 Coming up on DTNS, the colonial pipeline attack is resolved, plus what a US executive order on security means, and a way to let paralyzed people type with their minds. This is the Daily Tech News for Thursday, May 13th, 2021, in Los Angeles, I'm Tom Merritt. And from Studio Redwood, I'm Sarah Lane. From Austin, Texas, I'm Justin Robert Young. And I'm the show's producer, Roger Chang. We were just talking about Disney's new streaming numbers, how they compare to Netflix, the new CDC mask guidelines, and why Justin is willing to go inside for a paid event. It's amazing, folks. Get that wider conversation on Good Day Internet. Become a member of patreon.com slash DTNS. Let's start with a few tech things you should know. Microsoft is shutting down its Azure blockchain service on September 10th, with only pre-existing deployments supported until that date. Microsoft is suggesting that users start migrating to an alternative, recommending Consensus Quorum Blockchain Service, Azure Blockchain as a service, or BAAS, launched back in 2015, on the Ethereum platform with Consensus, with a certified blockchain marketplace, as a short-term goal, but there's no official word on the reason for the shutdown. Not a good sign, though. Italian antitrust regulators have fined Google $123 million, saying it abused its dominant market position with Android Auto, by restricting the electric car charging app JuicePass from being on the platform. As part of the ruling, Google must allow JuicePass on Android Auto, and provide the same interoperability to other third-party developers. A new national blueprint in South Korea outlines plans to invest $450 billion to build the world's biggest chipmaking base by 2030, involving 153 companies. Samsung Electronic will boost spending 30% to $151 billion by 2030, with SK, a hynix, committing at $97 billion to expanding facilities, in addition to $106 billion plans for four new chipfabs. Roku announced it'll launch its original programming on the Roku channel in the US, UK, and Canada on May 20th. This is the original programming, not the stuff that's provided by other great people like Rotten Tomatoes. The initial slate will be 30 shows Roku previously acquired from Quibi, with plans to roll out more acquired content throughout 2021. Intel and Q-Tech demonstrated a first in quantum computing, high fidelity, two-cubit control using its horse-ridge cryogenic control processor, opening the door to processors that integrate the electronics and the quantum chip on the same die. Previous quantum systems were often bottlenecked by using room-temperature electronics to manage a super-cooled quantum processor. Oh, folks, the fuel is flowing again. Can you feel it? Can you feel it under your feet east coast? Colonial Pipeline, which had shut down its 5,500-mile fuel pipeline in the Eastern US, not 500,000 miles, after a ransomware attack, reopened the pipeline Wednesday afternoon. Colonial says it will take, quote, several days for product delivery to return to normal. So by this weekend, service should be back to normal. It's gonna take a while for everything to catch up in the system. Bloomberg sources say that Colonial paid a $5 million ransom to unlock its systems, which is surprising to some because CNN and Reuters reported Colonial was not going to pay the ransom. In fact, CNN even said Colonial had managed to retrieve the most important data without having to worry about ransomware. If you've got proper backups and can restore, often that is the case. It does not appear still that control systems were ever directly affected by this. Security reporter Kim Zetter, who does a great job on this stuff, suggested from a source that the shutdown happened not only to prevent the ransomware from spreading from Colonial's business systems into the control systems, but also to keep the systems of other companies in the distribution network, like tank farms, safe from the ransomware. So it wasn't just Colonial's own systems. The Associated Press cited the author of an independent audit of Colonial Pipeline from 2018, just a few years ago, as finding atrocious information management practices and a quote, a patchwork of poorly connected and secured systems. So that author saying, not a big surprise to me, that Colonial got hit by this, but we still don't know if they really did pay the $5 million, kind of looks like maybe they did. Yeah, that's a very interesting question because when we get into the idea of ransomware, which I think, aside from great shows like this, is undercovered in terms of what a lot of the effect that it can have, we should probably have a better idea, not only in terms of business standards, but also our public response to how these kinds of threats should be dealt with. I'm glad they got it reopened, obviously. We're gonna see a spike in Google searches for how do I return a bag of gas for a full refund, but we will... Is it legal to sell a bag of gas? Yeah, current going price for a grocery bag of gas will certainly be entered. I don't know, I wish that we could say this is going to be the most audacious ransomware attack that we'll see this year, but I don't think I could do it with a straight face. It sounds like based on this independent audit, that Colonial Pipeline had a lot to learn about being a little bit more secure. The word's atrocious when talking about a patchwork of connected and supposed to be secure system that were in fact not. So that's one issue. I do think the other issue is, and I understand why Colonial Pipeline, if a ransom was paid five million at that, why the company didn't want to say so, right? Because it's like you're sort of admitting that you needed to do that and you weren't already up to speed and kind of encourages ransomware attacks. But it would seem that this shouldn't be a question that sort of like, did they or didn't they? I mean, the folks who wanted that money would probably have some way to prove that they got it, right? Yeah, I mean, as far as keeping it out of imitators, on the one hand, not having it public does maybe keep a few people from believing that it's widespread and trying it, but if Darkside, the attackers that are thought to have done this did get five million out of Colonial, Darkside knows, and so do a lot of other people on the dark web who follow what Darkside does. I'll be honest, Bloomberg source says that five million isn't really a lot. For usually something this size would be 25 to 35 million. So if they did pay five million, I think they got off cheap and it may be that Darkside didn't mean to go after Colonial. I'm still holding that out as a possibility that this was accidental, that it was targeted at something else and maybe because Colonial's network is so atrocious, it spread worse than was intended, or that they overshot and realized, oh, wait, we don't want that kind of attention because ransomware folks don't want a lot of attention. They want to be quietly paid because they don't want law enforcement targeting them. They don't want people to know about them. They just wanna go about their business and make money. As Darkside has said in its public statement on Monday, that's why they do this. They're not social activists. They're trying to just rake in dollars. Straight crooks. Yeah, we're gonna talk about a story a little bit later that gets into some of these issues, but for right now, I would just say, if you are a major company, I feel like we should record an infomercial. If you or someone you love has an atrocious information management practice or a patchwork of poorly connected and secured systems, now is the time to invest in infosack. Yeah, as we have said over and over, what Justin just said is entirely true. You will pay later at some point. If you don't pay now, pay now to good actors that will make these glaring holes in your system harder to exploit. Tesla's Elon Musk issued a statement announcing the company will stop taking Bitcoin 49 days after they announced that they would accept it for the purchase of cars. Tesla holds about $1.5 billion worth of Bitcoin and Musk says the company will not sell anymore of it. In the statement, Musk said the company is concerned about the energy use of Bitcoin mining, especially where power comes from coal, quote Musk. We intend to use it for transactions as soon as mining transitions to a more sustainable energy. We are also looking at other cryptocurrencies that use less than 1% of Bitcoin's energy to transaction, quote. This is weird to me. Well, okay, it's Tesla and it's Elon Musk. But 49 days ago, and we talked about this, oh, Tesla's gonna start accepting Bitcoin as payment for vehicles. Okay, sure, fine. That didn't seem too weird at the time, it's just an option, it's not required. But 49 days ago, the company would be aware that there is at least a conversation, not everybody agrees on how bad it is, but there's been a conversation going on for some time about energy consumption from mining Bitcoin. So for the company to say, you know, whoa, we just read this article and boy, it seems like maybe this is a little bit too, you know, tough on the energy sector here. We're gonna pause this whole thing until we can figure out a better idea. But it is just not wringing true to me at all. It's not like y'all, I was just on medium and you have no idea how much. Yeah, it's just, that's insane. Justin, what changed in the past 49 days? So let's understand that Elon Musk indeed is capricious and very much a subscriber to the move fast, whether or not it's rather, you'd rather take this moment of embarrassment or backtracking than double down on a mistake. This could easily have just been grime showing him a TikTok explainer that made him type up this statement and post it on Twitter. However, if I were to guess, I would say that part of it is Tesla's mission is clean energy. If this is something that they materially and they could only mean Elon Musk or other people in the company believe that the idea of Bitcoin is environmentally unsafe begins to erode that part of the brand, then now it is brand detrimental and you'd rather cut it off here than go on later and say, well, okay, well, if Tesla really does care about clean energy, then why are they taking Bitcoin? They'd rather end it there. So I guess what you're saying is 49 days ago, they didn't think there'd be as much backlash as they saw. That, yes. It's not that they didn't know there was an issue. They just didn't think it would be as big of a deal. If it becomes a problem to the brand, then yes, it now becomes something that they need to react to in a way that they wouldn't before. Well, that might be the only thing that I'd like to. Well, speaking of currencies, remember Facebook's Libra? It was gonna be backed by a basket of stable currencies and operate under a Swiss payment license. Yeah. Remember how nearly every government in the world lashed out against it as they felt it threatened to undermine government plans for digital currencies. Indeed. Well, yep, yep, so that all happened. And now it's not Libra, it's the DM association and it's not backed by a basket of currencies, just the US dollar. And now DM has withdrawn its application for a Swiss payment license, moved headquarters from Switzerland to Washington DC and partnered with California's Silvergate Bank. Yes, a bank. Silvergate will issue DM's coins and also run its blockchain-based payment system. So to sum this all up, Facebook's worldwide Libra system for the unbanked is now DM, which is a US dollar stablecoin run by a bank. I admire their commitment to the bit, I guess. You know, like, hey, but we got this thing, it might still be good for something. What if we add Silvergate? You don't wanna work with us? You don't either? It is a pretty funny how it started, how it's going, right? Like it went from this very ambitious idea that was not only backlash from countries, but also from people as the idea of Facebook being, you know, a part of some gigantic currency was an unpopular one, as many Facebook moves at least initially are. But I think, Tom, you said something in our pre-show that I found fascinating that, you know, this is not a government-backed currency, but it is a stable one backed by a bank and tagged to the US dollar. And you may mention that you're bullish on the idea of country-backed coins becoming more of a thing. Yeah, when I say I'm bullish, I mean every country is going to try to have their own backed currency, which to me explains why they were so angry with the idea of Libra. Every country wants to have a stablecoin that they issue. And don't get me wrong, they don't want to do a speculative coin like Bitcoin or even Ethereum. They want to do just a digital currency that they can issue and it will be available instantly and it will smooth the wheels of commerce within their nature. The Bahamas already has it. China is the farthest along, but the US, Europe and pretty much every country you can think of is in some way planning to have their own version of a digital version of their own currency. So that's to me, why Libra got beat down. And this is where it ended up. We'll see if it's good for anything. Folks, you can join in the conversation in our Discord. You got some ideas about what Diem might be good for. Let us know there in the Discord. And you can join that by linking a Patreon account at patreon.com slash DTMS. A new US executive order authorizes the US Commerce Department to create cyber security standards for companies that sell software services to the federal government. So this is pretty standard stuff. You're gonna sell something to us has to meet these criteria. It also implements standards for quicker incident reporting when something happens again on a federal network or in software that is used by a federal agency and standards of response. So how those responses are made and it tries to remove contractual barriers that prevent communication between vendors and investigating agencies while still protecting user privacy. There were a lot of blanket clauses that said the vendor won't tell you any of this stuff that we're getting in the way of these investigations. So it's trying to thread that needle. The order creates a cyber safety review board. This will be part of the Department of Homeland Security. It'll be made up of representatives of all the three letter agencies, DOD, DOJ, NSA, FBI, also a four letter agency, CISA, and private security companies. So they're gonna bring some folks from the industry on this. That board will review incidents that meet a certain level starting with the solar winds attack from December. This is being positioned in a lot of stories as being a response to colonial. The announcement may be a response to colonial. The executive order is a response to solar winds. The order also implements several security standards for vendors and users of software and services used by the federal government. Some of the rules require things like encryption and multifactor authentication. They were often required anyway, but this says everybody's gotta do this, no excuses. There are also provisions in here to direct the National Institute of Standards and Technology or NIST to draw up minimum standards for vendors. The rules only apply to government, but the hope is that requiring these standards in software will cause the companies that sell to the government to implement them for all their customers and therefore having a knock on effect of improving security in general. Yeah, these kind of requirements are not new when it comes to government contracts. Government contracts come with all sorts of different little, some security related, physical security or bookkeeping accounting related requirements just to make dealing with our federal government or local or state government easier and more uniform. That being said, this is not only needed, I think it should even go further. I believe that we should have some kind of public watchdog and let's start with just government contractors and specifically some of these companies that basically create the backbone of our industry and utility and say, hey, look, if you get hit by a cyber attack, number one, here's all the things you need to do beforehand, but if you do, there's going to be a mandatory reporting period for which the public needs to know because these are public funds that are going into it. I think that there is no security through obscurity and that even counts on whether or not you are paying a ransom. We need to know everything, every step of the way, the information benefits everybody and if it starts with government contracts, then that's better, I would love to see this just become privacy standard or just reporting standard for everybody because these ransomware attacks are not going away. We have a brand name in ransomware as a service with dark side, this is a brand now. Like that's how bad it is. Yeah, part of my brain still pretends that we're in the Nixon administration and executive orders are only used for certain things and reconciliation is in the way you pass legislation. That part of my brain still thinks like, oh yeah, what you're talking about is legislation and I don't know if that's still what it is or not but an executive order says, this is what our federal government's going to do and legislation is, hey, you know what, this is what everybody should do. We should have some minimum standards out there. The executive order seems to be well received by the security industry. If anything, I've seen people saying about damn time, like this is a little late, but better late than never. But I think yeah, I think this could also create some momentum towards legislation that says, hey, let's have some minimum security standards in general out there, even if it's just about reporting. Yeah, I think the legislation is a more tricky subject because then you got to figure it, you got to cross eyes and dot tease, right? But like, if you are just in talking about these companies that are dealing with the government, it is certainly responsible for them to do it. And the reason why you can, I'm fine with doing it as an executive order is that what you want is companies not to cheap out. Companies not to say, all right, well we got this money coming in. Do we really need to implement all these things? It's gonna cost the contractors coming in. They know we're getting federal money. They're gonna soak us for it. Do we need to spend it? Yes, yes you do. And I'm glad that it's getting coverage because of Colonial, but you're right. This is because of SolarWinds. The only reason why, I mean this show would have covered it, but the only reason why it's getting a lot of other press coverage is because another larger thing happened that made a bunch of people run around with trash bags full of gas. That's why. Yeah, I mean, this was gonna get announced one way or another. The timing of the announcement may have been massaged a little to be like, hey, let's get that EO ready for now because now would be a good time to announce that. I could see that maybe. Scientists from Stanford University published a paper in Nature called High Performance Brain to Text Communication via Handwriting. The paper describes brain-computer interface that reads attempts at handwriting movements from neural activity in the motor cortex and uses a recurrent neural network trained to translate the brain's impulses into text in real time. The real time is the key since previous attempts at things like controlling cursors or attempting to transcribe were fairly slow. System was tried on a 65-year-old person paralyzed from the neck down. That person had two chips implanted in the motor cortex and was told to imagine writing with a pen on paper. The person was able to achieve 90 characters per minute, about 18 words with 94.1% raw accuracy online and greater than 99% accuracy offline with a general-purpose autocorrect. The average phone typing is about 23 words per minute if you wanna compare the two, so in the same neighborhood. The team will conduct more trials to measure efficiency and safety and hope to be able to adapt the software to work with older implant systems. How about that? Yeah, this is clever, right? Because it's saying instead of trying to guess what the person is thinking and turning it into words, let's hijack the system they already have. This would only work on people who already know how to type or write, but let's hijack that part of the brain because it's faster to interpret that part of the brain, apparently. Yeah, you know, I had a conversation with a friend of mine this week about the idea as we've gone through our last tech boom. Some of the biggest follies have been where people tried to guess where the puck is going in the famous metaphor, but they wound up guessing where the puck was going in the next period, not like in the next few seconds. And I think there has been a great amount of tremendous advancement in looking at what we have and just figuring out, okay, but what can we do with this right now instead of trying to define an entire new dynamic for the next 10 years? And I think this is a great example, a great solution for something that is literally life-changing for the folks that would be able to interact with it. And it's just so fascinating that there can be a targeted part of the brain where it's like, this is the part of your brain that you're flexing when you are thinking about writing a word out, you know, or typing something and spelling it correctly. And to be able to, I mean, sure, you know, 90 characters per minute is not a super fast typing situation, but that's incredible. I mean, I'm like, I want to try it, you know, this is not something that I need, but there are plenty of people who really benefit from this. So it's just, it's a really heartwarming advance. Yeah, yeah, no, it is. It's a little ways off from being practical still, but yeah, this is something that once they get it out of the lab and it looks like there's no reason they shouldn't, it's just a matter of when, we'll change people's lives. Well, this may or may not change your life, depends on how much you like Grand Theft Auto, but Intel Labs showed off a new, a convolutional network-based product called Enhancing Photorealism Enhancement. That's what it's called. That creates a photorealistic version of Grand Theft Auto 5 gameplay. The system uses a cityscapes dataset that was built largely from German city streets, real ones, and was able to integrate geometric information from the games. G buffers, they use data like the distance between objects in the game, distance between objects at a camera, quality of textures, the glossiness of a car, for example. The technique is not unlike upscaling that uses machine learning to bump up graphics to higher resolutions. Yeah, so they used the convolutional network in two different places to train the algorithm to intercept the GTA actual information and turn it into a better picture. In one place, they're taking all that geometric information that you're talking about, and they trained it to interpret that and reinterpret the image. And then in another place, this was the more impressive part of the video for me, was how they were able to take the German dataset, which is not the same pictures, right? These are just people in Germany. Right, like in Sunset Boulevard, not in Germany. Well, that's a bicyclist, and this is a bicyclist in GTA. That's close enough, convolutional network, figure out how to make this one look more like that one, and it worked. I mean, this is fascinating. I really, really wonder, I love these kinds of proof of concepts and talk about something that I think is waiting for practical application, these kinds of networks. It's like, we're close. One of these days over the next months or years, we're gonna see something that is very practical and relevant to our daily life and we're gonna be, and nothing will be the same. In the meantime, driving around in GTA 5 could look like driving around in my neighborhood. That, that, that's, I don't know, I don't know if if we both... Somehow the real thing is slightly less exciting, but... I also don't know if we really, if we really hunger for realism in certain things, like would you really want like a photo-realistic Tom and Jerry, or would that just look horrifying? Right. That would look like something on like Live Leak or like Faces of Death. If you look at this video though, I noticed that when you're side-by-side comparing the actual GTA 5 footage with the hyper-realistic, the photo-realistic one, you definitely are like, oh yeah, that looks real and GTA doesn't. When they go full screen though, you start to see like, yeah, but I can tell that's not actually real. Like I can tell it's a little bit computer-y, so it's not perfect, but it's really good. There's also a version trained on the Mapillary Vistas data set instead of cityscapes that shows more vibrant colors if you don't like the gray aspect of the cityscapes data. So they even have a couple different takes on it. All right, let's check out the mailbag. This one comes in from Nick with a K. Nick says, I and most other PS5 owners love what the hardware is capable of and new features of the DualSense controller over what the DualShock 4 offered, but there's surprisingly massive number of PS5 owners and wannabe owners that hate the look of the PS5 hardware. People seem to really hate the black and white color scheme. It's at the point where there are third-party selling custom black side panels to replace the removable panels that come with the PS5 console and people have been asking for an all-black DualSense since the console was unveiled. Nick says, I'm personally indifferent to the color scheme on the console, but given how much grime the white sections of the DualSense can pick up, I'll be getting an all-black DualSense ASAP. All right, always good to get the insight from inside the community on that. Thank you, Nick. Yeah, if you have, if you have insight for us, questions, comments, or all of the above, or something else, feedback at Daily Tech News Show is where to send that email. Shout out to patrons at our master and grandmaster levels. Who will they include today? Well, it's Norm Fezacus, Scott Morris, and Cartond. Also, we have a brand new boss, and that boss's name is Dylan Davis. Dylan, you just started backing us on Patreon and we're throwing you a party. Woo, thank you. We need more people like Dylan. Be like Dylan. You like Dylan. Yeah, Dylan Davis. Double Ds. This party that we're having right now could be for you. It could be your party. All you have to do is back us on Patreon. I've got my drink in hand. I'm not wearing a mask for CDC guidelines. It's great in here. 24 hours in the future from right this second. It could be your name in line. It could be you. It could be. Go do it right now. It's your party. The power is inside you. Speaking of power, Justin, Robert Young, always great to have you on the show. What's been going on since we saw you last? Oh, man, we have a great episode of the Politics, Politics, Politics podcast coming out tomorrow. The return of our great political triad, myself, Andrew Heaton, Jen Briney. We talk about the question of the economy and something that a lot of economists are pouring over because we had a weaker than expected jobs report is the social safety net, which we extended throughout COVID, creating a labor shortage. It is a great unifying topic for me. The elections expert, Heaton, the philosophy expert, and Briney, the legislation expert, to get into, and we talk about all of it, on tomorrow's Politics, Politics, Politics. Man, no lie. I was thinking about Jen Briney when I was reading that executive order, which is like only a few pages, but just reading that executive order, I was like, oh my gosh, Jen does this for much longer things that are much more complicated. Like, it is total respect to Jen Briney at Congress. She's an actual lunatic. Yeah, yeah. Has just gotten to the end of reading the American Rescue Plan. I think her brain might have been melting out of her ear when we were talking. Well, hopefully your brains aren't melting out of your ears, but we have been having such great time with you with us and we're gonna do it all tomorrow. In fact, we're live Monday through Fridays, 4.30 p.m. Eastern, 4.20, 30 UTC. You can find out more at dailytechnewshow.com slash live book market, if you can't remember or tell a friend if you can. We'll be back tomorrow with Rob Dunwood and Len Peralta draw on the stories. Talk to you then. This show is part of the Frog Pants Network. Get more at frogpants.com. Diamond Club hopes you have enjoyed this program.