366: Julian Assange Released?! (Plus, Biden Bans Kaspersky!)

Episode 366 June 27, 2024 01:19:38
366: Julian Assange Released?! (Plus, Biden Bans Kaspersky!)
Technado
366: Julian Assange Released?! (Plus, Biden Bans Kaspersky!)

Jun 27 2024 | 01:19:38

/

Show Notes

This week on Technado, we've got breaking news: there's a new MOVEit bug, Apple released a firmware update for AirPods, and we've got robot skin to fuel your nightmares.

In one of this week's biggest stories, Julian Assange has been released and is homeward bound. SolarWinds is back in the headlines, this time with an exploited Serv-U bug. Apple, Microsoft, and several other big tech companies are in hot water for violating the EU's Digital Markets Act. Hackers are using a Windows XXS flaw to execute arbitrary commands. And to wrap the first half of the show, we take a look at the alleged breach of the US Federal Reserve and the group that's supposedly behind it.

After the break, it's time for Deja News: NVIDIA's short-lived time at the top has come to an end as they suffer the biggest short-term loss in history. We may finally have an answer to the Apple-Kaspersky debacle: the Biden administration has banned the software in the US and sanctioned a dozen Kaspersky execs. Then, Google's Project Naptime is using AI to let engineers take more siestas. The ever-litigious Nintendo has officially shut down Yuzu and Citra, two big Nintendo emulators. And the CDK hack affecting car dealerships nationwide is still ongoing - and recovery may take years.

Like what you heard? Check out these articles for more:

https://www.darkreading.com/remote-workforce/fresh-moveit-bug-under-attack-disclosure
https://thehackernews.com/2024/06/apple-patches-airpods-bluetooth.html
https://techcrunch.com/2024/06/25/this-smiling-robot-face-made-of-living-skin-is-absolute-nightmare-fuel/
https://gbhackers.com/wikileaks-founder-julian-assange-released/
https://securityaffairs.com/164806/hacking/solarwinds-serv-u-cve-2024-28995-exploit.html
https://www.ign.com/articles/apple-becomes-the-first-tech-company-charged-with-violating-eus-digital-markets-act-rules
https://arstechnica.com/gaming/2024/06/apple-intelligence-and-other-features-wont-launch-in-the-eu-this-year/
https://www.pcgamer.com/softwa

View Full Transcript

Episode Transcript

[00:00:04] Speaker A: You're listening to Technado. Welcome back to another episode of Technado, sponsored by ACI learning the folks behind it pro. Just a reminder, you can use that code, Technado 30 for a discount on your it pro membership. I like that you started dancing. [00:00:17] Speaker B: I know. [00:00:18] Speaker A: Cause I got into a rhythm sponsor by AC. I learned folks behind it pro. You're getting into it. Put a little drumming bass behind that. [00:00:24] Speaker B: Yeah, we'll be cooking. It's gonna be the whole. [00:00:29] Speaker A: That'll be the whole show. Yeah. [00:00:30] Speaker B: If I could keep that up the entire episode, that would be. [00:00:32] Speaker A: I feel like that would. [00:00:33] Speaker B: People would be like, stop trolling us. [00:00:36] Speaker A: Should put, like, a little music in the back, a little ambient noise in here. It would calm me a little. [00:00:41] Speaker B: Yeah. [00:00:42] Speaker A: So we have some stuff before we get into our articles today. There's. I want to jump right into the breaking news. Cause there's a bunch. [00:00:48] Speaker B: Okay. Yes. [00:00:48] Speaker A: That came up. [00:00:50] Speaker B: News that breaks. [00:00:51] Speaker A: And. Yeah, this first one, literally, we're just. We're just seeing this, like, as of a few minutes ago. So I might miss some breaking news. Here we go. [00:00:58] Speaker B: Breaking news. Electric boogaloo. [00:01:00] Speaker A: Love the little. Wow, that's pretty good. That's pretty good. So you'll probably remember the name move it. There was some stuff last year that went down with move it. [00:01:08] Speaker B: We like to move it, move it. [00:01:09] Speaker A: Yeah, yeah, we like to move it, move it. Sacha Baron Cohen's version of that song is probably my favorite. So there is a new move it bug. A fresh move it bug. As dark reading. [00:01:19] Speaker B: Not the old move it bug. [00:01:20] Speaker A: No, this is new information. This is. You haven't gone back in time. It is under attack mere hours after disclosures, is a high severity bug that allows attackers to authenticate to the file transfer platform as any valid user would. A way they can authenticate as any valid user would. And it is a high severity bug. So pretty, pretty big deal. And move it, I feel like now is probably on a lot of people, a lot of people's radars, like bad actors radars because of all the stuff that happened last year. [00:01:48] Speaker B: Yeah. Well, obviously we found out how many, like, high profile clientele use move it from the original move it problem. Right. I wonder how many of those folks stuck around and, like, you know, they doubled down on the move it software and said, you know what? Everybody can have a bad day. I mean, that was a real bad day. But, you know, I'm not a fair weather fan. [00:02:10] Speaker A: Everybody makes mistakes. [00:02:11] Speaker B: That's right. I can. I can forgive. And, hey, listen, Daniel, Lowry is a huge fan of having paths to forgiveness. But now, now we're working on strike two here. [00:02:23] Speaker A: I hope this doesn't become another lastpass situation. [00:02:26] Speaker B: You know, I was reading the article about what the problem was, and ultimately it's just a authentication bypass. Like, it's like this little piggy built its house out of straw and sticks. And by house, I mean authentication. And then the big bad wolf huffed and puffed and blew that little house all down. So that's what's going on. I don't remember. I didn't see if I got far enough into the article. Whether or not there's a fix. I want to say there is. [00:02:51] Speaker A: This admin should patch the issue immediately. So it looks like there is, there is a fix for it. But there's not a whole lot of details on the bug yet because, I mean, it was just disclosed, like, I think yesterday or the day before. [00:03:02] Speaker B: It's very, very shortly. [00:03:04] Speaker A: Yes, very, very recently. [00:03:05] Speaker B: Like we said, breaking news. [00:03:06] Speaker A: Breaking. [00:03:07] Speaker B: That means it's happening almost in real time. [00:03:09] Speaker A: Almost in real time. Yeah, it's, you know, by the time you see this, maybe you'll think it's old news, but see, I found this. [00:03:15] Speaker B: Move it flaw, and let me show you how to exploit that really quickly. [00:03:19] Speaker A: There'll be another one by the time this episode goes live. But that's not all we've got for breaking news. Some good news, I guess. Apple has patched some AirPods Bluetooth vulnerability issues that could allow eavesdropping. So there's a firmware update for AirPods. So I'm not sure if, because I'm an AirPods enjoyer, I don't know that I've ever, like, thought in depth about updating my AirPods because I just, it used to be you buy a pair of headphones and it's like a wired pair of headphones and, and that's it. [00:03:43] Speaker B: So here's, here's my thing with, with the Apple style ear business. [00:03:49] Speaker A: Yeah. [00:03:49] Speaker B: Right. Is I don't find it be very comfortable. No, no. For, I don't know, maybe it's the shape of my ear or whatever the case is, but like, I have test driven many different styles and Apple is lowest on my list of, this is comfortable to me. [00:04:04] Speaker A: I agree that the standard AirPods, like the ones that are shown here, the standard AirPods, these are not comfortable at all. These hurt my ears. The Airpods. [00:04:11] Speaker B: Why are people buying them? [00:04:13] Speaker A: I don't know. [00:04:13] Speaker B: I mean, is the quality that much better? [00:04:17] Speaker A: See, I don't think so, but I also haven't, like, I've not spent the money on, like, another high end pair of headphones. The only other headphones I've used have been like, I got them off Amazon for $20. But I did get a pair of AirPods Pro last year. And the pod part, the earbud part is shaped more like a skull candy earbud, and it fits better in my ear. So those I like, and they're comfortable. [00:04:38] Speaker B: These, I've got raycons. [00:04:40] Speaker A: Oh, yeah, yeah. [00:04:41] Speaker B: Okay. Yeah, those. Those are happy with those. They're very comfortable. Yep. I mean, every. Nothing's perfect. [00:04:48] Speaker A: Sure. [00:04:49] Speaker B: If I have the volume turned up on my phone. Really? Like, loudly. I don't hear very well. I was a musician for a while instead, and playing loud metal music in bars tends to ruin one's hearing, apparently. It was news to me until it happened. I guess that was that wet blanket over my ears sensation that was occurring after every jam should have been an indication. But hey, what do I know? I'm an idiot. So I tend to turn the volume up very loudly. [00:05:18] Speaker A: That's fair. [00:05:18] Speaker B: So I can hear things, but I will get some weird almost feedback loop when I do that. So I have to find that sweet spot on the volume. Otherwise I get that. It's just like, yeah, yeah, yeah, yeah. [00:05:31] Speaker A: And you're like, it's annoying. [00:05:33] Speaker B: Yeah. So bad. [00:05:34] Speaker A: It's grating. [00:05:34] Speaker B: Yeah. But it happens with just about every set. [00:05:38] Speaker A: I do like the noise canceling on the Airpods pro. It's really nice, especially like, in our offices, like an open floor plan. It gets loud sometimes, and I'm trying to work. So I put my music on, put the noise canceling on. I'm cooking. It's great. So anyway, there's a firmware update. [00:05:50] Speaker B: I'm yelling at her. [00:05:52] Speaker A: It does happen sometimes. I look up and he's like poking his head over. [00:05:56] Speaker B: He's beating out, man. [00:05:57] Speaker A: It's like, are you good? Like even a war flashback. [00:06:00] Speaker B: What's going on? I remember having a seizure. I'm getting my wallet out. [00:06:03] Speaker A: I get focused. I get zoned in. So there's a firmware update for AirPods. So just so you know, if you're an AirPods user, like I am, bluetooth vulnerabilities be damned. Yeah, exactly. It was like an eavesdropping thing. So I don't want people eavesdropping on my. On the kind of music and stuff I listen to. You don't need to know that information about me. Also in Apple News, the beta, a second beta of iOS 18 was released yesterday or the day before, I guess. I, um. So if you are part of Apple's special little club that gets early access to that stuff, then you'll be able to use it. Even if I was part of the special little club, I wouldn't be able to use it because I have an iPhone 15. But we talked about that last week, so I'll shut up about that. I'm still a little salty. [00:06:37] Speaker B: Okay. I'm still a little irritable, a little bitter. [00:06:39] Speaker A: A little bitter. Just a little bit. And more scary, I guess, would be the choice word. Breaking news. I showed this to Daniel. He said, we need to throw that one in there. This smiling robot face made of living skin is absolute nightmare fuel. I would agree. [00:06:53] Speaker B: Yes, 100% distilled nightmare fuel. This is 151 right here. [00:06:58] Speaker A: Oh. [00:06:59] Speaker B: When it comes to nightmare fuel and. [00:07:02] Speaker A: Some of the stuff that they say it gives a little gif, it shows you. So it shows it moving here so you can see it smiling. And isn't that just wonderful? [00:07:09] Speaker B: It looks like fried bologna with eyes so disturbing. [00:07:14] Speaker A: It's a little shinier than fried bologna. [00:07:15] Speaker B: It is a little shinier. It's like wet fried bologna. [00:07:18] Speaker A: It's fried bologna that just got, like, a skin treatment, like a facial at a spa. [00:07:21] Speaker B: Is it Botox? [00:07:23] Speaker A: Yeah, it got buccal fat removal, and it's like, what the actual hell? [00:07:27] Speaker B: The first thing. And you can back me up on this. I did not read this article. And I was like, this is Terminator. [00:07:33] Speaker A: Yeah. [00:07:33] Speaker B: They talked about how in Terminator one, it was like, oh, we could spot those rubber skin bastards so easily. You know, you could easily just spot them a mile away. But now they've got realistic skin, bad breath, and body odor and whatnot. And then what does the article say? [00:07:49] Speaker A: That is, in fact, exactly what a Terminator T 100 model has. But not just infiltrating the past to destroy humanity's future. Skin covered robots could be all, could do all kinds of useful stuff. [00:07:59] Speaker B: So they do clarify, like, subjugate humans. [00:08:02] Speaker A: It's got multiple uses, and it says a cultured skin can heal itself and carry biological sensors like our own to provide sensitive touch. And I don't know that I want a robot to have sensitive touch, but I guess there's implications for, like, medical stuff. [00:08:16] Speaker B: This is not good on anybody. Like, if you're making, you know, skin for people. [00:08:22] Speaker A: Yeah. [00:08:23] Speaker B: Like, oh, you know, you had bad burns and things of that nature, and, oh, we're coming up with this new skin technology. It's gonna be great. Yes. All for it. Why do we need skinned up robots? That's. That seems beyond me. I mean, maybe there's a legitimate. It's not like I sit around going, how could I use human skin on a robot in an effective and useful way? It's not. It's not the thing that kind of crosses my mind daily. So if there is a legit reason, and I guess they try to throw some out there in this article, I find them dubious at this point. [00:08:55] Speaker A: You were turning into buffalo Bill Gates there for a second. How can I use skin on my bus? That's a little scary. [00:09:07] Speaker B: Buffalo Bill Gates. I want to give you some props. [00:09:10] Speaker A: Thank you. I appreciate that. [00:09:11] Speaker B: That was creative. [00:09:12] Speaker A: I wish we had an applause sound effect. It boosts my confidence so much. [00:09:14] Speaker B: Have you tried windows? I try windows. It's getting weird. [00:09:20] Speaker A: Let's move on. That was pretty good. That's all we had for the super breaking stuff. There's some other stuff that came up. Toys r us did, like, the first completely AI generated commercial that was also scary to look at. [00:09:30] Speaker B: Toys r us. Wow, cool. [00:09:32] Speaker A: Which is weird, because I thought they were dead. I thought toys r us was, like, gone, and they're not. [00:09:36] Speaker B: I live in Ocala. That's not like a big secret. [00:09:38] Speaker A: Oh, gala. [00:09:39] Speaker B: Yeah. And we have a toys r us inside the Macy's. [00:09:42] Speaker A: Really? [00:09:43] Speaker B: Yeah. [00:09:44] Speaker A: I didn't think they were still kicking. I thought they were. [00:09:46] Speaker B: I think they became kind of, like, much smaller. Obviously, they're not huge stores anymore, but there's, like, not as small as a kiosk, but a department in a store that's toys r us with Macy's is toys r us. So I take my kids there and they love it. [00:10:03] Speaker A: Interesting. Okay. [00:10:05] Speaker B: Sorts of toys to play with. They're like, let's go to the toys. I'm like, heck yeah, let's go to the toys. This is. [00:10:09] Speaker A: Oh, that's good to know. That gives me a little bit of hope. [00:10:12] Speaker B: Amazon hasn't killed everything. [00:10:13] Speaker A: I'm glad they're still kicking somewhat. Jeffrey giraffe is still. [00:10:16] Speaker B: He is still legit. There's like a bench with Jeffrey giraffe. [00:10:19] Speaker A: You can sit with. He's hiding out. No, gal. He's a witness protection. He's hiding out. [00:10:22] Speaker B: That's not a joke. He's a legit bench in that. [00:10:25] Speaker A: Yeah, I believe you. It's like a little statue of him. You can sit and take your picture with it. [00:10:28] Speaker B: Very cool. [00:10:28] Speaker A: It's like the target dog where you just get to. You sit and take a picture with it. Yeah, well, speaking. Speaking of refugees and hiding in the witness protection program and all that stuff, WikiLeaks founder Julian Assange was released in a stunning deal with us. That's not my words. That's the words of GB hackers. [00:10:43] Speaker B: Yeah, this is their words. [00:10:44] Speaker A: That's a deal. Yeah. Sounds like I'm on HSN, only 1499. It's a stunning deal. So he was released from prison after reaching a deal with the us government. This was announced earlier this week, and it ends the longstanding legal battle between him and the authorities. So he. [00:10:58] Speaker B: That's no joke. He's been in, like, hot water about this for a hot minute. [00:11:01] Speaker A: It's been a while. Yeah, it's been a while since I've heard that name come up in, like, current conversation, you know, and have any updates on this, because he was arrested. [00:11:08] Speaker B: Different podcasts about, like, privacy and, you know, that kind of stuff when it comes to government. So WikiLeaks comes up and Julian Assange's names come up and I guess regular conversation, I guess. [00:11:19] Speaker A: Yeah, just in mainstream news and stuff. I haven't seen a lot about it recently because he was arrested for. [00:11:25] Speaker B: Nothing's been going on with him for the last few years. Honestly, I think last time his name came up in kind of regular news cycles, I think Washington, as Trump was leaving office, they were like, who's Trump going to pardon? Is he going to pardon Julian Assange? [00:11:39] Speaker A: That's right. That's right. Okay, I see. Yeah, no, no, that's a good point. Well, under the terms of this deal, he's agreed to plead guilty to one count of conspiracy to commit computer intrusion, and that carries a maximum sentence of five years in prison. But to my understanding, previously, before he came to this deal and all this stuff, he was facing, like, upwards of 100 years. Oh, yeah, theory. [00:11:56] Speaker B: Like, they wanted to put him under the prison, right? They wanted. They wanted to bury his tail. [00:12:01] Speaker A: 175 years. I could have carried a sentence up to 175 years in prison. So now that he's reached this deal, he'll be released from prison. [00:12:08] Speaker B: Why do they give stupid lengthy sentences like that? Why not just go life expectancy? Life. Just your life. [00:12:16] Speaker A: Yeah, that's a good point. [00:12:17] Speaker B: At that point, I guess for some. [00:12:18] Speaker A: Stuff, if you're guilty of multiple counts of something, it'll be like, oh, each charge has this many years and you serve them consecutively. So maybe it's just so that they can say, hey, look, there's a monetary. You know, if it was just one charge, you'd be serving 20 years. But it's five charges. So you're serving 100. So that people can't say, well, you can't just send me to life in prison. That's not fair. Like, I don't know. [00:12:37] Speaker B: I know we do it with other stuff. [00:12:39] Speaker A: Maybe he lives to be 100. [00:12:40] Speaker B: If you murder somebody, I can just go life in prison. Bam, it's on the table, baby. [00:12:45] Speaker A: Maybe he's like Adam and Eve. He loves to be like 600 or whatever. [00:12:49] Speaker B: He's Methuselah. Methuselah Assange. [00:12:55] Speaker A: So then, you know, it's not a life sentence for him. You just never know. But, yeah, you're right. It does seem a little like, why not just. Just call it what it is? But for him, it's not anymore. He's not going to be serving that 175 years. He has been released now he'll be allowed to return to his home in London. So just figured we would mention that because that was a pretty big thing that happened. [00:13:16] Speaker B: It's a big story. [00:13:16] Speaker A: Yeah, big story. There's a lot of opinions on it, but those are the facts. That's what happened. [00:13:21] Speaker B: No printer. Just facts. [00:13:23] Speaker A: Printer. Wow, you're learning. You're learning. [00:13:26] Speaker B: Picking it up. [00:13:27] Speaker A: I heard Ronnie the other day say, no cap. I was like, that is interesting. People in this office are picking up the slang. [00:13:32] Speaker B: So I looked up the whole cap thing. [00:13:34] Speaker A: Yeah. [00:13:35] Speaker B: And that is actually a slang term from, like, the twenties. [00:13:38] Speaker A: Oh, really? [00:13:38] Speaker B: Yeah, that just kind of got re picked up. Like saying in these twenties, like when maybe I misread the article and they meant the. Not the 1920s, but yeah. From what I was understanding is that it was like an. An older term to say things were cap were meant, they were false as. [00:13:57] Speaker A: Early as the 19 hundreds to cap. Meant to brag, exaggerate, or lie about something. [00:14:01] Speaker B: There you go. Just kind of made a resurgence. [00:14:03] Speaker A: So if you're saying no cap, it means, like, I'm not lying, I'm not bragging. [00:14:06] Speaker B: All things old or new again. [00:14:07] Speaker A: Yeah, it was only a matter of time before that came back around. Thank you for that etymology lesson, Daniel. Or that. What would that be? It's not really etymology, is it? Oh, it's more like language history. I don't know. [00:14:18] Speaker B: Interesting. [00:14:19] Speaker A: I'll figure it out later. Well, anyway, that was a little bit. [00:14:21] Speaker B: Know what that is? Put it in the comments. [00:14:23] Speaker A: Let us know. So that was just the. That was kind of the first big thing this week. Another name that has come up in the past, Solarwinds, is having another issue here. Threat actors are actively exploiting Solarwinds serv you bug. And I'm not sure how severe this is like what the ranking that they've given it was. Maybe you can enlighten me a little bit. [00:14:43] Speaker B: Well I'm sorry, what was their, it. [00:14:45] Speaker A: Was the SolarWinds serve you bug. I didn't know if it had like a, like a, what's the word? [00:14:49] Speaker B: Cvss. Score. [00:14:50] Speaker A: Yeah, like a score. [00:14:52] Speaker B: If it has a cv, it most likely has cvss. [00:14:54] Speaker A: Okay. [00:14:55] Speaker B: So you can just kind of highlight that and slap that in your. I'll see if I ever browser. I'm gonna go with, let's see, it says high severity. So that's gonna tell us it's gonna be like eight. [00:15:04] Speaker A: Okay. [00:15:05] Speaker B: Yeah, yeah. Somewhere in there. [00:15:07] Speaker A: Base score 7.5 according. [00:15:10] Speaker B: Okay. [00:15:10] Speaker A: Yeah. [00:15:10] Speaker B: So it's around eight. [00:15:11] Speaker A: Yeah, still pretty high. [00:15:12] Speaker B: Still pretty good. So let's see here. This is serve you, the worst name for software ever. Serve you, buddy. Yeah. You go get some solar winds to serve you too. Every time I see this, that is what I pick up in my mind. But we got some proof of concept code that's available out there and you know what I'm going to do is I'm going to copy this and I'm going to go to the interwebs and I'm going to paste that in and type in POC and see what we get so we can actually look this up. Look at old Braves. AI is telling us. Yes there is. [00:15:47] Speaker A: Does Brave have one too now? [00:15:49] Speaker B: Well yeah, Braves got AI. Lovely. Gives you the search results first, but I believe there's githubs. Yeah, big box. So bada bing we go here. There you go. There's that code. Here's the readme for it and an overview. And here's kind of what it looks like running. So you just run old Python. Gotta love Python. And there's the CVE. Give it the target list and it just starts kind of cranking through. And this is a scanner for this specific vulnerability. It's not that difficult. It's, if I'm not mistaken, this is a. Let's go back here. So what are they exploiting here? Recently discovered vulnerability track does this for the serve you software directory traversal issue. So if you're not familiar directory traversal issues, they're kind of a fun time there. Basically your web application is looking for a file on the back side of things. Oh, I need to read in from some file. Okay, well here's the file names of what you're looking for. But if you allow me as an end user someone on the other end through my browser or other means to be able to manipulate the file that it's looking for. And so oh yeah, take out randomconfig txt and put in etsy password cshadow can you know if I know where specific configuration files are for access to things like databases and I know that inside those files you set things like usernames and passwords for set access for the web application to be able to do well. Now I've got a username and password, I've got some backend information, I can start pilfering the pockets of any good sensitive info using what's called local file inclusion. This is you got local file inclusions where I'm reading files that are on the machine itself. The server got remote file inclusions where I can tell hey, reach out to a different area through HTTP or whatever and pull it on in. But that's what's happening here and now you can use that. And they said that Graynoise saw a huge increase in activity. It said to reported that threat actors are actively exploiting a publicly available proof of concept code. Instead of went on for like 4 hours they saw some hands on keyboard. There it is right there. Gray noise. Researchers started observing exploitation attempts for this issue over the weekend, relying on publicly available POC. And let's see here, where was it about the. We see people actively experimenting with this vulnerability, perhaps even a human with a keyboard. So they're watching this happen. The route between this vulnerability and RCE is tricky so we'll be curious to see what people attempt. So they're kind of watching what's going on to figure out how can they parlay this into a remote code execution. And sometimes you can do that, you can say oh, if I have access to certain x, y or Z files would I be able to chain that into some other, to more devious means into making the server do things that it shouldn't do. So very very interesting. In fact this is back in the business old, I say Solarwinds, right? Solar winds is not like bad since. [00:19:03] Speaker A: We'Ve heard that name. But usually it's like poor Solarwinds, it's something going on, that's something. [00:19:09] Speaker B: Well supply chain attacks are what we worry about with SolarWinds because they're used by the government and just feel bad. [00:19:15] Speaker A: That every time, every organization like same with move it, every time the name comes up it's like something, something went wrong. [00:19:20] Speaker B: Oh no, here we go, there we go. [00:19:23] Speaker A: Poor, move it. Poor solar winds. I feel for him when you said it's tricky, I've got a song in my head now it's tricky to rock around rock around this right on time it's tricky it's tricky tricky, tricky, tricky. We'll move on to our next few. [00:19:36] Speaker B: Penn and Teller, huh? They're in the video. The music, actually. Yeah. [00:19:40] Speaker A: I did not know that. [00:19:40] Speaker B: They're like street hustlers doing three car monte and they're ripping. [00:19:45] Speaker A: Everybody made out like a cameo. [00:19:46] Speaker B: Yeah. I believe that was that video. Right? [00:19:48] Speaker A: I did not know that. I don't know. I never watched the video. [00:19:50] Speaker B: It's been a while. [00:19:50] Speaker A: I've heard the song, but I just. I kind of forget thinking of another. [00:19:53] Speaker B: Run DMC song and just. [00:19:55] Speaker A: I'm glad you educate me on that stuff. There's been, like, several songs that I had no idea existed or I had never seen, like, the music video for the pop music one. [00:20:01] Speaker B: Yeah. [00:20:02] Speaker A: And then Daniel shows it to me. I'm like, this is my new favorite thing. [00:20:05] Speaker B: Yeah. [00:20:05] Speaker A: I get to learn something new every week here in this studio. [00:20:08] Speaker B: I'm a cultured man, damn it, longer than I have. [00:20:11] Speaker A: You've had more time. You gotta give me some time. I'll get there eventually. [00:20:14] Speaker B: You'll get there. That's right. One day you'll be teaching the kids. [00:20:17] Speaker A: One day I'll be informing them. Yeah. Well, we talked a little bit earlier about Apple having that firmware update for their AirPods, and that's not the only Apple news that came out this week. This stuff is not as positive. Apple becomes the first tech company charged with violating the EU's Digital Markets act rules. And also they have said, pile of suck. It does. Yeah. For Apple. I'm sure it is. Yeah. And in a separate issue that they're having with the EU and the DMA right now, they've also said the EU is not going to. People that are in the EU are not going to be able to enjoy the Apple intelligence features, not because they're iPhone 15 users, but because they're afraid that they're going to have to basically, like, compromise the quality of their Apple intelligence features in order to comply with some of the standards in the DMA. So they're like, no, you don't get them yet. We're going to hold off. But. So they're having all kinds of issues with the EU this weekend. I. But Apple was charged with violating the DMA rules, and it has to do with the fact that they're. The EU is saying the App Store rules don't allow app developers to communicate freely with their users and that's in breach of the DMA. So they've been charged. Apple's. Apple is suffering the consequences, I guess. [00:21:21] Speaker B: Well, I guess if you want to play in the EU space, then you got to play by the EU rules. And that's, that's just what's up. I mean, the EU has the right to make their, their rules and their regulations and apple, if they want to sell products in that area, they got to get the blessing and I'm not conforming. [00:21:43] Speaker A: Yeah. Yeah. If you want to be in that space, then you got to follow the rules. [00:21:46] Speaker B: I guess the question is, is the EU overreaching? Are they making too restrictive, that is violating the rights of Apple? I don't know. I haven't read it to form an opinion. It doesn't seem like, because they seem to be like non compete or not non compete, but, um, antitrust laws that they're, that they're dipping into. [00:22:06] Speaker A: Yeah. [00:22:07] Speaker B: They're trying to increase competition. [00:22:09] Speaker A: Yes. [00:22:10] Speaker B: Because in a capitalist society, competition is good for your consumers. [00:22:14] Speaker A: Sure. [00:22:14] Speaker B: So if I make widgets and you make widgets, but I make widgets and everybody uses my widgets, it makes it difficult for you or you who wants to come in and work in that space and try to make a living in that to compete, because I am so much more powerful than you as the big widget maker. [00:22:34] Speaker A: Yeah. [00:22:34] Speaker B: Right. And if I'm just making what every, every product kind of comes with my widgets, that is unfair. I'm not saying whether it is a fair or not. What I'm saying is that's the idea. [00:22:47] Speaker A: Yeah. Monopoly bad, right? [00:22:48] Speaker B: We monopoly bad? [00:22:49] Speaker A: Yeah, absolutely. [00:22:50] Speaker B: This is not the first time we've seen big tech companies go down this road and obviously they don't, they don't like it. [00:22:58] Speaker A: Yeah. [00:22:59] Speaker B: And I remember when Microsoft really for over the Internet explorer thing, they were getting hit with anti competition, antitrust laws. [00:23:09] Speaker A: Because you had to use the Internet Explorer browser. [00:23:10] Speaker B: So what they were doing is they were bundling Internet Explorer with Windows and then people were saying, well, that's not fair. Netscape and others can't compete. It's already installed. So that's not a fair thing. You should make it to where everybody has the option to choose one thing or another. And that seems to be what the EU is saying is like Apple, you're making it too difficult for other people to go to third parties because you have way too much control over the ability of the end user to even find, let alone use. [00:23:47] Speaker A: That's the argument. They're denying consumers the choice. [00:23:50] Speaker B: That's right. Whether that's true or not, I don't know. [00:23:53] Speaker A: But that's the claim. That's the argument that they're making. And Apple has not really responded to this outlet's request for comment. I'm not surprised. Sent back a middle finger, a whole bouquet of them. [00:24:04] Speaker B: Bring it. I'm a trillion dollar company. [00:24:07] Speaker A: Yeah, that's true. They kind of can throw their weight around a little bit when you've got that kind of money and power. [00:24:11] Speaker B: Absolutely. [00:24:12] Speaker A: And I don't know exactly what I mean, they've been charged. But I couldn't find anything on, at least in this article on what's the punishment? [00:24:21] Speaker B: What's it would be. What will all end up happening is if the EU is successful, then Apple will have to like basically take their hands off the wheel of this thing so much. They will, they will define how they should be able to do business and some people will not like that. And some people will. That is the, that's the name of the game. You know, opinions vary on these things. [00:24:49] Speaker A: Yeah, that's true. [00:24:50] Speaker B: So I mean, I'm sure there's some subject, some objective truth to. Right what goes on. Whether or not it is violating a law or not and whether or not that law is, is good is going to be where this. [00:25:02] Speaker A: Right. The argument would be. Okay, whether you violated a law or not is besides the point, is the law just in the first place or, you know, so, so I think that we'll have to see what more comes out on that. I won't go into detail here. This just came up this morning. I wanted to mention it because it seems kind of relevant. [00:25:16] Speaker B: And it's not just them, though. They're saying that they're cracking down on 20 tech companies, including Apple, Alphabet meta, Microsoft because the EU has deemed them to be, quote unquote, gatekeepers. [00:25:27] Speaker A: So that Microsoft's one. I wanted to mention it was this morning, it said they may face a fine of up to $20 billion. Microsoft, 20 billion. [00:25:36] Speaker B: That's part of why they go 20 billion. [00:25:39] Speaker A: No big deal. [00:25:40] Speaker B: I've got that chump change. Yeah. [00:25:43] Speaker A: If the commission finds Microsoft guilty of breaching antitrust laws. So like you said, Apple's not the only company in hot water over this, but Apple and Microsoft are both pretty, pretty big players in that space. [00:25:54] Speaker B: Up and coming talks about launching their, like this is that Microsoft announced his plans to launch their own third party app stores within Apple and Google's digital storefronts. [00:26:04] Speaker A: Really? [00:26:05] Speaker B: Yeah. I thought that was interesting. [00:26:06] Speaker A: I wonder how that would, how that would work so. [00:26:09] Speaker B: Right. That this EU law would kind of force them to be, to allow Microsoft to plant a flag inside of their enemy territory. Huh, right. [00:26:22] Speaker A: Interesting. [00:26:23] Speaker B: That is a little odd to me. [00:26:25] Speaker A: That's new territory. That's like, I wonder how that'll work out or if that will pan out at all, if they'll be allowed to do that. So we'll have to wait and see. [00:26:31] Speaker B: Yeah. Have to read these laws. It'll be fun. Yeah. [00:26:35] Speaker A: I think we're mostly done bashing on Apple for the day. Airing their dirty laundry. [00:26:41] Speaker B: Yeah, that's more, that's more. [00:26:42] Speaker A: Yeah. Airing the dirty laundry would be a better comparison. This next one says hackers use Windows cross site scripting flaw to execute arbitrary command in MMC console. So it's a new infection technique called Grim resource as opposed to Grim Reaper. [00:26:54] Speaker B: I guess it's just a play on words there. Yeah, it is kind of fun. It doesn't bring up images of fuzzy bunnies and unicorns and rainbows, that's for sure. [00:27:04] Speaker A: It's creative. [00:27:05] Speaker B: Well, I thought was interesting about this is a lot of people feel cross site scripting is kind of a. Yeah. Eh. What do you do? Cross site scripting is cross site scripting, you know. Yeah, we got to take care of it, but it's not really that important. Right. This is actually kind of sophisticated in its attack vector. So if we look at the article here says leveraging a new infection technique called Grim resource that exploits MSC files. I don't know if you're familiar with MSc files, but there you go. MSC files are the Microsoft. So if you're running Windows and you hit the Windows key or whatever, and it brings up the search type in MMC. [00:27:45] Speaker A: Okay. [00:27:46] Speaker B: And that brings up the Microsoft management console. I see you getting that. So you can create different versions, you can customize these mmcs and create your own. And MSc files I think are the way in which we. They get saved. Okay, you got something. Something MSc. Okay, these MFC files. So this is by crafting malicious MSc files they can achieve full code execution within the context of Mme Exe or MMc exe. So that's not good. And that's really interesting. And it says this is upon a user click. So basically they're crafting this new attack offering some advantages over traditional. So if I sent you an email that had an MMC in it and you ran it, it does not get certain security that you would normally get. So you're not running any macros. So no macro thing pops up. It's not a macro thing, so there's no security macro. [00:28:48] Speaker A: Right. [00:28:49] Speaker B: Boom. Okay, one problem solved. And it sees it as a low security warning anyway. So the security warnings that you may or may not get are going to be low. They're not going to be very like warning, warning, bad things happening. You're going to be like, hey, what's that? You sure about that? Yeah, I'm sure. Okay, cool. It's kind of that idea. [00:29:08] Speaker A: Okay. [00:29:09] Speaker B: Right. That other than that, there's a lot of much more technical aspects to this. I think that's where you were kind of reading it. I'm like, the hell is going on here? [00:29:22] Speaker A: Even the MMC stuff is new to me. So this is all the rest of this is definitely a little beyond my scope. [00:29:27] Speaker B: Yeah, this was just a very interesting attack vector in my estimation. [00:29:31] Speaker A: It did say, I mean it's leveraging like a flaw or vulnerability. Right. So it's still unpatched. Right. There's no, like it says it's exploits an unpatched cross site scripting vulnerability. There's no fix for it. [00:29:41] Speaker B: Correct. So there's a lot of moving parts on this. Don't think this is some like, oh, I alert, no script tag alert. It kind of takes advantage of the way that you work with this kind of moving into JavaScript where it's executing JavaScript. So there's this apds. Dll, Dll direct, is it direct link library? [00:30:11] Speaker A: That sounds right. [00:30:12] Speaker B: I think that's right. I'm bad with acronyms. [00:30:14] Speaker A: So Dll dynamic link. [00:30:16] Speaker B: Dynamic link libraries. Thank you. [00:30:17] Speaker A: You're close. Two out of three. [00:30:18] Speaker B: Oh yeah. So just, just basically software that you need to tell things how to do stuff. So it utilizes that to kind of grab this, does some obfuscation. Like I said, this is very sophisticated attack chain that ultimately gets to this.net to jscript functionality and that's what it's abusing. And that's where you can get into the whole JavaScript cross site scripting. Allowing the cross site scripting attack to execute. It takes this weird back door path by doing a Dll hijack. And I think I even looked this up. There's proof of concept code that was out there, if I'm not mistaken. Was I, was I able to look this up? Yeah, I think I was. That kind of shows you how this goes. Basically you compile the dll necessary and you fire and forget it's handling all that. And once someone clicks on that via, as a, as a download or whatever and a link or whatever the case is as an attachment and email, they click on it. Once you get like past the low level security morning, it's fire and forget it's j over. Yeah. So be on the workout for that. Just kind of brings up the awareness of do not click links that you are getting in your email, do not download attachments that you get an email. And if you do, you need to do them in really controlled sandboxed environments. [00:31:46] Speaker A: Sure. [00:31:46] Speaker B: There are, I want to say there are Yara rules. So this team, elastic security team, since they, I think kind of discovered this trick, their security appliances and software can discover and detect. [00:31:59] Speaker A: Oh, that's nice. [00:31:59] Speaker B: Right? And they even have Yara rules that can be created to find the specific features of the malicious MMC console. So there are iocs that can be utilized to create rules to discover. Or if you're just using the Alaska security teams stuff, then you might be able to detect this as well. And I'm sure it won't be long or the others, other big dogs out there follow suit. But just be aware. Yeah. [00:32:22] Speaker A: And it's good to know a lot of new terms always come up in those articles where they get more technical and kind of go into detail about how a certain attack or vulnerability, you know, is being exploited. [00:32:32] Speaker B: So you like how, what's interesting about it is you take all these very sophisticated attack methods. [00:32:38] Speaker A: Yeah. [00:32:39] Speaker B: And all boils down to don't click shit. [00:32:40] Speaker A: Yeah. So how do you fix this? [00:32:43] Speaker B: How do you story is stop clicking links and downloading attachments. [00:32:48] Speaker A: I feel like you should have like a flag waving behind you. Stop clicking links. [00:32:50] Speaker B: Yes. [00:32:51] Speaker A: Downloading attachments like this is what a. [00:32:53] Speaker B: Rolled up newspaper, right? I've told you. No, no, no. [00:33:00] Speaker A: Thank you for the, for the PSA. Do appreciate that. Before we take our break here on Technito, one more thing that we wanted to get into a little bit. The lockpick ransomware group is claiming hack of the us federal reserve. [00:33:11] Speaker B: They're back. [00:33:12] Speaker A: They are back and better, worse than ever. [00:33:15] Speaker B: Can't keep a good ransomware group down. [00:33:16] Speaker A: No. Does say that they've claimed responsibility. Usually in this case, if a group is just like, we did this, but there's not a ton of concrete, yes, we have proof that this happened. Usually it'd be like, I will wait to talk about that. But because it was the US federal Reserve and the claim that they're making, it seemed like a big deal. Allegedly compromised 33 terabytes of sensitive data from the Federal Reserve. And I just, the implication of that, like if this is true, it's. It's scary to me. [00:33:44] Speaker B: Well, I mean, so the lock bit, remember. Did you remember us talking about the lock bit ransomware manifesto? [00:33:52] Speaker A: Briefly. [00:33:53] Speaker B: Remember, the FBI kind of took them down. Yeah, they were back, and then they were down, and then they were back and they had this manifesto. I say they. It was in specific individuals, kind of like the head of Lockbetter was or is or whatever. I'm not sure. I forget the name of the locks up. I think it was his name, probably. Yeah, something like that. But he had claimed inside the manifesto that he had been targeted specifically by the FBI. [00:34:20] Speaker A: Oh, yeah. [00:34:21] Speaker B: Because it is a well known fact that lockbit attacked and ransomware at Fulton County, Georgia's. [00:34:28] Speaker A: Right. Okay, I remember. [00:34:30] Speaker B: And if anybody's going, why does that sound familiar? Because the prosecutor in Fulton County, Georgia, has gone after Donald Trump legally, criminally. And they had said, oh, we have those files. Locked, lock, lock bit. That is said, oh, we have the files, and we'll. We'll release them if you don't leave us alone. And all of a sudden, lockpick went. Got taken down, and then again, put on. This should have been a tinfoil hat episode. Honestly, I. Whether or not they have that stuff or that it. Even if they did, it proves anything about anything, right? I have no flipping clue. I'm not here advocating for one thing or the other. [00:35:11] Speaker A: Right. But that's what happened. [00:35:12] Speaker B: They just delivered what they have said. [00:35:14] Speaker A: Right? [00:35:14] Speaker B: Yes. [00:35:15] Speaker A: Yeah. And then they were. [00:35:16] Speaker B: And then in that same manifesto, they did say, I've been lazy. I've been asleep at the wheel. And apparently I need to target more federal organizations or government organizations. And here we are staring down the barrel of an article that says lockbit has attacked and breached the Federal Reserve, which, if I'm not mistaken, is actually made up of private banks. [00:35:43] Speaker A: Yeah. Federal in name only. [00:35:45] Speaker B: It is federal in name only. There is a federal oversight committee that kind of watches over them, but they. They are not a federal entity. [00:35:53] Speaker A: Right? Yeah, I think. I think you're right on that. And if this is true, if they did steal the 33 terabytes, they said that they got a hold of sensitive data or sensitive detail about american banking activities could represent one of the most substantial financial data breaches and breaches in history. It's the Lufthansa heist of data breaches here. Okay? The group's given the Federal reserve 48 hours to hire a new negotiator because they said that the old one was a clinical idiot for valuing their words, not mine. For valuing american banking secrecy at 50,000. So I guess they said that's the ransom they'd be willing to pay to get this information back to. [00:36:31] Speaker B: What I love about the tech, NATO is the conversation here. So adult. [00:36:36] Speaker A: You clinical idiot. [00:36:37] Speaker B: Yeah. Don't click shit. Clinical idiots like our children anytime, like. [00:36:42] Speaker A: A threat actor or a group like this puts out some kind of a statement, it makes me laugh every time. And I know it's not funny because, like, oh, they're doing bad stuff, but. [00:36:50] Speaker B: The absurdity of it and the. [00:36:52] Speaker A: The way they talk. [00:36:53] Speaker B: Right. [00:36:53] Speaker A: Like, this is so funny. You're. You're a clinical idiot for valuing this at $50,000. [00:36:58] Speaker B: Right? Like, we're listening to kids on the playground yelling at each other. [00:37:01] Speaker A: That's. And even that. It's like a clinical. That's not like saying you're a doo doo head. Like, you're a clinical idiot. That's kind of calculated. [00:37:08] Speaker B: I believe I could get a doctor in here to measure your ability to cognate, and you will fall on the. [00:37:16] Speaker A: Scale of idiocy, kind of excusing their idiocy. It's not your fault. It's clinical. This is a medical condition. [00:37:20] Speaker B: No, you're born this way. I am not. It's not pejorative. [00:37:23] Speaker A: You're an idiot by design. That's the implication there. [00:37:26] Speaker B: That's right. [00:37:27] Speaker A: So they've not. The Federal Reserve has not publicly confirmed it or given any details. And I guess at this stage, it doesn't necessarily surprise me that even if this is true and this breach did occur, it doesn't surprise me that the Federal Reserve didn't come right out and say, yep, we got breached. Usually that's the way it goes, is that there's either silence on it or it's a, hey, you know, just. [00:37:45] Speaker B: Yeah, well, maybe. Maybe because of the, you know, how closely affiliated that the Federal Reserve is and in how inculcated into the federal government they are. They're. They're kind of. And it's the. Basically the US finance system. They're just kind of keeping this on the hush hush for right now. And again, maybe don't even know. I guess they said that. They do know. Right? Because they said, lockbit has said, we have dealt with your people and their political idiots. [00:38:21] Speaker A: Your negotiator. [00:38:22] Speaker B: Yeah, send me someone else. Start releasing. [00:38:27] Speaker A: That's. Yeah. And given, like, the whole context of everything that's happened with lockbit before this, what you said about how they said, I've been asleep at the wheel, or that specific guy said, I've been asleep at the wheel. I need to start, clearly, I need to start leveraging some more attacks on these federal entities. It does. It tracks that something like this would happen. So it wouldn't surprise me if it turns out to be true. It would surprise me if it turns out to be false, if the whole thing is just a big lie. But for right now, it's still like. [00:38:52] Speaker B: If I had to put my money on the table, I would say there's some legitimacy to this. [00:38:56] Speaker A: Maybe the exact amount or the way that it was accomplished is still up in the air, but I wouldn't doubt that something's going. Something's going on here. Maybe we'll have more information on that in the coming weeks, hopefully. [00:39:07] Speaker B: Good news, man, this reads like a stinking, like, what's his name? Tom Clancy novel or something, right? This is crazy. [00:39:14] Speaker A: Yeah. [00:39:15] Speaker B: That. This is the world we live in. [00:39:16] Speaker A: Yeah. [00:39:17] Speaker B: Familiar with Tom Clancy, right? Please. [00:39:19] Speaker A: Splitter cell. [00:39:20] Speaker B: Yes. [00:39:20] Speaker A: Yeah. [00:39:21] Speaker B: So he wrote a bunch of novels about espionage and shit like that I'm more familiar with. Then they became games. [00:39:27] Speaker A: The games. [00:39:27] Speaker B: Yeah. [00:39:27] Speaker A: Yeah, I knew. I knew he wrote novels. [00:39:29] Speaker B: Love. But this and Rainbow six, that's my jam, dog. I will play some Rainbow six Vegas to Rainbow six. Vegas two on Xbox 360 is one of my favorite games. And I do love all the ghost recon stuff as well. Excellent, excellent work. FPS is Chef's kiss. [00:39:51] Speaker A: My brothers watch this podcast sometimes, and I know they're going to be, like, even bigger fans of you now because that was one of their favorites. [00:39:56] Speaker B: So me, Tim Broome. Yeah, right. The og of itprotv, right. Back in the day, that used to be with us. I used to go to Tim's house and he has this big theater room, and we would sit there and play Ghost recon. Vance warfighter for hours, eating pizza, drinking beer, and just being on a headset. I remember one of our friends, Charlie, he was remote logged in. We were playing over Xbox live. He had a bunch of friends like his friends, but not our friends. [00:40:28] Speaker A: Sure. [00:40:29] Speaker B: He was like, hey, you're over at Tim's house. Get on with Tim. We had a couple of friends over Tim's, and we get online and we start playing against each other, and I hear Charlie over the headset, go watch out for Lowry. He's a good. And I'm like, you mean sniper? Yeah. Like, as he was warning his team to look out for me, I sniped him. It was. You couldn't have. You couldn't have written it. It was so great. [00:40:58] Speaker A: That's so sweet you guys bond over the video games. [00:41:02] Speaker B: It was fun. [00:41:02] Speaker A: That's wholesome. I'm glad to hear that. [00:41:04] Speaker B: Yeah. Killing each other digitally. [00:41:06] Speaker A: That's just neat that you guys, like, we're all gonna get together and play a game. Like, it's just. That's neat that y'all still do that. Well, I think that's gonna do it for the first half of Technado. It's nice we get those little. What's the word? Not cat. What is the word for, like, a little personal anecdote. Those little anecdotes. It's nice to hear that. A little personal. [00:41:24] Speaker B: Gotcha. [00:41:25] Speaker A: Let's see. [00:41:26] Speaker B: Kind of weird place did your brain go? [00:41:29] Speaker A: A little personal story, and I couldn't think of the word for it. [00:41:31] Speaker B: You stopped it. Personal. [00:41:35] Speaker A: I want to collect myself. [00:41:36] Speaker B: Yes. That's probably a good idea. [00:41:38] Speaker A: Drink some more of this. [00:41:38] Speaker B: Let's take five. [00:41:39] Speaker A: Reset my brain. We'll take five. We'll be right back with more technado. Welcome back for more tech NATO. We collected ourselves over the break. I drank some more celsius, and I'm feeling ready. [00:42:24] Speaker B: She did some push ups. [00:42:25] Speaker A: I did. I did. I cried in the crying room. [00:42:27] Speaker B: Where's that? [00:42:28] Speaker A: Yeah, I got a hold of myself, and I'm ready to power through the rest of this because we do have a little bit more that we want to get through. [00:42:33] Speaker B: I don't know how you get your eyes to not be red after all that crying, dude. [00:42:36] Speaker A: In seriousness. Like, my eyelids droop on their own. So my default face is like this, and I look like I hate my life. I want to kill everybody in here. [00:42:44] Speaker B: And it's gonna get you a tattoo of FML. [00:42:47] Speaker A: I could be having the time of my life. I could be at Disney World right now. [00:42:50] Speaker B: This is amazing. [00:42:52] Speaker A: And it's my eyelids. Just naturally. It's the half, you know. I don't know. I'm naturally tired, I guess. But I promise I do want to be here. [00:42:58] Speaker B: I used to have a friend that kind of had the same eyes as Jim Brewer. [00:43:02] Speaker A: Okay. [00:43:02] Speaker B: Have you familiar with Jim Brewer? [00:43:04] Speaker A: I can't visualize him. [00:43:05] Speaker B: He was in a movie. [00:43:06] Speaker A: Jim Brewer. [00:43:07] Speaker B: Yeah. With. With Dave Chappelle. Okay. You're getting the idea, I see. [00:43:12] Speaker A: Yeah. [00:43:12] Speaker B: He cannot get pulled over without having to do a bunch of stuff. [00:43:19] Speaker A: Fair enough. [00:43:19] Speaker B: Right? You get the idea. [00:43:21] Speaker A: Yeah. [00:43:21] Speaker B: Bedroom eyes. Don't sleepy looking. [00:43:28] Speaker A: We'll move on. That's not what that means. We're gonna. We're gonna go ahead and jump into an old favorite segment. This is Deja News. [00:43:38] Speaker B: Deja news. [00:43:45] Speaker A: I do love this segment and I do love the song. Like I said, I heard it in the wild recently for the first time, and it's a good song. [00:43:50] Speaker B: It's amazing to me. [00:43:51] Speaker A: I've listened to it a handful of times since then. It is a catchy tune. That was Beyonce's best era, I think. The. That irreplaceable era. Anyway, Nvidia loses. Nvidia loses $500 billion in the biggest short term loss in company value all history. And you might remember, hence the deja news segment. Last week, we talked about how Nvidia was the most valuable public company in the world, surpassing Apple and Microsoft. But they were all right around the 300 trillion dollar range. Upwards of that, right? [00:44:20] Speaker B: Say 300 trillion. [00:44:21] Speaker A: I think so. [00:44:22] Speaker B: That's how much I'm pretty sure. [00:44:24] Speaker A: 300 maybe I'm remembering. [00:44:26] Speaker B: That seems excessive. [00:44:27] Speaker A: Let me check. Let me check. You're wrong. I'm wrong. It's 3.27 trillion. I read it. I read it earlier and I was. [00:44:35] Speaker B: I was about to lose my mind. [00:44:37] Speaker A: I skipped over the period, the decimal. So I just read three, two, seven. I was like, dang. But it's Apple. Apple has a lot of power. So that's. That's the value I just got. Apple's at 3.27 trillion. Nvidia right now. I wonder what their current value is because, okay, three point bucks, it's at a flea market for sale. 3.08 trillion is where Nvidia is currently sitting, as you can see. Quite a big drop recently. Yeah, but they were up at the top of the heap last week and lost. [00:45:05] Speaker B: When you're at the top, there's only one place to go down. That's right. [00:45:08] Speaker A: And because they're already valued at such a high amount, 3.08 trillion, that $500 billion loss didn't really. It sounds like, oh, wow, they got it. Like, they got to be hurting. They're fine. [00:45:21] Speaker B: So. Well, I mean, they are hurting in a way. [00:45:25] Speaker A: Sure. [00:45:25] Speaker B: Right. So their investors are not happy, right? [00:45:30] Speaker A: Yes. [00:45:30] Speaker B: Because the value of that stock, while the money that comes in from selling graphics cards is not affected necessarily, the valuation of the company has been vastly affected. And therefore, if you had stock in the company, let's say the stock was worth $10 when you bought it, and now it's worth $1. You have lost money. If you went to sell that stock, you'd be like, oh, crap, I just lost $9. And that would be bad. [00:46:04] Speaker A: Of course. [00:46:04] Speaker B: Of course. You put that up to scale and you're like, holy. We lost. [00:46:08] Speaker A: Yeah, yeah, that's true. [00:46:09] Speaker B: In that way, anybody that was looking to sell their. Their Nvidia stock lost a bunch of money, right. [00:46:16] Speaker A: But I guess comparatively to where Nvidia was year and a half ago, they were valued. I guess at the end of January 2023, their market capitalization was just below the $500 billion mark. So. [00:46:26] Speaker B: Okay. [00:46:27] Speaker A: You know, a year and a half ago, this would have killed. I mean. [00:46:30] Speaker B: Oh, yeah, it would have. [00:46:30] Speaker A: Absolutely would have been wiped out. [00:46:32] Speaker B: You imagine a world with no Nvidia. Like, you wake up and Nvidia is a thing of the past that is gone. [00:46:38] Speaker A: And I think even for folks that aren't super familiar with Nvidia, like, when I was in college, right, I, like, got some notification on my computer at home, and it was something about the Nvidia, some update that I needed. And Nvidia came up and I didn't know anything about it at the time. I was making use of its product without even realizing that I was doing it. So, yeah, I think. [00:46:56] Speaker B: Who's their big competition? Is it AMD? [00:46:58] Speaker A: That sounds right. [00:46:59] Speaker B: AMD, big graphics card? Okay, okay. Christian says we're hearing it, that it's yes on AMD being the big competition for Nvidia. [00:47:08] Speaker A: Yeah, intel. AMD Qualcomm. Okay, so they've got. [00:47:11] Speaker B: But intel, do they make. So with Nvidia, you get graphics cards that are dedicated. Right? Does. Does intel make dedicated graphics cards or is it all that incorporated into their. Was the UHD? [00:47:27] Speaker A: I don't know. You may be right that it's not. [00:47:30] Speaker B: You see, I'm not a hardware guy. You can tell because I'm struggling, remember? Yeah. This is where Don would have been super helpful. He would have told us the history. Yeah, like, the people that invented it. [00:47:44] Speaker A: Like he was reciting some random, like, off the top of his head. Yeah, just off the dome. [00:47:48] Speaker B: I know we get a lot of comments of people saying, bring back Donna, he's gone. Trust me. [00:47:55] Speaker A: Don hasn't lived here for years in. [00:47:57] Speaker B: This seat and not me. He's much better at this than I am. I totally agree with you, Chuck. [00:48:03] Speaker A: You and keep Don, is what you're saying. [00:48:04] Speaker B: Yeah, but see, he retired. [00:48:06] Speaker A: Yeah, he's living. [00:48:08] Speaker B: I still have a family to feed. [00:48:09] Speaker A: He's in Fiji right now. He's living it up. But, yeah, he would have the scoop on that for us. Maybe we can. We can reach out to him. [00:48:16] Speaker B: Doing my best. Okay. [00:48:17] Speaker A: You're doing great. I'm proud. I'm proud of you. [00:48:20] Speaker B: Thank you. [00:48:22] Speaker A: That was kind of scary. I wasn't expecting that voice, but, yeah. So this was a historic loss, not just for Nvidia, but in general. It's the biggest loss in, like, that short of a period in recorded history. So that's the reason why this was pretty noteworthy. But it doesn't. It doesn't make sense that after, you know, skyrocketing so much over the last however many weeks that, you know, it's got to balance out at some point. [00:48:44] Speaker B: So that was a big hit to. To break the record. I mean, if you're going to go big, go big or go home, right? [00:48:48] Speaker A: Might as well make history. [00:48:49] Speaker B: That's right. [00:48:50] Speaker A: And that's not all we've got as far as Deja news goes this week, you might have remembered we talked a little bit about Kaspersky last week and that they were having a little bit of an issue with Apple. Apple was not. Or a week before last, I guess they weren't paying out the amount for a bounty on a bug that Kaspersky reported to them. And she was like, you gotta pay up or just give it to a charity. We don't care. Well, we may have the reason why Apple didn't want to pay up. Biden has banned Kaspersky antivirus software in the US over security concerns. And we did talk a little bit about this when we first brought this up, about the security implications there and how, you know, because I guess it's a russian company, there are some folks that are concerned that, hey, we gotta be careful. So the Biden administration has said, hey, you better find an alternative by the end of September if you are using this antivirus software. [00:49:34] Speaker B: It's funny, we were kind of talking about how we see a lot of, yes, Russia is an enemy of the United States, and you need to be concerned about them. And their hacking activities have been well documented. They definitely have some issues going on with that. But, man, we tend to see a lot more China. [00:49:55] Speaker A: Yeah. [00:49:56] Speaker B: So it's like, you would think there would be more bans on chinese stuff, but maybe there's no big chinese security firms that we're having to worry about. And that's the difference. [00:50:08] Speaker A: I guess that's true, because I hear Kaspersky mentioned a decent amount. I don't know that there are any security firms like that that are chinese. Or like, even this morning we saw something about, like, a chinese and north korean Chinese. [00:50:19] Speaker B: They're going buck wild right now. [00:50:21] Speaker A: And I don't know that there are any companies like Kaspersky that originate in those countries. So it could be if you. [00:50:26] Speaker B: There's plenty of them, which I do know, like fancy bear and all that, you know, that's. So they are a definite problem. But sure, because this is where it gets weird and interesting at the same time. So Kaspersky has a track record that they call out in this article. If I'm not mistaken, there's a big quote from Kaspersky about all this. They say Kaspersky is aware of the decision the US Department of Commerce, by the US Department of Commerce to prohibit the use of Kaspersky software. This decision does not affect the company's ability to sell and promote cyber threat intelligence offerings and or trainings in the US. Despite proposing a system in which the security of Kaspersky products could have been independently verified and trusted by a trusted third party, Kaspersky believes that the Department of Commerce made its decision based on the present geopolitical climate and theoretical concerns, rather than on a comprehensive evaluation of the integrity of Kaspersky's products and services. Kaspersky does not engage in activities which threaten the us national security and in fact has made significant contributions with its reportings and protection from a variety of threat actors that targeted us interests, interests and allies. So, I mean, this should be demonstrably true or false, right? Right. Have they or have they not? I don't know. I haven't done the research, but they. Kaspersky is making the claim that this is like unfounded. [00:51:50] Speaker A: Right. [00:51:50] Speaker B: And not even. Not even that they were neutral. And so there was wiggle room on. But I. We have actively protected the US against threats and engaged in increasing the security. So I have used Kaspersky software. I used to. So when I worked in corporate, we use semantic import protection. And I think I was telling you this, I was cleaning up crap, like every day I got another, got to go clean that up. You know, because I would have the dashboard in front of me and I would get, oh, these workstations have possible infection. And then I would have to call those end users. Hey, let's take a look at what's going on. Let's run some more in depth scans. Your computer might be kind of sluggish for a little bit because of that. And then. Yep. And then we could clean these things off and I would have to use third party software to get it to remove the crap that it was. It was just able to kind of flag it, but it wasn't able to really stop it in any good way. So we started looking for a different solution and Kaspersky was one of the ones that I tried and it was amazing. It was awesome. It went, and so we invested in Kaspersky endpoint protection. And that was a different game, man. I went from doing like six a day to six a month. It was insane. So I was a huge fan of Kaspersky being. I think I told this story that when I came here and I was like, oh yeah, because first he's really good software. Dawn's like, ah, nah, Russians. Yeah, okay. He's like, I don't trust the Russians. And so maybe that's the same. And that's, that's kind of their, what they're saying here. And the fact that the United States has decided that now they're, they're not stopping them from. So if I was using Kaspersky software, correct me if I'm wrong, I could still use it. Correct. [00:53:42] Speaker A: So it's a ban of the antivirus software and the pushing of software updates to us companies and consumers. So I think it applies to everybody here. [00:53:53] Speaker B: So I've got to find a new vendor is what they're saying. [00:53:56] Speaker A: It sounds like it, right? I don't think this is just limited to like, oh, it's just for federal agencies or anything like that. It sounds like this is a whole country kind of deal up though. [00:54:06] Speaker B: It, I think it says starting at midnight et June, July 20, 2024, Kaspersky is banned from entering into any new agreements with a US person of business. This includes any software or white label product from the company. At midnight September 29, Kaspersky or any of its agents are prohibited from distributing software and antivirus updates to customers operating its Kaspersky security network in the United States or on any person's us person system. So if I have it already, I can still use it. I just won't receive any updates. I think that's how I'm reading that. [00:54:46] Speaker A: Yeah. The part that's tripping me up is the part that says not, not being able to run on any us person's systems, like not being able to run that at all. I'm trying to find it in my. [00:54:58] Speaker B: But it's only after that date and time. It's a, if you already have it installed, you're quote unquote, fine, but you won't get any updates after that data either because updates are also banned. [00:55:11] Speaker A: And, but then, so then at that point, if you're not getting any updates, new threats are emerging all the time. So it still kind of renders it not useless but less useful. [00:55:20] Speaker B: I mean, no, it's, yeah, but that, that less useful window starts becoming useless after a very short amount of time. [00:55:28] Speaker A: I guess I would think that if you're going to issue a ban like this, and your primary concern and reason for doing it is that Russia has shown time and again that they can exploit russian companies to collect and weaponize us information. That's your reasoning? Right. [00:55:43] Speaker B: Okay. [00:55:43] Speaker A: Why not? And maybe I'm missing something here. Why not then issue a ban in general on any, any of this type of product coming out of Russia? It's not because this is specifically against Kaspersky. I know there's. I mean, Kaspersky is kind of the name that we think of when we think of a company that's operating out of Russia that does this stuff. But, okay, if another one pops up, are you gonna then just issue ban after ban after ban for anything? [00:56:05] Speaker B: Well, I mean, this all starts with the whole tick tock thing, right, where we're banning tick tock in the us, but tick tock is. Is legitimately run by the CCP, right? Right. Like I say, it's run. It is controlled. If they ever wanted something to happen, the parent company of TikTok will definitely bend the knee and do exactly what the CCP says, because that's how the CCP works. And that's what it's like in communism. That's. That's how that goes. So. And then we also can demonstrably prove, if I'm not mistaken, that tick tock's algorithm is. Is very anti intellectualism, that if you're using. They don't call it TikTok in China. I've seen a lot of articles that. Let me put it that way. I've seen a lot of articles that make off, like, TikTok is, a, in a lot of ways, spying on us citizens, and b, the algorithm is meant to kind of, like, promote frivolousness. [00:57:07] Speaker A: Right. [00:57:08] Speaker B: Okay. Stupidity and changing culture in the United States to make the United States weak and therefore easily, more easily manipulated. Right. This is what I've heard. I'm not saying whether it's true or not. I'm just saying these are the things I've heard. We are definitely not friendly with the CCP, the US. Right, right. And if the CCP is in control of tick tock, I understand what I'm all that to say. I can understand that the us government will want, have a vested interest in saying we don't trust that. [00:57:38] Speaker A: Right, right. [00:57:39] Speaker B: Whereas Kaspersky, on the other hand, again, I do not have all the facts. [00:57:43] Speaker A: So if I'm right, we gotta hedge our bets. [00:57:46] Speaker B: Yeah, based off of I am not the end all, be all, know everything. You know, grand poo bah of everything security. [00:57:55] Speaker A: Right. [00:57:56] Speaker B: So Kaspersky has seem to have a proven track record of being very security oriented. The whole thing with apple, we're finding flaws with your apple iOS zero, click zero day. Here you go. Don't you, don't even give us the money. Give it to a charity. Here's charity list. Go buck wild. And they get no. And now we get the government saying no just because it seems like they have an argument that it is due to the geopolitical climate and not necessarily anything Kaspersky has ever done. If you are familiar with things that Kaspersky has done that is a legitimate concern to us interests, please put that in the comments. I want to know that stuff. Yeah, that's the kind of news I can use. So. Man, it just goes to show you how complex this stuff is and how, you know, wow, it could get a little crazy. I know for a fact. Anyway, from using them in the past, they have phenomenal product. I cannot disparage whether or not it's doing anything in the background shady or hinky. I mean, I would feel like. So the us government, they have what's called a trusted foundry. You've never heard of this? I saw your eyes just kind of. [00:59:04] Speaker A: Eh, I'm not familiar enough. [00:59:06] Speaker B: Trusted foundry. So with hardware, if the us government wants to use a piece of hardware like a switch or something like that, it has to go through what's called the trusted foundry system, where everything about that device has to be given to the governments through this system and it's vetted and they verify there's no spying, there's no nothing. There's blah, blah, blah, blah. So if we use this device in our, in our government, we know because it's been through the wringer that it's not doing anything that we don't want it to do. It's not. At least not that they can tell. They did their due diligence in making sure. Why can't they do it with software? Right. Why don't we have a trusted foundry system? And maybe we do. I'm just not familiar with it where the government, like, can't other companies do reverse engineering and. [00:59:56] Speaker A: Yeah. [00:59:57] Speaker B: Or have a system where. Yes, we're going to disclose our, our source code so that you can look for any malfeasance. [01:00:05] Speaker A: Right? Yeah. [01:00:06] Speaker B: And we are. [01:00:08] Speaker A: We're, we're confident. Confident you're going to find nothing. [01:00:10] Speaker B: You'll find nothing. [01:00:11] Speaker A: Yeah. [01:00:12] Speaker B: And then if you do go, okay, Kaspersky is not something you have to worry about. [01:00:16] Speaker A: Right. [01:00:16] Speaker B: Or there it is, you know, there's the proof. Yeah, and like you said, maybe they're just worried about down the road, the russian government making them do x, y or z. I haven't heard of that happening, though. That's, that's not that it can't. [01:00:30] Speaker A: No, but that, that was like, the reasoning. Well, we know that even if you don't think the russian government's using you, you, kaspersky, as a door to do this kind of stuff. We know in the past that they've been sneaky about stuff. So I just. Why target Kaspersky specifically instead of issuing, okay, a ban on any of this kind of software coming out of russia, not just kaspersky. I don't understand why you wouldn't just make it a big broad thing instead of targeting this one company. But maybe I'm missing something. [01:00:53] Speaker B: Maybe. Yeah, they legitimately went straight for kaspersky. [01:00:57] Speaker A: Very targeted. And they also sanctioned twelve of their lab executives. [01:01:01] Speaker B: Subsidy or. [01:01:01] Speaker A: Oh yeah, twelve of their. Well, yeah, any of their like partner companies or whatever have also, they're also banned, but they put sanctions on some of their lab executives as well, so they can't access their assets in the US. They're frozen till the sanctions are lifted. So we could probably talk about that all day. [01:01:18] Speaker B: That's a whole special. Yeah, that's a very special episode. [01:01:22] Speaker A: Technato special edition. So maybe we'll come back to that in the future if there's any more. [01:01:25] Speaker B: Updates when the Russians come or if. [01:01:27] Speaker A: We find any more information on it. Hey, let us know if there's something that we're missing. Yeah, got a couple more we want to get through, though. Before we wrap up this episode, Google is introducing Project Naptime for AI powered vulnerability research. This is a fun title by itself. Yeah, and we were talking about this a little bit the other day, project, it's called project naptime, I guess because it, it's supposed to free up people, you know, give AI or, you know, LLMs responsibilities to free up. [01:01:54] Speaker B: The initiative is so named for the fact that it allows humans to, quote, take regular naps and quote, while it assists the vulnerability research and automating variant analysis. [01:02:05] Speaker A: Oh, so it's a good thing in theory. [01:02:08] Speaker B: So you know, you know when. So when AI first came out, you know, many moons ago when AI was born, what do people do? Oh, we're going to lose our jobs, right? AI is going to take over because it can do everything automatically. And then because I've been on panels and stuff like panel discussions and Q and A's, where that question specifically has come up. [01:02:30] Speaker A: Right. [01:02:30] Speaker B: Do I need to worry about AI, ML basically doing away with my job if I'm a pen tester, can't AI just do a lot of this? The answer to that is it can kind of do some of these things, but it doesn't do it consistently, and it has a lot of false positives and errors. You would have to go back and really vet it anyway. So what ends up happening with AI and ML and deep learning and all the things that we can do with LLMSdev stuff that where all the Alphabet soup that goes along with it is it can help us automate some of our day to day tasks. And this is what I said from the beginning was, eventually, it's probably going to do away with your job, but that's down the road, like, you got some time. Don't worry. What it does do in the meantime is make you better at your job. Hey, I don't have to sit around and do mundane autumn tasks that could be automated. That's where it shines. And that's what project naptime seems to be doing. It is the epitome of how we can incorporate AI to make us better at security. So I thought project Naptime was a good thing, an interesting thing, at least on the offset. I don't know more about it than what this article talks about, but from what I can see just from here. Exactly, yes. Use AI so that I can go touch grass, de stress, and it allows for more cognitive thinking, better thinking and creativity. And that's where you start getting real interesting stuff and people thinking outside the box because they step away from the problem. If you've ever tried to run down a problem, coding issues, security issues, and you're trying to figure out, well, how do I tune this to make it work? Right? And you've been sitting there banging at a keyboard for hours on end. The more you bang at it, the less likely it is you're gonna get somewhere. You need to be able to step away. And me kind of like shoveling it over to an AI system to go, you know what? Take that. I'm gonna go, I'm gonna take a walk. And I come back and it's got all this cool information. [01:04:40] Speaker A: Yeah. [01:04:40] Speaker B: Automating a lot of the stuff that I would have to have gone through anyway, freeing me up to put my, my cpu cycles on something more interesting or more, more difficult. That's. That's a good thing. This is AI. I think this is what it's supposed to be for. [01:04:56] Speaker A: Yeah, this. This is the kind of stuff that we like seeing AI used for as opposed to creating those scary pictures. You know, it just. [01:05:04] Speaker B: Yeah, every time we will smith eating. [01:05:06] Speaker A: Spaghetti, and he's got eight fingers on one hand. [01:05:09] Speaker B: It is so disturbing. [01:05:11] Speaker A: Or the voice emulation, where it's, like, kind of scary sounding because it sounds just like Christian has done it with my voice before. I'm like, that sound, it messes my head because I'm like, I. I wouldn't. [01:05:21] Speaker B: Have known it wasn't you. [01:05:22] Speaker A: I know I never said that sentence before, but this is me saying it, and it messes with your head a little bit. So this is one of the instances where it's nice to see, hey, AI is not all bad. Every time we hear about it, it seems like it's scary stuff. And this is a good use of artificial intelligence. I think so. Bravo to Google for this project. Nap times. Just such a fun name. Anyway, a couple more that we wanted to get through here. We got some more Nintendo news. Yeah, it's nothing. [01:05:47] Speaker B: Here we go. [01:05:48] Speaker A: Well, it's not happy news, I don't think. But I'd be curious to know folks opinions on this dying noise. Well, if you're not familiar, Yuzu is an emulator service, and Yuzu is officially shutting down as it settles with Nintendo for $2.4 million. So want one end of the road for Yuzu as well as Citra. And Yuzu provides support for citra. And that's a three deciseconds emulator. [01:06:14] Speaker B: Yes. I love the citra. Yeah, I used citra. [01:06:17] Speaker A: Loved. [01:06:18] Speaker B: Yeah, loved being the operative word now, which is weird to me. So I read. I read this article and use it. Right. Like, I never used Yuzu. Was it Yuzu? [01:06:27] Speaker A: Yuzu. [01:06:27] Speaker B: That's a weird name. [01:06:28] Speaker A: You later. [01:06:29] Speaker B: Yeah, yeah. Right. Is a switch emulator. I totally get that. And good for. Good for Yuzu is saying, hey, we realized we were dipping into Nintendo's, like, current profits. People were using yuzu for nefarious things, and that's not what we were about. [01:06:45] Speaker A: Sure. [01:06:45] Speaker B: So we'll just. It's easy. We shut it off. On the other hand. So they're not making three deciseconds anymore. Two deciseconds. Correct. [01:06:56] Speaker A: I'm like, so. And they're not making new games. [01:06:58] Speaker B: Last game was, like, 2019 or for three deciseconds. [01:07:05] Speaker A: Yeah. [01:07:05] Speaker B: Right. [01:07:06] Speaker A: As of March 27, 2023, you could no longer make purchases for the Wii U system or Nintendo three deciseconds system. [01:07:12] Speaker B: Right. [01:07:12] Speaker A: So they're done. Couldn't download any more free content or more game demos. [01:07:15] Speaker B: This is. This is where I find fault with Nintendo personally. My opinion. I'm allowed to it. [01:07:21] Speaker A: Right, because you're not still actively making money off of not taking any money. [01:07:25] Speaker B: Out of your pocket. What do you care? [01:07:28] Speaker A: Because you're not. Nintendo's not creating new games for the Wii, the Wii U, the three ds, any of those systems. So I'm not hurting you by then using an emulator to play, like, Wii sports or something. [01:07:38] Speaker B: You know, I'm literally not putting. Taking any money out of your pocket. This, to me, is where they just. The game companies, man, they're overreaching. I remember back when I had an Xbox and they were all like, can't mod an Xbox. And you came on a PlayStation, and PlayStation sued. And I was like, hey, come to find out you didn't actually buy that hardware, you licensed the use of it. Like, what? Huh? Okay, that's weird. It's just a computer. Why. Why don't I own it? And, like, where does that end? It seems like a slippery slope. [01:08:12] Speaker A: Yeah, where's the line? [01:08:13] Speaker B: Right? We're not taking any money out of your pocket. Like, I just want to back up my games and be able to play them on my phone. [01:08:22] Speaker A: Yeah. [01:08:22] Speaker B: You know, or whatever. Because you're not making the hardware anymore. So I got to be careful on the hardware dying. Otherwise, I don't know if you've seen the price of three ds is lately. [01:08:33] Speaker A: Yeah. [01:08:34] Speaker B: They are not cheap. [01:08:35] Speaker A: It's crazy. [01:08:36] Speaker B: Even a two deciseconds is like 200 and 2250 at this point for a two deciseconds. [01:08:42] Speaker A: And even, like, the standard, the DSI. The DS lite, like, older models. [01:08:45] Speaker B: Those are still in the hundreds. Yeah. [01:08:46] Speaker A: Pricey. [01:08:47] Speaker B: Yeah. That's crazy. A three ds, what, 350 DS lite. [01:08:51] Speaker A: At Walmart is $130. [01:08:55] Speaker B: Right. You're not making these consoles anymore. You've already put. Okay, I don't want anybody ripping off Nintendo. [01:09:03] Speaker A: And that's on sale. Sorry, go ahead. It's $300 when it's not on sale. I'm sorry. I'm sorry. Continue. [01:09:08] Speaker B: That's for a DS light. [01:09:09] Speaker A: DS light. Metallic rose at Walmart. [01:09:11] Speaker B: Not a three deciseconds. [01:09:12] Speaker A: Nope. DS light. [01:09:13] Speaker B: Straight up DS light. [01:09:14] Speaker A: Mm hmm. Now it is metallic rose, which is. Oh, it's like the rose gold of DS's dollar 300, but it's on sale for 130. Anyway, that just caught me by surprise. [01:09:24] Speaker B: What's your thoughts on this. I want to get your take on this. [01:09:27] Speaker A: I was a DS enjoyer. That was probably. That was probably the first, like, console system, whatever that I used and owned when I was like a little kid. I played like, super Princess Peach on my DS light, my metallic rose DS light. Okay. [01:09:41] Speaker B: Yeah. [01:09:41] Speaker A: And then after that, we had like, a wii as a family. And it's. It's sad, you know that, but I understand consoles go by the wayside, things get outdated, and it's unfortunate now that I know it's like a scarcity thing, the prices are going to go up because there's not a lot of these available. I'm sure for purchase, they're not being made anymore. But it is kind of sad. As far as emulators go for DS games, I'm kind of disappointed that, like, I've looked for an emulator before for like, the original super princess peach because you can't play it on any other system besides the DS. It was never made. [01:10:09] Speaker B: Yeah. Melon, I think, is a good emulator for ds. Yeah, yeah. [01:10:13] Speaker A: Because I've never been able to find, like, an emulated version of super. [01:10:16] Speaker B: I've legit emulated super Princess Peach. [01:10:19] Speaker A: But then the fact that Nintendo obviously is pretty litigious about this stuff, I. [01:10:23] Speaker B: Get a little understatement. [01:10:25] Speaker A: I'm not a rule breaker by nature, so I get nervous, like, using those kind of services, especially when stuff like this happens and Nintendo comes, like, am I gonna get in trouble for using? I'm not. I'm not stealing money from Nintendo. They're not making Super Princess Peach anymore. They're not producing. [01:10:38] Speaker B: That's where it gets really great of me. So then there's the people that have the whole gaming historian, like, we're trying to preserve these games that are no longer being made. They're no longer available. Some of them get still available. I think you could do a lot of emulation. [01:10:53] Speaker A: Sure. [01:10:53] Speaker B: Emulate. It's not emulation. The Switch. [01:10:56] Speaker A: Yes. [01:10:56] Speaker B: Right. So on the Switch, you can still play, and that's certain games. [01:10:59] Speaker A: Yeah. [01:11:00] Speaker B: If those games are available in Nintendo, don't rip them off. Yeah, just don't do that. If you own a hard copy of it, then I don't feel like you're ripping them off. [01:11:10] Speaker A: Right. [01:11:10] Speaker B: You purchased it, you made that payment. [01:11:13] Speaker A: Yeah. [01:11:14] Speaker B: And now I just want to be able to play that game without any degradation to that experience. [01:11:19] Speaker A: Right. [01:11:20] Speaker B: I don't see the problem with that. If you own the game, what's the problem? [01:11:24] Speaker A: Yeah. [01:11:25] Speaker B: And then for those people that are trying to preserve those games for future generations. How else are they supposed to do it? You can buy these machines that basically you stick your cartridge in. It's able to read that off into a file and that's how this works. So. But yeah, then really interesting. [01:11:42] Speaker A: Eventually, then that stuff becomes like lost media. And how do you get it back? You can't. Once it's gone, it's gone. And so if you don't have stuff like this emulators to kind of keep it alive. But you're right. Switch has some options for like a bunch of old Game Boy games. They've got a package of them. [01:11:56] Speaker B: What's really weird to me is remember when Nintendo came out with the NES classic, those little minis? [01:12:02] Speaker A: Yeah, right. [01:12:03] Speaker B: How popular was that? Yeah, like those things sold out like that. [01:12:07] Speaker A: Wait, in line. [01:12:08] Speaker B: It tells them that if you make it available, we will buy it. You are leaving money on the table. So there's some weird old school business practices it seems like. [01:12:19] Speaker A: I think. I think like I mean, because Nintendo's a japanese company, right? Based in Japan. [01:12:23] Speaker B: Yeah. [01:12:24] Speaker A: I think there are. There has been talk of some like that there are certain business practices in Japan that it dates back. It's like very traditional. And so probably you're right in that respect that it's. Look, this is. We're going to be litigious about this. This is what our business practices dictate. But it's unfortunate and good for you zoo for trying to do the right thing and not support like piracy and stuff. But it is sad that some of these older games that aren't made anymore. You can't imagine. [01:12:49] Speaker B: Caught in the crossfire. [01:12:50] Speaker A: Yeah, we've got one more before we wrap up. Technator today. I know, running a little bit longer, but we'll put the chapters in the description so you can skip through if you want and go to the stories you want to hear about. So you might have heard a little bit about some car dealerships that have been facing some issues over the last week. Disruptions at many car dealerships are continuing. A CDK hack worsens. So this was a earlier this week. There was a lot of updates coming out about this. I talked to my mom about it. [01:13:11] Speaker B: It was just a. It was in every news cycle. [01:13:14] Speaker A: Yeah. [01:13:14] Speaker B: Figured I guess we can't be. It was leave it on the table. [01:13:18] Speaker A: I guess this because I never heard of the software provider CDK Global, right? [01:13:22] Speaker B: Well unless you were a car dealer, you never would have heard of it. [01:13:24] Speaker A: Right? Because I guess it is pretty much exclusively to car dealers. And then like auto, I think, like, auto shops also use it, so. [01:13:30] Speaker B: Service centers. Yeah. [01:13:31] Speaker A: And they're saying they could take them years to recover. And financially from this. Why is that? [01:13:36] Speaker B: I have no idea. Probably the way the attack went down. Ransomware, right? It was a ransomware attack. [01:13:42] Speaker A: Yeah. It shut down most of the. [01:13:43] Speaker B: They're not saying systems. [01:13:45] Speaker A: And so they couldn't sell cars and car parts because. Or some were using, like, pen and paper. They were joined to pen and paper, but a lot of them, it's like we always did this stuff online or virtually, and now we don't have the option to. So I guess we just won't sell stuff. [01:13:58] Speaker B: I like how it escaped them that they could go to pen and paper. [01:14:01] Speaker A: Yeah, yeah. What. [01:14:02] Speaker B: What is this pen and paw pair of which you speak, Iris? I've never heard of this. Only digital for us. [01:14:10] Speaker A: Yeah. [01:14:11] Speaker B: I mean, if it's that easy to just, like, for other people. I say that easy, but, you know, it's. It's a viable option. [01:14:17] Speaker A: Right. [01:14:18] Speaker B: How did you not just go, well, I guess we're doing it the old fashioned way. Ever been into a retail store and their Internet is down or whatever, and they pull out that big metal slidey thing that you put your credit card on and they. Yeah, that. That is always a fun day. [01:14:36] Speaker A: I don't think I've ever seen one of those. [01:14:37] Speaker B: Really? So what they would do is this is how credit cards used to work. [01:14:41] Speaker A: Okay. [01:14:42] Speaker B: Right. When you charge something, there was no electronic mechanism to read a card. There was no magnetic stripe that didn't work. You have a card number, expiration date, and all the information embossed on the card. They have this thing where they take out basically carbon copy paper. Carbon paper. And they stick it on there and has a form. They put your card in a templated slot, and then they run this thing over it, which is built into the mechanism to the machine, and it makes this big, loud schlunk. Schlunk noise, which was associated with charging it back in the day. And it would take that embossed card, and it would, through the carbon paper, make it onto your credit receipt. [01:15:26] Speaker A: Okay. [01:15:26] Speaker B: Okay. That's how it worked. And then they would have to submit those credit charges to the credit card companies, and the card companies would pay. So there's a lot of time between. So credit card fraud, obviously, was a whole lot easier back then, but now we have electronic. You swipe it, it goes. Yep, that's good. And. But when those systems go down, then how do you run the credit card? Somebody reaches behind the desk and goes, look at this dinosaur. Blows the dust off. And I think they still run around. They still work. [01:16:00] Speaker A: I guess I just never really thought about the history of credit cards and stuff and how that would work before they had electronic systems for it. History less. [01:16:07] Speaker B: What's weird to me is that this system doesn't run offline at all. [01:16:10] Speaker A: Yeah. [01:16:11] Speaker B: There's not a local database that's kind of working as a middleman. But it didn't. Yeah, it is offline, and everything's saved to the cloud. Everything is saved to the cloud. No buffer locally. It's all. You would think that I would be able to go, oh, I'm offline. Go to offline mode. I don't know. [01:16:28] Speaker A: That's just me now. And this is that on. It was June 19 they first announced they had to shut down a lot of their systems because they're investigating a cyber attack. But the afternoon they said, hey, we've already started restoring systems. But then that night, they experienced another incident and had to shut down stuff again. So then it was like, yeah, where it's, I'm never gonna recover financially from this. [01:16:49] Speaker B: Yeah, cue the Tiger King. Right? He's just standing there smoking a cigarette. Oh, man, you got me good here. Threat actors, sense to guns. Anyway. Yeah. I mean, I'll be interested in seeing. Obviously, they have not plugged the hole, right? [01:17:09] Speaker A: Yes. [01:17:09] Speaker B: They had yet to figure out how the hackers had breached their system, because as they were working on it, it was. Ah, damn it. They did it again. Yeah, well, talk about getting kick player down. [01:17:21] Speaker A: Yeah, that's like you said. They hadn't even stopped the sinking ship before. You know, they had. There's another cannon fire. So we'll have to see what. What comes to be of this, because. [01:17:30] Speaker B: Honestly, I threw this article on the heap. It just was very information about it, but it was in every. Was a security week. It was hacker news, GB hackers, it's affected. You name it, it was there. [01:17:40] Speaker A: And my mom was telling me that she was, like, reading stuff about it and how, like, there were. She's, like, in a couple mom forums, I think, on, like, Facebook and stuff. And so, because I used to be a student, and so she would check in and stuff, and there were moms that were like, oh, my kid tried to go and, like, rent a car somewhere, and even, like, rental agencies were affected by it. And it was to the point where she was like, screw it, I'll just get a U haul. And she just went and cut a U Haul and drove that instead for a few days. And so it is a far, far reaching. It's affecting a lot of. Of car dealerships and auto shops and things like that. So I'm glad you threw it in there because it is a pretty pertinent story. I think right now we'll have to see what comes to be and how long it takes them to fully recover from this. But, man, quite a lot on the docket today. That was a lot. [01:18:19] Speaker B: I'm tired. [01:18:20] Speaker A: My personal favorite was learning a bit more about your gaming history. That was quite fun. [01:18:24] Speaker B: I enjoy talking about gaming. I'm glad we've started to incorporate some. [01:18:28] Speaker A: Like you were talking about how Switch has some of the, like, old games that you can still play on the switch. And so if you have a certain level of membership or Nintendo online, there's a bunch of Game Boy games. So I've been playing a lot of Super Mario. There's no Mario and Luigi superstar saga. The like, first Mario and Luigi RPG. I'm getting excited for the one that's coming out November. So nice. I'd be curious to know what kind of games y'all are playing because we do like talking about it. We just haven't up to now. And it's a fun thing to talk about. [01:18:53] Speaker B: It is a fun thing. A lot of the, you know, it's funny, like, I think that's one of those things that we all can kind of come to the table and everybody, everybody games in some way. Everybody, whether it be a board game, crossword puzzles, sudoku, whatever the case, it doesn't matter, man. Everybody likes a good game. So yeah, I'm interested in hearing what, what is it that forged you? What fires? What gaming fires forged. [01:19:13] Speaker A: What kind of gamer are you? Yeah, take the quiz. Well, that's gonna do it for this episode of Technado. Thank you so much for sticking with us for these stories. Let us know what you want to see in the future. Leave a like and subscribe so you never miss an episode in the future. Thanks so much for joining us, and we'll see you next week. Thanks for watching. If you enjoyed today's show, consider subscribing so you'll never miss a new episode.

Other Episodes

Episode

December 15, 2022 00:41:54
Episode Cover

Technado, Ep. 286: Bypassing WAFs

Security researchers have figured out how to get around a web application firewall with a new technique that impacts several vendors. The Technado crew...

Listen

Episode

March 25, 2021 00:52:29
Episode Cover

Technado, Ep. 196: Cisco’s Ferdinand Soto

Ferdinand Soto joined Technado this week to talk about his journey from the military to a job as a Security Systems Engineer at Cisco....

Listen

Episode 355

April 11, 2024 01:11:43
Episode Cover

355: One MILLION Sites Affected by Critical Flaw?! (Technado visits HackSpaceCon!)

Live from HackSpaceCon, it's Technado! This week, malware takes center stage: beware of bogus NordVPN downloads and YouTube videos promising Fortnite cheats. If you...

Listen