Welcome to tech Stuff, a production from iHeartRadio. Hey there, and welcome to tech Stuff. I'm your host, Jonathan Strickland. I'm an executive producer with iHeartRadio. And how the tech are you. It's time for the tech news for Thursday October nineteenth, twenty twenty three, and we're going to start off with some tech in national security concerns here in the United States. So this week the Five Eyes Alliance met at Stanford University to discuss matters of tech and security.
And you know, the Five Eyes Alliance sounds like something out of you know, a Sherlock Holmes novel or maybe Game of Thrones or something, but in fact, it's a group that consists of representatives from the United States, the United Kingdom, Canada, New Zealand, and Australia. And they discussed current and future threats to safety and innovation, and the general consensus was that China is the largest threat in
that regard. The group cited instances of Chinese hackers infiltrating computer systems, as well as of actual spies conducting industrial espionage, and of various attempts to compromise business insiders, all in
an effort to steal intellectual property and tech secrets. Much was made of the fact that China has an enormous program centered on state backed hacking projects, a program that's larger than all other nations combined in fact, and that China has directed operatives to focus on emerging technologies, including
stuff like quantum computing and artificial intelligence. The representatives also warned that the emergence of generative AI could help hackers create more efficient attacks, making their efforts even more effective. The meeting concluded with representatives warning the audience that this is something all governments and businesses will need to be aware of or else they will run the risk of
being caught unawares. Sounds like a real fun group. On a related note, the US government has updated its export rules and added restrictions on the types of processors that companies are allowed to ship to China. As it stands, big companies like AMD, Nvidia, and Intel are not allowed to ship their high end processors to China unless they first secure an export license from the US Department of Commerce.
That actually includes Nvidia's g Force RTX forty ninety graphics cards, and I think most people would associate that with high end computer gaming. But as we've seen, powerful GPUs could be put to work doing all sorts of processing besides, you know, making puddles of water all reflective in sessions of call of duty or whatever. Further, the rules mean that companies will not be able to rely on Chinese
manufacturing to make these products. And since a lot of chip manufacturing, or the very least chip assembly, will take place in China, that's going to push these companies to pivot to find alternatives that in turn is likely to impact the cost of production. And I think we all know that that's probably going to mean for us down the road that we're going to be paying higher prices for these chips for ourselves in the products that we
were purchasing. China is not the only country that's on the US's list of no nos when it comes to exports. There's also the United Arab Emirates, Vietnam, and Saudi Arabia. All will require that companies first secure and export license with the US Department of Commerce before they can legally
send those high performing chips to those destinations. A couple of weeks ago, a hacker leaked stolen information from the genetic testing company twenty three and meters, So according to the company, the suspicion is the hacker used a technique called credential stuffing, So that's when a hacker is able to pull data from other breaches and then uses that data to try and match user names and emails and stolen passwords for other services and try combinations of them
so they can see if someone's used the same password at multiple locations, which is why you should not do that. Do not use the same password or even just a small group of passwords for all of your services. You should have a unique password for every single service, because it's bad enough. If one of your accounts gets hacked, that's terrible. It is a horrible hassle and it can really have a negative impact on you and your livelihood.
But it can turn into a total disaster if it turns out the now the people who did that attack have the keys to all your stuff because you use the same log in and password for everything. Well, now that some hacker has done this again and the new leak includes millions of data points about twenty three and
Me's customers, it's big news. The information covers around four million people, and the hacker posted the information on a forum known as a Hive of Scum and Villainy a hacker forum, and it has the imposing name Beach Forums. Trust me, it's scarier than it sounds anyway. The hacker claims that the records include information on people from very wealthy backgrounds. Twenty three and Me has informed users that they should both update their passwords and also enable multi
factor authentication. According to tech Crunch, twenty three and meter quote blamed the incident on its customers for reusing passwords and an opt in feature called DNA relatives, which allows users to see the data of other opted end users whose genetic data matches theirs. End quote. So, in other words, twenty three and Me is saying you should stop reusing your passwords so much, you're the reason why this attack worked.
But they're also like, oh, and also, we have this option in our service that if you turn it on, means that hackers could potentially use your account to scrape other accounts. So other accounts that might be very well protected as far as passwords go, they could still be vulnerable because of this opt in feature. So really everyone's at fault. I guess a lot of victim blaming going around over at twenty three and me. But anyway, that's
the update on that story. The Washington Post published an article with advice on what people can do if they are worried about the twenty three and me breach. The article also expanded a little bit on the attack itself. They said that the hacker was specifically calling out the fact that the breach included many Jewish people in it, and considering world events right now, that is particularly sinister, like that has an edge to it in my mind.
The suggestions in the article include pretty much the same steps that twenty three and Me suggested. You know, select a unique, impossible to guess password for the service and for every other service. It should not be a password that you've used anywhere else, and the article goes on to suggest that users who are really concerned can ask twenty three and me to delete all information about you
from their servers. It also points out that only a few states in the United States have laws that compel a company to follow through on those requests, and those states are California, Colorado, and Virginia, which leaves forty seven states that you know don't have a law that does that.
But requesting the deletion within the service will then prompt them to send you a confirmation email, and then you have to, you know, click in the confirmation email to confirm that yes, you want all of your data delete it. And even then, twenty three and me will keep some information due to quote unquote legal and lab requirements. However, when asked to elaborate on that, twenty three and Me
did not expound upon the nature of that data. So I don't know exactly what they do retain, but they do retain something, not truly that they delete all of the user data. The article also suggests that perhaps you should resist sharing genetic information in general, which you know, not very helpful because the cat is already out of the bag. Like I get it, like saying you shouldn't have done that, But you know what, saying you shouldn't have done that doesn't help anybody because the person who
did it already knows they shouldn't have done it. It's just a whole superiority thing. It's one of my pet peeves. That's why I'm getting head up about it. Like the I told you so, nature doesn't It doesn't help anything. It just makes you look like a jerk. I know because I used to say it all the time and I was a jerk and some days I still am. Anyway, I also think sharing genetic information isn't a very good idea.
But we also live in a world where companies are constantly conditioning us to share more information about ourselves, right, Like, that's what all of social media is predicated upon, is us sharing information about ourselves, and we kind of get a little reward for that by the way, people who you know, engage with the stuff we post, and in the meantime, all we're really doing is feeding the machine,
which is a big ol' yuck. So yeah, I also don't think that you should share your genetic data on, especially on a platform that is, you know, publicly viewable. But I also think we all need to kind of take a step back on how much we're sharing online anyway, because what we're really doing is just you know, lining the pockets of these companies with lots of more, lots more money because they can advertise to us more effectively. But all right, that's enough soap boxing. Let's let's keep
on going. Our next story might have you questioning what the I in CIA actually stands for. Now, for the record. The CIA is the central intelligence agency here in the United States. The main job of the CIA is to protect US national security, primarily through gathering and analyzing foreign intelligence.
But anyway, earlier this month, the CIA included a link in its bio on x, you know, the service formerly known as Twitter, and the link was meant to take people to a CIA run channel on telegram uh And it was meant so that for people who have intelligence that is important to national security, they could have a secure and private way to contact someone at the CIA and share the information. So what you're supposed to do is use tour the tor browser and you clandestinely contact
the CIA over the dark web. But there was a problem because the restrictions on biolink on x meant that when this was posted, the address for that telegram channel got cut off a bit, so, in other words, it was no longer the actual telegram channel for the CIA. If you were to try and go to that telegram channel, you would find that it went to an unclaimed channel, which meant someone could claim it and then pose as
the CIA. A man named Kevin mcshehon noticed this problem and took the steps to register the channel before a malicious actor could do it. And he even posted a message that revealed that if you did go to that telegram channel, that it was not an official CIA channel and said do not share sensitive information with anyone, and he listed it both in English and in Cyrillic. The CIA has since addressed the problem by ensuring that the full address for the real telegram channel is appearing in
the ex bio. And as I read about this in Motherboard, the title of the article suggests that the problem was due to a flaw in X, but I think I would be more inclined to wag by thinker at the CIA for not double checking that the address that appeared in the bio was in fact the correct one. So yeah, it may be because the limitation on bio length and X caused it to happen, But that seems like that's something you should triple check is correct before you just
walk away. Okay, we've got other news stories to cover today. Before we get to that, let's take a quick break. Okay, So the media outlet New Scientist posted an article last week that I did not see until today, but I figure it's an important one to bring up because we're
talking about security and hackers a lot. In today's episode, a cryptography expert named Daniel Bernstein, who works at the University of Illinois, Chicago, came forward to say that the US National Security Agency, the NSA, has been pushing to influence the adoption of standards related to post quantum cryptography, and the National Institute of Standards and Technology, or nis T,
refutes this accusation. So essentially, what Bernstein is saying is that the NSA wants to shape these standards, which would then weaken cryptography, because otherwise quantum cryptography could potentially be so strong that the NSA would not be able to crack it. And the NSA is all about reading stuff that you didn't intend the NSA to read. You might remember, the NSA has a pretty nasty track record of finding
ways to intercept communications. This was a huge scandal like a decade ago, and that capability also led to abuse.
I'm reminded of stories about how some people on NSA's staff would use these tools that were meant to do things like detect potential terrorists, cell communications, things like that, but they were using the tools to do stuff like snoop on people they knew, like an ex romantic partner and they're using these these government level surveillance tools for that kind of stuff, And you know that obviously wasn't
the intended purpose for the tools. But it turns out a tool is only trustworthy if the person who's using it is also trustworthy, and people can be total jerkfaces. Bernstein maintains that the NIST is not being transparent when it comes to establishing these standards and that the consequences
of this could be unreliable security measures moving forward. That you know, if the NSA essentially has the equivalent of a back door to get into these otherwise encrypted communication channels, that means other people could potentially find their way through those back doors too. It. Like I've always said, this, putting a back door into a security system means you
no longer have a secure system, just full stop. Like, the whole point of creating a secure system is to not have ways for people to get in that aren't through specific checkpoints. So I still feel that way about this. Earlier this week, US Senator Michael Bennett sent a letter to Google, TikTok X, and Meta regarding how these platforms are handling the influx of misinformation in the wake of
the war between Israel and hamas As. I'm sure you know there's been a surge in that kind of content across all of social media, and Bennett has accused the respective algorithms of these platforms of amplifying that signal and quote contributing to a dangerous cycle of outrage, engagement, and
redistribution end quote. Bennett is seeking information on the policies and processes each platform follows to combat misinformation, though whatever those might be, they are clearly not sufficient, at least according to Bennett. In his letter, he writes, quote, the mountain of false content clearly demonstrates that your current policies
and protocols are inadequate end quote. Bennett also criticized how Google, Meta, and X have all made cuts, sometimes drastic ones, to the various teams dedicated to detecting and removing disinformation and hate speech. While I feel the Senator is making some legitimate criticisms, I'm not sure what follow up there's going
to be from all of this. If you are in New Zealand or the Philippines and you're not already on X formerly known as Twitter, pretty soon you're gonna have to pay admission if you do want to join, and that's because X is going to require a one dollar annual subscription fee for new users starting in those countries. Now, according to X, this is to discourage bot farms. Only by paying the fee will the account be able to
post and interact with other posts. If you don't pay the fee, you can follow folks on Twitter and you can read posts on Twitter, but you can't interact with them, and you can't post anything yourself. So you might be asking, all right, well, they're starting in New Zealand and the Philippines, does that mean that's where all the bot farms are. No, It's just these are serving as a testing ground for this new policy, and then the thought is, assuming it works,
that policy will roll out to other countries. Now, X says this is not intended to be a revenue generator, and I'm inclined to believe them. I mean, at one dollar per user per year, I think it's pretty fair to say that's not a revenue generator. Instead, what this is meant to be as a deterrent for people who want to run armies of spambots, because if they want all those spambots to be able to post and that's
the only way that spambots are useful. Then they have to pay a dollar for every single one of those spambots. And if you're trying to coordinate a campaign that has thousands of spam bots, that's thousands of dollars out of your pocket to do it. So while I'm not crazy about this idea, I do think the strategy could potentially work for X and it doesn't put a hefty burden
on most new users. Most folks can cough up a dollar for a year's subscription to being able to use Twitter, and if it means that it cuts back on the spam armies, then that's a good thing. So I often am very critical of X, but in this case, I think it might actually make sense switching gears, as it were, to a different elon Musk company Tesla held an earnings call this week, and Musk gave an update on the
long delayed cyber truck. Now, we first heard about this concept way back in twenty nineteen, and since then a lot of people have put in a pre order for one, like a million customers have reserved a cyber truck, and it sounds like folks are going to have to keep on waiting. At least a lot of them are because Musk says that Tesla will start to deliver cyber trucks to customers beginning on November thirtieth, So that's good, but it will take quite a bit longer before Tesla can
ramp up manufacturing to meet demand. In fact, Musk said, the goal is that they're hoping the company can get up to manufacturing two hundred and fifty thousand cyber trucks per year. That's not even likely to be reached until after twenty twenty four. And because you've got a million people who have put a reservation on the cyber truck, that means it's going to take several years before Tesla
can even meet the demand of pre orders. And that, of course, that's assuming everybody wants to keep their pre order on their truck. But yeah, just because you have a pre order, it may mean you're still like three years out from being able to get your vehicle or more. Musk said that quote we dug our own grave with the cyber truck end quote. I think that was apparent when during a demonstration of how strong the cyber truck's
windows are, they shattered the Windows anyway. During the call, Musk also gave a somewhat pessimistic view on where the global economy is going in general. Will also ways to bring down the price on Tesla vehicles. They said, we've got to get the costs to come down. And that makes sense because there are also a lot more auto companies that are making vehicles that now compete directly with the ones that Tesla manufactures. And it's not just Tesla.
It's having to face a tough economy. Both Apple and Microsoft are seeing declines. There's a decline in MacBook shipments that one analyst has pointed to. Windows eleven adoption is trailing well behind what Windows ten did, So we're seeing these issues throughout the tech space. Okay, well, this brings us to the end of the episode. I do have
a couple of article recommendations for you. First up as a piece from ap news dot Com titled Fuji's Rapper says lawyer's use of AI helped tank his case, pushes for new trial. I just think that's interesting. One, it's the Fuji is Two, it's not the first time we've heard how AI being used in a trial setting has not gone According to Plan. The other piece I recommend is by Emon Javers and Page Tortorelli of CNBC. That one's titled The Secret Life of Jimmy Jeong, who Stole
and lost more than three billion dollars. That story involves cryptocurrency, stealing money from the Silk Road, living like a rock star, being the victim of a break in like it's got everything. There's also a documentary that CNBC has released called How To Steal and Lose more Than three Billion in Bitcoin. Both of those are well worth checking out. And that's it for this week. I will talk to you again
really soon. Tech Stuff is an iHeartRadio production. For more podcasts from iHeartRadio, visit the iHeartRadio app, Apple Podcasts, or wherever you listen to your favorite shows.