365: Windows Wi-Fi Takeover Attack! (Update NOW!)

Episode 365 June 20, 2024 01:14:14
365: Windows Wi-Fi Takeover Attack! (Update NOW!)
Technado
365: Windows Wi-Fi Takeover Attack! (Update NOW!)

Jun 20 2024 | 01:14:14

/

Show Notes

This week's Technado starts strong with some breaking news: Nvidia has surpassed Apple and Microsoft to become the most valuable company in the world! Of course, we had to talk about Nintendo Direct, and we even took a look at the upcoming Spaceballs sequel.

After our breaking news segment, Daniel warns us of a Wi-Fi takeover attack affecting Windows Users. Then, the feds are suing Adobe for some sneaky cancellation fees that are costing users hundreds. CISA conducted its first AI IR tabletop exercise, and we take a look at not one, not two, but THREE cybercriminals in Behind Bars.

Following a quick break, we take a look at a bug that lets users spoof MS security team emails. Then, it's patches on patches on patches: VMWare fixed some RCE and privesc bugs, ASUS corrected a critical auth bypass flaw, and Apple dealt with their very first visionOS-exclusive vulnerability.

To wrap up the show, Daniel and Sophie learn about a new mandatory program at First Horizon Bank that forces stressed employees to stop work and...look at family pictures.

Check out the articles below to read more about today's stories:

https://www.washingtonpost.com/technology/2024/06/18/nvidia-most-valuable-company-microsoft-ai/
https://www.engadget.com/the-morning-after-the-biggest-announcements-from-nintendo-direct-111547910.html
https://www.ign.com/articles/spaceballs-sequel-in-the-works-with-josh-gad-starring-mel-brooks-producing
https://www.forbes.com/sites/daveywinder/2024/06/14/new-wi-fi-takeover-attack-all-windows-users-warned-to-update-now/
https://www.theregister.com/2024/06/17/adobe_sued_cancel_fees/
https://www.securityweek.com/cisa-conducts-first-ai-cyber-incident-response-exercise/
https://www.darkreading.com/cyberattacks-data-breaches/scattered-spider-boss-cuffed
https://www.justice.gov/usao-edny/pr/two-men-charged-breaching-federal-law-enforcement-database-and-posing-police-officers
https://techcrunch.com/2024/06/18/security-bug-allows-anyone-to-spoof-microsoft-employee-emails

View Full Transcript

Episode Transcript

[00:00:04] Speaker A: You're listening to Technado. Welcome and thanks for joining us for this week's Technado, sponsored by ACI Learning. The folks behind it pro. Just a reminder, you can use that code, Technato 30, for a discount on your itpro membership, if you haven't already. That's what we do in our day jobs and we have a great time doing it. Well, I speak for you. I have a great time, Daniel. I don't know how you feel about that. [00:00:26] Speaker B: No, I have. We have a lot of fun, actually, because typically when we're making training content for ACI, it's. I'm hacking things. [00:00:34] Speaker A: Yes. [00:00:34] Speaker B: I'm showing you how to hack things. [00:00:36] Speaker A: It's fun for him to do. That is fun for me to watch. [00:00:38] Speaker B: I'm not gonna lie. That is fun. When it wasn't, then they make me talk about compliance and crap like that. [00:00:42] Speaker A: Grc. [00:00:44] Speaker B: Sorry, Jerry. If Jerry owes you, if you're watching, sorry. [00:00:48] Speaker A: He's making GRC fun again. We don't have to worry about it. [00:00:50] Speaker B: He's making it socially acceptable. [00:00:51] Speaker A: Socially acceptable. There you go. I can never remember. [00:00:53] Speaker B: It's too many big words shout out to simply cyber for this early in the morning. [00:00:56] Speaker A: I can't do it. Well, here in Tecnado, we've got a couple things we want to get into before we jump into our articles for this week. As you know, we've kind of been changing up the segments over the last few weeks, trying some new stuff. We'd love to hear what you think and what you'd like to see more of in the future. But this has become a favorite segment of mine. It's breaking news. [00:01:14] Speaker B: Breaking news. The first time I did it, it was perfect. It was perfect. I could not have planned for it any better than that. [00:01:24] Speaker A: You can't recreate that. You just can't. It's like the one perfect dope that I get off every, like six months. I can't recreate it. Well, a couple things that came up we were just looking at this morning. Breaking news stuff. Nvidia has pushed out Apple and Microsoft to become the world's most valuable company. Only a difference of like .3 million trillion dollars. Not that big. [00:01:43] Speaker B: Who's taking silver? [00:01:44] Speaker A: Looks like currently Nvidia is valued at 3.34 trillion. And then Apple is at 3.29 and Microsoft is at 3.31. [00:01:54] Speaker B: They've been insane that they're trillion dollar companies. [00:01:58] Speaker A: But Apple and Microsoft have switched, you know, back around. [00:02:01] Speaker B: Right? [00:02:01] Speaker A: And now Nvidia's kind of, kind of been a dark horse and come up. [00:02:04] Speaker B: And this article, those RTX boards, man. [00:02:08] Speaker A: This was, this article says you can blame the AI boom for Nvidia having risen. [00:02:12] Speaker B: That makes sense. So, I mean, I think that's probably a legitimate argument for why they, they've jumped up so high and why we see Microsoft trying to jump on the bandwagon. We see Apple trying to jump on the bandwagon of all ADI stuff incorporating into their organization, or not just organizations, but their platforms as well. So they want. Here's the thing, kids. If you think that Microsoft and Apple and Nvidia are in business because they just like watching people smile when they use their products, you are sorely mistaken. [00:02:45] Speaker A: No, no. If that was the case, Apple would let iPhone 15 use access the app. We talked about the WWDC stuff last year. [00:02:53] Speaker B: I dropped a quarter. [00:02:54] Speaker A: I was so like, I'm like, oh, this is kind of cool. Cool. You know your healthy skepticism, right? Yeah. Well, there could be some security issues and whatever, but it does look neat. And, you know, my optimism says, this looks cool. I'm looking more at it in detail this week. This is, oh, by the way, oh, by the way, if you don't have an iPhone 15 pro or later, not for you. If you have an iPad or a Mac with an M One chip, you'll still be able to access these Apple intelligence features. IPhone 15 users, we can kick rocks. I'm like, this phone is less than a year old and already you're telling me, oh, it's updated. Can't use those features anymore. [00:03:24] Speaker B: Isn't that kind of like Apple's mo, though? Isn't that what they do? They're like, oh, did you just buy the new iPhone in space gray, but did you get it in midnight blue? [00:03:32] Speaker A: Sucks to be you. [00:03:34] Speaker B: You can only get it now. You have to go turn on that phone you just bought three months ago. And guess what? Apple users, people that are like, marked out hard for Apple, they do it. They go, well, piss on the whole wide world. I got to go get me that new rose gold, whatever the hell. I think the first time I remember seeing it was, it was iPhones. And they used to be, yeah, all iPhones back in the days was like iPhone three or four. They only came out with like a chrome looking back. And then they came out in white. That apple white people were burning their, dipping into their savings, throwing it in the toilet. Oh, I dropped it. I gotta go get the white one now. Oh, my goodness. [00:04:16] Speaker A: Yeah, yeah, you're right. It's definitely. People will people will upgrade. People will buy. [00:04:21] Speaker B: Now, do we blame Apple for that or do we blame the people that will buy it? [00:04:25] Speaker A: Yeah, I guess it is kind of a self fulfilling thing, right? Like, they'll keep doing fault here because people will. They know people will buy it. So I'm not gonna upgrade just for the Apple intelligence. That, to me, it's something to do with the chip. Like, no. Well, I'm gonna still be a little irritated, but because, and it's for stupid reasons. I wanted to use the Genmoji stuff. [00:04:42] Speaker B: You know what? I have a. I built into my phone already, and I didn't have to wait for it. [00:04:46] Speaker A: Here we go. Here we go. I talked about this earlier this week, and you and Wes both were like, yeah, well, my galaxy. I'm like, I know, I know, but this is the phone I have. I'm happy with it. I'm just a little salty. [00:04:56] Speaker B: It doesn't sound like you're happy with it. It sounds like you're a little pissed off. [00:05:00] Speaker A: Maybe a little. [00:05:01] Speaker B: Okay. [00:05:02] Speaker A: I'm also. I'm hangry also, so I'm a little crabby. [00:05:05] Speaker B: I'll get it to you every time. [00:05:07] Speaker A: To your point, no, I don't think Apple exists to put a smile on people's faces. I don't think that's what they wake up in the morning thinking they want to do every day. [00:05:14] Speaker B: They want to see those profits. [00:05:16] Speaker A: It's the money. Money talks. But that was something that came up. Nvidia now is the highest value, the most valuable public company in the world. [00:05:23] Speaker B: Should have invested. [00:05:24] Speaker A: Yeah. Should have. [00:05:25] Speaker B: Awesome stock. [00:05:26] Speaker A: Should have invested all those years ago. [00:05:27] Speaker B: That's right. When I had a chance. [00:05:30] Speaker A: All right, Dana Carvey over there. [00:05:33] Speaker B: Yeah. [00:05:33] Speaker A: But a couple other things that happened this week. I don't know if we have any gamers out there, any casual gamers. I'm a casual gamer. [00:05:40] Speaker B: What's a game? [00:05:41] Speaker A: What's a game? [00:05:42] Speaker B: I'll let you define this concept of gome. [00:05:45] Speaker A: So it's usually a meat, like deer or, you know. Yeah. Wild turkey, that kind of stuff. [00:05:50] Speaker B: Hunted for sport or. [00:05:51] Speaker A: Hunted for sport. Yes, yes. Primarily for entertainment. So Nintendo direct was yesterday, or I guess as of the releasing of this episode was a couple days ago, earlier this week. So a couple of the big things, there were some games that came up that, like, there's a new game that's hobbit themed where you can, like, be. You can be in the Shire and, like, just live your life in the Shire. [00:06:09] Speaker B: What the hell kind of games are we making? [00:06:11] Speaker A: Yeah, it was interesting. Like, it looks cute, but I was like, who's asking for that? [00:06:14] Speaker B: Everybody wants these simulated life stuff often. Like, I don't give a crap about being a phone. I don't get it. [00:06:21] Speaker A: So there were some like that where it was like, okay, interesting. [00:06:24] Speaker B: There's no, like, there's no objective to the game other than just live right and being the world, I guess. [00:06:29] Speaker A: Yeah, we won't. There's always like little missions and stuff that you can do in those kind of things. But I don't. [00:06:33] Speaker B: That's not the main. [00:06:34] Speaker A: There's no, like, defeat this villain. I don't think, I don't think. I think it's more of like a cozy game. I think that's the impression that I got. [00:06:39] Speaker B: Weird. [00:06:40] Speaker A: Let us know what you think. But there were some games like that where it's like, okay, I don't know who's asking for that, but okay, cool. But the big ones, the heavy hitters were definitely. There's a new Mario and Luigi RPG, it's gonna be coming out called brothership. That should be pretty fun. I played Bowser's inside story a little bit when it came out and enjoyed that, it was fun. I had a good time. It was my first time playing an rpg at that point. Cause I was pretty young when I came out. [00:07:00] Speaker B: Oh, man. [00:07:01] Speaker A: Probably in elementary or middle school. [00:07:02] Speaker B: I used to be a beat em up, right? Only beat em ups. That's all I cared about. And my friend Mike was like, dude, you gotta start playing rpg's. I go, why? You gotta start reading? And it's boring. He's like, no, no, trust me. And I think probably the first one he got me hooked in was, I mean, I played some, you know, I played Zelda and things of that nature. But I think Willow. Willow for NES was the first one that made me go, okay, you got something here. This ain't so bad, right? [00:07:33] Speaker A: I can be convinced, right? [00:07:35] Speaker B: It's like playing a story. [00:07:36] Speaker A: Yeah, right. [00:07:37] Speaker B: That's what I didn't realize what rpg's were. I just thought they were kind of slow and mundane and then. But once you get kind of hooked into the story, which usually does take a hot minute. So I can understand why ten year old me, oh, sure, having a hard time wanting to go down the rpg world, but as soon as you get past that first initial kind of meeting the characters and establishing what's going on, then you get into the gameplay and it's super duper fun. And then you get like, right now on my. I'm playing Baldur's gate. Old Baldur's gate. [00:08:08] Speaker A: Oh, yeah. Yeah. [00:08:09] Speaker B: I got it on GBA. [00:08:11] Speaker A: Really? [00:08:11] Speaker B: Yeah. I'm playing it in GBA, and it's not that bad. It's a little. It's a little janky. [00:08:15] Speaker A: Sure. [00:08:15] Speaker B: Well, of course. I think the first time I played Blather's gate was on Xbox. First Xbox, which was great. I loved that game. So to find that I had it on GBA was a nice. [00:08:26] Speaker A: Warmed your heart. [00:08:27] Speaker B: It did. [00:08:27] Speaker A: Warmed your cold, dead heart. Well, in addition to that Mario RPG, there's also a new Mario party that's gonna come out. So that's always a fun, relationship ruining game. And then there's also gonna be a new legend of Zelda title in similar to the style of the game link's awakening. So it's a little bit more like. It's cute. It's a little more, like, cartoony, but it's. Zelda is the protagonist. You play as Zelda, and you gotta save link. He's gone missing. So I thought that was pretty neat. I think the. Oh, there was also some new Ace attorney stuff, some previous levels that were only available. [00:08:53] Speaker B: Ace attorney. [00:08:54] Speaker A: Yeah. Phoenix Wright. Ace attorney. Oh, those games are so fun, dude. Yeah. You're like a lawyer. You're like a defense attorney. [00:09:00] Speaker B: Okay. [00:09:00] Speaker A: Get all these cases, dude. I love those games. I got, like, the trilogy on my switch. [00:09:04] Speaker B: I'm intrigued. I'll have to look into this. [00:09:06] Speaker A: It's fun. It's fun. [00:09:07] Speaker B: You said Ace. I'm thinking Ace combat. [00:09:09] Speaker A: No, totally different. [00:09:10] Speaker B: Which was the jets and stuff like that. That was a lot of fun, though. Those games were very entertaining. [00:09:16] Speaker A: It's very like, you gotta, like, gather evidence and stuff and build a case. It's. It is. It doesn't sound like it'd be fun, but it's fun. So there's previous levels that were only released in Japan that are now gonna be coming to the Switch. So Ace attorney fans are excited. I'm excited. [00:09:28] Speaker B: Okay. [00:09:29] Speaker A: But the big one, I think the really big one that came at the end was new Metroid game. Metroid prime four beyond something, I think. But it's been talked about for years, and it's just now we have. It's gonna come out next. [00:09:39] Speaker B: Is it a platform, or is it a first person? [00:09:41] Speaker A: First person. [00:09:42] Speaker B: Okay. [00:09:43] Speaker A: It looked like from the gameplay, it was. It's like a first person shooter type thing, man. [00:09:46] Speaker B: The Metroid. The metroid game that was on three deciseconds, forget the actual name of it. That was a great game. Yeah, that was a lot of fun as a platformer. Man. That sucker will, will take away hours. [00:09:59] Speaker A: Samus returns. [00:10:00] Speaker B: Samus returns. Thank you. Excellent, excellent Metroid game. [00:10:04] Speaker A: All right. Positive review from Daniel for that Metroid game. So if you are a Nintendo fan, if you're excited about no announcement for the Switch two, the mysterious successor to the Switch. And they said ahead of time, they were like, we're not talking about that during this direct, so don't get excited about it. And sure enough, they stayed true to their words. So a lot of fun stuff that got announced. There was a bunch of other games and rereleases and remasters and things, but those were the big ones. And then lastly, for our breaking news, this isn't really tech related, but I just thought I'd mention it. Apparently a spaceball sequel is in the works, and I know that's something that's, it's a fan favorite in the office, so just figured I would mention it. [00:10:38] Speaker B: Hey, there's, have you seen spaceballs? Okay, well, you have to put that on your list. [00:10:42] Speaker A: I know. It's like a Star wars kind of parody. [00:10:45] Speaker B: It's a Star wars parody. Right. It's Mel Brooks film. If you're not familiar with Mel Brooks. He was the king of comedy and parody movies and that kind of stuff. In the eighties, haunted honeymoon was a good one. I really enjoyed that one. Robin Hood men and tights. I was Mel Green. Laughed my butt off watching that one. It's very blue comedy, so be prepared for that. [00:11:07] Speaker A: Sure. [00:11:07] Speaker B: But, yeah, good stuff. [00:11:09] Speaker A: All right. [00:11:10] Speaker B: Stamp of approval. [00:11:11] Speaker A: So if you're a spaceballs fan and. [00:11:12] Speaker B: I worked with Michael Winslow. [00:11:14] Speaker A: Yeah. [00:11:14] Speaker B: Who was in spaceballs? Did. I did some acting with Michael Winslow. [00:11:19] Speaker A: Believe it or not, Michael Winslow is now a fan of Daniel. [00:11:22] Speaker B: Here's a fun fact. I'm not an actor at all. I know. Hard to believe, but it's true. I'm. I've never taken an acting lesson in my life, nor have I played an actor on tv. [00:11:35] Speaker A: No, it's not, it's not a bad thing. If anything is a compliment, just means you're a really bad liar if you're not. And if you can't act, that's true, you're a really bad liar. And that's not a bad trait to have no smack in the microphone. [00:11:43] Speaker B: Not a big, huge fan of lying. [00:11:44] Speaker A: No. I think most people aren't trying to. [00:11:46] Speaker B: Get you to stop. [00:11:48] Speaker A: Pathological. [00:11:49] Speaker B: She's just like, yep. My name is George Orwell. What? I invented the question mark. Stop saying things that are patently false. [00:12:00] Speaker A: Well that's what we've got for our breaking news this morning and we've got several other articles that we're going to try to jump through here. This first one, I'm going to turn this over to Daniel. New wifi takeover attack. All Windows users warned to update now, now this seems pretty urgent Daniel, maybe you can enlighten me on why this is so urgent. [00:12:18] Speaker B: So I'm going to, I'm going to kind of give you the quick and dirty. Sure. Because this is a Microsoft flaw problem with Microsoft and remote code execution. We don't like those things. And that's, that's basically all we get. Patch. Now because here's the thing about Microsoft, they're kind of like ever see the movie Fight club? [00:12:37] Speaker A: Yeah. [00:12:38] Speaker B: You remember the rules of Fight Club. [00:12:39] Speaker A: You don't talk about Fight club. [00:12:41] Speaker B: And rule number two, you don't talk about Fight club. Microsoft is, there is no problem here. Yeah, just update and pass. [00:12:49] Speaker A: Hey, no mind, we don't really talk. [00:12:51] Speaker B: About, we don't call them problems. We don't say there's security flaws. [00:12:55] Speaker A: It's not a bug, it's a feature situation. [00:12:57] Speaker B: Maybe that's, that's, that's nicer. We like that better. They don't really like talking about. So there's no, there's no real details here other than you have to be within proximity obviously of the device to get the WiFi signal but through the Wi Fi driver if I'm not mistaken there's a flaw in the driver that can allow for remote code execution. There's a patch available. Here's fun. This is some information they did release. It affects all currently supported Windows systems. [00:13:28] Speaker A: Oh okay. [00:13:30] Speaker B: Which just tells me they're using the same wifi driver. [00:13:33] Speaker A: Give me a second. [00:13:33] Speaker B: All of their devices, just check, see. [00:13:36] Speaker A: If I need updates to my machine. [00:13:38] Speaker B: Yeah you should check that if you haven't updated in a hot minute. I mean did you really have updates ready? [00:13:44] Speaker A: No, last check today at 828. [00:13:46] Speaker B: Okay you're good to go. Yeah, because windows by default is pretty good. Like especially if you're interested standalone system that those things just get pushed and you just get updates. [00:13:54] Speaker A: Well since this is a, I mean this is a work device and I think they have more. [00:13:58] Speaker B: We are controlling that for you. [00:14:00] Speaker A: It's very automatic. You say we, you go in and you configure my updates for me it'll pop up like that. [00:14:05] Speaker B: That's exactly right. You specifically, not me, we the royal we. [00:14:09] Speaker A: Right. Sure. Yeah, I know what you mean. So yeah I don't have to worry about it as much on this machine, but sounds like if you don't have automatic updates set up or a company controlling that for you, you might want. [00:14:20] Speaker B: To go in and you want to get on again. Well, if someone would have to be attacking you specifically. [00:14:24] Speaker A: Sure. [00:14:25] Speaker B: That's why I think the CVSS score is not as high as you would think it would be. Like it might be an eight something. [00:14:30] Speaker A: 8.8, I think. [00:14:31] Speaker B: 8.8. Yeah. There you go. So that's because I would have to go, huh? I'm gonna, I'm gonna get you. It's gonna be fun. And you'd have to have the, obviously the know how around this flaw, specifically which Microsoft is not releasing. [00:14:46] Speaker A: Yeah. [00:14:48] Speaker B: So there's that. Now what'll happen is people will reverse engineer the patch that comes out to try to find where the flaw is and so they can release proof of concept code. And eventually we'll probably see that happen. But as of right now, it's under lock and key. Just get your patch and patch it so that the people that don't have this flaw or maybe there's some, you know, threat actors out there that have this zero day in their belt now. It's nothing. [00:15:11] Speaker A: Ah, okay. So it's possible, like you said, maybe if we get more information about it, it'll pop up in a, in a deja news segment. He just never said that about any of these stories. There's always some stuff that comes out later that you just never know. So this next one, I'm, I'm curious to know your opinion on this one. A lot of people on, not Twitter, it's X now are, are up in arms about this and are very excited about this. So feds are suing Adobe and their executives for stinging subscribers with hidden cancellation fees. And everybody on X is like, get them. Get. Because they're pissed at Adobe for this. So the, the story here is that supposedly you sign up for an annual paid monthly plan. So it is one lump sum and you're paying it by the month. [00:15:52] Speaker B: Like it's not a lump sum. [00:15:53] Speaker A: Not a lump sum. [00:15:54] Speaker B: It's one amount, I guess a contract. [00:15:56] Speaker A: That's what I'm saying. [00:15:56] Speaker B: To have a subscription with Adobe for a year. [00:16:00] Speaker A: Right. [00:16:01] Speaker B: You are agreeing to a year's worth of service and that you pay that right month. [00:16:05] Speaker A: You're not paying it all up front. I guess. [00:16:06] Speaker B: You do not play it all upfront. [00:16:08] Speaker A: It is a set amount when you're monthly payment. But you're, yeah. So you're agreeing to a year long commitment. And if you break that commitment, if you decide you don't want this subscription anymore, there is a hefty early termination fee that can amount to hundreds of dollars. The issue here, I guess, is that it was apparently pretty well hidden. It was not very out in the open. When you sign like an agreement or whatever, when you agree to terms of service, ula, all that kind of stuff, you mean. [00:16:31] Speaker B: I think everybody just clicks next, right? [00:16:32] Speaker A: Nobody. [00:16:34] Speaker B: I hear you. [00:16:35] Speaker A: A lot of people don't really, you know, it's okay. Yes, yes, yes. I agree. I agree. And usually you're fine and it doesn't really come back to bite you. But in this case, it sounds like some people were surprised by this fee. What this reminded me of a little bit is like, I currently. I'm a renter, right? Of course I am. [00:16:49] Speaker B: Look at. [00:16:50] Speaker A: Look at me. And my age. Of course I'm a renter, right? You think I own anything? No. [00:16:54] Speaker B: So you're sick of your roommates leaving stuff around? [00:16:57] Speaker A: No, it's great. I don't have roommates. [00:16:58] Speaker B: You don't have roommates now because you have a job. [00:17:00] Speaker A: It's a beautiful thing. [00:17:01] Speaker B: Like a real job? Yes. [00:17:03] Speaker A: An adult, a big girl job. [00:17:05] Speaker B: People out there. But if you're. If you're a 45. [00:17:09] Speaker A: Yeah. [00:17:09] Speaker B: Right. [00:17:10] Speaker A: Yeah. [00:17:11] Speaker B: Come on, man. [00:17:12] Speaker A: But I'm renting. Cause, you know, it's what I need to do right now at this point in my life. [00:17:15] Speaker B: So I say that I rented up until four years ago, five years ago. [00:17:20] Speaker A: Everybody's different. And right now it's so hard. [00:17:21] Speaker B: I'm eating everyone. [00:17:22] Speaker A: Every. Like, it's so hard right now to own a house. [00:17:25] Speaker B: Like, so I bought at the right time. Yeah, it was right before all this craziness went down. [00:17:31] Speaker A: Yeah. [00:17:32] Speaker B: And then I was like, oh, wow. Because every and I have friends that are like, well, we want to buy, but interest rates are crazy, so. And then renting, I mean, for. They're building new apartments near where I live. Single room apartment or not? Not like a studio, but like a single bedroom, right? 1600. Geez. $1600? [00:17:54] Speaker A: Yeah. [00:17:54] Speaker B: Right. [00:17:55] Speaker A: Sounds about. Yeah. [00:17:56] Speaker B: On par with a three bedroom. It's like 2100 bucks. Yeah, bro, my mortgage payment don't even come near that. So, like I said, I bought at the right time. I got a little lucked out because it was like right before. [00:18:11] Speaker A: I'm happy for you. I'm really happy for you. And I'll go home and cry about my own state of being later. But that's kind of what this reminds me of is how when I sign, at least in my college department, when I signed, that contract is said in the contract, this is the amount you're agreeing to pay us, and we are dividing it up for you into monthly payments. You'll be billed every however many days, and you'll pay it in twelve payments over the course of a year. If you break your contract, you had to, like, if you said you wanted to move out, you were still obligated to pay. Unless you could prove they broke terms, lease or something, you were still obligated to pay them, even if, you know, oh, well, I'm not living there anymore, and da da da da doesn't matter. You agreed to pay this amount and twelve, it doesn't matter if you moved out early. So that's kind of what this reminds me of. Like, well, you agreed to pay us for twelve months of this service. It doesn't matter if you want out early. This is what you agreed to. So, like, when you break a lease, there's usually some kind of a, you gotta, you know, you don't get your deposit back, or you gotta pay a fee or something. There's usually some monetary, like, not punishment, but fine or something. When you break your lease early without cost penalty. Penalty. That's, that's what I was looking for. So if you don't have a legitimate cause, like it was unlivable, or my landlord broke the lease, you have to pay some kind of. [00:19:16] Speaker B: Yeah, you just want to do it anymore. Yeah, like, I like this. Want to do something or I'm moving. [00:19:21] Speaker A: Right. [00:19:22] Speaker B: For whatever reason, we keep talking about, like, renting and stuff like that. Let's talk about the subscription service. That is Adobe. [00:19:27] Speaker A: I'm saying that's stuff. [00:19:28] Speaker B: Yes, I know you're making the analogy. [00:19:29] Speaker A: But that concept is not, like, foreign to me. But I'm just. To amount to hundreds of dollars for, I mean, how much is the plan in the first place to. [00:19:37] Speaker B: It's probably between ten and $15 a month. [00:19:40] Speaker A: So then to be like, you got to pay us. [00:19:42] Speaker B: So you're talking about $100 to $150 for a yearly subscription, right? Depending on. Might be $20 a month. So maybe up to two. Let's, let's shoot for the moon and say it was a $300 if you are. For what plan? [00:19:55] Speaker A: Because all apps, the creative cloud. All apps. [00:19:58] Speaker B: All right, so this is the one we're specifically talking about. [00:19:59] Speaker A: It's 60 a month for creative cloud. [00:20:01] Speaker B: All apps, that's expensive, but that gives you access to all their everything, right? So Photoshop, Lightroom, so on and so forth, premier, you name it, it's there. Okay, so that's $600, right? [00:20:16] Speaker A: More than that, but yeah. Yeah. [00:20:18] Speaker B: So let's, let's get to the crux of the issue. We can talk about their plans, their pricing and all that shit, really, for forever. The problem here is, I think what the government is trying to bring them under legal scrutiny over is to say that the way that you gave that information to the end user is kind of obfuscated. It wasn't obvious. [00:20:39] Speaker A: Right. [00:20:40] Speaker B: It was buried in a bunch of legalese that, let's be honest, nobody reads while it is there. And you do agree to it. Their argument, it seems to be, is that they're saying that these kind of things should be much more obvious. And I believe they made a law that says that they need to be. And you violated said law, which is what their problem is. Adobe has come back. They clapped back and said, well, hold up, that's not true. Our legal department says that everything that we've done is on the up and up and we comply with all these laws and we're going to easily be able to demonstrate that in court. So bring it on, big boy. Right. So it, it could be that. It could be. Was the FTC. [00:21:20] Speaker A: That's, that's the FTC, yeah. [00:21:22] Speaker B: FTC is going after them. This is where a judge gets involved and has to make fun. Right. He's got an apt name there. The judge goes, well, let's see your case and let's hear your argument. And they go back and forth to argue the minutiae of who's right and who's wrong. Judge is ultimately going to make a decision on whether they think that apple is apple, Adobe is right, and FTC can go pound sand or vice versa. I have a feeling that Adobe is probably going to win this. [00:21:56] Speaker A: You think so? [00:21:56] Speaker B: That's just a, that's a hot take. Yeah. And because. Right. They're not in the business of losing money and paying out settlements. [00:22:03] Speaker A: That is true. [00:22:03] Speaker B: Right. So before they put that, they probably ran right up to the line of if we do it any worse than this, then yes, we'll be in violation of this law, but we should be. [00:22:15] Speaker A: Know this is where. [00:22:17] Speaker B: Right. So a lot of law comes into the idea of where it has to be interpreted. Hence the idea of a judge. A judge will have to interpret that law and make a ruling based off of his interpreting or her interpretation of said law. Right. So the Adobe lawyers probably went, okay, we should be good because it can be interpreted in a way that we are not violating this law. Somebody could interpret it the other way as well. But we're willing to make willing fight that, throw that dice and take that chance and take that gamble that will win that in court because it can be. [00:22:52] Speaker A: Sure, we can argue this is our interpretation. [00:22:54] Speaker B: That's my guess. [00:22:55] Speaker A: Yes. Yeah, I think that's a, I think that's a fair guess. [00:22:58] Speaker B: Yeah. [00:22:58] Speaker A: I think it's, it's not unlikely, it's not impossible that Adobe will win this. Cause it's. You're not talking about like a mom and pop. This is a huge company. So. [00:23:05] Speaker B: And maybe that judge finds a giant stack of money on his porch one day and a free adobe. [00:23:11] Speaker A: Yeah. Free creative cloud. [00:23:13] Speaker B: Yeah. What was it? The pass or whatever the hell it's called. [00:23:17] Speaker A: The. What's the creative cloud? All access. Yeah. [00:23:21] Speaker B: Yeah, the all access pass. [00:23:22] Speaker A: A judge is suddenly gonna become very gifted in Photoshop. [00:23:25] Speaker B: He's gonna go play a hand of, uh, uh, like poker in a, in a casino somewhere. And, uh, uh, representative Adobe will happen to be there. [00:23:35] Speaker A: Yeah. [00:23:36] Speaker B: And lose horribly. [00:23:38] Speaker A: Yeah. [00:23:38] Speaker B: Oh, man. I shouldn't have put this $200,000. [00:23:42] Speaker A: It's gonna be like the next James. [00:23:43] Speaker B: Bond against just you, judge, man. Bummer. Well, see you next time. [00:23:49] Speaker A: But, yeah. The, the argument is that FTC says you were not clear enough, you're taking advantage of inaction by consumers negative option features is the term. And saying that you didn't adequately disclose these terms and these fees to your users. Adobe saying bet. We think we did. So let's, let's go. Let's, let's argue this. So we'll just see what comes of this and whether Adobe comes out on top or whether, uh, the FTC takes a w on this one. I'm sure it'll be ongoing for a while. I'm sure we won't see a conclusion for this for a while. But up next, we've got some news from SZA Siza. Sisa CIsa conducts first AI cyber incident response exercise. Now, when I was reading about this, it described it as like, a tabletop exercise. And I don't know, maybe I'm just not well versed in the terms and an AI response. How do you conduct a tabletop exercise that has to, that has to do with this? [00:24:36] Speaker B: So let's start with tabletop. For those of you that might be as uninitiated, that's totally fine. We're all born noobs, right? True. No hate here. Guess start somewhere. So tabletop exercises to go let's create a scenario and let's run through it like it was real. What would we do? How would we respond to. And then a look at your playbook and see if it's still relevant. Do you need to add any kind of procedure or tools or people or whatever so that if this is something that we feel will be, or that through our, you know, statistical analysis deemed to be risk happening, like this might actually happen to us, a high risk of happening, then we need to figure out, I don't want it to be, I don't want to be the first time that we thought about this to be when it happens. Right. So that's the idea behind a table talk. Table talk, table top is to kind of model this out. See what, what would we do? How would you respond, Bob, how about you, Jill? You're in your area. How would you work with this problem? [00:25:43] Speaker A: Right? You have a plan then, for if. [00:25:44] Speaker B: This does happen, and from that, you all kind of work through your ideas and you develop a playbook. And then that playbook is if this specific incident occurs, you pull the playbook off the shelf, you look to that incident, and you follow the playbook. Right? That's what it's all about. So cisa or cisa or saisa. Saisa, Saisa. They were like, hey, AI is becoming kind of a thing. It's, I feel like it's here to stay. So let's start tabletopping incidents that involve AI, because AI is being incorporated into many different systems, including governments. So what are the dangers and what are the possible attack avenues? What are the possible fallout for that? What kind of sensitive information could be available to attackers if they were able to gain access to the AI and get it to start revealing things to them? What are the ways in which they could get it to reveal things to them? And how can we build better defenses so that it won't build, you know, you get the idea. So the fact that, that this is just the first time, and I'm sure it's the first of many, that governments are taking a look at this, obviously, corporations are also going to follow suit if they're not doing it already, maybe the government. I found the government to be a little behind the times with things usually. Yeah. Like enterprise and corporations tend to go, we need to do that first. Right. And the government goes, what y'all doing? What's that over there? Oh, that's nice. That AI. That AI can do that. Oh, hell. We should probably get on that. Like, yeah, you should probably do that. So I just thought it was an interesting article as far as we're seeing this. I love how it says the exercise focuses on incidents that actually or eminently jeopardize the confidentiality, integrity, and availability of the AI system or other system, any other system enabled and or created by the AI system, or information stored on any of these systems where the incident is significant enough to cause disruption to the system's behavior and requires intervention. So that is the meat and potatoes of this article of, hey, your AI system's out there. You're probably feeding in a lot of sensitive information so they can do whatever to try to figure out problems for you and give you solutions. You need to be aware of that and start building cyber defenses around it. [00:28:04] Speaker A: Yeah, we love to see it. Love to see a little bit of preparation ahead of this, get ahead of the issue. Be proactive, not reactive. It is interesting what you say about how government agencies seem to be a little behind technologically, behind private. [00:28:15] Speaker B: Not always, but it's weird in the ways that they're like, oh, let's continue to run Internet Explorer. [00:28:21] Speaker A: Right? [00:28:22] Speaker B: Why? Well, because that's the one we vetted. [00:28:24] Speaker A: That to me is, it's interesting that that does seem to be the case a lot of the time because tinfoil hat moment here, they say that, you know, like, military technology and stuff is like years and years ahead of what we are using now. If we knew the technology that was going on behind the scenes, we'd be, we wouldn't be able to handle it. It would be like, what? There's no way that's possible. So it's interesting if that's true. Tinfoil hat moment. If that's true, it's interesting to think that that could be the case. But then you've got these, you know, public facing, like government institutions. [00:28:50] Speaker B: I mean, there's obviously complexities around that that are obvious, like the fact that defense companies are basically an arm of the mil, of the, of the government, right, where all their contracts are with the government. So everything is very closed. They don't have to vet anything. It's already built within side of those specifications for security and safety and all that other stuff. So, yeah, go build me some bombs, Raytheon. Go build me war fighting things, Northrop Grumman. But Microsoft is on the outside of that. And if I want to use their product in the mill, in the military, the government, it has to go through a screening process to make sure that it falls in line with the security and safety standards that we have developed. [00:29:39] Speaker A: Sure. [00:29:40] Speaker B: So that's why that's where it's like, okay, well, if I build, you know, a b two bomber, that is easy. I can. I can build it and I can ship them. Go, yeah, easy. Whereas I'm a little behind the times on our version of windows because the vet. Next version. [00:29:54] Speaker A: A little bit of a disconnect there. [00:29:55] Speaker B: Yeah, yeah. [00:29:56] Speaker A: Okay. All right. A little. [00:29:58] Speaker B: But it is funny. [00:29:59] Speaker A: Little conspiracy tinfoil hat moment there. We don't see enough tinfoil hat on the show. Yeah, I'm gonna try to bring that back before we go to break. Try to bring that back. I like those segments. They're fun. But a quick, couple quick segments or a couple quick articles before we go to break. This is another favorite segment of mine behind bars. [00:30:21] Speaker B: Break the law and you'll go to jail. [00:30:24] Speaker A: You can't win them all, but it's true. Break the law and you will go to jail. [00:30:27] Speaker B: I watched cops last night. It was entertaining. [00:30:29] Speaker A: Oh, yeah. [00:30:30] Speaker B: It was an old one, too. They were doing, like, vice drug busts where they had a guy who was a quote unquote drug dealer selling crack, and people were just pulling up. And the diversity of life that came through to get their crack fix was an interesting menagerie of different people and walks of life. [00:30:50] Speaker A: Watching cops. [00:30:51] Speaker B: Crack was a real bad thing. It still is, obviously. [00:30:53] Speaker A: It was back in the days of crack. [00:30:55] Speaker B: It was a really bad thing. Crack is looking at fentanyl going, dang. [00:30:59] Speaker A: Yeah, that's a good point. Compared to what we have now. [00:31:02] Speaker B: Yes. [00:31:02] Speaker A: Yeah. So we got a couple stories here. Just some instances of either folks being arrested, folks pleading guilty to things. This first one, the scattered spider boss, was cuffed in Spain, boarding a flight to Italy. He's a british man. He was in Spain and he was going to Italy. So he's a multinational guy. He's only 22, which is crazy for me to think about because he's younger than me. [00:31:19] Speaker B: He's continental. [00:31:22] Speaker A: He's cultured. He's a cultured young man. But he was arrested by spanish police, found to be in control of more than $27 million in bitcoin. And they're saying, we think this is the ring. He's the alleged ringleader. [00:31:32] Speaker B: And where's he. Where is he buying stuff with bitcoin? [00:31:34] Speaker A: Yeah. [00:31:35] Speaker B: Only dark web markets, right. [00:31:36] Speaker A: Probably weird places. [00:31:38] Speaker B: Like, I don't know any place that takes bitcoin. Like, normally no Chipotle. He's got burritos. We're hearing from Christian, our producer, the. [00:31:46] Speaker A: Voice in the sky. [00:31:47] Speaker B: Voice in the sky. He's telling us. Yeah, he's an ex bitcoin. [00:31:51] Speaker A: That's right, cuz yeah, he was, he was on like a crypto show for a while. [00:31:54] Speaker B: Crypto podcast, maybe. [00:31:55] Speaker A: I don't know, maybe you don't want to talk about that, but for a while, he's got some knowledge in that, in that area. [00:32:00] Speaker B: Thank you. It's nice to have his expertise just over my shoulder. Yeah, so that one, because I play with crypto at all. Like what's. I guess I need to do? I need to get into crypto with something safe, like dogecoin, you know? [00:32:12] Speaker A: Yeah. [00:32:12] Speaker B: Just something easy, just so that I can get some tangible hands on experience to understand, build a wallet, work with an exchange and see all. Just get that system underneath my skillset. [00:32:25] Speaker A: Something low risk, low reward. [00:32:27] Speaker B: Yeah. It's just there's no big incentive for me to do it. And I have so many other things on my plate. [00:32:32] Speaker A: That is not the priority. It's not for you right now. [00:32:35] Speaker B: It's just interesting. Maybe when you retire, don's got one bitcoin. [00:32:39] Speaker A: That's right. I forgot about that. That's funny, because he hates crypto, doesn't he? [00:32:42] Speaker B: So he said he minded when crypto, like bitcoin first came out. He mined it and was like, okay, I did that. [00:32:48] Speaker A: And then check it off the list. [00:32:50] Speaker B: Forgot the password to the wallet. So it's just sitting on a thumb drive sitting on his desk. He has no idea how to, like, wow, I'm sure we could probably get it if we got to someone like Joe grand. [00:33:00] Speaker A: Sure. [00:33:00] Speaker B: So, you know, maybe has, because I've seen Joe grand actually get into bitcoin wallets before. Check out Joe Grand's YouTube channel, super cool. The hardware hacker from loft heavy Industries. Old school Ogden hacker. Man, that dude's got skills. [00:33:17] Speaker A: I guess if you paid somebody like that, or if you had them, you know, hey, can you break into my wallet? The agreement would just be you get a cut of it if you did. [00:33:22] Speaker B: He took a cut. [00:33:23] Speaker A: Yeah, that makes sense. [00:33:24] Speaker B: I think he got like 3 million out of that. Like the, the bitcoin in the wallet was like $3 million worth. [00:33:29] Speaker A: Wow. [00:33:30] Speaker B: And then he got a cut of getting it open. [00:33:32] Speaker A: That's not bad at all. Even just a tiny percentage of that money. Maybe we can hook him up with Don and see if they can figure, figure out an agreement. But yeah, in this case, I mean, he's what, $27 million bitcoin fortune? That would buy you quite a few burritos at Chipotle. So sure, probably he was spending it. [00:33:47] Speaker B: In a little bit, he'll never get them. [00:33:48] Speaker A: A little bit of this. [00:33:50] Speaker B: Two hour wait. Time for flipping burritos. [00:33:52] Speaker A: There will be three grains of rice and one piece of chicken. [00:33:55] Speaker B: Bro, don't even get me started. Listen, they have shit the bed with me one too many times. I love Chipotle. It's so delicious. But the inconsistency. All right, here I am, like, bad mouth and Chipotle. I love them, and I hate them at the same time. I watched Ronnie. We and Ronnie were like, I think we were in Sioux Falls, South Dakota. [00:34:16] Speaker A: Yeah. [00:34:16] Speaker B: We go to. It's across the street from our hotel. Like, let's go get some Chipotle. Ronnie gets this burrito the size of, like, sasquatch's foot. I couldn't believe the monster. Then I get, like, a taquito from the gas station. $16. [00:34:35] Speaker A: Inconsistent. [00:34:35] Speaker B: I'm like, oh, my goodness. I'm twice Ronnie's size. Not that he couldn't eat it. You know, he's happy to tear down, but sure. But I walked away unsatisfied from my last, and that was the last straw. I said, never again. Ever again. Chipotle, you've lost a customer. [00:34:52] Speaker A: There's a movement going on right now. People, like, pulling out their phones to record when they're making the burritos because they know that the employees will put more in if they think they're being recorded. The CEO of Chipotle or whatever released a statement like, stop doing that. We give you enough in your burritos. Stop complaining. Please stop recording. My employees released a video statement about it and whatever. So it's a big thing right now. It's a big deal. So, I don't know. Maybe that's where this guy was going. He was. He was leaving Spain. Cause they didn't have burritos like Chipotle. [00:35:17] Speaker B: The dipole there was just so far, so bad. [00:35:20] Speaker A: It was so bad. But anyway, so he's accused of more than 45 cyber attacks against us companies. [00:35:24] Speaker B: We really took that for a ride. [00:35:25] Speaker A: We did. That's the fun part of it. Those are always the fun conversations. [00:35:29] Speaker B: We have no constraints on the technique. We do whatever the heck we feel like doing. [00:35:33] Speaker A: No rules. [00:35:33] Speaker B: That's right. We make the rules. [00:35:35] Speaker A: We make the rules. So it seems that he'll be possibly behind bars soon. He's been arrested. So the bad thing, I guess, about these organized crime situations, these cybercrime situations, is that it's not just one guy, right? It's more than one person. And so. [00:35:49] Speaker B: Oh, this is the dude that hacked the casinos and Vegas. Yeah, yeah, yeah, yeah. [00:35:54] Speaker A: It's the same organization. Yeah. Scatted Spidey, rot in jail. His name's his. Tyler's the name they're calling him because his screen name, I think, is Tyler Bhdem or tyler. That's what I'm choosing to call him. Tyler. [00:36:07] Speaker B: Tyler burden Tyler instead of Tyler Durden. [00:36:10] Speaker A: Oh. Ah. Okay. You see, so much just goes over my head. So do. [00:36:15] Speaker B: So. Fight club. How do you. [00:36:16] Speaker A: I did, but I just. Not a long time, I think I watched it and I, like, fell asleep. That's not, that's not a testament to the movie. [00:36:21] Speaker B: Wow. [00:36:22] Speaker A: That's not about the quality of the movie. I just was very tired at the time. [00:36:25] Speaker B: I was likely excuse. [00:36:26] Speaker A: I wasn't committed enough to watching it, so I need to rewatch it. But that's not the only behind bars story. We've got. No next one. Two men were charged for breaching federal law enforcement database and posing as police officers to defraud social media companies. That is a wild ride of a headline here. [00:36:42] Speaker B: Tell them what's the name of their hacking group, of this hacking group. Remember? Do you remember, did you read that part? It's called aptly vile. They are the vile. [00:36:53] Speaker A: That's kind of funny. [00:36:55] Speaker B: I mean, threat group or whatever you want to call them. Cybercrime game. [00:36:58] Speaker A: Does it stand for something? [00:36:59] Speaker B: Yeah, asshole. [00:37:01] Speaker A: No way. I'm looking at the, the, like, the site's official roster. I'm not. We probably shouldn't show it, but it's like a person that's just committed suicide. [00:37:11] Speaker B: Yeah. Their official logo. Yeah, yeah, yeah. It's, uh. [00:37:15] Speaker A: That's. [00:37:15] Speaker B: And it's. Yeah, it's. It's like a. Mmm. These people, I have zero sympathy about. What? Yeah. Rotten jail. I hope they build a new jail just for you. [00:37:25] Speaker A: Wow. That's crazy. So, okay, the. It's the whole, their whole deal is that they, they gather information, phone numbers, physical addresses, Social Security numbers, and then threaten to doxuals. Doxx you. So, you know, the whole thing that's going on right now, we're like, kids are getting, like, extorted and stuff. [00:37:43] Speaker B: Yep. [00:37:44] Speaker A: It's that kind of deal. [00:37:44] Speaker B: I don't know if it's to that level. I don't think it is. I haven't seen any of that, so I won't say that that's a. Where they're at, because I've read nothing. I've read this whole article. Nothing in there about that specific. [00:37:55] Speaker A: So different. That's a different case. [00:37:56] Speaker B: They were mostly kind of just like, I mean, they were going after people, but they were also going after, like, government officials in different countries and basically saying, I think they were going after high profile. [00:38:07] Speaker A: Wow. [00:38:07] Speaker B: Individuals, somebody that they thought would have some money and they would extort them, saying, we are going to release your private information to the public. If you don't pay us some money, we're gonna dox you. So. And, you know, you just think, okay, that's run of the mill cybercrime stuff. [00:38:26] Speaker A: Sure. [00:38:26] Speaker B: But what they did was, is they were able to either through whatever mechanism, I didn't go into detail on how they got a password to a police officer's login, to all the federal databases that they have access to. But once they were able to log into those systems, they were like. It is. They were. They were. They were just, like, so much stuff. I can. I can. I can hack anybody now. We could dox anybody because we have access to everyone everywhere. And, wow. It was. It was just this. Last names are Singh and Serallo. Aptly belong to a group called vile. They conduct ends. That conduct ends today. State's attorney peace has, as alleged, the defendants shamed, intimidated, and extorted others online. This office will not tolerate those who impersonate law enforcement officers and misuse the public safety infrastructure that exists to protect our citizens as these charges make it. To clear, the alleged unauthorized access of a us federal law enforcement system and impersonation of law enforcement officials are serious offenses. And, yeah, they were told you can. I'll scroll my screen down so you can't see that logo, but. [00:39:36] Speaker A: Yeah, no kidding. [00:39:37] Speaker B: Um, yeah, total d bags. [00:39:40] Speaker A: Well, it looks like it wasn't just, hey, we're gonna post. It was like, threats, like, we'll kill your family if you don't. Just. [00:39:47] Speaker B: Yeah, like that. There will be reprisals against you and your family. [00:39:50] Speaker A: Yeah. [00:39:50] Speaker B: If you do not. [00:39:51] Speaker A: If you don't want anything to happen to your parents, you better give. [00:39:53] Speaker B: And then good for. So the unnamed company, like a large social media organization or something, they attempted to extort from them, and they went, come at me, bro. I'm not doing it. Oh, and they said, there'll be reprisals. They said, basically, screw you, and put them on blast and said, someone's trying to extort us. And that's how they got uncovered. [00:40:16] Speaker A: Wow. [00:40:16] Speaker B: By the department of justice, huh. And then now they're. Now. Then they got arrested. So, see? Enjoy prison. 20 years. One of them's getting, like, up for 20 years. The other's up for six. [00:40:27] Speaker A: Good. [00:40:27] Speaker B: 19 and 22 years old. [00:40:29] Speaker A: Jeez, that's crazy to me. Look, what do you. You have so many better things you could be doing with your life. This is the prime of your life, and this is what you're doing. [00:40:36] Speaker B: How have we devolved so far where, like, this is something that's common, where we just don't have. Listen, I don't mind people making jokes. I'm a phone. We all have to, like, laugh at our own experiences from time to time. I. Self deprecating humor. I'm happy to. If you want to make a joke about me, I'm happy to be the butt of that joke. That's fine. But when you just don't care about your fellow humans out there, so much so that you're willing to take what little they have, because most people don't have a lot. And even if they do have a lot, the hard work it took them to get there, and the people that. That affects, that's just like, come on, you gotta. Here I'm standing on soapbox. I'm preaching now. But, I mean, that's just weird to me, that we're that far gone. People can be so depraved. [00:41:22] Speaker A: Yeah. These are the kind of people that give, like, I mean, cyber, cyber security people and hackers in general. Like, a bad name because there are ethical hackers out there. [00:41:30] Speaker B: Oh, yeah. [00:41:31] Speaker A: But people like, you know, you hear hacking and you think of stuff like this if you're not super familiar with it, and also, they give Gen Z a bad name. This is the kind of article that somebody in, like, Gen X or, you know, somebody that's a baby boomer, reads that and is like, this is what's wrong with this generation. No, it's just these two dudes that are jerks. Like, it just. I don't know, it makes people look. Makes everybody involved look bad. [00:41:48] Speaker B: Well, if you. If you just took this case. Yeah. That would be a gross misinterpretation of your generation. I think it's at large. We have seen, you know, honestly, I've been kind of impressed with Gen C a lot lately, that they are seeing a lot of problems and they want to fix it. [00:42:03] Speaker A: Yeah. [00:42:04] Speaker B: And that's. That's the first step to just acknowledge that, hey, there's a lot of issues that are going on right now. Let's see what we can do to try to make some headway. Yeah, I think that not everyone. Obviously not all of them. [00:42:14] Speaker A: No, you can never speak an absolute. [00:42:16] Speaker B: Yeah. Every crazy. Is that an absolute? [00:42:18] Speaker A: I was just gonna say I kind of broke the rule there. [00:42:20] Speaker B: Yeah, it's fun, isn't it? [00:42:21] Speaker A: You probably shouldn't speak in absolutes, generally speaking, most of the time, hedging my bets. [00:42:25] Speaker B: Hedging your bets. Always, always had your bets. Unless you're making a joke, then you go hard in the paint. [00:42:30] Speaker A: But overall, this is positive news. These guys have been. [00:42:33] Speaker B: Hey, they've been arrested. [00:42:34] Speaker A: Arrested and rot in jail. [00:42:35] Speaker B: Yeah, there you go. We should change it from behind bars to rot in jail. [00:42:40] Speaker A: Very cynical taste. You're on Technado. [00:42:43] Speaker B: We're just smoking cigarettes, Jade. Smoking. Ah, these bastards. [00:42:47] Speaker A: Well, we'll take a break to watch, like, a video of a cat or something and get us back on the right track mentally. Watch something positive speaking. [00:42:54] Speaker B: Is that one of our articles? [00:42:55] Speaker A: Video of a cat? [00:42:56] Speaker B: No. I'll ask you, did it make it in our articles? [00:42:59] Speaker A: No. I can mention it later, but no. [00:43:01] Speaker B: Yeah, yeah, there. There's an article that almost made it into Technato this week that was about. [00:43:06] Speaker A: It's a good article, positive article. [00:43:07] Speaker B: Well, it was that the AI is going to start watching you, which is not positive, and it's going to sense or detect when. [00:43:15] Speaker A: Right. [00:43:16] Speaker B: Well, you're getting kind of like. That's your breaking point, stress wise, as far as your job goes. [00:43:21] Speaker A: Yeah, we're going to talk about that. [00:43:23] Speaker B: Is that one talking about. [00:43:24] Speaker A: There was another article that's in Japan, there's an app that you uses, AI to tell when your cat's in pain. Oh, no, because I mentioned cats. I thought that's what you were talking about. Okay, yeah, we're not. We're not going to talk about it. [00:43:33] Speaker B: It's more like mental health. [00:43:35] Speaker A: So we are going to talk about that only because. [00:43:37] Speaker B: Yeah, spoiler alert. But no spoiler. [00:43:39] Speaker A: We'll get back to that. [00:43:39] Speaker B: We'll back to it. [00:43:40] Speaker A: We will take a break, though. [00:43:41] Speaker B: Continued. [00:43:42] Speaker A: We'll. We'll talk about the cat AI app on our break. But don't worry, we've got more coming up here on Technato. Tired of trying to schedule your team's time around in person learning? Isn't it a bummer to spend thousands of dollars on travel for professional development? What if we said you can save money and time and still provide your team with the best training possible? The answer to your woes is live online training from ACI learning. With live online training, we provide our top in person courses in private, online instructor led formats. You get to provide professional development in a manner that fits today's expectations. Entertaining, convenient and effective. Our exam aligned courses inspire the full potential of your team. Visit virtual instructions led training at ACI learning for more info. Welcome back. Thanks for sticking with us through that break. If you're enjoying this episode and you're watching on YouTube, leave a comment down below. Let us know what you like, what you want to see in the future. Leave a like if you are enjoying the video and maybe subscribe so you never miss an episode of Technado. [00:44:35] Speaker B: Don't cost you nothing. [00:44:36] Speaker A: Don't cost you nothing. You can free what is it? Smash that. Like hit the bell or whatever. I'll memorize that at some point. [00:44:42] Speaker B: I can subscribe, hit the notification bell. [00:44:44] Speaker A: I'll be like a typical youtuber. What is up, you guys? [00:44:46] Speaker B: Give us a big thumbs up. [00:44:48] Speaker A: Yeah. Click down below. [00:44:50] Speaker B: Yeah. [00:44:50] Speaker A: So we got a couple other articles we want to get through here before we, before we let you go for the day. This first one, I just thought there's been a lot of Microsoft stuff in the news this week about them being in court, but this was more fun to me. So a security bug allows anyone to spoof Microsoft employee emails. Now the, the story here I think is that the person that figured out that they could do this, they were able to spoof and literally make it look like it was coming from [email protected]. dot it looks like it is coming from that address. They shared this with Microsoft. They said, hey, I found this vulnerability, lets me send a message this way. Microsoft said we can't reproduce it. He sent a video, he or she sent a video with a full exploitation, exploitation, full poc, we can't reproduce it. She's like what do you want me to do? He gave up. He was like I tried telling you, I explained it to you. I sent you a video and Microsoft just said we couldn't reproduce it, didn't give any details and supposedly closed the report. Then they were like we're not going to look into this. Then this guy tweeted about it, it blew up and they quietly reopened the report. They were like well maybe we'll take a look at this. So I thought that was interesting that they just, because they were like I can't, like he's clearly proving to you that he can do this. Would you not at least say thanks, we'll look into it? [00:45:58] Speaker B: Like unfortunately this is actually more common than you would think. [00:46:01] Speaker A: Really? [00:46:01] Speaker B: Not just from Microsoft. [00:46:02] Speaker A: The companies just ignore it. [00:46:04] Speaker B: They just go, yeah, or they don't even say anything. Interest quietly goes to the dustbin of whoever's inbox and yeah, they never reply. They never get anything. A lot of researchers will wait a month, two months, maybe even three months, reach out again. Hey, I haven't heard anything. I can still do this. I feel like this is a problem because if I'm spoofing emails and they legit look like they're coming from something like Microsoft, then that's going to go a long way for my social engineering and phishing campaigns to be able to send these emails to people, have the air of legitimacy to them to think, oh, this is Microsoft security team. I obviously need to click this link or download this file or install this patch. [00:46:49] Speaker A: That's one of the first things that if you think that something might be an illegitimate email, one of the first things you look at usually is, who's this from? Who sent it? Right? I mean, yes, you're looking for grammatical errors and, oh, there's a weird logo or whatever, but if it's coming from Jerry Smithahoo.com, then it's obvious and it's legit coming from. It says security at Microsoft. [00:47:06] Speaker B: Legit. Like, right. There's, there's, it's very difficult for you to, to go, oh, okay, that's, that's not, yeah. Everything about it has the air of authenticity. That's a big deal. And for someone who is trying to engage in these malicious activities. So for Microsoft, again, what we kind of, kind of mentioned this. Microsoft was just like, we don't have, we don't have issues here. [00:47:30] Speaker A: Mm hmm. [00:47:31] Speaker B: That doesn't occur. [00:47:31] Speaker A: Hey, no mind. [00:47:32] Speaker B: We have situations, right? [00:47:33] Speaker A: Yeah. We have events. [00:47:35] Speaker B: Yes. And this event does not garner our attention. [00:47:38] Speaker A: Like it's a dinner party. Yeah, we have events, not issues. Not such, not. [00:47:41] Speaker B: We don't say that. We don't use those words here. [00:47:44] Speaker A: We don't use the vulnerability words right here in this office. [00:47:47] Speaker B: The Ministry of Truth has decided you're. [00:47:50] Speaker A: The Georgia oil here. [00:47:51] Speaker B: I know. Constantly you're channeling old Orwell. [00:47:55] Speaker A: This is like the second or third week in a row that we referenced that. [00:47:57] Speaker B: Yeah. [00:47:57] Speaker A: Maybe a common theme here. [00:47:59] Speaker B: I've got to give me some shirts or something. [00:48:00] Speaker A: I said I wanted to bring back tinfoil hat. Maybe the real tinfoil hat should be Orwell, the friends we made along the way. [00:48:06] Speaker B: By the way, shirts. I want to give a shout out to Jacob Swinsinski for the cool shirt. Swiss security. Thank you, sir. Appreciate it. It was glad having you on all things cyber. [00:48:16] Speaker A: I almost wore that today, and I'm. [00:48:17] Speaker B: Really glad that I didn't because I've been twinsies. People would have thought this was a swiss security podcast. [00:48:21] Speaker A: It was sponsored by. [00:48:23] Speaker B: Yeah, you wear it next week. [00:48:24] Speaker A: Next week. Yeah. We'll trade off. We'll trade off. I think our director would have said something. Our director said last week that we looked like we were wearing shirts that we would mow the lawn in. He was just teasing us. He's giving us a hard time. [00:48:32] Speaker B: I mean, he wasn't wrong. [00:48:33] Speaker A: He wasn't wrong. We were wearing some pretty big comfy shirts as we are now. We're still in our lawn mowing attire. But that would have been his comment this week is that we're team swizz security with our matching shirts. [00:48:42] Speaker B: That's right. [00:48:42] Speaker A: So as far as this goes, only works when sending the email to outlook accounts. But that's still a pool of about 400 million users all over the world estimated. So that's still pretty big pool that you could target with this. They didn't, this guy didn't divulge any technical details so he's coming out. [00:48:56] Speaker B: He just is proving to the world this is a problem. [00:48:58] Speaker A: What happened? Yeah. [00:48:59] Speaker B: And then apparently garnered enough fanfare that you got the attention of Microsoft all of a sudden. Whoa. All of a sudden sometimes they're all about this thing like, oh, I guess we should take a look. [00:49:09] Speaker A: But they're keeping the technical under wraps so people don't start taking advantage of this. So they're being responsible about it. But maybe Microsoft will come out and say something about this in the future. Probably not though. Yeah, probably not. I'm nothing. I'm not holding that one. [00:49:20] Speaker B: Quietly release a patch. [00:49:22] Speaker A: Yeah, but it's not, it's not a bug. It's a feature. [00:49:24] Speaker B: That's right. [00:49:24] Speaker A: It's a fun little feature. Well, speaking of bugs and fixing things, vMware fixed RCE and privilege escalation bugs in Vcenter server seems like a pretty big deal. Remote, everything you said earlier, anytime you see your mo code execution it's like, hmm. Uh oh. So maybe you can fill me in on this. [00:49:39] Speaker B: Yeah, well, uh, hey, this is, this is one of our like hey, cool articles. This is a good thing. Whereas it took the heavy hand of the Internet to come along and get Microsoft a swift kick in the butt to do something about their, you know, stuff that they got going on. It looks like Vcenter, RVMware, who creates Vcenter, they had a few crits criticals going on, a couple of 9.8 happening there and they have finally like reached in the world. So it made those fixes available. So if you're running vcenter make sure that you get those. And let's just see here. It says the vcenter server contains multiple local privilege escalation vulnerabilities due to a misconfiguration of Sudo, reads the advisory. An authenticated local user with non administrative privileges may exploit these issues to elevate privileges to root on V center server appliances. So obviously this is kind of a post exploitation after initial access is gained. Now we're looking to elevator privileges. I always love Sudo jokes. Sudo jokes are always funny. I found one of my favorites, which is this one right here. Sudo sue. So sue is switch user, sorry, your user is not allowed to Sudo. So if you do Sudo sue and you have Sudo capabilities it will give you root which is the administrative account. Right. So he said no problem. Sudo Jane. Hi Jane. Sudo sue, because Jane had the ability. Right. So the whole joke here is Sudo is hard. Doing Sudo well is difficult. It's really easy to make mistakes with Sudo when you're trying to give in grant permission and access to things. So you know, it looks like it caught old vsphere in the behind and yeah, not that it was this specific one but there was what it was through the Sudo vector. Yeah, again I was like bringing those things up. So a lot of fun there. I'm glad they got it fixed. [00:51:30] Speaker A: The first time I heard the word Sudo was like right after I first started working here. [00:51:33] Speaker B: Yeah. [00:51:33] Speaker A: And it was doing a Linux course with dawn and it was like LPiC two part two and I hadn't, I barely knew what Linux was when I started working here. Completely out of, just step in here some questions you can ask and go for and now I can like follow along and ask my own questions. Sudo, yeah, he's like, oh, so you know, we'll just do Sudo superuser da da da da. And I'm sitting there like right, right, Sudo, yeah, I understand. [00:51:55] Speaker B: Love using that. [00:51:56] Speaker A: Love Sudo. So just for the users that don't know, what is that? So anyway, now it's nice that I can kind of follow along a little bit but you're right, there were several or a couple of bugs here that were severe 9.89.87. .8 so nothing to play around with but there's fixes for all of them like you said. That's good news. [00:52:12] Speaker B: Good news. [00:52:13] Speaker A: This is a thumbs up for us. [00:52:15] Speaker B: Pretty good. [00:52:15] Speaker A: Yes. Hashtag security. Good security much. Wow. Sponsored by dogecoin yeah, well, and continuing the theme with patching stuff Apple has patched a vision pro vulnerability used in possibly the first ever spatial computing hack. I just thought this was kind of neat because, I mean, first of all, it's great that they patched it. I mean, good for them. But also just the fact that this is the first of its kind, basically, in that this particular flaw was specific to the vision OS. There were other flaws that have been patched that have affected vision Os, but they also affected Mac OS or iOS or whatever. This is the first one specific to vision Os, so making history, I guess. [00:52:51] Speaker B: But also they absolutely are making history. This was. [00:52:53] Speaker A: Yeah, they updated vision OS operating system, powering its vision pro virtual reality headset. If you don't know what that is, including. [00:53:00] Speaker B: How much does that thing cost? [00:53:02] Speaker A: I'll look up the price. [00:53:03] Speaker B: You keep going. [00:53:03] Speaker A: Tell us more about it. Yeah, I actually don't get up, but. Oh, Christian says 3500 is his guess. [00:53:09] Speaker B: All right, let's see here. [00:53:10] Speaker A: Christian would know. Honestly, vision pro, I don't doubt him. But these were, these vulnerabilities can lead to arbitrary code execution, information disclosure, privilege, escalation and denial of service. So nothing to. Nothing to play around with. This isn't just like, oh, there was a little glitch in the view in your headset was bad. Like, this is, this is serious stuff. So the fact that this was used in the. According to this, the cybersecurity researcher that reported the vulnerability, this is a vision prospecific vulnerability. He believes it is the first ever spatial computing hack. When I was talking to Christian about this earlier this week, he was like, I could see that going in a almost hot direction. I wonder what the. Like. Why would you want to hack a vision pro? What would be the point in, what are some of the implications, I guess. [00:53:59] Speaker B: Good question. I don't have vision pro. I don't really. I'm not really hacking with Ar. [00:54:04] Speaker A: I mean, other than just to use it. [00:54:06] Speaker B: Like, well, maybe it's giving you like, wrong information if I'm able to hack it. So it did have arbitrary code execution, right? [00:54:11] Speaker A: That was one of the things. [00:54:12] Speaker B: So if I feed it shit code and it does whatever I tell it to do, maybe it tells you, hey, take the next right turn, which is off an overpass, and now you're done. You know, I don't know. [00:54:21] Speaker A: Interesting. [00:54:22] Speaker B: Who knows what they could do with that? The sky's the limit if you got code execution, by the way, with tax tags and title. After it's all said and done, you're looking at around four grand. Geez. [00:54:33] Speaker A: Yeah, for the just ad set. Yeah, that's crazy. [00:54:36] Speaker B: That's the big dog best you're getting away with is probably around 36 to 3800. [00:54:44] Speaker A: That's crazy. [00:54:45] Speaker B: Yeah. Yeah. That is crazy. [00:54:47] Speaker A: There's no. [00:54:48] Speaker B: It comes in space gray. [00:54:50] Speaker A: Does it come in rose gold? [00:54:51] Speaker B: Yeah, rose gold. [00:54:52] Speaker A: Thank God. [00:54:53] Speaker B: Come over, rose gold. I'm gonna set fire to these white pieces of crap. Give me the rose gold ones. [00:54:59] Speaker A: But don't. Don't buy this set yet because you never know. I come out with a new one and then half the things that I. [00:55:04] Speaker B: Can see people trying to flex with the rose go, oh, you have those dog turd white ones. [00:55:10] Speaker A: Yeah. Not rose gold, but with the vision pro, you don't even get to. Even if you had a rose gold vision pro, you wouldn't get to enjoy it because your eyes are in it the whole time. You didn't get to enjoy the fact that it's rose. [00:55:19] Speaker B: Weird projection of eyes on the other side. They are freaky. [00:55:23] Speaker A: Yeah, they are weird. They give you that kind of, I don't know, VR headsets give me a headache. So I just don't understand the appeal. But clearly I'm not the audience then. So anyway, just thought this was kind of neat, that it was the first ever vulnerability specific to vision Os and used in the first ever spatial computing hack. Making history. [00:55:39] Speaker B: Making history there. [00:55:39] Speaker A: And it's been patched. So that's always good news. But we're not done with our theme of patches here. We've got one more here. [00:55:45] Speaker B: This side of the technado is all patches. Right? [00:55:47] Speaker A: Patchy. Patchy the pirate on this side of tech, NATO. That's pretty good. [00:55:51] Speaker B: Yeah. [00:55:52] Speaker A: So Asus has patched critical authentication bypass. A critical authentication bypass flaw in multiple router models. It is Asus. Right? That's how you pronounce it? [00:56:00] Speaker B: Asus. [00:56:00] Speaker A: Yeah, Asus. Okay. They ship software updates to address a critical security flaw that could be exploited to. [00:56:05] Speaker B: Thinking of other possible pronunciation. [00:56:09] Speaker A: I'm sure you are. This is like make Orwell fiction. Obviously. [00:56:13] Speaker B: I am a child, ladies and gentlemen. Listen, I say a bunch of dumb crap here. I know. [00:56:16] Speaker A: That's fun. [00:56:17] Speaker B: Just making jokes and trying to have fun. [00:56:19] Speaker A: We welcome it. Yeah, part of the show. This was a pretty critical. Thank you for spelling it out for me. I could help myself on my own. I couldn't have just. [00:56:29] Speaker B: I have to make it obvious, like a little kid, like, it's like a. [00:56:33] Speaker A: Chuckling over there problem in my brain. [00:56:35] Speaker B: That tells me, just say it. Just say it out loud. [00:56:38] Speaker A: What? [00:56:38] Speaker B: Kill who? [00:56:41] Speaker A: Well, this this vulnerability had a CVSS score of 9.8 out of a maximum of ten. [00:56:46] Speaker B: So that seems high. [00:56:47] Speaker A: This is. This is a. I was going to say big spender, but that doesn't make sense. Heavy hitter, I guess, is the word I was looking for, but it's been patched. So again, good news. [00:56:56] Speaker B: That is good news. Really interesting. But it was this one that had kind of multiple flaws that kind of led to a problem, right? So I think. So it says earlier this January, Aces patched another critical vulnerability tract. So that was a 9.8 that could permit unauthenticated remote attacker to upload arbitrary files and system commands on device uses effective routers. So obviously our connection to the Internet is something that we need to be. And I like to bring these kind of articles up for this very reason. I love stopping my sentence midway to start a new sentence because I love it. My thoughts just go crazy. [00:57:38] Speaker A: Runway, train inside of my head. [00:57:39] Speaker B: Yes, you have routers. They are basically a computer of a type. They are part of your security surface. Right? Your attack surface. How many of you out there, and we've said this before many times, if you're a constant follower of swap us here in Technato, how many times have we said it? Are you updating your firmware? Are you looking for security issues? Are you changing defaults? This is a legitimate way for people to gain access into your network. So if you're not using proper security on it, as well as your laptops and mobile devices and so on that are connected to it, you're opening yourself up. You're only as strong as your weakest link, so don't let this be that you obviously, if you've got Asus router within these different versions, you should be on the lookout for that. Just make a reminder every once a quarter, even. Yeah, just every three months. Every four. Right, three months, yeah, every three months. You go in and you go, hey, is there any updates? I changed my password to my wifi. Change my. Don't turn off it. Remote administration. Don't turn that on. Don't turn that on. Stop. No, I know, it's nice to be sitting at, you know, PF Chang's and pull out your phone and go, I obviously need to make a configuration change to my router at home. No. Or your small business or whatever the case is, just make that unavailable. Do those proper security things on these devices as well, because they do have vulnerabilities. You'd hate for that to be the way somebody gains access to your systems. Just saying. [00:59:13] Speaker A: It's so funny to me that PF Chang's is the restaurant you pulled out. Like, you're just sitting at PF Chang's working on some stuff. And, like, to me, it would be like, oh, I'm at Panera bread working on something to do it from there. PF Changs, though, PF Changs. I'm locked in. I'm not focused on anything else. [00:59:26] Speaker B: I am in the moment. [00:59:27] Speaker A: I don't go to PF Changs to mess around. I'm spending some money if I'm going to PF Chang's. [00:59:30] Speaker B: True. [00:59:31] Speaker A: And I'm going to focus and enjoy every second, but to each his own. [00:59:33] Speaker B: Yeah. For two people at PF Chang's, you're spending close to a bill. [00:59:37] Speaker A: Yeah, you might. You could buy a small horse for that, probably. I don't know. You said PF Chang's. I thought that was random. [00:59:44] Speaker B: So, you know, you made me go to the movie. Oh, brother, where art thou? [00:59:47] Speaker A: Is like, that's not with George Clooney, right? [00:59:48] Speaker B: Yeah, George Clooney. And they're at the one guy's cousin's house after they escaped from prison. He's like, it's a fine meal. And he goes, oh, is it? I was afraid that horse had turned. I shot it last week. Or what? He was like, oh, they called him, like, a greasy horse something or other. It was. That movie is hysterical. [01:00:09] Speaker A: It's probably good you can't remember the rest of that sentence. Yeah, because I feel like Christian would have to cut it out. [01:00:13] Speaker B: Dude. It is. That movie is worth the watch. [01:00:16] Speaker A: I've got a long list of movies now. [01:00:18] Speaker B: It's funny to me. The Coen brothers are very hit or miss. They either just, it's amazing flick or it's very ho hum to me. [01:00:25] Speaker A: Interesting. I'll have to add that to the list. Then I say that I'm never gonna get through the list. I'm gonna die before that list is over. You know, there's just too much to watch. We've got one more article we wanted to get into, and I am so excited to hear Daniel. I love being like, oh, look at this. And having it be something that he's like, this is what's wrong with the world. Cause it's so fun. [01:00:42] Speaker B: Oh, this was the article. [01:00:43] Speaker A: This is the article. [01:00:44] Speaker B: It was the last article on the list. [01:00:46] Speaker A: The situate. I did that on purpose. [01:00:48] Speaker B: Yeah. Okay. [01:00:48] Speaker A: The situation proposed here. Tough day at the office. Well, how about a mandatory photo montage to calm you down? Ordered by an AI. That's monitoring how close you get to breaking point. This sounds theoretical, right? This sounds like, oh, what if? But this is being implemented. There's a company that's doing this right now. I believe it is. First horizon bank says it's a way to keep all of its call center agents relaxed over long shifts of dealing with the public. I think call center agent and relaxed don't go in the same sentence. If you're working at a call center, I'm sorry, but that's just not the cards for you, because it's a stressful job. So they're hoping that they can deal with burnout in this way now. Sounds kind of weird, right? The way that this works is you say, I'm working at a call center. I get to pick ahead of time photos, whether it's photos of my family, my pets, whatever, and music that I like. And then if I'm working at the call center and their AI detects that you seem like you're getting a little bit stressed, you're getting a little frustrated with the public, you're a little frazzled. We're gonna. We're gonna cut. Cut your. Cut your system here. We're gonna keep your eyes off work for a second, and we will play this relaxing slideshow of these photos along with inspirational quotes that get thrown in there just for some pizzazz, some little red pepper flakes on the pizza, and this music that you've chosen as a soundtrack in the background. And then after we feel like you've calmed down enough, you can go back to work. And apparently it's working. They've detected that. That their burnout levels have decreased. There are some employees, supposedly, that are even saying they prefer this. This built in mandatory break to just them just taking their own breaks, them taking a break and going, walking around. They prefer this. This is better. Personally, I call B's. I don't buy it. [01:02:24] Speaker B: Listen, I pretty sure I saw a documentary on this actual thing because I'm reading this article, right. It says you're stressed out at work, which means naturally, you want to throw a stapler off the roof and tell your boss exactly what you think of them. [01:02:36] Speaker A: That was kind of weird. [01:02:37] Speaker B: Then you see a common montage of your family vacation photos and an inspirational picture of a cat hanging on a washing line set to calming music. And the rage quietly fades away. Yes, everything is fine again. Back to generating value for the shareholders. All is well. And I'm wondering, do. Do you have to supply your own clips that keep your eyeballs open with visine drops? Right. As they play Beethoven. Right. Is that how. Because obviously this does work. [01:03:05] Speaker A: Clearly it's been proven. [01:03:07] Speaker B: Do you have to supply your own medicine that makes you violently ill? Whenever you get raised up inside, you. [01:03:13] Speaker A: Need to get violently ill at the sight of your family. [01:03:15] Speaker B: Now, this is a clockwork AI, right? That's what we're talking about here. [01:03:18] Speaker A: Yeah. There's some similarities there. [01:03:20] Speaker B: That's exactly what I thought of. I'm like, they are basically trying to cure you of rage. [01:03:25] Speaker A: It's kind of stupid in a way. [01:03:26] Speaker B: That we've seen, at least in an artistic way. [01:03:30] Speaker A: It's like, just because we can doesn't mean we should. I don't. [01:03:34] Speaker B: I feel like that doctor Ian Malcolm. [01:03:36] Speaker A: They didn't, they failed to ask that question at this point. And so their argument was that, hey, different people break at different points. [01:03:42] Speaker B: Well, this helps to, the question becomes, is obviously they are manipulating you emotionally. [01:03:51] Speaker A: Right? [01:03:51] Speaker B: Right. This is emotional manipulation at its base, whether or not to me, obviously we're not assigning any moral or ethical value on that at that point. Just let's just break it down to that. This is what that is. They are manipulating your emotions through detection. They are detecting that your emotional state is not one that is conducive to creating value for them. Right. You're going to be less efficient, less effective at your job because your stress levels are going up. Okay. And now we are going to induce a better state of emotion for you by doing X, Y or z. This feels like a slippery slope. [01:04:36] Speaker A: Yeah. [01:04:36] Speaker B: Right. Where, hey, you know, what are they, what are the struggle sessions, right. That the communists used to make our captured men used to do? [01:04:47] Speaker A: So this is okay, right? [01:04:48] Speaker B: So they would say, no, just say, you don't have to believe it. Just say, america is bad and we'll. [01:04:53] Speaker A: Give you some food. Yeah. [01:04:54] Speaker B: And then over time, over time, you get conditioned to. I get food. When I say America bad, so America must be bad. Yeah. So if I just go, well, you know, they're helping me, that it's good. And the next iteration, it's a little bit different. I just. Bad taste in my mouth. [01:05:15] Speaker A: It gives you a weird gut feeling. [01:05:17] Speaker B: I've tasted this before and it wasn't good. You're trying to sneak it. You ever know how you try to give your dog its medicine? You slap it in butter. Right? So just slide down the old gullet. I feel that. Yeah, I feel that. [01:05:31] Speaker A: Yeah, absolutely. I agree. Even though it would seem like. What do you talk. It says that we've. Customer satisfaction has increased employee productivity has increased. We even have agents that are saying, this is great. We love this. It works better for us. Okay. There's a feeling, well, I mean, I have a feeling this is not good. [01:05:50] Speaker B: Here's the thing. Why am I getting enraged to begin with? Oh, let's not address the cause. Let's fix the symptoms. That's what we do in today's society, right? We go, oh, someone's getting enraged. Make them not enraged by how we give them medicine. That basically keeps them from being able to feel rage. [01:06:12] Speaker A: Yeah. [01:06:12] Speaker B: Hmm. Or hear me out. Fix the system that's causing the negative feelings. Make it a better system. Not. Not just address the symptoms. Fix the cause. Fix the root problem. [01:06:29] Speaker A: Yeah. [01:06:30] Speaker B: Make it a system in which people are. So, I worked on a help desk, right? So I know the rage that comes from trying to help people because of the abstraction between you and them. And the thing that really made me good at my job and I was. Because people would get my direct line. They just, like, they would call the center and they would say, can you, can you transfer me to Daniel? Because I stopped seeing them as the problem. I stopped seeing the people that were calling in as like, a disruption to my day and idiot users doing dumb things and going, hey, they don't know what's going on here. They don't understand complex systems in computing world. I do. That's why they're calling me. That's why I have a job, because I do understand those things. I'm on their side. I'm advocating for them. And then when they would call me, I would go, hey, don't worry. We're going to get you fixed up. I know it's probably a really weird thing, and we're going to have to go down some rabbit trails, but stick with me. We'll hang in there. I'm not going to get frustrated with you because you are not the issue. [01:07:29] Speaker A: Yeah. [01:07:30] Speaker B: Right. It's either your lack of knowledge on the problem or whatever. And I'm gonna teach you, and we're gonna get this fixed. And they felt like I was their, their companion in this. I was not against them. I was for them. [01:07:42] Speaker A: Yeah. [01:07:42] Speaker B: And I fixed all the problems. I never had a single issue that went unsolved. [01:07:48] Speaker A: And that's the kind of thing that would probably have the same result as this program does, that you see increased customer satisfaction. Because if I get a call center agent like that, I'm gonna be like, that was a great experience. As opposed to somebody that's like, well, what did you do wrong? Why are you calling. [01:07:59] Speaker B: Here's what happens in a lot of call centers. You're spending too much time on the phone with that user. Get them off the phone so you can get another user on the phone and solve their problem. [01:08:08] Speaker A: We need turnover to be fast, right? Yeah. [01:08:10] Speaker B: Yes. They want turnover to be fast. They don't spending too much time with people. So you get this outside pressure to get them off the phone. [01:08:16] Speaker A: Yeah. [01:08:16] Speaker B: And get them, quote, unquote, satisfied, and. [01:08:19] Speaker A: Then you come across as, like, short with them and irritated because you have this. [01:08:22] Speaker B: You got someone in your ear going, too long, too long, too long. Right. They've built a system that absolutely causes you stress. [01:08:29] Speaker A: Yeah. [01:08:30] Speaker B: And now you see your end user as an. As an adversary instead of someone with a problem that you're here to help. Imagine if maybe it probably is. I'm not a doctor. I don't know, but maybe I feel like that might be the case if your doctor was like, I just want to get you in and out. [01:08:45] Speaker A: Yeah. Here's a pill, Evan. [01:08:46] Speaker B: Yes. [01:08:46] Speaker A: Just. [01:08:47] Speaker B: Just take a pill. But I still have type two diabetes, doctor. Yeah, but you take John. Whatever the weird names they give these pills nowadays, this is the quickest way. [01:08:55] Speaker A: To quell that issue from boom pill. [01:08:57] Speaker B: I made money. Your type two diabetes is taken care of. We're all happy. How about we actually address what's causing my type two of diabetes and work with a plan, and you come alongside me as an advocate to help me? Yeah, that seems like a better idea. [01:09:14] Speaker A: My mom worked as a support representative for QVC for a little bit. She did it remotely, and so she would have to answer calls from people that were like, hey, I have a problem with my order. And my mom was a pretty personable woman. Like, she's so and whatever. So she would. And it was a lot of times, older folks that were calling didn't understand what was going on. They were confused. They were having issues. And she would, you know, be like, hey, how are you? That's awful. Let me. Let me fix that for you. Laugh with them, talk with them. And she would get stellar reviews. We loved her. It was great. She got in trouble. They were like, you're taking too long on these calls, and you need to pick up the paper. She ended up quitting because she's like, okay, so either I do a terrible job, and the people that are calling me hate me, and they don't feel like their issue got resolved. They don't feel like they were listened to, but, oh, I'm meeting the numbers, so I'm doing great, or I feel like I'm doing my job and I'm doing a good job and I feel good about doing this, and you're telling me that I'm doing the wrong thing, not worth it. So she end up quitting. And it's unfortunate that it has to be like that. I know they got numbers, they got to meet, and there's a lot of people calling, but it just sucks. That's the way it is. [01:10:05] Speaker B: Yeah. And don't get me wrong. You handle these problems. Someone can be very abstract and esoteric, and you're like, what the hell is going on here? And that can be frustrating. But if you're the right kind of person, if you, if you see your job is like, oh, I'm gonna, I'm challenged, accepted, right? Yeah, I'm probably gonna have a few. Like, I, I dig into that kind of stuff. I get really cynical and stupid thing. [01:10:28] Speaker A: It'd be easy to get set up. [01:10:30] Speaker B: That's kind of how I process through that stuff. But at the end of the day, I always say, I'll rush a machine gun nest as long as I can bitch my way and complain my way as I do it. [01:10:39] Speaker A: Complain a little. [01:10:39] Speaker B: If you give, you let me complain the whole time and let me vent that frustration, I can get anything done. Just about. [01:10:45] Speaker A: That's fair, right? [01:10:47] Speaker B: This is my process. [01:10:49] Speaker A: This is the person running this. Writing this article was like, I don't care if this works. I don't want any part of it. I prefer to handle my rage the old fashioned way. I will bottle it up until I can make an expensive purchase to make me feel better. [01:10:59] Speaker B: I'm going to quote Steve Harvey, where when I have emotional issues, I just keep it deep down inside until it manifests as a physical issue. Then I go see a real doctor. [01:11:12] Speaker A: I'm a little lost, but fair enough. [01:11:13] Speaker B: Yeah, yeah, yeah. [01:11:14] Speaker A: So I just thought that was something that would probably prompt some interesting opinions on that. I'm curious to know what, what y'all think about this. If this is something that, if you worked for a company and they implemented this, would you be on board? Would you be a little skeptical? Hey. [01:11:26] Speaker B: Or, hell, if you were someone calling someone that was having, like, if you were on the other end of the phone, you had an issue with someone, they are saying that they, that those customers are more satisfied. Right. The data is suggesting that they're more satisfactorily. So I get that on the other end. That's, that's good. But maybe we can, I think that we can reach the same. Gotta be another way with a different method. [01:11:47] Speaker A: There's gotta be another way. [01:11:48] Speaker B: Yeah. [01:11:49] Speaker A: There was something else. I didn't throw it in here. Cause it's. It's still theoretical. It's still being. It's not, like, implemented somewhere yet, but I think in Japan, maybe it was, like, japanese company that was experimenting with this. Yeah. Using AI to change the customer's voice. So when you're on the phone with a customer and they're getting testy and they're getting angry at you and modulates changes it to make them. So it's still what they're saying, but it makes it, like, instead of saying, you don't know what you're talking about, it's like you don't know what you're talking about. [01:12:14] Speaker B: And that sounds even more condescending. Yeah. [01:12:18] Speaker A: Like, it just brings it down. And I don't know that I'm still not on board with that, but that was more conceptual. So I didn't. [01:12:24] Speaker B: My peppy used to say any. What you say. It's how you say it, son. [01:12:27] Speaker A: There you go. Yeah, it's. Your people won't remember what you said, don't remember how you made them feel. [01:12:30] Speaker B: That's right. [01:12:31] Speaker A: And if you condescend to me, I'm gonna be upset. So this might actually. [01:12:34] Speaker B: Yeah. I'm gonna start a couch fire and flip a table. [01:12:36] Speaker A: You better get out of here. [01:12:37] Speaker B: Yeah, yeah, she's seen it. It's not pretty. [01:12:40] Speaker A: I have. Well, I think that's gonna do it for our. For our stories this week. We have. There wasn't a ton of, like, breaking news. [01:12:46] Speaker B: Yeah. [01:12:47] Speaker A: But I felt like there was some interesting stuff, interesting things this week, so we'll try to get more of that in there. And like I said before, let us know what you liked and what you want to see more of. And we'd love to. We love. We do actually love to see opinions on this stuff. [01:12:57] Speaker B: Absolutely. [01:12:57] Speaker A: It's fun for us to go back and read, like, what did this person think? [01:13:00] Speaker B: I can take a playful ribbing, but damn. Don't be. Don't be mean. To quote buckaroo Banzai. Don't be mean. [01:13:07] Speaker A: Yeah, you don't have to, like, give me a new insecurity. [01:13:11] Speaker B: New insecurity unlocked. [01:13:14] Speaker A: It is. It's like. It'll be like, a weird comment. Like, yeah, does anybody notice, like, okay, the one that said we were like, it was funny. Like, I laughed. [01:13:21] Speaker B: Oh, yeah, Canadians. [01:13:22] Speaker A: No, white Canadians. I'm like, you're not wrong, and that's not new. Like, I know that. But now, you know, now I'm like, oh, I guess, but it could be a lot worse. I don't know. I think I look fine. [01:13:33] Speaker B: That's right. [01:13:33] Speaker A: So maybe, maybe leave out the ad. [01:13:35] Speaker B: Hominem stuff, but, I mean, you kind of fade into the snow. [01:13:38] Speaker A: I do. It's a good thing I live in Florida. I don't have that problem. I don't have to worry about it. Well, we hope that you enjoyed this episode. We hope that you'll come back and join us next week for another episode. Every Thursday we do prerecord these, so let us know if we missed anything. You know, it's, it's, it's hard for us to stay super, super up to date with you. [01:13:54] Speaker B: Yeah, we record on Wednesdays, release on Thursdays. [01:13:56] Speaker A: We have to. Otherwise we wouldn't be able to get it done. But, but hope you enjoyed regardless, and we will see you back here in studio two next week for a new technado. Thanks for watching. If you enjoyed today's show, consider subscribing so you'll never miss a new episode.

Other Episodes

Episode

November 18, 2019 01:00:30
Episode Cover

The Technado, Episode 126: Upsolver’s Ori Rafael

The whole team is back together, and this week they were joined by Upsolver’s Ori Rafael who gave a crash course on Frictionless Data...

Listen

Episode

February 01, 2019 01:09:46
Episode Cover

The Technado, Episode 85: CyberArk’s Joe Garcia

Joe Garcia from CyberArk was kind enough to come all the way up from Tampa to join Peter and Don in the studio to...

Listen

Episode

July 09, 2020 01:05:03
Episode Cover

Technado, Ep. 159: Microsoft’s Christiaan Brinkhoff

An old friend of the show, Christiaan Brinkhoff, returned this week after joining Microsoft on the Windows Virtual Desktop team. After letting us know...

Listen