felt very much like the kinds of things that I've seen on YouTube so it didn't seem that extraordinarily different. But to be able to see these metrics real time was really cool. They also have an environment for people who are new to certain exercises. So you can say I would like the absolute beginner's yoga or the absolute beginner's cycling and you get kind of a basic course and for somebody like me I've never done yoga before so I did it and I figured out that yoga is not for me. I didn't like it. It wasn't really what I like because in 20 minutes I burned a grand total of 46 calories. I'm looking for highest calorie burn per minute. That is my main goal to make up for how much I want to eat and drink. So that was not the metric I needed. They do have an interesting thing in here called burn bar. And Apple's not really good at doing any kind of the social stuff and I think this is as close as they're getting right now. How many calories you're burning versus everybody else who's taken this course? And so it was kind of funny when I finished I was middle of the pack at 212 calories in 20 minutes or 30 minutes and the top end was 178 calories burned and my first thought was wow I want to get to the front of the pack. And then I realized that's a very odd metric because if I was super out of shape I had no muscle tone or anything and I was real flabby and I went in there and probably burned more calories during the same exercise as somebody who was super fit. Well, somebody who has hyperthyroidism or something where it's like it's going to just throw off numbers. Yeah. I'm just not sure that's the right metric to go to the top. I did get my heart rate up to 160 beats per minute and you're supposed to do your peak heart rate supposed to be like 220 minus your age and I'm 62 so I should have stopped at 158 and I can tell you 160 does not feel good. It is not where I wanted to be so I needed to slow it down. The other thing I did want to talk about was from a tech standpoint again you could do it on your phone, your iPad or the big screen TV with your Apple TV and I can see it being super useful to use an iPad say in a hotel room or something like that when you're on travel but I also discovered that the type of class you're doing might change which device you want to use. So my TV is like eight feet up off the wall on the wall in our bedroom and that's really hard to use when you're doing a downward dog in yoga. I couldn't see it at all so I actually stopped to the workout and started it over on the iPad and then I moved the iPad from the bed to the floor to the bed to the floor as she was changing what she was telling us to do. So it is good to think about what kind of workout you're doing as you pick the tool you're going to use to watch it. Alright folks let us know if you're using this what you think to feedback at dailytechnewshow.com Real quickly ZTE is the first to market with a phone with an under display 32 megapixel selfie cam available on the ZTE Axon 25G. It was a year ago about this time that we were seeing it from I think Oppo but now we're seeing it from ZTE in the market. The reviews are in and mostly find the phone to be respectable as a mid-range smart phone with a pretty bad selfie cam. The Verges Sam Biford describes the camera as producing hazy soft photos with weak colors and blown out highlights in good light with a ton of noise and obliterated detail in lower light. Android authorities David Imel describes it a little more charitably as adding a glow reminiscent of Vaseline on the lens of a 60s movie camera. The screen uses a combination of organic and inorganic film over the camera to let some light through and then that section which is pretty small up at the top has lower pixel density so you do tend to see where the square is over the camera especially with white backgrounds. Outside of its headline feature though reviewers seem to like the 90 Hertz 1080 OLED screen phone with a 5G modem and 8GB of RAM for 449 Euros. The good thing is Tom cameras in cell phones aren't really important hardly anybody uses them. It's not like that would be a feature you'd want to work really well. Well that's the weird thing I guess maybe for people who don't care about cameras having them hidden under the screen is better but then if you can tell it's there I don't know we'll see who buys it. This is ridiculous. This is absolutely ridiculous. I mean it wouldn't be ridiculous if the selfie camera people were like this is amazing. It sounds like the camera is just sure it's hidden but it's also not very good. Yeah who's winning? Yes we're not quite there yet. I absolutely don't care about the notch I know people lose their minds about it. I don't either. I do not. It is never a thing that has ever bothered me in any sense. I'm like really? I mean just a tiny thing just don't look at it. Alright let's check out the mailbox Sarah. Oh let's do it. Jared wrote in and was one of several people who noted that Tom and I last week kept mentioning fighter pilots in YouTube surveillance planes and of course the YouTube plane is a surveillance plane and not a fighter so we regret that error. Jared also added though when you think about any aircraft there is a lot going on around aviating, navigating, communicating. When you're a single pilot that alone is a difficult job. Add in the jobs of observing radars and cameras and reporting any contact scene so they can then be investigated. It can become a very difficult job. But I think that the pilot would be an incredible advantage. Makes me think back to the old Firefox movie from the 1980s where the pilot could just think or talk to the aircraft's four system control. That's great insight Jared kind of really fleshing out why having that AI assistant is helpful. Also some folks took exception with my answer to doctors question of what else could be broken out from big companies if they were broken out. I want to clarify. I wasn't advocating that that's the right solution. I was answering doctors question about if they were to break it up what could they break it up into so that wasn't me saying and they should that was me saying here are some possible targets they could go after as far as what effects it might have Derek who works in advertising noted if Instagram and WhatsApp were broken up into separate companies it would help make the marketplace more competitive giving advertisers more options better ads etc because more competition. We deal with Facebook ad sales the same way we do with NBC the final transaction does have to occur within Facebook's platform interface but we see the same for other social networks so he was saying Facebook owning that doesn't really bother him that much. Google on the other hand he says is far more problematic in that they own so much more including ad serving platforms like GCM and double click analytics programmatic DSPs like DV 360 ad networks like GDN and add mob on top of their monopoly in search and video he called it a monopoly including YouTube if you work across their suite it just works but it can be a challenge if you don't want to go all in on Google thank you Derek for the advertising side perspective on that. Absolutely and thanks everybody who sends us feedback sometimes there are questions about stories that we've covered hey why'd you cover it this way why didn't you cover it another way here's something I'd like to add to a story that you've covered here's something I'd like to hear about in the future all of those should go to feedback at daily technewshow.com we love getting your feedback keep them coming also shout out to patrons at our master and grand master levels today they include Paul Boyer Phillip Shane and Irwin Stur also thanks to Allison Sheridan for being with us today Allison what's been going on in your worlds well I'm actually going to cheat and have two quick plugs here on my chitchat across the pond podcast two weeks ago I had a gentleman named Tom Merritt come on the show to talk about how he manages all the amazing numbers of things that he does and also this week on the NoCillicast my flagship show I have Bart Boo shots on every other week where he does a segment called security bits and this week he did a deep dive into the solar winds attack where he explains everything about it from the beginning to what we know right now. Yeah your guest on the chitchat about time management made a lot of suggestions that I found obvious to myself but maybe some other people will find it useful the breakdown of solar winds from you guys was fantastic it's the best overview I've heard of just like if you want to know everything that happened because we were covering it day by day if you just want that 30,000 foot view go check that out podfeet.com and folks don't forget patrons that stick with us get merchandise rewards at certain levels you have to be at the right level but you can get things like stickers t-shirts hoodies every three months as long as you stay a patron go find the details at patreon.com slash DTNS folks we are live Monday through Friday 4 30 p.m. Eastern that's 21 30 UTC find out more at daily tech news show dot com slash live and we are back tomorrow with Blair Bazderich talk to you then this show is part of the frog pants network get more at frogpants.com I hope you have enjoyed this program