 Daily Tech News show is made possible by its listeners. Thanks to all of you, including Chris Allen, Chris Smith, and Mark Gibson. Coming up on DTNS, Shannon Morse gives the scoop on what went down at DEF CON plus Spotify wants you to make podcasts and reaction to playlists and the chip shortage is quickly shaping up to be a chip glut. This is the Daily Tech News for Tuesday, August 16, 2022 in Los Angeles. I'm Tom Merritt. And from Studio Redwood, I'm Sarah Lane. From Studio Colorado, I'm Shannon Morse. And on the show's producer, Roger Chang. Shannon has literally braved hell in high water to give back. It's true. It's true. Oh my gosh, there was a flood. It was crazy. Yeah, we'll talk a little bit more about that on the extended show, I suspect. But let's start with a few tech things. Android 13 is rolling out to Pixel phones and includes a new privacy feature which clears the clipboard after an hour in order to protect any sensitive data like emails, phone numbers, and passwords. G-Board previously included clipboard wiping after a period of time, but the new Android feature will work regardless of which keyboard is in use. That is, if you get Android 13, there are widespread reports of Pixel 6, 6 Pro, and 5A owners getting updated to Android 12 by a mistake. Android 12 is being the version of Android that they are already on. So it's not really an upgrade. That's quite disappointing. Lift and Autonomous Field Company Motional have launched their autonomous taxi service to the public in Las Vegas using Hyundai Ionic 5 electric vehicles. The service has been in testing since CES 2018, if it sounded familiar. But as of now, all Lyft customers in Las Vegas can request an autonomous vehicle ride for free and you don't need to join a beta program. You don't need to sign an NDA. It's just subject to availability. You may not get the car at the time you request it, but if you do, you don't have to pay for it. A safety driver will be on board for all the rides at this point, but you get to pretend like they're not there. So you're going to get some extra features like the ability to unlock the doors from the app. Start the ride once you're inside. Those are features you're going to want in fully autonomous cars that don't have a driver. So Lyft is partnering with multiple AV companies across the U.S., including Waymo, Argo, and Volkswagen. And they would like to have fully autonomous cars without drivers on the road in Las Vegas next year. Good news for anybody looking for a new CPU potentially. AMD will announce its Ryzen 7000 CPU line in a YouTube livestream on August 29th at 7 p.m. Eastern Time. The company will announce model numbers and we'll have more information about the Zen 4 architecture and AM5 platform. In June, TikTok began routing all U.S. data to Oracle's cloud infrastructure. We talked about that on the show. That was the beginning of something they're calling Project Texas because Oracle's headquartered in Texas. And it's meant to reassure the government that U.S. user data is safe and that content recommendations are not being manipulated specifically by the government of China. A spokesperson told Axios that Oracle is now conducting regular vetting and validation that content recommendations are in line with expectations. So they look at them and say, is that what they should be? Okay, it doesn't look like it's manipulated. Oracle will also conduct regular audits of both the automated and human moderation decisions where somebody goes in and says, we're taking this down because it doesn't fit our community guidelines. Oracle's going to make sure that TikTok is only taking down things because they were not in line with TikTok's community guidelines. Well, we've been talking quite a bit on the show this week, two days in, about who has the rights to what when it comes to streaming services. Amazon Prime Video has exclusive rights to NFL Thursday night football this season. And those streams will be included in the traditional Nielsen TV ratings. If you're not familiar, Nielsen has separate ratings for streaming TV, but has never included streaming viewer estimates in its traditional TV report, which is pretty important turns out, especially for advertisers. Nielsen will use the same 42,000 homes panel it uses to estimate TV broadcasts and cable ratings to measure Amazon viewership primarily on TV sets. So basically, they don't need to separate streaming if they don't want to. And I guess Amazon wants that because they want advertisers to feel apples to apples comparisons with the other NFL games being broadcasts. Totally. Alright, let's talk about Spotify's weird thing. Let's do it. So I read a user called Mordical 2019 posted that Spotify is testing audio reactions for some users in Vietnam. So last month, some Spotify users in New Zealand and also the US saw a record podcast, record podcast rather button on their Spotify home screen. What does that mean? The Vietnam test is focused more on reactions. So when listening to a playlist, you could tap on a microphone icon to get a prompt that says, what do you think you can then record an episode to share with, you know, whoever, you know, based on your thoughts on the playlist, you can then record a reaction at once or pause multiple times. You can also add background music and tags. So this is basically like putting together a podcast for you. Spotify confirmed to TechCrunch. It's conducting a limited test of in-app audio creation, but did not provide any more deeds. This is odd because it was a test like you said in the US and New Zealand that was like straight up record a podcast. Want to do a podcast? Well, we've taken all the tools of anchor and we stuck them in Spotify because we own anchor. That made sense to me. This is you're listening to a playlist of music. Would you like to record a reaction? What do you think of the playlist? Which is interesting until it got to the part where the text on the screenshot says, record an episode to share your thoughts on the playlist. Very clearly saying, we want you to start a podcast about what you think about this playlist. Listen, if I do something on Spotify and Shannon is like, oh, I have some thoughts and record something, I might be interested in that. But that is kind of a strange thing to think that most people will do. Yeah, I kind of agree with you. Yeah, most people won't. Yeah, exactly. It feels almost like this is going to be a way for people to make vocal reviews, not so much podcasts. So calling it episodes sounds so very weird to me. And I did read on, you know, through the article looking at the screenshots. And at first I was wondering like, is this going to invite hate speech to the people that are creating playlists? Is this going to invite any kind of harassment? But that is one of the terms of service that you have to abide by. If you want to do these, I'm going to call them vocal reviews before you click I'm ready and you actually record one of these things. So there seems to be some moderation going on, very similar to podcasts. But how would you make a whole podcast like episodes around reviewing playlists? Just a bunch of reactions. I mean, that doesn't sound like a fun thing to me to be like, OK, so Shannon said something. And now Tom, Sarah, and, you know, five other people, 10 other people also said something. And now I have to listen to all that stuff. I don't know. Yeah. To be fair, these are the kinds of reactions that Twitter and Facebook and the Internet itself all suffered. When they first came along, because people were like, well, why would you want to do that? I'm certainly guilty of being one of the people who said, why would you ever want to take a picture with your phone? I was wrong. So I don't know. Maybe we're being those people here and there's some amazing thing. Obviously Spotify is just testing. They're like, well, let's see what people do with it. And maybe that's the weirdness. The weirdness is what we're using anchors podcast oriented infrastructure. And so some of that default language creeps in, but we'll just see what people do with it. And then maybe we'll tweak it and change the labels. And people are in the audio right now. They're into spaces and, you know, doing audio sharing. I was going to say clubhouse. Yeah, I almost said clubhouse too and then I backed off. But there is interest in doing that. It's only when they start to say calling it an episode and calling it podcasting that it gets weird. Because separately, I do think it's smart for Spotify to be like, hey, launch a podcast within Spotify, but then we'll capture you within Spotify. I get that. I mean, I guess when it comes to audio based anything, let's say it's a very popular podcast, you can get lots of reactions in, you know, maybe they're written. But if they're spoken, maybe they'll kind of reach the creator a little bit more than they would have before. And that's kind of cool. Anchor leaned into that in the early days before Spotify owned them. You could send voicemails to all of the shows that you followed on anchors. So if it was more like that, I'd understand. But then it's also not about podcasts. It's about playlists. So, yeah, it's a test. Can't wait to find out what they found out. Oh boy. Well, speaking of finding out back in 2020, remember that year we started hearing about the chip shortage and its multiple reasons and effects. The most commonly cited effect was a shortage of chips for new cars, vehicles. Within the last couple of months, we've heard that the shortage has been easing. That's good news for some folks and that consumer chips like GPUs were becoming easily available again. Prices were returning to MSRP, sometimes even under that. Supply chain rumors hint that AMD and Nvidia may reduce prices even more in order to clear out inventory. See, we were wondering whether it was going to happen and it's happening. So that's good news for consumers right now, but signals a looming problem for chip makers. So Tom, what do we do? Yeah, what we do is we get Ian King over at Bloomberg to write a story called Chipmakers Pandemic Boom turns to bust as recession looms. Probably good news for consumers, although there's a caveat to that. But it looks like it's bad news for chip makers. King lays out the case with the following stats. Nvidia reported more than a 40% decline in its core business. Micron warned of falling demand. This week, the Chinese government put out data reporting a 17% decline in integrated circuit output in July. And remember, China still makes the majority of semiconductors in the world. Mercury Research reported in Q2 that desktop processor shipments fell to their lowest level since 1984 around there. All of that supports analysts who say the chip industry is experiencing what they call an inventory correction. Last time we had one of those was 2019. The cause this time, though, is different. This is partly the aftermath of that surge in demand during lockdowns, combined with some economic uncertainty that has consumers spending less in general. And the timing, Sarah, seems like it's a little unfortunate. Indeed. So all of this is happening as the US and China and Japan and Europe are all issuing subsidies to build chip capacity. Chip Industry Group SEMI reports 24 new large-scale plants are being built this year. That's above the average of 20 since 2014. SEMI says spending on chip making equipment will rise 15% this year to $117.5 billion and hit $128 billion in 2023. Math is hard. Samsung, TF7C, and Intel account for the majority of production in this case. As Fitch, Radians, Analysts, Jason Pompeii put it while speaking to Bloomberg, the chip industry may be over-investing in production capacity, heading into an economic downturn. But I've got some good news for you. It takes a few years for those chip fabs to come online, right? We're talking 2024 for the ones that they're starting to build now. So maybe the chip downturn will be over by then. And those plants will. I don't know. Right online. Jen and I see you smiling, a big smile of someone who wants to buy a GPU. It's true. Well, I am a PC builder at heart. I mean, I've been doing this for years and I've been very, very intrigued by all the ups and downs during the pandemic of chip shortages and chip supply because that really affects consumer pricing. And for me, I've been saving for a very long time and just waiting for these numbers to go down. So the moment that they go down to a point where I'm comfortable, I will be one of those people that goes to Best Fire, goes online and actually purchases these things. So hopefully I'm helping the chip supply and hopefully I'm helping their businesses by a consumer. Thank you for your service. Absolutely, happy to help. That's what happened in 2019 and that's what has happened in other inventory corrections where the chip companies are pretty good at this stuff, but you just can't pinpoint demand precisely. And so they occasionally run in front or run behind of demand even in the best of times, right? So in 2019, they had an inventory correction, prices went down and the shannons of the world ran out and bought it up and then the prices went back up. It all leveled back out. The question is, are there less shannons? No irony there. That was the last time I built a computer was in 2019-2020 timeframe. So you're a leading indicator. Apparently, yeah. I guess I'm on the same course of this manufacturing as the chip makers are. So I'm pretty happy about that, but yeah, I'm ready. Well, I mean, it's somebody who built a computer maybe at the height of some prices and now is enjoying some price falls. I mean, what would your, I don't know. I guess, what would you say to other people who might want to get into the same? Yeah, absolutely. Well, I feel like if you did spend a lot of money during the pandemic, first of all, and you're thinking about investing in something new, now is a good time to do it. I would definitely start studying up on different websites and seeing what the best prices are and absolutely consider just upgrading a few components here and there. You don't have to rebuild an entire PC to save some money, especially with an economic downturn. You could definitely look at just a bit here and a bit there, like change out the RAM and upgrade that first and then change out your GPU and upgrade that when the prices fall on that because we will probably see different pricing decreases over the next couple of years as things start to shift. Not everything is going to decrease at the same time. I have been sitting on my prediction from last year that the chip shortage would end thinking I was wrong. Now it's starting to look like maybe I'll be right in a way that's bad for the businesses involved, but maybe good for consumers, as long as it doesn't shove those businesses into reducing capacity too much, but because we have these subsidies, maybe it won't. Hopefully it doesn't cause businesses to hit such hard times that they have to sell themselves and we see more consolidation, which is always bad for pricing as well. I wonder now, I think the next canary in the coal mine is this AMD announcement that we mentioned earlier in the show and how available those CPUs will be. Intel has got their 12th gen coming out in September at some point. We'll see those have historically been like, here's an announcement, good luck getting them, maybe it won't be. Maybe it'll be easier to get a hold of these new items and then hopefully people will want to buy them and hopefully the economy won't be so bad that people won't buy them and then we'll balance back out again. Hopefully there will be a lot of people like me who have just been waiting with bated breath for all these prices to go down so that we can use our little bit of savings and just go running for all the chips that we wanted to get like three years ago that we just couldn't have access to because it was way too expensive. I've always said we need more shannons in the world. Yes, we need more shannons now. All my doppelgangers. Folks, if you haven't thought about something on the show, maybe you've been out there shopping for chips and you've got some ideas, send us an email feedback at dailytechnewshow.com Well, lots of stuff happened at DEF CON last week. You may have heard that the founder of the Objective C Foundation, Patrick Wardle, not Wardle, discussed his discovery of an auto update vulnerability in Zoom, something that he discovered it wasn't actively exploited and Zoom has now patched the issue. They took a couple of days longer than some people thought. They should have to get it patched, but they did have patched and you probably don't want to auto update. You probably want to go download that directly from Zoom or choose check for updates within Zoom. That's just one of the items out there getting a lot of attention. Shannon, you were there. What else caught your eye? All the things. We had so many really interesting perspectives coming out from this weekend. One has gotten a lot of press and this is about a security researcher called SICK codes who presented a jailbreak for John Deere's 26, 30 and 40 to 40 tractors that grants the user root access to the underlying Linux operating system. So this can help owners bypass digital locks that prevent them from repairing the tractors themselves. The method requires soldering controllers to the tractor circuit boards, which is pretty easy to do. And to demonstrate the jailbreak, SICK codes worked with modern Skelligant to run a version of Doom on the tractor, which is so funny and very hacker ethos. You always try to run Doom on everything and that version of Doom was modded to be set in a cornfield. Has it actually been hacked if you haven't run Doom on it? That's the question. No, that's the rule. It has to run Doom. Well, but like all kidding aside, if someone's like tractors, I mean, what could, okay, if somebody hacks a tractor, what is the worst thing that could happen here? And that's a great question. I think this really comes down to this history of John Deere being very anti hacker ethos, that they've really tried to hold a lot of the operating system warranties under their own belt so that they can charge fees to farmers in order to fix any kind of issues that they run into with their tractors. So in John Deere's case, it's not necessarily about like what can happen if a hacker gets a hold of this. It's what are we doing to help farmers fix their products immediately because often you find that when it comes to food and being able to harvest, a lot of that comes down to being able to do it immediately and being able to get that harvest out before the next big storm comes. So if you have a tractor that breaks down in your cornfield, for example, in the doom case, then that might end up impacting your income as a farmer in very destructive ways. So the fact that John Deere has never really been open to the concept of letting people fix their own products has really, really turned a lot of people off. And that's why we have been seeing a lot of security researchers trying to help out and help farmers so that they can kind of protect their own incomes. Yeah, and I would hasten to add, they haven't been receptive to letting farmers repair the software in the tractor. They've got no problem with you, you know, putting new tires on them. You could fix a tire, yeah, absolutely. But it's the software. They have been very antagonistic towards the idea and saying you should just take it into the service department, which rubs a lot of farmers the wrong way because farmers tend to want to do things themselves if they can. Yes. It's cheaper and faster. I don't know that having to solder the controllers to the tractor circuit boards is cheaper and faster, but this might lead to a product that would be easier and cheaper and faster to do just by demonstrating that it's possible. That, though it sounds like Shannon, wasn't typical of what you were seeing, that antagonistic relationship. Yeah, exactly. It was really interesting coming to DEF CON 30 and seeing how the hacker history has changed over the past like 10 to 13 years that I've been going to this convention. This year was one of the very first times that I've seen a lot of different companies and a lot of different brands from different infrastructures coming in and talking to security researchers face to face. For example, I went into the biohacking village and there were actual manufacturers and brands with people there that were talking one-on-one with security researchers and had their physical products with them so that security researchers could look at these products, could open them up, could try to find the vulnerabilities, and they were actually showing them like, here's our bug bounty program, here's how you can report that. And because they were so open to having those kind of conversations, you actually saw real CVEs coming out of this weekend that have not been publicly disclosed yet because they need time to patch these products and patch these vulnerabilities. It was the company working with the community. Yeah, it was the company working with the community. And I feel like we need more of that because the products that are having these vulnerabilities are things that have to do with health. The car hacking village had the same thing. We saw manufacturers there. And oftentimes when you have this open conversation, when you have this kind of cooperation, you're able to find vulnerabilities and fix them so much faster because the brands are so much more open to it. And they realize that we're not trying to attack them, we're not trying to be malicious about it. They realize that we're trying to keep everybody safe. We're trying to keep consumers safe when these products come to market. And that's what it really, really comes down to. Yeah, if anybody doesn't know CVE critical vulnerability and so working together, that idea of the company saying, yes, please come poke around. Oh, we found a critical vulnerability here at the show. Amazing. We'll get onto patching that before anybody can exploit it. That's what you want. Absolutely. Even with the voting machine village is another great example of a village where they didn't have any brands come in, but they had the products there. And because of that, you had hackers checking out these products face to face and being able to look at those. There was one brand there that was doing a CTF over the weekend, which is called a capture to the flag. That's the kind of contest that you will see running during the weekend where if you're a hacker coming into DEF CON, you're supposed to find the vulnerability, the first one that does win some really cool prize. And because that CTF was happening, that brand that's involved is able to figure out a lot of really interesting things that are happening with their products, with their physical products. I would love from the perspective of a journalist who is reporting on these kind of vulnerabilities to see more of that cooperation between brands and hackers because oftentimes either party is going to be so antitrust with the other party that you don't get these vulnerabilities fixed in a really quick process. Well, it sounds like there's a little bit of that happening now. Real quickly, how did it feel to be back at a full DEF CON? I'm so glad you asked. It was so good. There were several times where I cried from seeing friends that I haven't seen in three years. I just felt like I was ambushed by like three of my friends the first day that I got there and we all hugged and cried. And it was just a wonderful process. And it's really a community there. And one of the things that Jeff Moss, Dark Tangit, who runs DEF CON 30, he was the creator of DEF CON as well as Black Hat, one thing that he said that really, really struck a chord with me is how DEF CON is a platform for all these different kinds of hackers. And that really rings true when you go into every single one of the villages there. Whether you're looking for a vulnerability in the biohacking village or you are giving a talk about hacking a John Deere tractor, there's something for everyone and that very much rang true with their homecoming spirit of DEF CON 30. So I'm grateful that I was able to go and I'm able to share that experience with the people that weren't able to go in our audience. Fantastic. And thanks for sharing it with us. Of course. Well, let's go to the moon, shall we? Hundreds of Chinese scientists spent ten years creating the most detailed map of the moon ever known to humankind, helping lunar exploration. But also, also just cool for anybody who wants to study our natural satellite in a little bit more detail. So up until now, the USGS map of the moon had a resolution of one to five million. The new map has a resolution of one to two million five hundred thousand. Somewhat in half. For those who know the moon, the pics are centered around the taiko crater, but the map shows the lunar surface overall and over 12,000 craters because the moon is kind of a complex place, y'all. Trying to begin its lunar exploration program in 2004 and has sent its own orbiters, landers and rovers there. Those missions gathered data that fed into the current map that we have access to today. Yeah, and they used data from existing stuff and standardized it. So this is a really useful map for whatever organization or country wants to go to the moon. Much better than my little moon globe where you can barely see anything at all. Wait, I'm not looking at you. Oh, yeah. Oh, cute. It looks like a death star. You can see where Apollo 11 landed. That's about it. Yeah. And there's some spots. So this is much better. Tom, this is the great news about this is we know so much more about the moon. Yeah, yeah, yeah. No, it's fantastic and a good and because it's open a good resource for all of Earth. If you want to go to the moon, y'all have fun. You can visit the moon without having to visit the moon, Sarah. You can just look at this map for the safety of your own. No, I guess. I guess that's pretty cool. It's a huge moony. I appreciate it. Yes, indeed. I'm sure there's a moony in the audience here. You know, of course. Let's check out the mailbag. All right, this one comes from Tony who said just wanted to drop a quick note to say love your show. Look forward to hearing you all daily. Thank you for keeping me relevant to this ever-changing world that we live in. You haven't always will be a thing to me. Aw, thank you, Tony. Thanks, Tony. Listen, you know, we don't like to be too self-congratulatory, but like these warmer hurts, so thank you. It's nice to hear that. It really is. So thank you to Tony, anybody who has thoughts, comments, maybe good news, maybe bad news, all feedback at DailyTechniqueShow.com is where to send that email. In the meantime, thank you to Shannon Morris back from DEF CON. Shannon, I know you're tired, but thank you for being with us today. You were great as always. Let folks know where they can keep up with your latest. YouTube.com I'm going to throw you a bone here. Hack 5. A different one today. I will be posting my Threat Wire DEF CON 30 wrap-up video with a bunch of interviews. I did like nine interviews this weekend, so keep an eye out for that video. It'll be posting later today, which is Tuesday the 16th. I'm very excited to post it. Excellent. We also have a brand new boss to thank, and that boss's name is Tony. Tony just started backing us on Patreon. Thank you, Tony. Tony's the best. Love a Tony. I know, we love a Tony's today. Patrons, stick around for the extended show, Good Day Internet, GDI. If you know, you know. But if you don't know about our live show, you can catch the show live, Monday through Friday at 4 p.m. Eastern, 200 UTC. You can find out more at dailytechnewshow.com slash live. We'll be back doing it all again tomorrow. Scott Johnson joining us. Talk to you then. This show is part of the Fraud Pants Network. Get more at FraudPants.com. Diamond Club hopes you have enjoyed this program.