 All the things with my name next to them probably am what people would deter or would term a social justice warrior But they don't ever call me that they save that name for they call me that I got called And I thought yeah, I hate the feminist and I was like well duh Of course, I am by rights That's where it goes. It's like you you miss there's a public YouTube video on my My personal channel that's of this protest that I was a part of in college called the fuck protest And we just went live Wow, what's this do I even want to know what this protest was? Yeah, so be careful of everything you say at this point, please Before I started that sentence and it was like offline it takes a while, but when I hit the button Yeah, so we were we were protesting protesting what we were protesting free speech because It was a band that has some curse words in their songs that was playing in a public space at our college And the college officials kicked them all And then we were protesting it and we got the band back up up there because it was a free speech zone So they were permitted there Along with everybody else But yeah, so it was amazing. We were like, yeah free speech So free speech is one of those really thorny issues because everyone believes in free speech if it's something they believe in But as soon as you move into content that people don't Like necessarily agree with then it becomes well, you have a bunch of mitigating factors and that's and that's where you get You got a protest Yeah And show them what's what I'm a protester I like it So that that that's broadcasting that's going and then scott will just you have all the necessary audio clips everything Yeah, except for elitim, but you told me to read it. So we're reading it. Um, I got this There is another clip But this gets a fix to the end of the show so I can do that separately prime and club I'm not that no, no it goes it gets It gets pasted I'll do it in the adacy it basically comes after the show's done like in the final thing when you send me I'll just I'll hit them together Chuck and Wayne style you want it like always where I just send you Yeah, just send me the mp3. You don't even have yeah, don't even have to levelate it. I'll just um Just send me you know if you Yeah, I mean if you send me the wave that that'd be cool Would you prefer if I can do that? Yeah, no, I can tag this other bit on Levelate it all one time So we're good with the main story then Yeah, I'm I'm terribly like a noob to it and won't pretend otherwise on the show One of having her here is is that her and I can come to Some sort of knowledge together as she knows I mean one of my one of my one of the things I think about is like are these just essentially um Are these basically unsecured rat holes into our Network security that we don't really think about because they are just kind of a pliancy Devices that people plug and then forget about just like oh, I was wondering what that was in front of your face And then I realized it's a cat. Oh, yeah the cat cat butt cat butt Nothing better than a good cat butt So all the only thing I would say about this that I'm not 100 on was what I was oh How do you say this company name is is it a commie a commie? Akamai akamai. I applied there once Yeah, akamai They um, they are semi local Talk about hey now High school is just in my feet or something. I don't know what that means You know that song Yeah, that's from uh rain man. Yeah, I was rain man. That was it. Well, I was on rain man Yeah, yeah played at this dance club. I'd go to and I was like So yeah, I brought back some memories there. You know, it's weird. I was watching the simpsons the other day and Um, it was the gambler episode. It was when the when they opened the casino. Yeah And there's that scene with tom cruise and dustin hoffman where the you know, he's making them count cards And the kids just sat there and watching. I'm like, you don't get that. Do you that's rain man That happened with my kids. Yeah, but that show has been going so long I know I'm through 17 or 20 different writing But it's true even now shows that are aimed at them like regular show or or Adventure time or whatever they'll have these they'll have these references in them that are clearly being made by Yes early 40s who grew up in the 80s and watched her every saturday and They're teachable moments. Like I take I love that stuff because it's like, all right. Yeah, that did you let's pause that Let's have a conversation Who tony ramble was and what? Or lover boy, you know, they're like working for the weekend. You don't understand like the context of why that is funny That's a big deal I don't know the right thing to do parenting. Yeah, the right way to do it It's like the Someone one of my old co-workers posted on facebook It was like, I think it was a van halen video or whatever like they're on the pool and the The butler comes with the phone on the silver tray walking it over I guess it's my kid just asked me. It's like, what are the what is that on the tray? Like it's just like a like a teller. I was like, what are they doing? That's a davidly roth solo album thing. I think wasn't that californian girls. I think maybe I just associate It was it was a it was a solo thing. Uh, california girls, right? Yep. I wish they got told Dave used to make funny videos. They were ridiculous They were all they were all sexist as hell. Yeah funny That was that was kind of the trend then that was the gator California girls are all misogyny. Yeah Big chauvinism Yep, let ammo print Spandex tights for some reason. I just don't understand that one I really doubt Like it's funny because you saw a metal band slowly kind of try to make the weird transition because that was what was You know, that was what uh sold. Yeah, they really like You know, it was kind of in that like well, we're kind of a real band But I guess we have to do this Let me let me just talk for a second about this Corey Feldman thing Like are you guys following that at all? No, I just I just saw it. I don't I saw the today performance thing But other than that I haven't followed. Yeah, he did it again and like the first time he was on I sort of I defended him I was like, you know, it wasn't that bad. I don't know why people are getting on his case And then he came back and did it again. I'm like, okay now, you know screw this guy Hey, you're milking. Yeah If you show up a third time, man, there's some stuff's gonna get wrecked, right? Truth And what you said truth to power. I just don't understand that. Why would you come back if you hated it so much the first time? No, they're That's crazy news. Sorry. I just noticed something like I guess the firm The handled something to do with the production of Star Wars is going to find two million dollars for Harrison Ford getting hurt on the set Oh, that's not him doing it though. It's just the It's the union probably union probably. Yeah. Yeah Sag Is it sake we screen actor skill probably them doing it. Yeah Oh, that's not a surprise. Maybe that's one union going after another You know Well, unions are you know unions can be adversarial. I mean, it's not unheard of is there an onion union You know an onion. Yeah, like the onion industry. Do they have an onion union? Uh You mean well, it depends on who you are if you're a picker You probably aren't part of the union, but you could probably be under the united farm workers. All right job this if you are I just like the idea that they would be called the union because it sounds funny together But it would probably it's like you all is like more than just out of like the big three they do Other ones I think I went to union middle school if they had a union They'd be union teachers union. Yeah the union teachers union the union teachers union What's interesting is a majority of the people in that aren't actually teachers. They work at schools, but they're not right teachers teachers People work in the office or they work especially in california because california Because of the serena decision back in the 70s Uh, basically took over Managing the schools instead of having it done traditionally by school boards the serento decision in the 70s. Look at you, dude Sereno sereno not serento Is that a vegetable no, that's cilantro cilantro is yeah serento serento He was a um, he was a baseball player. I think paul serento from cuba No, he was not from cuba. He actually played for the indians for a while. All right One minute away. I'm gonna hide and hide and then Kill my idea all my sillies out. So I'm ready to roll here Oops I think I'm ready. Just don't forget to record the uh, the show show portion of it. Yeah, I'm Back starting it now. So it's going there is no turning back Uh, and I don't know if I said it before but I'll say it now. I'll say it on the show too, but I'm glad I'm glad it's you today I don't know. I don't know who else it would have been And me Also, I think your mic is open lin where we're getting that kind of that volume and yeah, I'll turn it off. You're gonna mute it Okay, um, let's do this then shannon. You all good on your end. Yeah, I'm good. Thank you so much. Here we go We're gonna start it in three two one The daily tech news show is powered by its audience not outside organizations If you'd like to find out more head to daily tech news show dot com slash support Welcome to the daily tech news show for friday october 14th 2016 I'm scott johnson sitting in for the venerable tom merit who is currently traveling And a very late airplane He was actually going to try to be there today and be on the other end of the camera But instead and maybe for the better don't tell him Shannon morris is here She's one of my favorite people in the world I know her snubs on the internet and she's here from hack five tech thing. You know where you'll ever welcome to the show You're so sweet scott. I am so happy to be here co-hosting the show with you. This is super fun Well, thanks. I'm uh equally excited because today you and I are going to dig deep into a big security issue that Broke the stuff that I am kind of terrible at and understanding you have walk you through it Okay, thanks because someone's gonna do Um, but we're excited to talk about that a bunch of other stuff. So let's jump right in to this This being the headlines folks. Oh, Len Peralta's here We're all to everybody Hi, hi everybody. It's me. I know there's I don't want to interrupt the love fest But you know, I'm glad you wave. No, I completely I'm losing my mind here Len Peralta everybody gonna be drawing as we do this I can't wait to see what you make of this security stuff as well. Uh, I I'm interested too. We'll see what happens I I like you and me kind of noob to this. So I'll be learning We will be a part of our love fest too. Don't worry. Excellent. Thank you so much Study at Shannon's feet. Uh, let's start with this story though. Samsung said Friday. That's today It expects losses related to the discontinuation of the note seven the thing that's been in the news the most I mean, it's really just been exploding Anyway to end up in the mid two trillion one range That's a lot of one for quarter four and one trillion one in quarter one This would be a total of about three billion dollars us Wednesday Samsung estimated third quarter losses at around 2.3 billion making the total loss more than five billion If you count that again in us dollars Samsung plans to expand the sales of the galaxy s seven and s seven edge to make up for some of the gaps Samsung also said it will make quote a significant change to its quality assurance processes Yeah, and I was gonna say I mean Shannon we they still keep claiming they don't know what's causing this So we're still in this like weird loop of They're still troubleshooting and can't seem to reproduce the problem in their labs and that's That's a huge problem with manufacturing batteries. Um, I I can totally Understand from the standpoint of making products for our own store It's it's kind of a pain in the butt and there's a lot of Going around back and forth with different companies and to try to determine where a problem exists and then fix it So for me, I'm looking at Samsung and I'm like, oh man I feel so bad for you guys like this totally stinks But I hope that they can figure it out. I hope they can too also I know this comes up a lot, but to have it happen when it's happening in the aftermath of an iPhone Seven launch in the aftermath of a google pixel flagship phone launch. Uh It's just bad timing. No timing is good timing, but had this happened say I don't know next spring. Perhaps damage control could be a little bit easier to deal with Yeah, I'll go right on that front. Yeah So moving on google will start adding a fact check tag next to news stories in the expanded Story box and google news in the uk and us as well as on android and ios Google news and weather apps the tags are similar to the existing highly cited or in-depth tags Sites must add proper markup and follow commonly accepted criteria to be considered fact checking articles This is pretty cool and so sad that we currently need this in this day and age To check all the news articles that we read and make sure that they are not giving us false information Do you remember the heady days of 1990 something when the internet was new and fresh and and we all thought What it meant was more information meant better information I feel like I feel like google should um share this with this new new data with uh, facebook And maybe increase the fact checking to more than just uh, google's apps as well as facebook's apps and twitter too Yeah, I was gonna say make that an api that twitter can tap into let's In there in fact, um, i'm actually kind of all for this, but it feels a little bit like Additional plastic packaging on toys in the late 70s and 80s. You started to see a real increase in that It was as it was the result of increased theft In retail and that was frustrating if you were somebody who was like well Prices have gone up because i'm gonna have an extra packaging. I gotta cut into this big plastic nightmare Like it's a small thing, but it reminds me of that. We have to keep making new Uh protections for something that I just wish we would all Be nice about you know, and I know that's way not even stupid to say But uh, it would be nice if we didn't have to fact check every freaking thing we read ever always I agree I have a friend who runs a blog and does a lot of google maximization for his For his site and tries to get as much search results as he can and um, He's frustrated by this because he says it's an extra step for content creators Who play in that playground because if you really if you do have like this demarcated line in the sand and say if it doesn't if it's not tagged don't trust it if it is you can It's basically forcing everybody and maybe it's small a small thing and maybe it's not that much work But everybody's got to be mindful of Am I adhering to these to these guidelines or not? Yeah, that's true a few people ruined it up for all of us didn't they sky that's right once again One guy at blizzcon. I'm going to blizzcon in two weeks one guy at blizzcon farting in the middle of the giant warehouse Ruins it for at least 50 people around. Okay Uh IBM google nvidia amd and five other companies have partnered on an open specification to improve data center server performance I think the real interesting name in here is nvidia for some reason But we'll get to that in a second open coherent accelerator processor interface or open cappy Promises to speed up big data machine learning analytic and more By up to 10 times they're claiming the spec will be available publicly by the end of the year With servers and related products products expected in the second half of 2017 next year Intel is not part of the consortium, which is interesting You you rarely see amd and intel on the same consortiums, which I don't think is all that crazy But the real surprise to me. I mean i'm sort of all for this. Let's come up with standards to improve Growth areas of data. Certainly. This is a big growth area But I don't understand what nvidia has to do with it because they They are mainly known for you know gpu's graphics acceleration and they I don't know what they gain from this necessarily unless they've got big plans for More of their streaming stuff like they do with the nvidia shield or something I I just don't know what their interest is here and the others they all have an obvious interest So what's your take on that? Yeah, that's that's a that's a really good question Which I unfortunately don't know the answer to Usually when I hear the word big data, I like fall asleep, but this is cool This is great news for large companies that You know need better coherent data You know Analysis and everything for these larger servers Implementation so this is great like machine learning and and the fact that everything you and I do these days Is either stored somewhere on the cloud or at least cashed there in some form or as always in transit like this Uh, this is an area that needs focus obviously so and they all certainly certainly feel that way But I am seriously concerned about ymd or by nvidia gives a crap about it time will tell I guess they make I mean they make the teger chips they make They're they're a cpu manufacturer as long as right alongside their gpu So I may have just answered my own question and it may make sense why they're involved But in my mind, it's like what's making my video games go faster and the answer I guess we will see maybe our video games will go even faster in the near future A bipartisan group of 48 congressmen organized by republic representatives from michigan Justin amash and democratic representative from california ted lew Sent a letter today addressed to the attorney general and director of national intelligence requesting quote Information and a briefing as soon as possible regarding a yahoo's 2015 email scanning activities stemming from a court ordered search Um, I'm very happy to see that there are some lawmakers looking into this because I I feel the same I feel like this is a Huge breach of privacy for a lot of email users Especially since this wasn't just scanning for simply malware But it was scanning actual character subsets of these emails And it wasn't just a few from specific ip addresses from like specific countries for example But they were actually scanning all of them. Uh, and that's very scary That a company would be able to do that to people's emails coming in Yeah, I'm I'm curious if it'll I mean, I know other companies have stood up since that Quote-unquote news broke and said we are not doing this right apple flatly denies anything That's even like that happening same with google others said well, we've never even received the request and in microsoft's case they say We don't scan data in the form That this talks about or whatever. I can't remember the exact words and it was super open to interpretation, but yeah I wonder if any of them get caught in this net of at least investigation Uh, you know, should they talk to other players in the market because certainly I mean yahu's a name, but they're not like the biggest name in data anymore ever No, absolutely not. Um, I I agree I think that they should discuss this with other companies too, uh, and it would be wonderful if there were some kind of specific protocols that go further than the laws that we have today that put um you know email providers in some kind of Specific bowl where they have to Be regulated by these certain laws so that they don't do things like that because it's a very very big breach of privacy And it's something that I'm kind of looking at yahu and thinking. Yeah, you guys are playing dirty. This is gross Yeah, it's a little weird weird either way. I only have flicker I guess and I don't think I've ever sent a single yahu message Either instant or otherwise. Yeah, I think I'm Probably okay, but then again my my emails are boring, dude Like I always think about this with security stuff. I am pro people's privacy We should always have opt-outs or should have opt-ins instead of like I'm all big on all that stuff Yeah, look at my actual my own actual stuff. I'm like a big transparent open book I get nothing. It's all boring and lame. So come at me bro or don't come at me. I don't need to deal with it Don't make yourself a target My wife's excited about this next news because she wants one of these the Nike plus version of the apple watch will release on october 28th So that is right around the corner This is according to the updated apple store page the nike plus version of the apple watch Comes with a perforated band and comes in black and yellow silver and gray colored perforations perforations meaning lots of holes in the in the band there's a certain like phobia people have of a bunch of adjacent holes and it's They couldn't wear this watch. I can't remember the name now It's like something phobia. Anyway, I bring that up because one of my friends friends has this and if he looked at that Watch he would get really uncomfortable right now. Yeah That's very strange Where was I not strange in a way that you need to send me email saying scott. It's not strange. Lots of people I got it. I get it. I'm just saying it's for me. It's strange. All right. All right. Anyway So here the colors you're getting and also be priced at 369 for the 38 millimeter version 399 for the 42 millimeter version It's important to note that that is the exact same pricing structure for the existing same-sized apple watches that are non Nike plus branded the apple store will now start selling sim free iphone 7s and other news And iphone 7 pluses this just started pricing starts for 649 for the 32 gig iphone 7 and 768 for the 32 gig iphone 7 plus Unlocked ready to go at the apple store. I don't know why that took so long But if you're ready for that there you go But it took a while. Uh, the the chat room says it's and I might be pronouncing this wrong Trypophobia something yes And it's like like if you look at a if you open to pomegranate and you saw all the little seeds in there That'll like set set them off So it's like me and my claustrophobia. I can't stand being stuck in traffic for example So I understand. Oh, I totally get it But yeah, no Anyway, I'm just pointing that out. So don't buy the nike plus one if you have trypophobia or whatever it is But maybe the other ones for you does any of this do these designs interest you at all? They're super like sports walkman style these things No, personally, they don't I'm one of those weirdos who still has not purchased a smart watch The most I have ever purchased is a fitbit and that's just what I need I have no need for a smart watch at this time in day and age Anytime that I want to you know, see what somebody has texted me on my phone or whatever it might be my phone's always next to me so For me to pull out my phone and see what's happening on it It's it doesn't take me much time So I just I just don't see the point in paying 600 bucks for a smart watch when you know It's just that need isn't there. So if I told you But let me just throw in a hypothetical at you. Okay. Let's say same price But next year you can get a phone or excuse me a watch that has full Data connectivity regardless of whether your phone's there or not So you could be out running around and have satellite You could have some sort of you know, three or four g speed Something that the phones gave or the watch would be capable of and now it's this separate data working entity It's still work with your phone. Well, but it would be this independent device. Does that change your mind? Uh, it would absolutely because then I wouldn't have to deal with the connection if it had to cost extra for that data connection I probably wouldn't go for it But if it was like on the same plan as my t-mobile plan or something like that I'd be totally down Especially if it ran android and it played pokemon go, which I know there was a watch that was going to introduce pokemon go Maybe it was the apple watch Which was pretty exciting But I don't have apple products so it would have to run android Well, it'll come there. You know what's on its way. It'll have it'll I mean that's how they've done it so far So here so so here's what would make me do it It would need to be I'm with you on on all points and that's why I've held off on a smart watch Yeah, but I'm I'm all in if it has independent data. I think that's really cool um, and I need it to Not look like a big gnarly goofy thing on my wrist Um, I I used to well, whatever when I was in high school I have one of those stupid calculator watches and I got a lot of heat for that Those are awesome. They are they are cool, but none of my friends thought so so I took a little bit of your pressure Head on that I just think that that that I wanted to look slightly. I don't know what it is yet Maybe needs to be round. I don't know what the my problem is but right now they just look like you got a little Squished up little computer nerd device on your arm and as much as I embrace my nerdidity I just I just want something that doesn't quite look like that Um, and then the other thing is I don't want to pay for that data So the model I'm thinking of is it's fine if it's a little bit slow But give me something like kindle did or still does Where you have a 3d connection on those things and you don't pay for that data you just Purchase services through it like books or whatever Then I'm I think I'm totally in at that point That'd be really cool But I'm not paying extra 10 12 bucks a month for data on a phone or on a watch I'm not either. I wouldn't use it if I had to pay extra I'd be okay with paying for the device but not a not some kind of monthly plan. No, sorry I'm moving on a team of scientists from the University of Nottingham with support from the Royal Astronomical Society RAS for short has determined that the universe contains at least two trillion galaxies, which is 10 times more than the previous highest estimates the previous estimates was 100 to 200 billion 90 percent of all galaxies are hidden from us and only the remaining 10 percent can be seen The paper detailing the story was published today in the astrophysical journal I find this story so fascinating That there's this entire universe outside of our day-to-day lives that is so huge that we still don't know everything about it And science and technology has grown so much Just since I was born in the 80s It's it's amazing to think that there's so much information out there that we as humankind still don't know On our little pale blue dot I love it. I love being reminded how tiny and insignificant we are once in a while. Like it's a it's a good I don't know. It resets me a little bit. It's easy to get all wound up in Yeah Just months with all the news going on But it's so easy to get all wrapped up into our very limited perspective when you pull that Out there's just like billions of stars and galaxies and stuff that we are never going to see or notice Who knows what lives there or how it lives there or if we'll ever have any contact with it like it's It's really awesome. It's very grounding and it makes me think about star track. Yeah Doing more of that. I agree Hey, I want to thank a few people who submitted stories today big Thanks to the likes of cool aunt sv I'm sure that's spelled or just said a different way another j martin I know him teaglass 1976 and all of those who participate in the sub reddit If you'd like to submit your own stories and vote for them you can go to daily tech news show reddit.com do it today All right, let's talk about our main story today is very very security related as it turns out as excited as we all might get about our immediate and long-term future of Being surrounded by the internet of things Uh, there may be a real hold developing or that has been there for a long time that we were just now noticing Uh, akamai is the name of the company previously Hosted krebs on security until a recent d-dos forced them to close their account with the site So, uh, the reason they are notable is they researched a lot of popular In your internet of things devices and found that two million devices have a flaw in their use of ssh Now If it's not set up correctly, you leave yourself a big gaping hole I don't understand a ton about how ssh works. All I know that is all with all the it professionals I've worked through the years. There was always something going on with ssh. Don't use ftp scott. That's bad idea You need to ssh that over there Well, how do I get into this command line? Well, let me ssh this to you first So I get the idea that it's an important part of a secure Operating environment, but here's the problem shannon. We're going to have toasters and microwave ovens And sprinkling systems and lighting systems and all of these internet of things Potentially have a giant flaw What is the what is the better explanation for that and what are we what are we going to do about it? So first of all, I'll give you a little bit of history on this. Um, a couple of weeks ago krebs on security They did a whole article about this d-dos on demand company And they talked about like these are the people that run it and then the people got arrested who run it And the website pretty much got taken down Uh, they received a d-dos, which is a denial of service Distributed denial of service attack Onto their service servers on krebs on security servers, which took the krebs on security website down and they assumed that it was Uh for revenge for them basically getting these two guys arrested that ran this d-dos on demand service So akamai the company that Was basically hosting krebs on security They were like, whoa, this d-dos is huge. We don't have enough people to help you out with this This is going to cost us thousands of dollars to take care of Uh, I don't think we can host you any anymore. So they basically said we got to sever ties with krebs on security Um, you know, no bad feelings there anything between the two But that's just what they decided to do because it was a business decision Uh, so akamai since that happened, uh, because this d-dos was so huge and they never seen anything like it They started doing a bunch of research to find out what was going on and they found a bunch of different bot nets that are being used on these internet of things devices To d-dos different companies around the world not just krebs on security, but like 11 different Uh customers of akamai's were forced into these kind of d-dosing attempts. So this one in particular That uh internet of things devices are susceptible to It actually hurts about 2 million devices that are currently on the market Right now and that's really really scary to think 2 million devices could be taken advantage of by an attacker And used for whatever they want to take down sites that you don't even know about That's happening when you own these iot devices even though smaller devices have enough computing power to make a difference Right like we're not talking you don't need a big mainframe to be a problem What you need is lots of little i don't know environmental control devices or whatever Enough computing power to cause cause it to rain, I guess And they don't even really need like lots of computing power They just need access to the internet because all that they're doing is trying to transfer data back and forth over the internet So as long as these iot devices are internet connected and they have some kind of remote access available on them So you can access them like over your phone Online or whatever it might be then they might be susceptible to these kind of hacks So if you've got I don't know a room full of linux computers and you find out that Something in the kernel has been exposed as a potential security risk There's a fix that's issued by either the community or wherever did the that particular distribution or whatever and you patch it up If this is a company you have it people do it if it's you yourself You're just paying attention to trends and knowing when to patch and when not to patch or whatever This concerns me and so this leads to my question This internet of things problem concerns me because we're talking about a lot of things that don't adhere to any specific standard By standard i mean you're a standard. So they they may have all started out going. Yeah ssh. Look at us Yeah, that's that's a huge problem right now is there there is no standard So all these companies are like trying to rush their products on to the market For their internet connected devices because that's the thing now like that's the trend You got to have your device connected to the internet or else it's not going to sell So everybody's connecting their stuff and getting it out on the market really really fast But nobody's paying attention to the security behind that device So what they're actually doing is opening up your network to attackers to basically use your network for a DDoS attempt Like if you've ever wondered like maybe you have a iot device at home and it might be susceptible to this attack not saying that you scott do in particular but I might for all I know I do I don't even know who knows but if if you have one of these devices Uh available for attackers they could use it and then you would notice your network's running slower for some weird reason And it might happen for a few seconds it might happen for a few days like you never know It just kind of depends on what the attacker is up to but if you don't know Where to start looking for this kind of attack you wouldn't know that it's coming from your internet of things device You would think like you know your computer got hacked or your router did because that's what we've been told for so long Nobody's really paid attention to these internet of things devices until now Well, I'm sufficiently freaked out about it. I mean And part of that is some some personal experience. I have I used to work for a company not that many years ago before I went fully independent that was making 2012 2013 era or so they were making a device that was basically an air freshener for your home The thing that made it unique was it was remotely controllable via wi-fi or other networks So that you could turn it on or off certain times a day you could program it from somewhere far away If it was overheating you would know that because your phone make a bleep and you could turn it off remotely And I guarantee you the the prototypes that were sent to us from the chinese manufacturer Guarantee you that stuff wasn't secure. There's no way There's no way. I mean it's stuff that was like a weird combination of like html front end Interface stuff like mixed with who knows what like it was a mess Yeah, and yet everybody was like, oh great. This works. It's functional. It's good for for version one We'll get it out there and then you know, we can certainly shore that up as time goes on If that was true in my limited experience with something like that I have to imagine this is like a I mean, I want to try to freak everybody out. Your nest is probably fine. You're you're uh, Amazon echo is probably just fine You're big companies with big bunches of money who who it is entirely incumbent upon them to make sure things Are always up to date but if you're going to a home depot and buying like a sprinkler control system And it's the cheapest one you could find Like who knows what you're getting right? Yeah So, uh, I feel like we should just like break down the attack a little bit so I can walk you through it So these two million devices that akamai found they they basically were like, okay What's going on with these devices? Why why are these ones susceptible? So they took one into a lab and started doing a bunch of findings on it. So the study found that Um, the ssh if it's not connected correctly, it uses this attack that was actually discovered like 10 years ago but The iot device manufacturers never thought about it and they never updated the ssh Protocols so that they would be set up correctly So ssh stands for secure shell protocol and usually it's used super easy just to remotely like gain access into a device from another network This could let you do like file transfers or you could just gain access to an admin control or whatever you want. So Usually if it's set up correctly and a user creates their own credentials for it So it's not just like password admin username admin Then it's fine then you can use it and that's okay But unfortunately a lot of these iot devices just use like default configurations So default admin default password admin for example, uh, and they don't let you update it So it's just like it's stuck on there and you have no choice but to use these default credentials and that's really really bad So akamai was looking at this specific, uh network video recorder That uses default creds of admin admin, which this attacker was using to ssh into the device anywhere from the web So they were gaining that remote access Then they use tcp tunneling and i'll tell you what that is in a second and that helps them office gate Themselves and make the data look like it's just coming from the device not them So they're tunneling through to this device and then after that they're making this data get sent over to krebs on security Or whoever else they want to d-dos and they're taking down these servers When the server administrators look at where these attacks were coming from they see the ip address of the iot device Not the attacker So that tcp tunneling that stands for transmission control protocol When used with ssh a person can basically tunnel tcp packets through ssh and it's totally encrypted So you can't see like the originating ip address And it totally hides the ip address too So any traffic routed through this ssh tunnel appears like it's originating from the dvr instead of the attacker That's why for example the mirai botnet, which was just in the news Last week and similar ones look like they're coming from those it devices So while the attack itself is super super old All those devices they're being used on are new They're not considered secure before hitting the market because they never updated the ssh configurations So they're still allowing those ports to be accessed remotely. They never turned them off Um, you don't really need ssh open to the internet to be be able to access it remotely You could just make it access locally to record onto a dvr for example So, yeah, they kind of screwed up in this sense and now two million devices are susceptible to hacks And they don't all have the infrastructure to patch They don't have the uh in a lot of cases ways of addressing this at all except to say by the new one where you know We're more secure and even then because there are no standards and no compliant standards where they have to prove they've complied Things get kind of hosed. So I've just to sum this up. I have one final question for you Do you do you worry that this and things like this? Now that we're not dealing with just, you know, a few dozen windows xp machines that were exposed by viruses scattered around the world Now we're talking about potentially millions of small devices Doing lots and lots of damage to sites and participating in d-dots attacks. Do you think this will have a chilling effect? on innovation small companies who want to get into this world of The internet of things and come up with cool new innovations and devices Um, I don't know if it will for sure, but I hope that it does The nice thing about whenever the media goes like onto attack about these certain kinds of issues is that It's more than just the security focused people that learned about these problems It's everybody in the world that learns about these problems and then they can start asking those questions with their wallets So, you know, you'll start going out to say best buy for example And instead of just picking up the first thing that's cheapest on the market You'll look at the back of it and say, okay. Can I change my password on here? Am I stuck with admin? One two three four five six seven eight or what it whatever it might be some terrible password So as long as you're looking at the devices and you're paying attention to them Hopefully we can make that change with our wallet and also the european commission Apparently they're looking into legislation about internet of things devices so that they would have to follow specific certifications That are security minded and security focused before they can get those things on the market I'm really hoping that they actually pass this kind of information because As much as I hate it when the government sticks their hands into security things I think this would be a good thing because it would force Kind of force their hand on internet of things manufacturers to start paying attention to this kind of stuff Especially if the especially if the industry doesn't self regulate in a way that that can take care of this without needing outside regulation So yeah on them to do that if they can do that real quick great, but I'm sure that we probably We probably freaked a few people out So if you have iot devices at home, you can just make sure that they're Using something other than default credentials if you have a way of logging into a device and changing those credentials do it um And then you can also make sure that your network is secure like you don't have Remote access and enables ssh is port 22 and a lot of times if you log into your router You'll see if if certain ports are available for remote access and you can just disable those with a simple check mark So luckily there are ways to keep your own devices from having this happen to them, but it's That's like for very advanced users a lot of people aren't going to log into their router and check for that kind of thing Or they won't change the credentials if they even can So this really starts with iot manufacturers and goes from there Like just hit me that routers are technically Things on the internet. They're an internet thing Everything is a thing on the internet. We're screwed. Uh, anyway, awesome stuff. Whoa. I I just dropped a box. That's part of our next segment I hope everybody learned something from that I hope they did too. Well, here's what I learned. Don't drop the box you're about to talk about So yesterday this is for our pick of the day I had mentioned not yesterday Wednesday It mentioned a new gaming headset that I got that I was very pleased with and I have to get credit to wire cutter.com For the recommendation they as many people know will test a bunch of devices consumer devices and otherwise And say, yeah, this is the best hard drive for your money these days Or this is the best external storage device or whatever it may be video card mice whatever And they have a category for gaming headsets. They can be very expensive sometimes in the five six hundred dollar range I was in the market for one did not want to pay those kind of prices If i'm not going to pay that for a smartwatch, I'm definitely not going to pay that for a headset And uh, but I take my gaming seriously and I wanted something comfortable to sound a good and all of that So they recommended the hyper x cloud pro gaming headset from kingston of all people That's right. They make memory and mice and lots of weird accessories You don't normally associate them with this sort of thing necessarily Um, and it's relatively expensive. I got on amazon for under 80 dollars I want to say it was 74 95 or something of that to that effect and uh It feels like nothing's on my head the entire time you use it I rated for two and a half hours in warcraft the other night and didn't even notice has great surround sound Sounds amazing microphone is uh, good not too sensitive not too unsensitive You can take it out if you want put it back in if you want Um, really impressed with it for the price especially. I mean sure is there something out there for 500? That's going to be even better. I'm absolutely sure about that and even have other Models that I haven't looked into that are slightly more expensive like the pro or the uh, the cloud x cloud 2 There's a few others Um, but these really hit the spot for the price and cannot recommend them enough Uh, you can learn more at hyper x gaming com Or again, I got this on uh on amazon for slightly less than they have listed on their site So do check it out Uh, I got some feedback today messages of the day by the way those come to us at feedback at daily tech news show dot com Oh, and you have your own picks to send us. Uh, you can do that too at that same address feedback at daily tech news show dot com for your picks Message of the day, I got a couple of them one. I just stuck in here. Roger didn't even know I did it So I'm I'm taking a producer role here for something Andy beach like ripped from today's headlines while I was talking about how was nvidia involved in that Consortium about big data. He says scott scott scott. So, you know, it's going to be good nvidia is a big part of cloud-based implementations at this point as well as those Of the other companies you mentioned on dts Both aws and azure have vms that can have a gpu or sorry That can have a gpu are possible gpu is vital for large data analysis like medical or science records And media video rendering editing and so on in the cloud So it can be improved with the gpu support if you were nvidia, would you rather? Sorry, rather sell gforce cards to consumers or thousands of tesla cards to server farms all the best andy He got me. He totally got me Good point. Yeah, that's why nvidia is evolved. I mean This always happens. I see the customer facing front of a company and forget they've got Their hands and lots of more complicated cookie jars in the background Well, I think that happens a lot of times because we aren't working with big data every day. Uh, that's usually Corporate executives that are working with them. So that's not something that we necessarily think of first We think of the consumer market Yeah, totally agree handy. You are dead on. Thank you for that reply I also got an email from a shank who says this. Hey tom and team was listening to yesterday's podcast and adonis' concern About those accessories he bought for the egg galaxy note 7 Wanted to report that amazon is giving refunds to all of those who bought note 7 accessories Even if it's outside the 30 day return period you can find more at android authority.com And uh, they'll get a whole article there about it. Um, he says this it may not apply to his situation Since he may not be an amazon customer for those particular parts. Hopefully this helps anyone who may be Facing a similar predicament. Yeah, kind of uh, I was wondered about that. There's also all this downstream stuff from a massive malfunction or recall like we're seeing with the note 7 And downstream who's taking refunds and who's not and can you can the case manufacturer that you got? Take it back or not and it sounds like amazon's doing their part to do the right thing here That's good. Yeah, it would be fair for them to be able to get refunds for all the accessories So hopefully all the companies do their part as well. He also said ps go cubs. So there's that Uh, we got one more from john lost and it says tom and team uh as a public health worker a grad student This caught my eye from the bbc says basically it's a company called the zipline They set up uh in the country to deliver blood by drone to places that may not have on-site blood banks They mentioned in the story that this has the blessings of rwanda's president and the country's technology minister Uh, I'd love to get darin's perspective on this. Well, guess what we're going to get sharon's Sharon's Sharon's And a shot, you know how Aussie Osborne always yelled shannon. See i've got it all backwards anyway, what do you think of this idea of of You're too far to come to a blood bank or a hospital with those kinds of facilities. We're gonna fly blood to you That sounds interesting On a drone no less just imagine a drone I mean, I'm assuming there's some sort of containment for this but a drone flying overhead with big Deep crimson bags of double o negative What if they dropped it in the wrong place and then you just got like blood splattered all over your front door or something Like that. Oh lord. Yeah, I just hope they have gopro so they can catch it for you too Uh, it's um sounds interesting. I hope that they deliver the correct types of blood And I I hope that those drones don't get hacked because that could be a very Could be a medical necessity. So don't hack those everybody be nice. I feel like though right now like The world wants us to believe that everything will come to us via drone at some point Are people just getting lazy? Like I still shop at the grocery store Well, I'm the same. I don't have any groceries delivered. I mean, I have to admit it sounds okay But I kind of like getting out there and getting up and down the aisles and being surprised by something I didn't think I wanted and well when I can use coupons to have things delivered to me So I can save money while they're being delivered. I'll still play it pay a delivery fee That's fine. But I wouldn't be able to use coupons So far I cannot use coupons to get things delivered, but I can use coupons at the store So it saves me a lot more money to go to the store than it does to get things delivered It's just in being called my year. Len Peralta has a thought Len. Yes No, that's I was going to say the the zipline thing and I actually have it up on the screen for people What they're talking about uh in many of these countries, they don't have very, uh, highly developed Road networks. They do have roads, but they're not extensive in the same way that you would have in a country either north america and europe and so these drones allow them to deliver especially medical, uh, medical Implements whether they're tools or or bud plasma or medicines In a very quick manner So you don't necessarily need to drive through rudder roads for even you know If you've ever driven on crappy roads for even a couple of miles It takes you three to four times longer than if it was just straight paved asphalt And so this allows them to do something that uh before would require like, okay Now we got to have a special container It's gonna take a four-hour trip they can cut that time because they can just make a straight line instead of making A be you know instead of making a dog legged track around the giant hill Or perhaps because uh, uh, there's flooding during certain parts of the season You know muddy roads just fly straight in and people don't necessarily have to worry about hacking is is an issue But generally it's in uh locations where the risk is relatively low although the story does note that various governments are a little wary of it Because in certain countries, uh, they can be mistaken as military Uh Not a military attack, but like you know basically a You are juggling a bunch of concerns, but overall I think it's a pretty positive Development it just needs to have greater awareness But also not having people cynically use it to do something catastrophic like oh, we're gonna You know, we're not going to give you medicines We're going to hold the grants them until you pay us the money and then we'll give you know I mean so and that there are things like that these stuff to work out These are uh, by the way fixed wing drones, which is important to note because this isn't like somebody just hovering around with a quad cop Yeah, they don't land. They don't land. They drop things by parachute. Yeah, they just straight line poop it out Land or come back do it again poop it out. It's probably the wrong terminology I think they're considering things like um like Wind differences and stuff like that to ensure that the packages are being dropped at the correct place Yeah, it feels like people know what to do with the packages when they receive them Climate has to have some effect. I would think if you've got some 40 mile an hour northeast winds or something They fly under 500 feet so they don't interfere with normal air traffic Um, and they do have a pretty pretty sophisticated setup. So Um, they have an range about 93 miles Uh, and I'm and they use gps. So even if they were getting winds The the drone to be pushed off But I'm sure it could calculate at some point where to drop and besides, you know If you're dropping it within the in an area where you have a giant red box A lot of grass, shrubbery and dirt the the giant red box is going to stick out That's a good point. Yeah, it's like a video game to me The snack somebody in the head while they're in their, you know, hammock in the backyard or something That's the only thing I was worried about but yeah, it's it it's a pretty neat idea Blood is a weird application, but I think they get it I agree that with the chat room that vampires will love this Yeah, love it vampire blood drones. We're on to something here. I know that I know the theme for the next underworld movie sequel. So Uh, hey, it's time to show some art from len len's been plugging away on something over there Plus we got uh, gotta remind people about the rad new poster you're working on len. What do you got? Yeah, well I I am going to put this squarely on the fact that pre-show. We were talking about westworld Um, I you know one thing that you forgot to mention not that you do forgot to mention But didn't mention was that the name of the attack Is a showdown s s h o down and the very first thing I thought of was a cowboy the showdown So uh, so what I have here is a uh, is a is a cowboy sort of put together with all these Internet of thing devices dvrs routers usb thing all these other things And uh, he's saying it's a showdown Even a little tumbleweed in the back there for everybody there. So That's awesome. This is on my online store right now Over at lennproaltestore.com the big poster or that's the thing I'm most excited about. Yes. Yes. So uh, I am every year I do these posters for daily tech news show. I've done Two of them so far this year. I'm actually looking forward to year four for daily tech news show And I'm calling it the year of the superfan Uh, and uh, you can go right now to lennproaltestore.com and it's right on the front page It's the year of the superfan poster where you can get drawn right into the poster be a part of it Uh, uh, you can also order a generic version of it, but the generic version doesn't go out until later on after The new year because anybody that orders a generic version or orders the personalized version Will be It goes into a drawing where they get to chew We get to choose One person who is going to represent the superfan for 2017 year for dts. So Go over to lennproaltestore.com both today's print and the year of the superfan poster is up there right now And it's got scott. I drew scott today. That's got the I added peter wells jenny tom roger Yeah This is a great, uh, totally dig it. Uh, my favorite is probably darren because that smile He looks like that in real life, so That face never changes frozen in place Excellent stuff. Again, that's lennproaltestore.com. Uh, yeah, it's got lennproaltestore.com. Go check it out Lynn always a pleasure. Thank you. Thank you very much. Always a pleasure as well. Whenever I come in here and fake host It's always good to have a friend Anyway, uh, big thanks to everybody who uh, who listened today and I've got to thank our guest my goodness Uh, I don't know if I could have done this without you snubs It's just her name on twitter Jan what what else are you doing? Tell people where to go. Where can they find you? Oh, yeah, so you can go over to hjk5.org to see all of our hacking things that we do every single day. Um, we Are over on our youtube. I'm trying to hit 300,000 subscribers So if you haven't subscribed to our youtube channel, definitely do that youtube.com slash hjk5 And then on tech thing, um, I just got to review this really cool device called the dji osmo mobile It's a it's a gimbal for your smartphone So it's like if you're one of those crazy vloggers like I am apparently that's what I've been doing lately. Um, I You can take this thing with you and you can get super steady shots with your phone So it was really cool. It was a lot of fun to shoot that episode and you can find that Over at tek thing.com. Nice. I like your uh, your What do you call it snapchat is great and you want to see some real video blogging. There you go snapchat Snubs on there too, right? Are you snubs everywhere? You're just snubs. Um, I'm snubsy on snapchat because snubs was taken I was like who took snubs. Who is this person? I will find them Yeah, they're probably they're probably 13. Who knows where they are now Uh, well, anyway, it's good to have you on thank you for being here and hanging out with me today Thank you and you're an awesome host. Oh, thank you so nice. Uh, no, and also one more thing I know what you said go cubs earlier. I on the alcs. I'm saying uh, go go uh go indians go try All right, all right go go cleveland Whenever you don't know where to go and go cleveland Hey, our email address right here on the show is feedback at daily tech news show.com. Don't worry. Tom will be back Monday through friday as always 430 mountain time you can catch the show live that way Oh gosh, what else? Um Oh, that's eastern by the way 4 30 p.m. Eastern at alpha geek radio.com diamond club.tv for your live business Also at daily tech news show.com monday's guest is veronica and bill mont destroyer of worlds. We'll see you guys then This show is part of the frog bantz network. Yes get more at frog bantz.com Ironman club. Hope you have enjoyed this bro And scene That's a good show. Yeah, well done everybody. Yeah, it was great It's uh That went great I'm so good with my channel new stuff about our topic. Yeah. No, it's great. It's awesome because i'm hideous at that stuff. Um Okay, let's see what the titles. Why did I call you Sharon? I have an aunt named Sharon Okay, like half the internet calls me Sharon. Okay. Good. I don't feel as bad now I guess I guess that's my alternate name I get called steve all the time for no reason I can think of but it happens Totally look like a steve. Yeah I'm into texting which is a show that I do with patrick norton and they said hey darin and shannon and I was like No I always think of patrick beige. I want to think of patrick norton. So whenever i'm talking to one of them I conflate who i'm talking to all And they're nothing like each other. One is a gigantic dude in california and the other one's a tiny little wiener frenchman Okay, so the titles are a show without merit Every time I host one it's always a show without merit I think it's just uh Have it now. Uh, samsung's process explode Farting at blizzcon ruins it for everyone. That's like I like that one. I thought Double low negative fact checked mark Squirts around the cloud button out of things SS Around the cloud that's like ssh and then it's ssh help That's a lot of wands You need that you need to ssh that iot ssh sso sso That's actually kind of funny Button out of things The uh f protest just buy it. They're not so secure shell throne blood poop drops Zone blood poop drops. I knew I'd regret it the second I said oh, there's there's Sharon's the f protest. Yeah Um I definitely like the iot Yeah, that's cute. Although I would have to make the oh a small iot ssh sso sso l Um farting at blizzcon ruins it for everyone But that was just that was just a small reference aside. Yeah one that I regret so don't use that one. Let's see Um, did you fart who have you have you experienced that like someone I'm curious why why that let me tell you what happens at blizzcon. So It is one of the fartiest conventions of all time and I'll never forget In 2011 I was there with Veronica Belmont. I'm sit. Was it Veronica? Oh, it wasn't We're about to walk into the main hall there and she turns to me and she goes are you ready? I said for what she goes room full of hot farts And I never forgot it hot farts at blizzcon has been this thing for since then and I can see how that could happen At gen con at least you have an open air sort of like large area that they can escape but The the problem is let me at blizzcon gen con Do you do they serve food like do they have a commissary or yes? The problem is the foods that they serve at that thing are just not good. Yeah, they're far producing Yeah, it's just like gas chicken chicken nuggets, honey mustard a pizza Pizza with the crusty cheese It's just like all of it's bad for any digestive tract known to man Yeah, it's all bar. It's all fart food food But when I go to blizzcon they give me a media bad or pass so I can go upstairs into the media area And they have like this fully turkey wraps decked out like like What do you call it like a big food line that's all catered by okay? Yeah, and it's great Buffet that's the word But it's all really good and they have like 12 kinds of things and they have tons of asian food Because there's like so many south koreans there for starcraft coverage They have korean dishes and all this stuff there and they'd kimchi one year like 2013 I think and I remember going what is this kimchi doing here and then went all right They've got like hundreds of korean reporters. They're covering the starcraft finals So I think that's what they were doing. They were catering to you know Pultures literally catering. Yeah quite literally catering to their needs Uh, I I I am leaning toward iot in and of things ssh. S. O. S. O. Well, I agree Hey, I like it. I like that one. Yeah Congratulations, I see you can you hear this that it was uh, you can hear that, right? I didn't hear anything We're them basically getting these you hear sharon talking or sharon shannon Oh my god stop i'm gonna punch my aunt sharon when I see her Let's say your family's that tight I love you. Here's a here's a here's a punch I don't get them. You're great. Thanks a lot Boom shannon. Okay. No that's shannon. I'm glad I'm glad Okay, I'm sorry. I'm just editing this. So roger. I'm gonna put this wave in there shortly Cool Do you want it on it's pretty big you want it on slack? I guess it doesn't matter Well, it's like it just puts it in drop box Oh, is that all it does? Yeah. Oh, hey tom's in the chat room. Hi tom Hey tom. I'm sorry. We got to be good now The main I started the live recording with cussing I'm fired. He made it to where is he going la to see you or where is he going to san francisco? Yeah, he's coming up here. Okay You remember the daily tech. All right, there we go. Oh, you're screwing me up. All right. I know He's a robot. He's talking twice out of his mouth. He's a demon All right Everyone else a geek You know, what happened what happened to the light? Where's the light? Where did the live stream go? No I mean then Let's see master audio All right roger. I'm gonna put this It's gonna be a direct message to you. Okay in slack. Yes Oh, it says the limit cannot be any bigger than the gig Oh, you know what? Just level eight and then come send it to me. It's an mp3. It's one one. It's 1.1. Well, you know what I'll do I have like a hundred drop. I'll just put mine on link it Worry not I got this very not friends very not All right There you go. You should have that soon Hey, land I had a question. Actually, let me stop alpha geek radio. Thanks everyone for listening I am gonna turn it back over to The off air Bye-bye everybody. Have a nice weekend. Let me stop the broadcast. Thank you. It's awesome talking talking talking