 Coming up on DTNS, Apple fires another employee involved with protesting the company. Tesla sells you health insurance if you let its car monitor your driving. And no, right clicking is not a crime. This is the Daily Tech News for Friday, October 15th, 2021 in Los Angeles. I'm Tom Merritt and from Studio Redwood. I'm Sarah Lane from Studio Colorado. I'm Shannon Morse, drawn the top tech stories from Cleveland. I'm Len Peralta and I'm Roger Chang. The show's producer. We were just talking about distilleries and wineries and brandy and whiskey and all kinds of good stuff on good day internet. You can get that conversation by becoming a member at patreon.com slash DTNS. That is where you can join our top patrons like Steve Ayadarola, Dan Colbeck and Jeffrey Zilx. Let's start with a few tech things you should know. Bloomberg's Mark Gurman reports that Apple has hired a Fruz family as its new home pod software head family worked for Apple between 2012 and 2016 on the original home pod team before co-founding high end audio startup Sing that sing with a Y with former Apple designer Christopher Stringer. Apple's previous home pod software head Jason Harrison left Apple to work for Airbnb last year. Clubhouse added a music mode, providing a set of tools to optimize sound quality and directly connect to audio devices for live performances in the app. The feature will roll out first to iOS users and then come to Android. Twitch posted on its website following a massive data breach last week that quote, Twitch passwords have not been exposed and quote, we are also confident that systems that store Twitch login credentials, which are hashed with B crypt were not accessed nor will were full credit card numbers or ACH bank information and quote, which claims that the information exposed only affected a small fraction of users and customer impact is minimal and that the company is also informing those who were affected. Yeah, unless it was your Twitch earnings, then it might not be minimal. Nintendo will launch its Nintendo Switch online plus expansion pack subscription tier on October 25th. That will include access to Nintendo 64 and Sega Genesis games as well as new paid animal crossing new horizons, happy home paradise downloadable content. It'll cost $50 a year for individuals, 80 bucks for families. And Nintendo is also releasing wireless Nintendo 64 and Genesis controllers. If you want to get the full experience while you play those titles for 50 bucks each, although they will not be required. You could it's just if you want to use them to play the retro titles. Chrome is Chrome Google is not really not Chrome OS 94. The final update before Google switches to a four week update cycle for Chrome. This update includes a variety of things, including enhanced voices for the select to speak feature on Chromebooks in various accents in 25 language initially with more to roll out in the coming months. All right, let's talk a little more about what's going on at Apple. Shannon, tell us about it. Sure. At the end of August, about 15 Apple employees began organizing under the name Apple to to collect stories of workers who have experienced harassment and discrimination. Senior engineer, her name is Ashley Jovic began tweeting allegations of harassment, surveillance and workplace safety issues over at Apple. She raised concerns internally about privacy and harassment, and she was placed on internal leave at her request in August while the allegations were investigated. She then filed complaints with the U.S. National Labor Relations Board the week of September 2nd. And on September 9th, Apple contacted her to discuss an intellectual property issue after which she was fired. And now Friday, October 15th, Apple has fired one of the leaders of the Apple to movement, the Apple Maps program manager. Her name is Yannica Parish for deleting files off of her work devices during an internal investigation. Now, the verges sources say the files included apps like Robin Hood, Pokemon Go and Google Drive. The other leader of Apple to share Scarlett is currently on paid medical leave. So what in the world is going on with Apple? Yeah, we don't always cover these kinds of stories because they tend to be labor stories or business stories. They don't necessarily affect your use of technology, but this is starting to look like a pattern which could affect Apple and could affect your use of technology and and is just significant enough to to look at and say, OK, sure. When people complain, they sometimes don't have an axe to grind. We're not trying to disbelieve victims, but there could be a situation. One could imagine a situation where they cause harm and do have to be let go. This is this is not looking like it fits squarely into that that type of situation. What do you what do you all think of this? This is this is a tough one and I think part of it is that Apple, although it's a different company than it was five years ago, but is notoriously very secretive about, you know, the conditions under which people work there and what they're doing day to day and, you know, NDA is all across the board type thing. I have been following some of the public folks involved with the Apple to movement enough to know, at least from their perspective, individuals perspective, that workplace situation, workplace environments at the company are subpar and they, again, if if these are to be believed are really good arguments to say just that Apple. I don't I don't know how much Apple can kind of lean on like, well, if you don't like it, just leave type thing, because I think that that's sort of been Apple's M.O. for a while because it's Apple, you know, you're lucky to work here kind of thing. And and and if you don't like it, you can, you know, there's the door. But this is a possible president for a lot of other companies that might have the same working conditions or similar working conditions that are not advantageous to the people working there and and can and make some changes. My husband works in HR, so I often ask him questions about like, what is going on and like, what kind of laws do do these companies have to follow? And if when you start seeing this kind of thing happening again and again and again with multiple employees, then it's most likely there is an issue going on with either like the way that they are documenting how to deal with claims, how to deal with workplace harassment. And maybe they don't even have the proper kind of documentation on file for people to follow so that everybody is following the same exact guidelines for that company. And if that's the case, we will most likely see some kind of court action. And there may even be some kind of agreement between the different parties, Apple and everybody that comes up against them to to maybe take this to court. So I don't think this is the last we're going to see of it. Definitely. Yeah, it has that feeling of something that's not just going to be like, oh, well, I get, you know, that happened and it blows away. I get the sense that there are a couple of different culture clashes going on here. One is the culture clash of Apple's secretiveness with the the counter needs of someone who wants to expose abuse or or or misuse or something like that. Obviously, if you want to expose something, you want to exfiltrate data. The one thing Apple does not allow its employees to do is exfiltrate any kind of data, no matter what it's about. So yeah, you could say, well, Apple's using that to punish these people, but they would do that no matter what it was about, even if it was about, you know, wanting to expose the menu in the Apple cafeteria. They that's just the way Apple is. The other culture clash is I think what you touched on, Sarah, with the, you know, if you don't like it, go somewhere else of an earlier generation. This is the way it is. Apple has a reputation, certainly had a reputation under Steve Jobs of being a very difficult place to work. Where people were screamed at sometimes and people were held to harsh, harsh account and having uncomfortable working situations that are not the norm anymore. They may have been the norm back in the 1980s and 90s, but there is a clash between what is acceptable in a workplace that is being worked out. Now, I'm not saying who's right and who's wrong, but there is definitely a difference of opinion about what is normal behavior and what what is just part of the job. Well, and I think, you know, just before we move on, this whole idea of, oh, an employee deleted files that they shouldn't have deleted because it's, you know, the property of Apple. But that employee saying, well, no, but this is relevant to my case about workplace harassment inside of Apple. That that's where, you know, legally, I I I hope that this shakes out a certain way. But yeah, it's going to potentially force Apple and other companies to to act a lot differently as far as secrets are concerned. Indeed. All right. This next story I really didn't want to do, but so it's got one of the highest numbers of votes on our subreddit. I've had several people ask me directly to to address it on the show. So we'll address it. But I really think there's more smoke than fire here. Tuesday, a reporter with the St. Louis Post Dispatch alerted the state of Missouri that social security numbers of school teachers and administrators were available to public exposure on the Missouri Department of Education's website. So this was responsible disclosure. When doing a search for teacher certifications, there was a web app that lets you search like, OK, is this teacher certified? That was supposed to happen. The reporter found that if you viewed source, so it wasn't available just in the search results, but if you viewed source, the source code contained the social security number of the teacher returned in the search, which is not good. It shouldn't be available anywhere, even in view source. It was not visible in the rendered HTML, but anybody viewing the source will be able to find that information. So the reporter did what a reporter should do, found three social security numbers and then verified that they were in fact real numbers to make sure like maybe these are dummy numbers, maybe they're not accurate. I'm being a good reporter. Let me make sure they're actually what I think they are and they were. Then the reporter went to the state on Tuesday and agreed to hold the story while the program was fixed or while the problem was fixed. So this is responsible disclosure. I'm going to run this story, but I want to give you a chance to make sure those social security numbers are no longer available and the state responded by removing the search tool, just taking it down and saying, well, we're just going to keep it down until we can figure out how to fix this. However, Thursday after the story was published, Missouri's Office of Administration Information Technology Service Division issued a press release saying, quote, a hacker took the records of at least three educators, decoded the HTML source code and viewed the social security number of those specific educators. All of that is accurate. Anybody who uses a web page decodes source code and the reporter, as I described, did take three social security numbers to verify that's actually what they were looking at. Missouri Governor Mike Parson then held a press conference repeating those claims, adding that the individual used a multi-step process. This was not simply right-clicking. He said the state is committed to bringing to justice anyone who hacked its systems. That bringing to justice caused internet furor. However, the governor cited a Missouri law that makes it a misdemeanor to knowingly and without authorization or quoting the law, without reasonable grounds to believe that he has such authorization, access a computer, a computer system or a computer network and intentionally examine information about another person. However, when you're viewing a website, even if you're viewing the source code of that website, most courts are going to think you probably believe you have authorization or they wouldn't have put it on the web. In fact, the U.S. Supreme Court in Van Vuren versus the United States ruled that someone violates the law when they access files that are off limits to them. Information available on a website served to the public and found by right-clicking and viewing source and doing a search probably is going to meet the legal grounds for not being off limits. Governor Parson said this was not a simple right-click. He claims the data was not freely available. I disagree with him. It seems like it was pretty freely available. He says it wasn't and it took an eight-step process to generate a social security number. It's unclear if Alt F4 would be considered two or one step in that evaluation, but I'm not sure how we got to eight. Anyway, it's unclear if any lawsuit's going to be filed here and honestly, this is something where you can point and laugh and feel some shout and frown and say, oh, he doesn't get it. My guess is the governor gets it quite well and knows that the more outrage that people have online about this and spread the word, the more his base of voters will come to his defense and he can raise money for them because that is a currently very profitable way to fund your campaigns. Get people angry at you so that your base comes to your defense and donates more money. And that's what I think's going on here because there hasn't been a lawsuit filed and I'm going to guess there won't be. Right, because it would have to be dropped. He would have no case in this matter. Just talking about the technical aspect of this, viewing source, anybody can do that. I do that accidentally all the time when I hit F12 instead of the backspace on my keyboard, on whatever website I might be on. And that does not mean that I'm a hacker. So even though now that you explained it, I do agree with you, Tom. I think that he most likely is doing this just to get people angry, just to get them talking about it. And I will admit that I definitely had some hot takes on Twitter myself. But even so, there's a precedent that he's making light of where oftentimes security researchers, people that are finding vulnerabilities and disclosing these very responsibly are treated as if they are the assaulters. They are the villains when that's not actually the case. And given that he is perpetuating this bias that is already there is not going to help any security researchers who may want to protect US government websites and networks in the future because they may be scared to do so. So I don't think it's very patriotic to be treating people like this, even if you do wanna gain more money for your political assignment, whatever that may be, because you are in turn impacting the US relations with security researchers. It's a chilling effect. And Missouri representative, Tony Lovosco, tweeted the same thing saying like, yeah, this is not a good idea. Right, I 100% agree with that. Well, what may or may not be a good idea depends on if you're a Tesla owner. Good ideas. The company launched an auto insurance product in Texas that uses real-time driving behavior that it will use to evaluate your premium based on your actual driving. So the same safety score then is used in the company's full self-driving driver assistance beta, which will be the main factor used to determine premiums going forward. So you won't need to add a device like you do for other similar insurance offerings. Tesla also says in its terms and conditions, it won't use age or gender or even accident records to calculate your premiums. Tesla already offers an insurance product in California, but this doesn't use real-time driving data or the safety score. So this is a little bit different in Texas. The safety score is based on five metrics, forward collision warnings per 1,000 miles, hard braking, aggressive turning, unsafe following distance, I hate you people, and forced autopilot disengagement. Tesla says it expects average drivers to save 20 to 40% on premiums if they do agree to sign up for this plane. Yeah, so this is something that is not new. The only thing that's new is that Tesla can do this without you having to put a dongle in your car, right? They can already monitor your safety score. They already create a safety score just for your own edification, and they're gonna use that to give you a discount on your insurance. Now, they could also use it and may use it to increase your insurance. In fact, they show how premiums would vary over time as your score fluctuates. The idea, though, I think is a good one, which is you wanna encourage people to drive more safely by giving them a discount on their insurance, which then means that the insurance company makes more money. It may be counterintuitive to think of it that way, like, no, no, they make more money by raising. They raise their premiums on people who have accidents that they have to pay out on. If they're getting you to drive safer, they can actually lower your insurance premium and make up more money because you're not going to be in an accident, or it's not as likely that you're gonna be in an accident, because that's where they really lose the money. And that is health insurance, auto insurance, insurance. If you're all aware about how insurance works, this is great for Tesla. If a lot of people wanna sign up to the program, I don't know how many Tesla owners just would say, eh, I like what I've already got going on. I personally do not have an issue with people driving more safely, but I understand that there are a lot of caveats there. Saying you were, you know, heartbreaking, aggressive turning, following at an unsafe distance. If that increases my premium, and I say, well, but I have like really good reasons for all of those things, you know, emergency situations or whatever, you know, it's all very, very personal stuff. I can see where the big brother aspect of this is gonna turn a lot of people off. Mm-hmm, yeah, I'm one of those people. I don't like the idea of data collection to the point where it could financially affect my insurance rates for my vehicle, especially if I'm in a very crowded environment when you're constantly being cut off on the road, et cetera, et cetera. There are things that happen on the road that you may not be at fault for, but your car may think that you're at fault for just because it's tracking the data as opposed to the actual human impact that is happening in that vehicle. Yeah, it's the difference between the aggregate and the individual. When I think of this in aggregate, I'm like, yes, it makes perfect sense that this is going to work accurately most of the time because otherwise it wouldn't be good business for Tesla. Tesla wants this to work accurately because they want to accurately identify safe behaviors and the people who they are more likely not to have to pay out a claim on. That's in the aggregate. As soon as it comes down to me and the individual and my premium goes up because it thinks I'm hard breaking, I'm going to say, like all of you are, I'm not hard breaking. Who are you? What are you talking about? Your algorithm's wrong. That's not accurate. And the fact is algorithms aren't perfect. So even if in aggregate they work most of the time, there are going to be individuals where it isn't accurate because nothing's perfect. And of course, the idea that I might be that person makes me go, yeah, I don't know. I don't know if I want this or not. But I mean, I guess that's true of all of these and they're not new. The only difference is Tesla's now getting into this, which is another way for Tesla to make money and they can do it in Texas where they don't have as hard a consumer protection as they do in California, which stops it from doing it here and they just move their headquarters to Austin. So yeah, a lot of interesting things in there. Hey folks, if you want to talk about this or anything else, join in the conversation in our Discord. We got all kinds of people in there sharing gifts, talking about their local conditions, swapping tales about hardware and software and you can join them. Become a member of our Patreon to get access to the Daily Tech News Show Discord and join the club, patreon.com slash DTNS. Governments and private companies all talked this week about cracking down on tech crime. Google says that so far this year alone, it has sent out more than 50,000 warnings that state-sponsored attackers are targeting Google account holders. That's up 33% from the same period in 2020. Now this week, Microsoft warned that 250 Office 365 customers in the US and Israeli defense sectors were targeted by an emerging group labeled DEV0343. Ransomware is also on the rise, no surprise. The US Department of the Treasury reports that it estimates ransomware payments totaled $600 million in the first half of this year, passing the total for all of 2020. And we still have a few months left, folks, officials from 32 governments met this week to try to better coordinate their responses to ransomware by sharing information about attacks and investigations. They also plan to increase scrutiny of cryptocurrencies to make it harder for attackers to launder payments. They also pledged to push companies to improve security. For example, the US Department of the Treasury issued new guidance for companies to protect themselves against ransomware attacks. Companies who do not follow the guidelines may be penalized by the Office of Foreign Assets Control. Yeah, a couple of thoughts here. One is that maybe we're getting more attacks because the attackers realize that the crackdown is coming. It's gonna get harder to do what they do. So they wanna get the easy pickings while the easy pickings are still there. I think that's part of it. The other thing is the only solid action I see here is the Department of the Treasury saying, look, we need you to stop paying ransoms. We need you to stop being vulnerable to ransomware and we're gonna find you if you don't, basically. Yeah, ransomware has been an ongoing issue, but we've never seen it being used as much as it has during 2020 and 2021. And that's just based on analytical data and reports that we have seen from different security research companies. So we know that it's a problem. And I think part of it may also be that attackers are targeting different kinds of businesses as opposed to just focusing on infrastructure or consumer or for example, like for-profit retail businesses, they're now targeting other companies like medical, they're targeting schools, universities, they're targeting city governments. And that's something that we've just seen come to light in the past couple of years. They may be just due to financial aspects, they may be easier targets too. So we're seeing this huge volume uptick with ransomware that we've never seen before because it's easier for these attackers to target them. All right, let's check in on a few of the stories circling around Windows 11. We'll go in order from bad to best. First the bad news, those 3D emojis you may have seen Microsoft show off. Sorry, they're 2D. Oh no. Windows program manager Brandon LaBloch responded on Twitter saying the Windows UK account had used the wrong emoji graphics. When promoting Windows 11 emojis that looked 3D back when they posted on October 8th, somebody asked him though, like, hey man, but those 3D emojis, they're still gonna roll out eventually, right? And LaBloch wrote, quote, I wouldn't worry about this right now, but I've said all I can say about it too. Oh. Dang. Harsh. A little transparency. Come on, like that makes it sound like no. The answer is no. The answer is you're not getting 3D emojis which I don't know if that's true, but that, like, why can't you just let them know? Like, hey, the 3D emojis are coming, hang in there. Which is like such a not big deal if the company had just said, hey, it's just, you know, it's in the pipeline. I said all I can say. Right, I wouldn't make it super dramatic though. No, I wanted those 3D emojis. All right, fine, let's turn our attention to Android apps on Windows 11 then, another promised feature that has not yet shipped. That feature is supposed to come to Windows Insiders in the next couple of months and we've had increasingly encouraging signs that it will. The Windows subsystem for Android, for instance, appeared on the Microsoft Store. Some benchmarks for Windows 11 running Android apps have been spotted in the wild here and there. And Friday, as XDA developers notes, a user on China's social network, Billy Billy, posted images showing multiple instances of the Android WeChat app running on an instance of Windows 11. So, hey, maybe this is good news. We not only should get Android support soon on Windows 11, but the ability to run multiple instances, which is something that even not all Android devices have. Yay! As a Windows slash Android user, I'm very excited to see this news. Not just for developers who may find it a lot easier to use cross-platform compatibility whenever they're programming. So, being able to use Android applications and test them while they're on their Windows devices may be very, very great for that kind of opportunity. But it's also gonna be super nice for consumers who are not in the Apple ecosystem. This is something that we've kind of missed out on as Windows slash Android users. There's a few apps that are cross-platform, like Signal, you can use on your desktop, for example. But otherwise, it's kind of rare. So I'm really excited to see this news. That was gonna be my question for you, Shannon, was you mentioned Signal, but is there something where if you're on a Windows desktop, you're like, if I could just access this Android app, it would be so much more helpful for me right now. Actually, yes, Instagram is a wonderful example. Whenever I'm doing social media work, I can't access some of the features of Instagram on their desktop application, in the browser. So it would be wonderful to be able to use an application and be able to text at my keyboard whenever I'm writing up a new post or whatever it might be. Instead of having to get on my phone and do that. If I'm using Photoshop, and I don't want to necessarily upload a picture from Photoshop to my phone to stick it on a specific application, like a social platform, it would be a lot easier to be able to use it on my desktop. So there are definitely ways, as a content creator, I could use it. So it's definitely something I'm looking forward to. Yeah, I mean, it's been great when Android apps appeared on Chrome OS. Granted, that was in a more limited software development situation than Windows is, but I could see being just as pleased to have that opportunity sometimes on Windows. Okay, so from bad to maybe good, how about best? Microsoft will deliver on its promise for an Xbox Series X mini fridge. It will be available at Target in Canada and the United States, at Game in the UK, and elsewhere in France, Germany, Italy, Ireland, Spain, Netherlands, and Poland pre-order starting October 19th for either $100 US or 90 pounds UK, shipping in December. Promises made, promises kept from Microsoft. I'm ready to be a part of this huge charade of people who attack the Target website when these go on sale. I don't need a fridge, but I want to know when one of you gets one, how it is, how happy you are. Sarah, I don't need one either, but I know. Lots of things we don't need, and yet we want. Isn't that weird how that works out? If you do have thoughts on the Xbox mini fridge or anything that we talk about on the show, we want to hear your thoughts. Feedback a Daily Tech News show is where to send those emails. Also, we want to extend a very special thanks to Dr. X17. Dr. X17 is one of our top lifetime supporters for DTNS. Thank you for all the years of support. The good doctor. Yeah, man. In fact, if you want to hang out and chat with doctors, doctors in the discord, quite a bit, they're very active in there. So there's another reason to get the discord. Hey, thank you, Len Peralta, for being with us. What have you drawn for us today? Oh, Windows 11, cheers and jeers, folks. Geez, you know, you remember cheers and jeers? I don't know. I think that was a column or something, but. Yeah, yeah, I remember that. Yeah, I'm dating myself here. Jeers, of course, of those promised 3D emojis will be 2D. Unfortunately, what the F? But FTW cheers that mini fridge is still on the way. Hey, this kind of balances everything out for us, doesn't it, people? All these things that are happening in the world. And this is what it is. One of them is more tangible than the other. Which one would you have rather had, right? Honestly, you don't want my answer anyway. But if you are a Windows person and you're excited about this and you want to show how you feel, go over to my online store, lennpraltastore.com. Of course, if you are a patron of mine, patreon.com.com. This is yours for free. So go over there and check it out. Also, remember, I am doing custom-drawn holiday cards this season. Go to lennpraltastore.com. They're right on the front page. I can draw your family or whatever you want. So go ahead and do that. Yeah, you're doing one for Daily Tech News Show. I am, very, very soon. I love the holiday cards. Thank you, Lenn. Also, thanks to Shannon Morse for being with us today. Shannon, you're a busy woman. Where can people keep up with your work? Tell me about it, youtube.com. Shannon Morse, just like my name is spelled, I've been posting so many Android reviews lately. So if you're into that, if you want to see the Z Fold, the Z Flip 3, or hopefully the Pixel 6 or 6 Pro next week, hopefully I'll have a review on one of those too. Then check out my YouTube channel. Please do subscribe if you're interested in Android content. Excellent. Well, a quick reminder that we do the show every weekday. We are live Monday through Friday at 4.30 PM Eastern. That's 2030 UTC. And you can find out more at dailytechnewshow.com slash live. Please join us live if you can. I'm going to be out for the next couple of weeks. But Tom, and Roger, and Amos, and Joe, and Zoe, and the whole team will be back Monday with Nika Monford and Terence Gaines, Apple Announcement Day. This week's episodes of Daily Tech News Show were created by the following people, host, producer, and writer, Tom Merritt, host, producer, and writer, Sarah Lane, executive producer, and booker, Roger Chang, producer, writer, and host, Rich Strapolino, video producer, and Twitch producer, Joe Coontz, associate producer, Anthony Lemos, Spanish language host, writer, and producer, Dan Campos, news host, writer, and producer, Jen Cutter, science correspondent, Dr. Nikki Ackermanns, social media producer, and moderator, Zoe Dettertig. Our mods, Beatmaster, W. Scottus 1, BioCal, Captain Kipper, Jack Schidt, Steve Guadarrama, Paul Rees, Matthew J. Stevens, and J.D. Galloway. Mod and video hosting by Dan Christensen. Video feed by Sean Wei. Music and art provided by Martin Bell, Dan Looters, Mustafa A., A-Cast, Creative Arts and Len Peralta. Live art performed by Len Peralta. A-Cast ad support from Trace Gaynor. Patreon support from Stefan Brown. Contributors for this week's show included Scott Johnson and Shannon Morse, and guests on this week's show included Stephanie Humphrey and Charlotte Henry, thanks to all our patrons who make the show possible. This show is part of the Frog Pants Network. Get more at frogpants.com. Bob hopes you have enjoyed this program.