 Water, yeah, our video live people We're live The Internet's is on All of them I turned on all the Internet's this time. Don't do that I turned on the Chinese Internet and the US The secret really dark Internet and the light Today's drawing I gotta say it's probably as about about as editorial cartoony as I've ever gotten on the show Oh, yeah, you're going all New Yorker on us this time. Yeah, kind of it looks really cool. I like it. I like it I don't know. We'll see. We'll see if we'll see what the Internet says Understand the Internet has some some things to say Has its opinions all of the opinions I have a feeling that they need to tell me something so We'll tell them how they'll feel and they'll agree with you. Oh, okay. Oh, yeah That's that's a good idea. I should try that And then everybody on Twitter will be like this angers me too. Yes You know, there's the Internet plays Pokemon or you know, they do all those things on Twitch What if there was the Internet expresses its opinion? Just like everyone gets to try to affect this thing, I don't know what it'll be though. I Like this or this show like Clarissa explains it all. It's the Internet explains it all. Yeah Not that I watched that when I was a kid I did not like it and I felt like you're about to break into a Kylie Minogue song You know, there is a I did a I did I do a Clarissa explain. Yes, I did a Clarissa explains itself Thing on this show once but it was a it was a drawing. I think I oh, yeah, I remember that now Yeah, I was I never even watched the show. I don't even know how we even brought that I think it was just something we talked about mid-show. Yeah, awesome. She had a pet. What was it a turtle? I think I think she had a pet turtle Did she? Oh, that's what I remember from the show when I was like 12 years old speaking of shows Has anybody else watched Westworld? No, yes, but I haven't watched episode 2 which apparently the HBO dropped online this morning on HBO Good that's fun to do this week before Sunday. You don't have to wait till Sunday. Oh wait to HBO now or HBO go I think it's both. I think it's online. Yeah, good. Good. Yes. What do you think just? It was it was interesting. We talked about it quite a bit on on spoiler and time on cord killers and yeah I Brian was really excited about it I'm sort of I think I'll be more excited after the second episode because this felt like a pilot to me Yes, I like yeah, I I liked it I wasn't expecting much from it, but I like the way that it was um, I like the way that they the narrative was with the story They set everything up. Yeah. Yeah, I like a lot of the characters But I'm still waiting for a story like I can see the right right. Yeah. Yeah. Yeah No, I got you like obviously had Harris's character, but but I'm like, okay. When does the story? Yeah, one one thing I did it I did a podcast this afternoon We talked a little bit about Westworld and one of the things that I thought was really really cool was the subtle acting of The people who are the androids You know where they say, you know Anthony Hopkins says You know, you know access your old build and then that guy has to sort of Make it look like he's accessing it and then start to react like he's accessed it I thought that was really cool your version of himself. Yes. I thought that was really cool. Yeah. No, it is interesting All right, you guys ready? Let's roll Here we go Daily tech news show is powered by its audience not outside organizations to find out more head to daily tech news show comm slash support This is the Daily Tech news show for Friday, October 7th 2016 I'm Tom Merritt joining me today very happy to have Shannon Morris co-host of tech thing and hack 5 and more back on the show How's it going Shannon? It's going awesome. How are you doing Tom? Very good? Excited to talk about all kinds of security stuff that just happens to pop into the news on Fridays when you or Darren are here I don't know why this always happens, but it's it's as if they know that we are going to be on Daily Tech news show So they give us all the security news as it unfolds on Fridays But we won't get to the bottom of we're gonna talk about we're gonna lay out what we actually know and don't know About the whole yahoo male government surveillance if you're confused about what's happening we're gonna try to lay all that out we're gonna talk about the Internet of Things and Brooke Bruce Schneier and Krebs concerns about that and of course that gives Len Peralta a tall order here to illustrate for us today Yes, it is it is a tall order, but I think I'm up to it today I also want to want to mention you reminded me during pre-show that I am making a huge sacrifice by being here because the Cleveland Indians Are playing the Boston Red Sox right now in game two of the ALDS So you know that think be thinking of me today during the first pitch is about to happen I've got it on my PlayStation view on my phone right here in about eight about six minutes. Yes, I'll keep an eye on it for you Thank you, but thank you. Thank you Hey sports ball. All right, the FBI announced Friday that it is seeking access to a locked iPhone in a terrorist case in Minnesota That's it. Everybody's jumping to a lot of questions about how will they try to unlock it? Will they try to force Apple again all of this sort of thing? That's all we know right now is they're like, hey, we've got this phone and we're assessing our options on how to break into it So more to come. Yeah kind of reminds me of a back in the day when they wanted to unlock another phone And then at the time they were like, no, it's just this one not really well, they said just the ones related to terrorist cases So yeah, no, there's a there's a lot there's a lot to wait into once we find out how they're going to handle this It'll all the eyes are on them Now here are some more top stories In lighter news Facebook has launched another standalone app to access one of its features the main screen of Facebook events will show you your events for that day plus recommended events Facebook thinks you would be interested in So it'll use your news feed algorithm You can also browse for things happening nearby if you're looking for something to do It can pull in your calendar so you can see if you're actually free at the time that event is happening You can view events on a map if you want to see what's nearby or maybe look at a vacation spot and find out What's happening while you're gonna be there Facebook events launches in the US on iOS right now and it's coming soon to Android Shannon, how do you feel about this like they did this with messenger and they split it off? They're not gonna take events out of the Facebook app But then they also have been splitting other things into their own apps Yeah, you're you're asking a girl who has no Facebook apps whatsoever installed on her Android phone nonetheless I'm one of those people that logs on to Facebook and does use the event calendar because in the San Francisco Bay Area There's a lot of stuff that happens that I don't necessarily hear about So I use it as kind of a source like oh, I have no plans this weekend What should I do and then I find a thing and I go to it But I'm not a big sharer as far as events that I'm going to so I don't think a separate events application is something that would benefit my lifestyle necessarily Yeah, I guess that's a really good point is you know This is going to help push people to share more about their events and take photos But what about just that discovery aspect of it is that it sounds like maybe that part of it Isn't is it of interest either and and do you use Facebook enough for it to make good recommendations? Not really. I've unfollowed everything off my Facebook. It's a wonderful thing I actually follow people, but I rarely like anything or or or much to my relative chagrin Responds to comments That's probably a good thing. We're So yeah, I'm pretty much am I will use it as a login proxy, which I know is Frightening to do but but for instead of that throwaway login. I'll use the Facebook login For things sometimes but that's about it. So I I don't know I I'm The thing that puts me off of this from an objective standpoint let's forget about my own use cases is That it will pull in my calendar, but it doesn't seem to want to push things back out At least it's not designed to do that, right? Like I I want it to not force me to use Facebook events as a calendar and they said in the tech crutch article We're not trying to make people use this as a calendar, but I would like it to just like The one thing I didn't hear was and it's really easy to then add an event from Facebook to your calendar Which I you can do that. I just would like to see that highlighted. Yeah, that seems like obvious Implementation that should be should be in there for everybody because calendars are so important. Yeah Microsoft has sent a message that asks attendees to join them at 10 a.m. Eastern Time October 26th for What's next for Windows 10 and in in one of the images that they tweeted they even put the Imagine what you'll do with Windows 10 thing in reverse like you're seeing it reflected in a window because get it windows Imagine what you'll do when you are waiting for them to finally get around to the end of this announcement two hours in that's that's Best bets are we're going to hear about updates to Windows 10 They just they just released the preview for the next update called redstone that went out today So I imagine we'll get more information about that There are lots of credible rumors out there that they've been working on a new all-in-one desktop In the surface line that would have a touchscreen. So we may hear something about that And we'll probably hear some gaming announcements related to the Xbox. That would be my own personal guess Yeah, that all that all makes sense to me I'll definitely be paying attention to what they announce although I don't use Windows 10, but that's okay Yeah, I mean you need to know what what's up. I use Windows 10 in a couple of places I have a surface pro that I that I use as a laptop and it's quite nice I don't use the touchscreen on it as much as I thought I would yeah doesn't come up that often Sometimes I forget like oh I could do this with the touchscreen instead of the mousepad But maybe that's just me I Am it is it is the fall hardware announcement though So maybe Microsoft will surprises with something remember last year they announced the band to and they have now recently disbanded The band group, but maybe there's another product a new Windows phone just yes They'll give those they'll shock us all by saying ha psych. We're totally making like 16 new Windows phones I Starting November 1st in the United States Comcast is implementing data caps in service areas in 18 US states that doubles the number of markets where it previously imposed data caps caps are now set at 1 Terabyte with overage charges of $10 per 50 gigabytes one of the members in the audience sent me their email that they got and they're They're telling people this is how much data you use on average to kind of show them You're well under a terabyte like this guy had like 200 gigabytes a month They're like so see your terabyte cap is no problem However, if it does come to be a problem you pay $10 per 50 gigabytes if you go over or you can choose to pay $50 a month to Get unlimited service. That's $50 a month on top of your current service mind you not just a flat 50 Comcast will let customers exceed the caps without charge in two courtesy months each year So even if you go over once because you just happen to have a weird month You shouldn't hit up the cap. You won't get charged Comcast says the caps are implemented on the principle of fairness that those who use more bits should pay for more bits Well Shannon that makes sense. It's just fair, you know, Comcast only has so many bits The bunch of them you should pay for them. You cracked me up Tom. You're so funny Yeah, I just got this email this morning and I tweeted about it. I use about 500 or so gigs per month Yeah, and and I feel like it's going to get worse because I'm creating much more content as time goes on So with my job, I have to put stuff on the internet I have to use data, but data is not something that just get disappears if one customer uses more than another like No, if you're using those 500 gigabytes, that's 500 gigabytes that Roger can't use on his. No, no, it doesn't work that way No that and I'm being facetious because it isn't an issue of fairness you can't deprive There's not a limited amount of bits and in fact even if you use a lot of data it generally does not Raise the costs for Comcast now in the broad sense if lots of people are using lots of data They might have to put more interconnects in and so it broadly can cost more But there's been plenty of studies that have shown that even putting in data caps doesn't reduce congestion So it doesn't really impact those costs. You're just gonna have more people It's it's more simultaneous use not total amount used per customer and even Comcast engineering vice president and knowledge that yeah Caps their business policy. They're just something we do to make more money Yeah, it's it's pure profit for them So from a business sense it makes sense to put caps on things so that you can make more money from your consumers But at the same time it's making your consumers upset Well, they say only 1% actually hits that cap as it is right now in their consumer market That's going to change and it's changing rather quickly with you know technology being increased every year. Yeah Maybe Comcast I'm saying this because you know, I'm trying to be balanced Maybe Comcast will raise that cap as that usage starts to go up to say like no We really we really just want to charge the people who use a lot of data And and honestly, I don't have I don't like it. I don't like having to think about using data I prefer an unlimited plan like everybody, but it's perfectly fair to me for a company to say Hey, this is how we're charging you we've decided to come up with this as our plan of charging you. That's fine That's fair enough I can decide if I have a competitive marketplace that offers me choices whether that makes sense for me to purchase your service or not What I don't like is when they try to say it's an issue of fairness. It's not an issue of fairness It's it's not that's just kind of like it's a low blow And it's it's kind of rude of them to say that and think that consumers don't necessarily know the difference Well, and it's playing on ignorance because a lot of people out there will be like Well, okay, that makes sense my water company charges me when I use more water because we only have so much water It's like, well, it doesn't work that way. Yeah, exactly. Yeah Samsung announced it will beat profit estimates for q3 despite the galaxy note 7 recall Samsung expects an operating profit of 7.8 trillion won That translates to roughly 7 billion dollars US and is an increase of just over 4 billion won over last year sales We're down from expectations, but still up year over year even in the mobile market That's how well Samsung's phones have been selling that even with this horrible note 7 recall They still saw an increase or will see an increase Samsung semiconductor business picked up the slack Prices rose in that market as well So so the semi conductor business is bouncing back and Samsung's going to be able to use that as a buffer Samsung also sells white goods like washers and dryers. They have a financial arm that does banking So, you know Samsung's entire fortune does not rest on just the mobile division But this is good news, especially given that with that what battery that caught fire earlier this week on a Southwest Airlines grounded flight the US CSPC is Investigating to see if there needs to be a recall of the replacement note 7s. Oh man What a what a headache for Samsung It's it's very sad to see a company that I I very much like their product So it's it's disappointing to see this happen to them But I'm glad to see that they're continually profiting in their business and they're not going to go anywhere anytime soon But I do hope that they fix this because it's it's really really bad Yeah, and and just because the CSPC is Investigating doesn't mean there is a problem with the replacement phones It means hey, we saw that something pretty bad happened We want to find out if that was an isolated instance or if there is a problem It doesn't mean there isn't a problem either It just doesn't mean anything it means they're looking into it to find out But it does also show that Samsung is doing well enough that the business the company itself should be okay Of course, we're still like you say on a knife edge of whether this is going to get worse or better soon We shall see it makes me think of when I was at that Samsung Lions do son bears game earlier this year in Seoul In the lead the Samsung Lions were having a bad year and the Bears were leading the league But those Samsung plucky Lions they came back and beat the doosan Bears that day Samsung can too Wow, that was great I'm trying to I'm trying to be the Vince Colley of tech That was good. I liked it Brian Krebs notes that the source code for the Mirai malware that was used to run that massive denial of service Attack against his site has been released online for anyone to use Mirai spreads by scanning for devices that use factory default usernames and passwords And that's usually internet of things or routers things like that In addition Bruce Schneier has a column on motherboard calling for the regulation Of internet of things security He refers to that denial of service attack against Krebs and notes that it used things like cctv cameras home routers dvrs Other devices like that to amplify the attack Schneier's argument is that these kinds of devices Sometimes cannot be updated, but even if they can A lot of people don't bother a lot of manufacturers don't bother. They're not replaced for decades So they are a ripe platform for botnets and malware to thrive in and the biggest problem is The owners don't care. Yeah, if I if I've got a camera Shannon And it's used in a botnet, but the camera keeps working for me and I never notice Why do I care about updating the firmware? Right, you know, you you won't care until it absolutely Infects your own life or your own privacy and security and even then some people don't care at that point Um, you're you're not going to care the biggest Factor for a lot of people when they purchase iot devices. This doesn't work and how much did it cost? Was it cheap? Okay, I'm going to install this thing Otherwise people don't necessarily mind and that's what manufacturers have been feeding on for years Is the fact that consumers want that convenience over security? I mean, I know we always say it, but it's true It's convenience over security and until Somebody comes in and starts regulating iot devices We're going to continually see this and that's why when Personally for myself and I'm going on this light rant here. Why whenever I go to like ces or whatever it is I I spin the hardball questions. I'm like, well, what kind of security do you use? Is it tls? Is it not like are you using like 128 bit encryption? Like that's terrible fix your stuff and It's such a shame that manufacturers have been doing this for so many years and nobody is giving him a hard time about it We really really need to fix this problem Well, and that's Snire's argument and I'm not a guy who who likes to go to government regulation If we don't need it I prefer things to happen naturally That doesn't mean that I'm also one of those guys who thinks there's no role for our government anywhere I I believe in the fire department and police and roads and things like that So I you know, I'm I'm somewhere in the middle Of that arena and to me this is an example where Snire may have a have a good point here And I'd love to hear from people who reasonably say well Hold on there is a market pressure that he's missing But it does seem like if I have a smart light bulb And that thing turns on and off when I want it to and it does all the things I want And it's infected with malware and I don't notice I have no incentive To go and make sure that the firmware is updated because that firmware update is a pain in the ass yeah manufacturer and None of my consumers are complaining I have no incentive to make it easier for that firmware to be updated or to get my consumers to update it Right I I can make a healthy comparison here to PCI compliance that you see with credit card processing Since I used to work at a credit card processor I would constantly have to call the companies that ran credit credit cards at their physical Points of sale and I would have to say i'm sorry the the device you're using right now is not PCI compliant anymore Visa will find you if you don't upgrade to something that's PCI compliant and that was for their consumer safety They had to do it because there was a regulation set by visa and mastercard And if they didn't do it they got fined a lot of money So it was cheaper them for them to upgrade to a safer More secure device than it was to run the risk of getting fined by one of the big players Because we would report them because we knew about the device So in that sense I I would like to see some kind of regulation with iot as well Where somebody comes in and says if you don't upgrade these kind of devices to manufacturers not necessarily consumers But manufacturers like you need to You know halt sales of this certain one and upgrade to something that is actually secure for consumers And it's better for all of us if people actually do this kind of thing Right because then you don't have this platform for denial of service attacks to be carried out You have less malware. It does it does affect you In the end and and so maybe there's something to be said of like all we need is a consumer awareness campaign But but let's have that discussion. I think schneyer has raised a great question here, which is what should we do to encourage this Behavior is it you know, what kinds of regulations should there be should there just be a You need to make sure that your firmware is updated regularly and that it's easy And what you know, let's let's make it the least amount Of restriction possible that gets us the result that we need We we saw something similar with uh with edward snowden For example with consumer awareness when he released a lot of information media picked it up and they talked about it And because of that even my grandma for example was asking me about iphone encryption Which is something that she would have never known if that awareness didn't happen because of something major Whether you like edward snowden or not like that's something that happened And now you see encryption on so many different devices and it's because of that release of information Yeah, and maybe that's maybe we don't need rules Maybe all we need is the government to run an awareness campaign that says is your light bulb infected You know, make sure it meets this seal of approval and you know, we could have an independent commission All kinds of ideas. I'm not even saying that's the best one But let's let's let's talk about that Uh and let's get people talking about it because this as crebs pointed out and schneyer agrees And these are two really smart people. Uh, this is a problem, right? Yes Uh, let's lighten things up one more time. Duolingo has added a chat bot to its ios language learning app And i for one i'm very excited about this you can now chat in spanish, french and german The bots are in the conversations tab a new tab in the app and asks you questions about different type topics Like driving or food to get you into a conversational mode But without you feeling like oh i'm talking to another real person And i'm embarrassed that my spanish isn't very good This is so cool. I really wish that this was available on android, but currently it's only on iphone, unfortunately And i would love to see them implement japanese because that would just make my day But until then uh, this is a great way to learn a new language because you're actually using it And that's an argument that i've seen uh from a lot of people is the fact that a lot of companies will create Like language platforms that don't necessarily use real life conversational language So you learn the structure, but you don't actually learn how to talk to people Yeah, and i i use duolingo for quite a long time, but i got to the end of what it could offer me There were only so many lessons and only so many times i could practice them Yeah, and and the next step was to use the desktop rather than the app To go and and have real conversations and do translations and stuff And i did that a little bit, but this is going to bring me back Because now i can actually get some conversational practice, which is great. That's cool Thanks to all those who participate in our subreddit you can submit stories and vote on them at dailytechnewshow.reddit.com It helps us put the show together each and every day Uh, we're going to talk a little bit about yahoo Motherboard has a new article today with two new sources x yahoo employee in one case They don't say where the other person comes from saying that in fact The scanning software that yahoo implemented to comply with a u.s. Government order for surveillance was a root kit Uh, which raises huge alarm bells Uh in people like root kits if you remember the whole sony root kit thing Back in the 2000s they do way more than you need For the purpose and provide all kinds of vulnerabilities I mean shannon can can you come up with a a better explanation than me about yeah It is So you know what malware is it's something that infects your computer and can make it do all sorts of janky things And it can also happen on like smartphones and stuff too root kits are a kind of malware That gives somebody who's completely unauthorized and they don't even have to be like physically there on your computer Like complete access to your computer The idea of root kit the name it comes from root, which is the Basically like the privilege like ultra elite user on a linux computer That's where the name root comes from and then kit is for like that computer Uh toolkit it's it's a it's a kit of software that comes all together on a computer So that's why root kit is called root kit. Um, so most of the time root kits gives you complete access to it for an attacker onto a pc And they can reside in the kernel of the computer, which is like the brain of a computer So instead of just being able to like wipe it clean with antivirus Sometimes it can circumvent antivirus by cloaking itself It can hide itself in the background or sometimes it could just like close out your antivirus So it can't even run which is really really scary And oftentimes with root kits on like consumer pcs The only way you can get rid of them is by reinstalling your operating system Or you might even have to replace hardware if it's embedded in some piece of your hardware So it can cost money it costs a lot of times and it's really really hard to get rid of root kits so root kits are very very serious and As shannon mentioned they give you root access and if not properly implemented Uh anybody can access the root kit Exactly Yeah, so so if if a root kit ends up on your computer for example by one hacker Another hacker might be able to gain access to your network and see that root kid there And then go oh, hey, I'm also going to use this root kit for my own access So then all the hackers get the access or for instance If the ceo and legal chief of a company were to ask software engineers Not on the security team to implement a root kit to look for a digital signature as ordered by the foreign intelligence surveillance court It's possible that it could be implemented in a way That others could access that root kit Uh and here's what I think is going on here now I I did a long look at the Reuters story the new york time story and the motherboard story from earlier this week And we'll have that in the show notes And I think I may put it out in our tech update to the patrons which comes out on thursdays What they did was got engineers to adapt a system for scanning email for malware and child porn To search for a digital signal that signature that's according to the Reuters and new york times stories They said let's let's take the scanning. We already do there There's lots of scanning of email scanning of email seems to raise a lot of alarms All companies scan for email gmail does it for ads yahoo gmail microsoft. They all do it for malware It's generally to protect us. Yeah, that's how I see it And it's actually not that disturbing to me to say hey if we have a very defined Signature like we're just looking for this little This little bit if you could just add that to the definitions you're scanning for it's really not that different than scanning for malware and if we had a system with checks and balances and Supervision so it couldn't be approved. I might not mind this right here's the problem It also stored matches and made them available to the fbi. That's according to the new york times My guess is that's where the root kit comes in Yeah, I I'm thinking you're correct on that it sounds like From my standpoint, it sounds like uh yahoo already had this thing implemented So they're they're already scanning for malware gmail does this too That's why we see that announcement at the top of an email That you might receive that says this has not been scanned for antivirus or this has been scanned By antivirus and nothing was caught. Um, so it sounds like what This root kit is doing is being built on top of that Original scanning technique that yahoo was using except now it's Much more forcible nature specifically being used for the government Yeah, and and the reason I think the root kit is that is You want something that can do something scanning doesn't scanning doesn't keep the emails for anyone It just it just alerts like hey, this has got the malware So you can adapt that to scan for this digital signature that you're looking for from the bad guys But then you want to store that for the fbi But you don't want anyone to notice that you've written software that will store this for the fbi because it's classified And even apparently the security team's chief is not have the clearance to to know about this So What ride a root kit, right? Right root crit. Yeah, and then store people's emails. That's cool Yeah, well again if we had supervision and we knew they were only looking for the particular emails of the The person that matched this digital signature. Maybe that's not so bad because they're only looking for to identify The email accounts of the bad guys But an x yahoo employee told motherboard They assumed it was a root kit installed by hackers because the security team found this root kit If it was just a slight modification to the spam and child porn filters The security team wouldn't have freaked out It definitely contained something that did not look like anything yahoo mail would have installed A back door was installed in a way that endangered all yahoo users because as we told you root kits can be used by other people Uh, and another source told motherboard. It was buggy So that's not that's not good either. No, it's not. I mean, I wouldn't expect the um, A government affiliation to necessarily make the perfect The security root kit if you could even call it that I wouldn't expect that from anybody But to hear a security team say that it was buggy is a huge concern Especially if they look at it and say, you know, there's there's some problems with this Obviously we caught it because it was such a huge issue So now like who else had access to that we have no clue Yeah, and according to the motherboard story The the issue was filed in the internal system. It rose right up to alex stamos who was the head of yahoo security at the time And then he spoke to management about it and quickly closed the issue and most of yahoo's security team did not find out about it They they cracked down on it fast Stamos according to the Reuters article then told his subordinates that he had been left out of a decision that hurt users security That would to me sound like maybe installing a root kit Due to a programming flaw. He told them hackers could have accessed the stored emails Right, so now that we know about the root kit from motherboard that Reuters quote makes sense Which is ah, they put in a root kit to store the emails that could have been abused I was upset that I was not included on this decision. Maybe he wasn't included because the nsa or the fbi wouldn't allow him to be Uh, but because he wasn't He felt like he had betrayed the users of yahoo And of course as we know in june 2015 he left yahoo and now he's at facebook Yeah, it's it's unfortunate, but I can I can understand why somebody especially at that level As a chief security officer at a company like yahoo. I can completely understand why they would feel um They would feel left out They would feel probably very upset at the company and just just decide to leave because that is a major concern Like especially when this news gets out, you know that people are going to come after you about it Now there are certainly questions to be asked of yahoo management about this and I I'm not I'm not saying there aren't But none of this is a problem If we have a surveillance and intelligence system in the country that people trust And that security professionals are cooperating with That clearly says this is what we can do to go after people who are doing bad things and this is what we're doing to prevent Innocent people from being taken advantage of in the process of that and because we don't have that system worked out You have things like this where you know, I'm not saying this is what happened But the ceo of the company can be told no you cannot tell Your chief of security about this and if you do you'll be tried for treason Which is ridiculous. Yeah And I am not saying that's what happened, but that is possible That is possible under the current laws in the united states And then you get a situation play out like this where people say, oh, wait a minute. What is this thing like There's this quote from the motherboard article yahoo is a big place and many people there don't realize the security team is actually good at their job Like they just like well, we'll put a root kid in nobody'll find it and it turns out no they actually found it So one of the questions that I did ask while I was reading up on this information was why Why didn't yahoo fight it? Why didn't they go against this this court order and say no because now we see a lot of companies come back and say Absolutely not and then they have to go to court about it. Um yahoo just apparently they just agreed to this And I should also mention that that this did happen before the usa freedom act was enacted Which which you know rules that the government must publicize rulings about any kind of surveillance that happens So they didn't necessarily have to say anything and yahoo could be under a gag order about From the government about this. Yeah, uh, and and so there may be more to the story that they can't explain All they've said so far is that the article is misleading and we narrowly interpret every government request for user data to minimize disclosure The mail scanning described in the article does not exist on our systems. It doesn't mean it didn't used to Remember yahoo did fight and lost a 2007 fISA order to search specific email accounts without a warrant They were able to publicize that they had to fight to be able to publicize that So it's not that yahoo hasn't fought these sort of things before Um and a 2008 amendment to the foreign intelligence surveillance act Uh says that phone and internet companies can provide customer data to aid intelligence gathering efforts for a variety of reasons Including the prevention of terrorist attacks In their their legal counsel's opinion. They couldn't win is why they didn't fight it now We can we can argue whether that opinion is is accurate or not There's lots of people on both sides of that argument Because yes, apple thought but apple was being asked to do something more complex than what yahoo was asked to do But it also is very similar in that you had to write software and you could have Look pointed to apple as a precedent and said we need to fight this Right. Yeah, some some security experts say that what yahoo was doing did not require as much technical um Power or time consumption on their part and that might be why they just agreed to do it But we we really don't know exactly, you know, why they chose it and If they had fought it or not, I'm I'm assuming that they did not fight it at all But we don't know for certain. Yeah Uh, it's yeah, we can't know any of that uh that we don't know why they didn't resist or if they did resist and lost We don't know what was being searched Again, if if we had an idea that like hey what we were looking for was an attachment That was malware that we knew was being used by Some bad actors uh in in in foreign environments to hack into other people I think we'd all be like that's cool. No, you should stand for that, you know And try to figure out how that's getting passed around And we don't know If or what data was handed over So maybe it was a very narrow couple of email addresses that yahoo just scanned until they found and they said here's your email addresses Or maybe they gave a whole bulk hard drive of terabytes of emails including mine and yours. We don't know Yeah, we really don't know and um the the repercussions that yahoo is um They're basically under a microscope right now about their security because not only were they hacked very recently in the last couple of weeks But now they're dealing with this as well. Um, I've I've had several Conversations with some of my security and infosec friends who have just completely deleted anything having to do with yahoo including Not just email but flicker accounts and things like that just to not only make a statement But to to speak to them and say this is not okay There are a lot of issues with how they enacted this and how they went about You know releasing information to the media after all of this happened. Yeah, uh, and and it's it's even tougher because yahoo's going through an acquisition with verizon Yeah, now verizon uh is rumored to be wanting to knock a billion dollars off the price Uh because of this and so there are pressures on yahoo to keep this sort of thing under wraps But there are also legal pressures that we've described that make that so they can't say anything Then you've got the fallout of people saying well, I don't trust yahoo on anything anymore because I don't know It's not that I can prove they did something bad, but since I don't know I'm just not going to deal with them You've got companies like rogers in canada. Uh, you pointed out this link to me that Rogers actually uses yahoo's mail service to power their mail service Now it may be that yahoo wasn't scanning anything with a rogers address But we don't know and then you're bringing in foreign emails which are allowed to be surveilled So yeah, there's there are tons of questions Yeah, there's there's a lot of problems happening right now for yahoo And and it's a great precedent for other companies though Don't pull this. Yeah And it's worth repeating that, uh, you know It may be fatuous But twitter google facebook and apple have denied ever receiving such a request to scan emails They may have had me request that differed in some way Microsoft said it had never implemented the kind of email scanning that that was mentioned here Maybe they implemented a different kind of email scanning But but they were they were all very quick to say no, he didn't do that What is described there? But again, if they were asked to do something similar but different they wouldn't be allowed to say right All right. Let's finish up with a couple emails Drew spent the last week at sales force's dream force conference and thinks he knows why sales force might still be interested in buying twitter The recurring theme of dream force was their new ai platform called einstein Andrew says where it really got interesting was during the einstein keynote fanatics dot com Ran a contest asking people to post a selfie Einstein then analyzed all of the submitted images to add information about people's hairstyles to their demographic information for more Recommendations, they also showed demos of very accurate sentiment analysis of text and very good machine vision And it made me realize what sales force could do with full access to the twitter firehose Oh boy The twitter firehose Scares me a little bit don't change it too bad Well, yeah, I mean it's one thing to say, you know twitter can pay for the api access to the twitter firehose And twitter makes a lot of money giving people that access It's another thing to say we own twitter now. We get all the data That's it And then david v wrote to note reports of ios devices being randomly activation locked And then linked to random iCloud accounts So not only does your phone lock and say oh you need to reactivate it But then it says the email address is not your email address and so you can't even activate it Uh david said ii and a friend of mine were both bit by this We both bought our phones brand new a year ago. I got mine from best buy my friend straight from apple And apple seems to be helping as long as you can show proof of purchase, which luckily I still had my receipt a year later Uh, but yeah, if you walk into an apple store without a proof of purchase and you say Oh, it says it's activation lock, but that's not my email address They're gonna assume that you're trying to steal the phone. So it's a weird bug I'm I'm a little weirded out by this don't they does apple not have any kind of like, uh previous Information on purchases and iPhones that they purchased because I could have sworn back in the day when I bought an iPhone They knew which iPhone I bought Yeah, if you're an apple customer, it probably is going to be easier Uh, if you bought it from a third party though, if you bought it through a carrier, it might not be I don't know Yeah, good point Um, but yeah, and even even so something's going wrong when the i me i Or the zim card associated with your phone suddenly gets associated with some other random i cloud account like that's That's some bad data center juju going on. Yeah, that's bad. Fix it guys. Yeah, fix that. All right Thank you dave for that. Uh, and thank you shannon morse for joining us that pleasure as always Yes, thank you so much. Um, that was super super fun It's always Wonderful to talk with you on dtns And uh, we have lots of interesting stuff coming up on hack 5 So you guys should definitely check it out if you aren't familiar yet and also on tech thing I just got to review a new gimbal for my iPhone and I Recorded the entire Conversation that we had on the gimbal as well as on our usual cameras So some super fancy editing happened in that segment Check it out. T e k t h i n g dot com. That's tech thing with a k Uh or hack 5.org h a k 5.org as well. Len peralta. Let's see your editorial vision Yes, before we started the show. I said this is about as editorial Uh, new york editorial as I as I have gotten on on the show with an image You know, uh I'll just I'll just kind of leave it out there. It's uh, it's an image of the nsa and uh personal security What's left of it being wrapped around two? Uh scantily clad people And uh, someone's yelling yahoo about it so That's amazing No, it's a little bit strange. Uh, it looks like the guy from minions Is because even more evil and as dressed as the nsa yelling yahoo. Yeah I'm just I'm just uncomfortable with the two scantily clad people just covered with the very little scant little Band of personal security. Yes. No, I think you you've actually like summarized This whole situation better than any of us could have Well, thank you so much. It's it's a very difficult situation, uh to to capture but hopefully it worked out pretty pretty well, so Go check it out. Len peralta store.com if you want to take a look at it and even buy a version to put up in your own home There you go. Sounds great Uh, thank you to everybody who supports this show. We get by on you and get by we are supported entirely by your Donations your pledges your paypal donations your purchases at our store If you would like to support the show head to daily tech news show.com slash support Big welcome to our newest backer richard pierce who just started supporting us on patreon big Thanks to brad who increased his patreon pledge. We've got all kinds of cool perks for you at patreon.com Slash dtns Our email addresses feedback at daily tech news show.com. We're live monday through friday 4 30 p.m Eastern at alpha geek radio.com and diamond club.tv Of course our website is daily tech news show.com. Peter wells will have a day six episode this sunday But a reminder it's columbus day on monday So just a daily tech headline show for the holiday I'll be back tuesday with patrick beija and the ceo of connect things leticia gazelle and thwan talk to you then This show is part of the frog pants network get more at frog pants.com The diamond club hopes you have enjoyed this program Yay Good show I mean, I think we did great on the yahu story But honestly, I think maybe the schnire krebs was the best part of the episode I kind of feel that way too. It turned out that way. Yeah, that was a really good conversation Yeah, um, I love brian krebs articles that he writes. So when I wrote when I read about that I was just like, oh man. Yeah, this is so tough to deal with Yeah, and nobody deserves what he went through and him least of all The way I spun it for threat wire was um, it's since censoring journalists Who don't necessarily agree with you with d-dosses and meter eye makes it easier for anybody to do that So it's a major concern. Yeah, we didn't get to it on the show But krebs note that's saying that usually you see someone open The code to something like that when they're worried about getting prosecuted because they want as many other people to be implicated as possible Yeah, I thought that was really interesting All right show titles. Yeah, what do we got? We got the root kit of all evil But I do believe we used that a while ago. I think I may have used that a buzz out loud for goodness sake Yeah, uh, norton light bulb suite Uh, Comcast is captain america Cal I get it because the cat because of data caps. Okay Um, lions tigers and samsung zomai Is your light bulb infected encryption snubs grandma approves of Encryption snubs grandma approves That's funny You didn't and I say yahoo do That's a pretty good one uh uh Root around and yahoo's emails By the way, no score, uh, lenn. Yeah, I saw that. Okay Although toronto leads the series. Yeah, they're up to oh no They won't make it. Um, the ball of samsung the saddest notes of all Thing security surety brings uncertainty Thing security surety brings uncertainty I actually am I'm I kind of like the root kit of yahoo's problems. It's a different spin or I like the nsa yahoo do yeah, yeah, I like that one. All right. It's a little cleverer Should we now I see you wrote it nsa say yahoo do Is that the way we should go or should we try to get even cleverer? Is it too clever to be ns dash say Oh nsa nsa yahoo do I like to do this. I like it Sorry That's the reaction I'm getting cool Shannon are you gonna watch the uh Uh, oh man Why can't I think of that movie with um, it's coming up with uh, oh, I can't even remember scarlet joe hansen Ghost in the shell ghost in the shell. Yeah. Yeah, absolutely And after that conversation we had I forget which um platform we had that conversation on but I'm a lot more interested in it now It's how I was Oh You know If the movie's good, I'll watch it. That's yeah to me like You know, whatever I like people I mean, if you what was the what was the live action movie they did of uh Hold on. I'm sorry to interrupt. Blau Roman just submitted the title Why am root? That's good I think we gotta say it like him though. Yeah Why am root Yeah, but then say yahoo do is so Capsulates everything Oh All right, well shout out to lau roman because that was really good. No, it's good. It's good. I was good. I liked it Keep trying on ghost in the shell. Sorry. No. No, I was saying like uh, the live action tighten the Titans attack. Is that the one with the big giant? humans without the skins attacking Enemy titans attack Oh Titans of tech was an old tech tv show I'm not tighten the tech. I said tighten the tech Attack the live action movie kind of got panned because it was all like Japanese cast Yeah, it's attack on titan. Well, I don't think it was because it was a Japanese cast. It just wasn't very good Yeah, well, it was just even the Japanese viewers thought the casting was odd. Yeah Not to mention it's really hard to do a lot of those movies on the budgets they get Have you seen the new Godzilla though? I also heard I also heard I want to see the Japanese one. I've seen yeah I haven't seen it yet, but I've seen that on the 18th Oh, yeah A lot of I won't I shouldn't say anything I haven't seen it either, but his tail is super long A lot of people complain like with every other like within the american godzilla movie godzilla really isn't in it a lot Yeah, I guess a percentage that wasn't in the Tradition like in the straight on that wasn't the same production company everything Toho no, it's toho American one was Oh, no, no, not nothing American American one was not Toho so this but this new one is right. Yeah, but it's still very short on godzilla and oh really long It's a lot it's a lot for for understand. It's even for a godzilla movie. It's long of a talking With the various people talking about the existential crisis But it's a very I mean it's it is a definitely I like the take on it where he's Kind of a skeletal zombified creature looking thing Is one of those Mothra's in it? No, no Mothra Listen, they're going back to the roots where you don't have other kaiju Godzilla is a force of nature as a as a physical manifestation of Man's in humanity to nature and nature revenging itself Is the great climate change analog now in used to be a nuclear war? Yes, and if I don't want to spoil it you're gonna have to find out The problem is I've been reading so many reviews and bits on it I kind of know the movie now, even though I haven't seen it Which annoys me a little bit but cleveland's up one. Oh, oh nice. Nice. Nice I don't like the claws though. I don't like his hands. It's a little too t-rexy All right I am going to have to go because I have to be somewhere at six. All right, man At the baseball no be watching a baseball game while I need a super lens playing for the indians You don't need them to the later innings. You may have remembered a second baseman by the name of uh, johnny peralta Yeah He was actually on the cartels this year, you know, he is uh, oh it gets a longer drive for you I thought he was in detroit, but then he moved to the other car Johnny peralta That was you the whole time. That was me the whole time. It's pretty awesome. All right guys, uh, I will talk to you soon Thanks, Len. Take care. Bye. Bye. Bye Cool Godzilla movies shannon. What do you like Godzilla movies? I don't think I've ever seen one. What? I know The next time I'm going to Japan I'm going to try to do a toho tour at the studios Even though they emptied out the back Parking lot that used to serve as the giant pool where Godzilla comes out But they kept the water in there for like 20 years and they finally drained it. It's kind of nasty Well, it's Godzilla in there like nothing affects Godzilla. Maybe the guy in the suit of Godzilla. He might be sick. Yeah, maybe So when are you going back to japan? I have no idea. I have a kid at this point Kids suddenly other things take precedents kids fly free still go Kids fly free. I wish with two kids Yes, seraphina is a different kind of person than I She also went down with her With her newlywed husband down to argentina on motorcycles. Yes. Yeah Quite hardcore. I can also I'm also broke. So I can't really Afford to travel anywhere Tom, how was your trip to japan? It was really fun And I was going to recommend I know roger doesn't drink a lot But there is an excellent whiskey bar In shinjuku That is run by a huge Godzilla fan And he just plays like clips from Godzilla movies in the bar the whole time And then he's also like super smart on whiskies and does these like whiskey flights Of mostly japanese whiskies, but he's got others as well Uh, and that was a really fun place. Didn't one of the japanese Oh, no, I said didn't one of the Sorry, what's it called? What is it called? Well, what's the whiskey place called? I don't remember now because it was in japanese So it was on the third floor and it had a big eye on the door. Well, that doesn't help me Did you take a picture of the sign? I could translate it. I well the sign just had the eye. I did take a picture of that translate this And it was hard to check into places because I couldn't read I'm here at another japanese eatery This way you learn how to say things that you look up on like trip advisor or whatever. Oh, yeah, totally And then you just ask somebody like uh ramen doko desuka There's the ramen It's so I was so spoiled. It's so easy to go with a phone speaker That's like, yeah, you talk to the white girl. I don't know any japanese Because they know it all come toward me first I don't need your I don't need your store credit card I might go back in october next year. Oh, I said what? That's the picture Wow, it literally is just an eye. Yeah Okay, I'll I'll walk around shinjuku next time i'm there Whiskey is whiskey Go to the third floor of all the buildings Yeah, whiskey doko desuka go zero whiskey Nishi shinjuku is the only location it gives me on the I'll be doing a lot of disney. I'm sure for the foreseeable future instead Theme parks. Yeah. No, I'm I'm supposed to go to disneyland for the first time with your daughter It'll be interesting. We'll have it from an elder and a newborn perspective I'm I'm pretty sure both of you will get tired at the same time though Most likely Oh, I know the I have the You don't have the address I did get to try the amazing gyoza in near Harajuku that eileen recommended before I got to go Oh, nice. It was incredible. Yeah, we went to that place too. That was so good. So good I stopped exploring I ate so much gyoza Oh Yum Make sure I'll make you sweat if you eat too many We just make you sweat. Oh, yeah things Make you sweat if you eat too many What I've never heard that before Of course not Where would you you would need to eat a lot of You would need to eat a lot of them. How many for you is a lot like 10 nine um Probably like let's see if I'm just eating gyoza. I could probably eat like 15 Damn Man, you get back in a way if I could eat 15 You know, you're just saying that makes me sweat right now It's one of my favorite things I love gyoza You can eat it every day I went to 7 11 in Tokyo and that's all I buy was like the gyoza. I was like, I'll just have this. Thank you I'll have her body. How did I get it? So I got cc lemon What's the other drink that I really liked? I was a boss coffee No, I don't like their coffees. I don't like their I don't like their non just soft drinks soft drinks because they're all kind of If their coffee just tastes weird to me, but then again, I don't like coffee. So Uh, I didn't have the problem with drinking coffee Ooh, somebody found a whiskey bar in shinjuku. It's called zoetrope. That's it Yes, oh, yeah, that's Japanese, but I remember it now How does it hurt his memory? No, I'm pretty sure that's it Yeah, it looks like it. It has the eyeball on the image Who found that? Well done. Um, that was in the chat room. It was captain fubar. Yeah Shot bar zoetrope. Oh, yeah. No, that's totally the place because here hold on This is what the bar I took a picture of the bar Oh nice, that's pretty much the same as the pictures on the yelp Yeah, like the Japanese have gotten really into the have gotten into whiskey making in a very very big way Oh, it's right across from robot restaurant It's pretty near. Yeah. Yeah And is it done which is the most amazing store ever? Although robot restaurant is under new management Oh, it is? Yeah, and eileen who had been to it previously was like Not so good. Not as good as the time she went What happened you were they had fewer things they had more long breaks Oh And everything was in english including the light sticks and everything My light I stole mine. So I have it somewhere She's like the light sticks used to be in japanese they used to have like just a couple of short breaks She's like they cut out like two whole big sections Oh, really? It's probably it's probably exhausting Mine had a couple of short break or well the breaks were kind of long But my light stick was in japanese and english it was on like ours were only in Only in english lame and they're marketing it all the signs are like under american management now come get them Oh really like burgers and pizza I must have gotten there before that happened because when I went there was none of that It was still pretty japanese If you're gonna get a burger get moss burger at least I tried there. I tried just like a normal restaurant burger and they're kind of flavorless They're not gross burger there even though my I knew moss burger was supposed to be good. We never we just I ate it. I ate it at the uh Universal studios in osaka I ate at mcdonald's I tried to get us to go to the universal studios, but nobody they're like no we have those in la So wouldn't it be different? Oh, it's totally different. It's totally there's a they set up recreated fisherman's wharf What but it's like fisherman's wharf if you looked at it from like 10 miles away because it lacks That's so cool. So it's doing their hut dogs to use chinese sausage and not Not like america like not a frankfurter And so Well, uh, chinese sausage depending on which one did you get are typically They're sweet savory So if you're not into that like people like my friend annalie hates Barbecue pork buns because she can't she doesn't like the sweet savory You know combination but if you like it, they're great. Okay, but you wouldn't put ketchup on it because that'd be nasty No, I won't do that. I promise um Finally it took a while for it to show for the uh link to show up for me I remember universal studios being a little light on the in the u.s. Being a little light on the uh rides In in la or in orlando la Yeah, apparently the orlando one's much better. That's what everyone says disney's better there Universal's better there Why why is it in florida room? They have more space. They have more hurricanes. All right How much money is the park making when it's closed? We have a earthquake zero How often is it closed also? Let's be sensitive. There actually is a hurricane right now. Yes Cheese my health insurance is going up by almost a hundred dollars next year for the same plan Oh, is this from etna or from uh No, it's through anthem Oh Talking about a pass to the park. Yeah, I heard a couple of the big providers are dropping out of certain states Oh, really covering just because it's too expensive for them to do that plans. Yeah, it's just dropping out crazy I remember when I first moved to california my health insurance for freelancer was 100 bucks now It's almost 400. Oh my gosh Why don't I've always wondered why there isn't like a credit union-esque thing for health insurance where it's just collective Like fine. Don't want government fine. There are there are but they just don't get enough people You have to get at such a huge scale to be able to compete that they can yeah That's what i'm going to do with my billions and billions of dollars As soon as I figure out how to earn billions and billions of dollars All right, uh, we are uploaded. We are ready. We are not going to be back on monday But we will be back on tuesday and we will see you then. Thanks everyone Really stop to the bright