Podcasts about Boaty McBoatface

Autonomous underwater vehicle

  • 197PODCASTS
  • 227EPISODES
  • 48mAVG DURATION
  • ?INFREQUENT EPISODES
  • Apr 8, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about Boaty McBoatface

Latest podcast episodes about Boaty McBoatface

You Won't Believe What Happened To Me
Signs You Have Been Abducted By Aliens- The Paranormal Report 172

You Won't Believe What Happened To Me

Play Episode Listen Later Apr 8, 2025 45:28


This week on The Paranormal Report, Jim and Dar discuss the new proposed bill in Congress allowing citizens to do THIS to drones. Also, have you been abducted by aliens? These are the signs to look out for. A Chilean scientist says UFO's are just a fairy tale--what do you think? Plus, 2024 YR4 asteroid could hit the moon, Boaty McBoatface finds a Nessie camera, a very expensive haunted house for sale in Ireland, and so much more! Thanks for listening and we would love if you could share the show with family and friends! LINKS https://www.congress.gov/bill/119th-congress/house-bill/1907/text https://www.iheart.com/content/2025-03-31-mysterious-black-ring-spotted-floating-in-the-skies-above-seattle/ https://apple.news/Aq4xAsf21RkCaVXtsdX-QIQ https://www.skyatnightmagazine.com/news/asteroid-2024-yr4-moon https://www.ladbible.com/news/science/noahs-ark-site-turkey-archaeologists-plan-discovery-838971-20250406 https://www.irishcentral.com/dream-homes/haunted-house-ireland-loftus-hall https://medium.com/@Cristina_Gomez/chilean-astronomers-ufo-rant-sparks-global-debate-fairy-tales-or-fact-7a1722af0259 https://www.psychologytoday.com/us/blog/where-physics-meets-psychology/202504/time-quantum-decoherence-and-infinite-versions-of-you https://www.mirror.co.uk/news/weird-news/i-abducted-aliens-here-signs-34971290 https://www.bbc.com/news/articles/cx20g82y1k8o https://www.nottinghampost.com/news/local-news/beestons-banana-saga-takes-another-10014748 Learn more about your ad choices. Visit megaphone.fm/adchoices

Pod Save the UK
How f***ed are we if Trump wins? + Is Jeremy Corbyn MP forming a new party?

Pod Save the UK

Play Episode Listen Later Oct 24, 2024 45:49


The Government's rallying cry to the nation to help fix the NHS via a public consultation has not disappointed. In what is fast becoming the National Health Service's very own Boaty McBoatface moment, Nish and Coco dissect the wild and weird policy suggestions flooding the website.Then Jeremy Corbyn, former Labour Party leader and Independent MP for Islington North, joins to tell us how the left can make their voices heard in Parliament and whether a new leftwing political party could be on the horizon.Later, with the US elections looming, co-host of our sister show Pod Save the World Tommy Vietor calls in to discuss why the Labour party is under fire for sending hundreds of staffers to canvas for the Democrats and what the result next month might mean for US-UK relations.Finally, Nish and Coco discuss a protest from an Australian Senator who shouted directly into the ears of King Charles, which comes as the Government resists paying reparations - or even apologising for - slavery and the actions of the British Empire. Useful links:https://crooked.com/podcast-series/pod-save-the-world/ Guests: Jeremy Corbyn MPTommy Vietor Pod Save the UK is a Reduced Listening production for Crooked Media.Contact us via email: PSUK@reducedlistening.co.ukWhatsApp: 07494 933 444 (UK) or + 44 7494 933 444 (internationally)Insta: https://instagram.com/podsavetheukTwitter: https://twitter.com/podsavetheukTikTok: https://www.tiktok.com/@podsavetheukFacebook: https://facebook.com/podsavetheukYouTube: https://www.youtube.com/podsavetheworld

Piggles
Ep. 20 "All that's coming to mind is Boaty McBoatface" with Adam Raines

Piggles

Play Episode Listen Later Oct 15, 2024 39:34


When it Raines, it pours, if you know what we mean. Join us as we talk with Fulton's resident swing dance expert and math teacher extraordinaire, Mr. Raines, about the changing of the seasons, Count Binface's election officials, sand worms, and much much more!

The V Show w/Bob Valvano
The V Show with @espnVshow and @NickyVESPN - Hour 2- @DerbyMedia Triple Crown Preview - 5-30-2024

The V Show w/Bob Valvano

Play Episode Listen Later May 30, 2024 64:45


There's no Triple Crown winner this year in horseracing.  SO Bobby V decides to have an all Triple Crown winner race to decide the best horse of all time!  We add the great Man O' War to round out the field and get the one and only Darren Rogers to help preview and set up the first heats.  We look at other Triple Crown Winners and talk about the great Boaty McBoatface and his brother Shippy.  See omnystudio.com/listener for privacy information.

The Allusionist
190. Craters

The Allusionist

Play Episode Listen Later Mar 11, 2024 37:03


When PhD student Annie Lennox discovered a crater on Mercury, she got the chance to name it. Which sent her on a bigger space mission. Get the transcript of this episode, and find links to more information about the topics therein including how to get involved with the next planetary hackathon, at theallusionist.org/craters. This episode was produced by me, Helen Zaltzman. The music is by Martin Austwick of palebirdmusic.com. We'll be playing a space-themed show in the planetarium at the H.R. MacMillan Space Centre in Vancouver BC on 18 April 2024; get tickets via theallusionist.org/events. Become a member of the Allusioverse at theallusionist.org/donate and as well as keeping this independent podcast going, you get regular livestreams, insight into the making of this show, and watchalong parties - AND to hang out with your fellow Allusionauts in our delightful Discord community, where I am posting all my best/worst portmanteaus and portmantNOs. The Allusionist's online home is theallusionist.org. Stay in touch via facebook.com/allusionistshow, instagram.com/allusionistshow, youtube.com/allusionistshow, twitter.com/allusionistshow etc. Our ad partner is Multitude. If you want me to talk lovingly and winningly about your product or thing on the show in 2024, sponsor an episode: contact Multitude at multitude.productions/ads. This episode is sponsored by:• HomeChef, meal kits that fit your needs. For a limited time, HomeChef is offering Allusionist listeners 18 free meals, plus free shipping on your first box, and free dessert for life, at HomeChef.com/allusionist.• Squarespace, your one-stop shop for building and running your online empire. Go to squarespace.com/allusionist for a free 2-week trial, and get 10 percent off your first purchase of a website or domain with the code allusionist. Support the show: http://patreon.com/allusionistSee omnystudio.com/listener for privacy information.

NOC Into the Blue Podcast
S2 Ep18: Catching Up With Boaty McBoatface: Latest Achievements and Exciting Missions | Stewart Fairbairn and Dr Zoe Jacobs

NOC Into the Blue Podcast

Play Episode Listen Later Feb 7, 2024 17:07


Autosub Long Range, famously known as Boaty McBoatface, had a busy 2023 and is set to continue to be at the forefront of autonomous ocean exploration this year. ALR Operations Engineer Stewart Fairbairn joins the podcast to tell us about the ALR's recent successes and the exciting missions it will undertake in 2024 and beyond. Learn more about Boaty McBoatface - https://noc.ac.uk/facilities/marine-autonomous-robotic-systems/autosubs Dive into the history of the Autosub programme - https://noc.ac.uk/technology/technology-archive/story-autosub Follow us on social media to keep up to date with new episode releases and latest news - https://linktr.ee/nocnews

TransMissions Podcast: Transformers News and Reviews! - All Shows Feed
Empire Of Rust 010 - The Short Road to a Small Angry Island

TransMissions Podcast: Transformers News and Reviews! - All Shows Feed

Play Episode Listen Later Feb 5, 2024 63:51


Boaty Mcboatface. We want to hear your feedback! Post a comment here or email feedback for Empire Of Rust directly to rust@transmissionspodcast.com! Want some TransMissions swag? Check out our online shop, powered by TeePublic! Like what we’re doing and want to help make our podcast even better? If you already support us, thank you! Show Notes: Intro – Level Up! [0:00:00] Chapter 1 – Follow the Shannix [0:14:14] Chapter 2 – Anchors Aweigh [0:27:27] Chapter 3 – Phishing Blind [0:45:35] Closing [1:02:43] If you enjoy Empire of Rust, please rate us and subscribe on Apple Podcasts, Google Podcasts, Stitcher, and Spotify! These ratings greatly help podcasts become more discoverable to other people using those services and is an easy way to help out our show. What is the Empire Of Rust Podcast? TransMissions Podcast Network presents: the world’s first and only Transformers RPG actual play podcast! Conceived, developed, and run by… Continue reading The post The Rustford Files 010 – The Short Road to a Small Angry Island appeared first on TransMissions Podcast Network.

Empire Of Rust
Empire Of Rust 010 - The Short Road to a Small Angry Island

Empire Of Rust

Play Episode Listen Later Feb 5, 2024 63:51


Boaty Mcboatface. We want to hear your feedback! Post a comment here or email feedback for Empire Of Rust directly to rust@transmissionspodcast.com! Want some TransMissions swag? Check out our online shop, powered by TeePublic! Like what we’re doing and want to help make our podcast even better? If you already support us, thank you! Show Notes: Intro – Level Up! [0:00:00] Chapter 1 – Follow the Shannix [0:14:14] Chapter 2 – Anchors Aweigh [0:27:27] Chapter 3 – Phishing Blind [0:45:35] Closing [1:02:43] If you enjoy Empire of Rust, please rate us and subscribe on Apple Podcasts, Google Podcasts, Stitcher, and Spotify! These ratings greatly help podcasts become more discoverable to other people using those services and is an easy way to help out our show. What is the Empire Of Rust Podcast? TransMissions Podcast Network presents: the world’s first and only Transformers RPG actual play podcast! Conceived, developed, and run by… Continue reading The post The Rustford Files 010 – The Short Road to a Small Angry Island appeared first on TransMissions Podcast Network.

Nauti House
Boaty McBoatface

Nauti House

Play Episode Listen Later Jul 31, 2023 85:05


The Nauti House got much more Nautical this weekend.  The boat that has been teased since the first episode finally came to dock in the backyard.  John and Nick were out on the water all weekend and that's the best way to get summer vibes up, even though we're half way through now.  It's hard to believe this is the last weekend of July, but, we went full in on the summer festivities!  Tune in and relax.

Construction Big Breakfast
Boaty McBoatface and NOC with Huw Gullick | Innovation Deciphered

Construction Big Breakfast

Play Episode Listen Later Jul 17, 2023 25:58


Welcome to another episode of Innovation Deciphered! In this installment, your host Tim Fitch sits down with Huw Gullick, Associate Director of NOC Innovation at the National Oceanography Centre. Get ready to dive into the fascinating world of ocean research and exploration. Join Tim and Huw as they unravel the mystery behind NOC, exploring who they are and what they do. They shed light on NOC's pivotal role in advancing ocean science and technology, and discuss the exciting initiatives that are reshaping the field. First, the conversation delves into the critical topic of funding. Discover how NOC is attracting new revenue streams from the private sector to propel ocean research forward. Tim and Huw delve into the innovative funding models that NOC has embraced, revolutionizing the way they operate. Next, the episode takes a closer look at industry engagement. Learn how NOC collaborates with industry partners and showcases their cutting-edge research. They even bring up the infamous Boaty McBoatface story, highlighting how public engagement plays a vital role in their work. Process and strategy take center stage as Tim and Huw discuss the iterative approach that NOC follows to develop groundbreaking solutions for ocean science. Gain insights into how they set up the organization to deploy existing technologies at scale, propelling advancements in this vital field. But the conversation doesn't stop there. The episode concludes by addressing the recent Titan tragedy that occurred just days before filming. While only briefly touched upon, the discussion highlights the challenges and risks associated with ocean exploration and serves as a reminder of the importance of the work being done by organizations like NOC. Tune in to this thought-provoking episode as Tim Fitch and Huw Gullick delve into the world of NOC Innovation at the National Oceanography Centre. Prepare to be inspired by their commitment to pushing the boundaries of ocean science and uncovering the mysteries that lie beneath the waves. Learn more about NOC here: https://noc.ac.uk/ #NOC

WGY Mornings with Doug Goudie
Mohonasen Will Not Be Boaty McBoatface

WGY Mornings with Doug Goudie

Play Episode Listen Later Jul 12, 2023 5:34


Got an opinion? If you're listening on the iHeartRadio app, tap the red microphone icon to record & send us your thoughts. Don't have the app? Get it free here ---> https://news.iheart.com/apps/ Follow WGY on social media: instagram.com/wgyradio twitter.

Wiki University
Boaty McBoatface is the reason the internet can't be in charge of anything

Wiki University

Play Episode Listen Later Jun 30, 2023 43:35


It's summer session so we're keeping things light! Why is there a submersible in the Royal Navy named Boaty McBoatface? Why aren't penguins scared of humans? How are killer whales sinking boats off the coast of Portugal? Kyle and Jheisson answer these questions and more as they float across Wikipedia learning about Boaty McBoatface, Pip Squeaks, penguins, killer whales, and the history of Sea World!Watch Wiki U videos on Youtube, TikTok and Instagram @wikiuniversityMusic provided by Davey and the Chains

Quiz and Hers
Learned Lately #10: BOATY MCBOATFACE

Quiz and Hers

Play Episode Listen Later May 30, 2023 9:12


In this week's edition of Learned Lately, Justin tells the bizarre story of one of his favorite Internet gags, Boaty McBoatface, and his surprisingly large number of cousins!Theme music: "Thinking it Over" by Lee Rosevere, licensed under CC BY 2.0E-Mail: quizandhers@gmail.com Facebook: https://www.facebook.com/quizandhers/Twitter: https://twitter.com/quizandhersInstagram: https://www.instagram.com/quizandhers/

Environment Variables
The Week in Green Software: Data Centers in Space

Environment Variables

Play Episode Listen Later May 3, 2023 39:12


Host Chris Adams is joined by Anne Currie on this episode of The Week in Green Software. They discuss the potential for data centers in space and how the use of potential death rays might be the way forward in powering these! Not only this, but sweeping changes in Reporting Law, and making Kubernetes clusters into Low Carbonetes clusters are covered too. Anne has a special report on her upcoming book and Chris finds his own variation of Boaty McBoatface!

A Master's Degree in Rolling Terribly
Ep 14: Boaty McBoatface?

A Master's Degree in Rolling Terribly

Play Episode Listen Later Apr 23, 2023 77:39


The amdirt crew head into scenario 115 to follow up on our previous bombing run.We meet a new monster type and get slightly annoyed at the continued presence of another.We have a little chat about scenario design and 1 person is incredibly close to retiring... our first one!Please note, this recording was done together in person so we were just getting used to that change and might consider it again moving forward at some stage.Oh and we need your help to come up with a name for our new friend!Find us on: Instagram at am_dirt Twitter @UamDirt YouTube @amdirtOr contact us directly at: contact@rollingterribly.com** Please note our episodes may contain spoilers for the game Frosthaven **

Vi behöver prata
om spartips

Vi behöver prata

Play Episode Listen Later Mar 18, 2023 55:19


Vi pratar om spartips i det här avsnittet. Just nu råder osäkra ekonomiska tider. Det är krig, inflation och klimatkris. Många experter kommer med råd om hur man kan spara pengar. Vi går igenom några kända råd och pratar om hur vi själva tänker. Det blir också en del prat om att reklamera lakrits-Polly, begreppet innerstadsarg, hund- och apfonden, Boaty McBoatface och misslyckade PR-kampanjer såsom "fotografera din hamburgare och ladda upp din bild".

Casting Views
on Gambling part 2!

Casting Views

Play Episode Listen Later Mar 5, 2023 44:46


Welcome to part two of our dive into gambling. this week we focus on novelty/prop bets.Listen in as we talk about:Betting on the length of the national anthem during the Super BowlBets on who the next James Bond could beThe story of a non league goalkeeper eating a pie during a match to win his friends moneyWhy did Boaty McBoatFace cause controversyand much much moreGambling supportOur aim in this episode is to have a general talk about gambling and betting. If you or anyone you know has a problem with gambling addiction - there are places out there who can help. Check out the following:UK - Begambleaware.orgUS - gamblersanonymous.orgPod SpotlightChatsunamiNewslyNewsly is an all in one audio app for IOS and Android which picks up web articles and reads them out to you. Download and use Newsly for free from www.newsly.me or https://newsly.meUse promo code CASTV for a 1-month free premium subscription.MerchYes - we now have merch! If you'd like to support us and look wonderful at the same time take a look at our range of merchandise here:Shop now!ContactIf you like what you hear - please do like, subscribe and consider leaving a review where possible. If you'd like to be on the show, or would like to say hi or suggest a topic, you can find us at the following:castingviewspod@gmail.comTwitterInstagramPodpageLinktreeIntro - by Josh WilsonOutro - Sporks Ahead by Josh WilsonArtwork - Casting Views

5 live Science Podcast
All aboard 'Boaty McBoatface'

5 live Science Podcast

Play Episode Listen Later Jan 15, 2023 51:18


Dr Chris Smith and the Naked Scientist team present the latest science news, analysis and breakthroughs. This week we discover a breakthrough in treating type 2 diabetes, and find out why the Virgin Orbital launch failed earlier this week Plus, we look at microplastics and the oceans at large as we go aboard the ocean research vessel the RRS Sir David Attenborough, which could have originally been named 'Boaty McBoatface', as they prepare to set sail for the Antarctic. And we discover how the Boaty McBoatface name lives on through one of the research submarines that is deployed on board the ship.

How to Lead Podcast with Clay Scroggins
How to Manage Quiet Quitters

How to Lead Podcast with Clay Scroggins

Play Episode Listen Later Sep 26, 2022 19:13


Ahh, the internet. Isn't it grand? It's given us so much. Online banking. Online shopping. YouTube. Boaty McBoatface. Just when we thought the internet couldn't give us any more, it surprises us with a term that is so clever and so relevant to all of our lives: QUIET QUITTING. It started with a few innocent TikTok videos, and now we've got a full-on cultural phenomenon. So, what should you do if you feel you've got some Quiet Quitters on your team? How do you manage someone who possibly doesn't care or maybe even doesn't want to be "managed?" Clay and Adam have a few ideas that are sure to help.

Energy Voice – Out Loud
EVOL: Fairlie's Foinaven, small cap squawks and McBoatface

Energy Voice – Out Loud

Play Episode Listen Later Sep 23, 2022 32:58


Objecting to the noise and emissions of Foinaven, the good residents of Fairlie have been up in arms – and on the phone to Energy Voice – in protest. While the decommissioning industry may be sad to see it leave for Denmark, the locals are at best divided on its presence.   Egypt has turned out to be a tricky location for M&A this year. One deal has already fallen apart and TransGlobe's desire to merge with Gabon-focused Vaalco is under fire. Small caps are under pressure, but there are no guarantees that size will solve all problems.   The people chose the name Boaty McBoatface for a larger vessel but scientific sobriety ruled this out, relegating it instead to an autonomous vessel. While the scale is somewhat diminished, Boaty has set off for valuable duty this week, heading off to inspect decommissioned assets in the North Sea.     About Energy Voice Energy Voice investigates and reports on what matters in global energy, helping sector leaders understand the geopolitical and economic factors underpinning current events, and giving them a view on what's coming over the horizon. Each year, 3.4m professionals use Energy Voice as a trusted source of breaking news and insight. For more information on how you can speak to those professionals across multiple platforms to build your brand and generate actionable business leads, visit energyvoice.com/content-services. For a 30 day free trial subscription to the Energy Voice website and app, visit energyvoice.com/subscriptions.

Gamestack
Ep 125: 3 Hour Tour

Gamestack

Play Episode Listen Later Aug 16, 2022 77:44


Boaty McBoatface! 

ThinkEnergy
Is Energy Storage the Missing Link to a Clean-Energy Future?

ThinkEnergy

Play Episode Listen Later May 23, 2022 28:23


Energy storage means more than just batteries. There are many different technologies that could offset peak electricity consumption periods, ultimately preventing the need for expensive, emissions-heavy infrastructure that could lead us away from our clean-energy goals. Justin Rangooni, Executive Director of Energy Storage Canada, joins thinkenergy to explain how energy storage can help meet demand spikes, the importance of supporting wide-scale deployment of renewable energy sources, and much more.    Related links https://www.linkedin.com/in/justin-rangooni-5063b542/ https://www.energystoragecanada.org/   --- To subscribe using Apple Podcasts To subscribe using Spotify To subscribe on Libsyn --- Subscribe so you don't miss a video: YouTube Check out our cool pics on Instagram More to Learn on Facebook Keep up with the Tweets Transcript: Dan Seguin  00:06 This is thinkenergy, the podcast that helps you better understand the fast changing world of energy through conversations with game changers, industry leaders, and influencers. So join me, Dan Seguin, and my co host, Rebecca Schwartz, as we explore both traditional and unconventional facets of the energy industry. Hey, everyone, welcome back. Today we're going to talk all things energy storage in Canada. We're welcoming back a guest we had on the show in 2020. To see what are some of the recent developments and insights in the energy storage industry that have occurred since our last discussion.   Rebecca Schwartz  00:51 Well, when I think of energy storage, I immediately think of batteries, you know, like Duracell, the Energizer Bunny, or even the battery pack in our cell phones- and mine that dies way too often. Honestly, it's pretty cool how we can just carry around these little capsules of energy anywhere we need or want.   Dan Seguin  01:09 It's actually a good comparison. But instead of charging your smartphone or powering your flashlight, energy storage is being leveraged on a whole other scale that could hold the key to many of our environmental and energy goals. According to urban insight, energy storage has been identified as the key to climate change mitigation. But globally, only 3 to 4% of electricity generated by utilities is being stored. They estimate that to limit global warming to below two celsius, energy storage capacity needs to triple overall by 2050.   Rebecca Schwartz  01:55 Recently, an article was published by Energy Storage Canada about our country's evolving electricity grid, and how energy storage and distributed energy resources are putting increasing expectations on our electricity grid to be more adaptable.   Dan Seguin  02:11 Power grids, by their very nature are designed for the fluctuation in electricy demand throughout the day by increasing and decreasing supply when necessary. Energy storage could offset peak electricity consumption periods like in the afternoon, and in early evening when people are returning from work or school. Not to mention our hot and humid summer days when everyone is running their air conditioning units.   Rebecca Schwartz  02:42 Storing energy and integrating it when it's needed into the system would prevent more expensive and potentially emission heavy infrastructure from being built.   Dan Seguin  02:52 So here's today's big question- what are ways countries like Canada can speed up its storage capacity to suit its demand? And are we on track to make it happen in time?   Rebecca Schwartz  03:09 Energy Storage Canada is the national voice for the energy storage industry. They are the only association that's dedicated to advancing energy storage in the country. Justin Rangooni, the Executive Director at Energy Storage Canada is here to talk about how Canada is and isn't charging up the energy storage revolution.   Dan Seguin  03:30 Nice to have you back, Justin. Let's dive in because I'm anxious to chat with you about what has changed within the energy storage industry here in Canada since we last spoke in back in November 2020. So let's kick this off with this question. What's been the most significant change in your industry since we last spoke in 2020?   Justin Rangooni  03:55 Thanks for the question. Great to be back in two years felt like not even that long ago. So it's really good. Good. Good. Good to chat again. So a lot has happened since we last chatted. So I think when we last spoke, it was all about talking about how at Energy Storage Canada we are trying to talk with decision makers in Ontario and the rest of Canada, about the benefits energy storage provide the system. Reliability, affordability, what have you and all the various services that energy storage can provide. So it's a matter of, of really educating decision makers. So flash fast forward, fast forward two years to today. It's more now, what's really changed is that the decision makers have now recognized that and now as they're doing their system planning and will focus in on Ontario specifically, is as they're talking about system planning and what is going to meet capacity needs and what's going to be used for any decarbonisation efforts. Energy storage is part of that conversation. It's part of that calculus. And this is exactly what we wanted to see and that's what- that's what's really changed. It's now part of that calculus in terms of what's going to happen next.   Rebecca Schwartz  05:03 How important is energy storage and supporting wide scale deployment of renewable energy resources so that Canada can meet its net-zero goals?   Justin Rangooni  05:11 I think the best response would be I found a new analogy. And it was from the New Yorker in a recent article that talked about the old energy storage provider in terms of optimizing the grids, the assets that are already on the grid. So what they talked about is when in situations when the wind is blowing, the sun is shining, the hydro, the water is flowing, the nuclear plants are humming, energy storage allows electricity grid to inhale. And then when the sun's not blowing, or the winds, that winds not blowing, or the sun's not shining, or the water is not flowing, or the nuclear plants aren't humming, what energy storage allows the grid is to exhale, and deliver that electricity to homes and businesses and to charge devices. And so that's what energy storage can do is to optimize.   Rebecca Schwartz  05:56 All right now, is there concern though, that energy storage will affect the grid? Like cause instability or create potential imbalances of supply? And is this maybe where energy storage and renewable energy intersect?   Justin Rangooni  06:09 Well, I think what energy storage does is solved some of those problems. What it does is, if it's part of the solution, the overall solution in terms of balancing the grid and optimizing what you have, energy storage can do that. Because one of the benefits of energy storage is that it's portable. It can be it can be situated anywhere in the province or in the country, and of every size and of all the various technologies available, there's lots to choose from. And as system planners can use that as a Swiss Army knife to make, make it work where it has to so we can balance the grid and optimize the assets and provide reliability. So energy storage is is that solution provider for the energy system.   Dan Seguin  06:47 Okay. In your opinion, Justin, what's impeding the wider adoption of energy storage across Canada's provinces and territories?   Justin Rangooni  06:57 So I think one of them, would it be just an- I think we talked about this two, almost two years ago. It's just a matter of for some systems, operators and governments in certain jurisdictions now, in terms of changing their mindset into away from traditional generation, traditional poles and wires, to see what energy storage and other DER types or non wire solutions can provide to the system. Credit to Ontario and Alberta. And we're seeing this a bit in Nova Scotia. And obviously, in Quebec, they're understanding the role now that energy storage and other non wires alternatives can provide. So they're developing roadmaps, they're reducing regulatory barriers, and they're creating the market mechanisms to really enable energy storage, I think other provinces across the country who are a little bit behind will start to follow suit, as well.   Dan Seguin  07:47 Okay, another question here. I think it's safe to say that the economics of storage is improving, and in some cases, has reached cost parity with conventional technology alternatives. Are the high upfront costs a factor that's discouraging more investors? Or is there something else?   Justin Rangooni  08:08 I wouldn't say it's- I think what's discouraging investors necessarily with would just be the certainty of where that, where the market mechanisms are going to be for energy storage. So in the US, you have, I think, almost a dozen states, who have a energy storage procurement or energy storage targets. So that's sending a signal to the to the sector and investors that we're looking for energy storage, we're looking for non wire alternatives to put on the grid. So what that's I think that's the biggest thing that others are looking for in Canada is, where's that certainty? Where's that? Where's the path forward for energy storage in the country? So I think in Ontario, we're starting to see that with their capacity needs that are coming up, people are looking at it and saying, okay, energy storage can definitely fill that role. So they're seeing the interest in that. So you're seeing a lot more interest in Ontario for the role of energy storage.   Rebecca Schwartz  09:03 All right, Justin, if you had to break it down super quick for someone, what would be your elevator pitch for why we should integrate energy storage into a broader system framework? So if you had one minute to convince them that energy storage is the missing link to accelerating our path, to net-zero, what would you say?   Justin Rangooni  09:20 So I won't do the analogy again. But if it was the first time of the elevator, that first I would use the inhaling/exhaling analogy. But what I would say quickly is simply that energy storage is a solution provider. It provides different solutions depending on what the need is. If you need it for reliability reasons to make sure that the lights are going to be on energy storage can play that role by saving that energy when it's needed. Storing the energy when it's when it's when it's needed, and then issuing it and then also for affordability reasons to defer investments and new generation or new poles and wires. There's a lot of different reasons for energy storage, but again, I think that analogy is the best one I've seen so far.   Dan Seguin  10:04 Some might not like me for this next one. But here goes Justin, how can energy storage help meet demand spikes, and also reduce or even eliminate the need to maintain or build new gas plants, which are among the dirtiest generators on the grid here in Ontario.   Justin Rangooni  10:27 So where energy storage can play that critical role is storing electricity when it's generated at times when maybe you don't need it. So instead of curtailing or spilling water, or unnecessary or maybe importing it, or exporting it at a loss for that excess surplus generation, energy storage can step store that electricity. So when there's peaks in demand, and energy storage can, you know use that the system planners can use the electricity that is stored during those peak demands, and to really start leveling out that need for the new peaker plants or existing peaker plants for that matter. So it's really storing the energy for a future use. And that's, that's why we're so excited about energy storage.   Dan Seguin  11:12 Now, in an article you wrote in 2021, you reference that the Independent Electricity System Operator was undertaking a study on the potential phase out of Canada's gas generation. You noted that energy storage Canada was keen to participate in the study. Has there been any movement? What are you hoping to achieve?   Justin Rangooni  11:39 So what happens is we last talked is the IESO did kind of, I would call it a preliminary report, on their decarbonisation efforts or the phase out of natural gas. And a lot of stakeholders took issue with it because of the some of the assumptions that were made. And even the Minister of Energy, looked at it and said, you know what, go back and develop the path. So we are eager to see what that path will be now coming out in November, I think the report is due from the IESO. And what we would like to see is a various, a long range of assumptions and scenarios that really get us to that proper path that is cost effective and reliable. The first path kind of just used one scenario. But I think there are very much very different paths to achiev net-Zero in Ontario and in Canada, and what energy storage can provide because there's different technologies because it could be short duration, or long duration, could be pumped storage or flywheels, or batteries, or what have you. And it can be in different locations, throughout the province or throughout the country. There are many different pathways to get there. So that's what we would really like to see in that report. Show us all the different scenarios; show us the cost effectiveness so you have a wide menu, a variety of a menu to choose from. And we think it can be done. In fact, energy storage, Canada will be issuing a report, working on a report right now, that will be done later this year, with regards to how much energy storage will be required in Canada to achieve net-zero by 2035, that the federal government targeted. Because we're hearing a lot of other numbers of saying how we're gonna get there. So we're trying to say as well how much energy storage is going to be required to make that happened. So we look forward to sharing that report with you in the next few months.   Rebecca Schwartz  13:22 All right, Justin, are you seeing policy or regulatory movement at the municipal, provincial or federal level, to help facilitate energy storage into future plans? And could you talk a bit to what's encouraging you and maybe touch a little on what's discouraging you?   Justin Rangooni  13:38 So I would say encouraging is the example set out in Ontario and Alberta. They they took a concerted effort credit to the Alberta System Operating and credit to the Ontario's IESO for developing a roadmap to say, okay, we know energy storage is coming. So what do we have to do to get our house in order with market rules with regulatory rules with system tool upgrades? So they've really set out a nice path? Obviously, maybe discouraging, we would say and Ontario is okay, you're not, maybe you can get a little faster in terms of really that opportunity of value stacking all the all the values that energy storage can provide, we probably want to see that timeline accelerated a little bit, but at least it's out there. We and we hope that this could serve as a good signpost for other provinces to follow. And we're seeing that hopefully in Nova Scotia, and hopefully maybe we'll see that in Saskatchewan and New Brunswick, what have you trying to say? What is that roadmap to really enabling energy storage because we know it's coming.   Dan Seguin  13:38 Now, let's tackle a catchy subject. Cost. How does energy storage protect provinces, cities, utilities and customers against rising demand and energy costs?   Justin Rangooni  14:50 So I would probably hark back to our report that we did in the summer of 2020 by Power Advisory for Ontario. We looked at and said well, how if there were at least 1000 megawatts of energy storage on the grid, what would be the impact for ratepayers. And what the power advisory report concluded was with with at least 1000 megawatts of energy storage on the grid, it would save ratepayers approximately $2 billion over the over the next decade. And what they looked at was ways that it was saving ratepayers money. It was deferring invest poles, a traditional poles and wires investments, maybe they don't have to be made right now you can defer some of those. Avoidance or deferral of new power generation, which is costly. So it's, it's those mainly two and again, it's also price, perhaps arbitrage, too where we're seeing, with some larger commercial industrial customers, who have behind the meter storage installed, and are avoiding the high demand times by using the energy storage and it's stored behind the meter to save, save on cost as well. So that's where we're looking at the really the what, what energy storage can provide in terms of affordability issues. And as you mentioned before, the costs of energy storage are going down. And we're talking about batteries, we're seeing a continued decline, and forecasts are showing a decline continuing for the rest of the decade. But again, as with other technologies of energy storage technology, it's all a matter of when do you want to- where do you want to use it and what benefit it's providing?   Dan Seguin  16:19 Justin, is it fair to say that most renewable energy, like wind and solar, may require daily energy storage to maximize their benefits and secure against seasonal shortfalls in Canada, when the wind doesn't blow as much like in the summer, and the sun doesn't shine as much like in the winter?   Justin Rangooni  16:41 So yes, I think energy storage could definitely optimize that variable, renewable generation. And depending on what the technology you're looking at, it could even be done, you know, hourly too if you have a certain batteries are co-located, or are very close to those the wind and solar assets as well. And again, energy storage also provides that benefit to all forms of generation, it's a matter of storing what's on the grid and the system operators using the tool that energy storage provides to say, well, we don't need all this power that all our generation assets are producing. So we're going to utilize this battery, these energy storage resources, we have to store that excess energy, and then to release it when it's required. So again, if why we're so excited energy storage, because we're just talking about batteries, there's batteries, there's pump storage, there's flywheels, or compressed air, there's thermal storage, there's a lot of possibilities. And they all can play a critical role in optimizing wind and solar assets, and hydro and nuclear assets as well.   Dan Seguin  17:42 Now I have a follow up question for you, Justin. What's your prediction based on the current trajectory on how much of all energy use in Canada's 2050 future could be stored at any given time? And why is that important?   Justin Rangooni  18:00 So it's probably hard to forecast that number. Now, our report will put a number on what is the minimum to achieve net-zero by 2035. So we will have a number, a national number and broken down by the provinces as well, to see what that number is. But really, it all depends on what the system planner is using the energy storage for. Now, you could have big giant, big energy storage projects, that could be in the almost 1000 megawatts, all the way down to smaller energy storage projects with or in the single digit megawatts or less. So it really depends on what the system planner wants to utilize those energy storage projects for. So it's really tough to tell, I think an example would be right now in California, they have about 3000 megawatts of grid scale connected storage, their peak demand is almost 30,000. So 10% in California, right now, is energy storage, meeting that peak demand. And that's only growing. So again, I think it all depends on what the system planner is looking and the jurisdiction and a lot of factors. But as we're seeing in California, energy storage is playing an increasing critical role to meeting energy needs.   Rebecca Schwartz  19:07 Okay, so we've talked a lot about the many applications for energy storage beyond just cost reduction. And I'll go ahead to name a few just now. So we've talked about battery storage, increasing capacity, improving reliability, supporting renewable integration and deferring transmission upgrades. So because of its versatility, and its ability, battery storage, some might say it could be the true Swiss Army knife of grid solutions. What would you tell our audience is the best feature of battery storage? Or maybe what's most impressive secret feature that others aren't aware of?   Justin Rangooni  19:44 That's a great question. So I'm gonna do my little public service announcement. And I do this for a lot of decision makers to and others. Well, we alked about energy storage, we should talk about more than just batteries. I know it's easy just to say battery storage and a lot. A lot of a lot of people do that and it's understandable. But again, there's a lot A lot of different energy storage technologies, Energy Storage Canada, we're technology agnostic. So we represent batteries and all the different chemistries of battery, not just lithium there's zinc and there's other chemistries. We also talk about pumped storage and flywheels, thermal storage, mechanical storage, what name you there's, there's a lot of different energy storage technologies coming. So maybe that's part of the secret is that there's so when we talk about energy storage, is that there's so many different technologies there that can be used of different sizes, of different characteristics. And one thing I would say a bit of a secret, probably, that is a secret, but just something we should all remember is the portability of energy storage, this can be put anywhere, depending on the technology, it doesn't have to necessarily be in a certain part of the province or the country that has a good natural resource. It can be put anywhere that the system planner needs it. So as we're talking about even utilities, on the utility distribution side, they'll look at their distribution network and say well, where can energy storage work here? And then obviously, the IESO is looking at it from the grander scheme, the prvoincial scale, and saying well, where does it make sense? And so that's the, that's probably the best kept secret of energy storage, and it can be put anywhere.   Dan Seguin  21:10 Having gone through two years of pandemic, what has been the impact of this pandemic, on the energy storage industry? Have there been opportunities that perhaps you weren't aware of before?   Justin Rangooni  21:26 That's an interesting topic. I think, what, obviously, the pandemic has been tough on all sectors with supply chain issues, so that that energy storage is no different from what we're seeing in other jurisdictions as well. But what I think it has allowed system operators and governments to do is to think of other ways how to decarbonize how to provide reliability service, how to make the system more affordable, and has allowed them to start thinking a bit about more innovative solutions, like energy storage, and other non wires alternatives. So the pandemic has allowed that opportunity for more positive thinking, and we're starting to see that in other in Ontario, and and throughout Canada.   Rebecca Schwartz  22:06 All right, we would love to hear your thoughts on vehicle to grid and vehicle to building systems. And if you think that they'll become mainstream when regulatory barriers are lifted.   Justin Rangooni  22:14 So with that one, I think we've worked with some great partners like Plug'n Drive, and others, and there's a few of our members like Peak Power, who are very interested in the vehicle to grid initiative. And where we see a lot of potential obviously, is, with the increased electrification, they hope we'll have a lot more EVs on the road, is we look at that and say, well, your electric vehicle could be your battery for your home, it could be a battery for the local distribution company, if they wanted to utilize it. So in terms of your question of vehicle to grid and what it can do, I think sky's the limit in terms of the innovation, that this could be a real game changer in terms of providing needed electricity when it's required or properly optimizing it. So it's great that people are- utilities and and others are looking at electric vehicles more than just for transportation. It can also power your home, it could help power the distribution network. It's really exciting possibilities.   Dan Seguin  23:15 Okay, here's a bonus round question for customers. What's something you want the average electricity customer or homeowner to know about energy storage? Is there a place for them at the table for them to adopt this tech and help reduce climate change or their own emissions now? What are your recommendations?   Justin Rangooni  23:40 Great follow up to the last question. I think in the next- the short term answer to that one is to look to electric vehicles. That is your best way as the average homeowner in terms of your own decarbonisation efforts, really, is to get that electric vehicle. And again, with vehicle to grid, there could be a lot of possibilities that can even be more decarbonizing to the grid as well. So I would say to the average homeowner, the car battery electric vehicle can be a storage device for you to be a storage device for your utility, a lot of possibilities. So that I would say and then maybe further on in a few more years time, I think you could start seeing some residential energy storage of devices in the home as well. Again, playing with the the electric vehicle, you have in the car, maybe you have some solar panels on your roof, or again, the utility is seeing that the residential energy storage is a great tool for the utility to use. Again, there's a lot of possibilities down the road for the average homeowner but I'd say you know, electric vehicles are here. There's a lot more I would say go pop, go look at Plug'n Drive's website, go look at your local utility, talk to them, and go to your car dealership and see what electric vehicles are out there.   Rebecca Schwartz  24:53 All right, Justin, as you know, we always end our interviews with some rapid fire questions, and we've got some new ones for you. Are you ready?   Justin Rangooni  25:01 Okay, let's go.   Rebecca Schwartz  25:02 What are you reading right now?   Justin Rangooni  25:04 Oh, okay, so I am reading the fiery trial about Abraham Lincoln's evolution of his thinking on slavery, pre Civil War and during Civil War, and obviously afterwards a bit.   Rebecca Schwartz  25:18 If you had to name a boat, if you had one, what would you name it?   Justin Rangooni  25:21 That's a hard one. The only thing that comes to my mind is Boaty McBoatface. That's all like that's, that's it.   Rebecca Schwartz  25:27 Who is someone that you admire?   Justin Rangooni  25:30 So I should say my parents by now I'm talking to Hydro Ottawa. So my answer will be Bryce Conrad.   Rebecca Schwartz  25:35 What's the closest thing to real magic that you've witnessed?   Justin Rangooni  25:38 Oh, I would say the Toronto Raptors winning the NBA championship. I didn't, I didn't think that would have happened in my lifetime. So it was really magical to see and hopefully we can see it again.   Rebecca Schwartz  25:48 What's been the biggest challenge to you personally, since the pandemic began?   Justin Rangooni  25:52 Oh, thebandwidth with the kids were when they were home, with the spouse being home and working. Yeah, it was the bandwidth it was that was that was a challenge.   Rebecca Schwartz  26:02 Okay, we've all been watching a lot more Netflix and TV lately. What's your favorite show or movie right now?   Justin Rangooni  26:07 Oh, I think we watched Superstore and The Fffice on Netflix on perpetual, perpetual loop. It's a nice comfort watch.   Dan Seguin  26:15 Lastly, what's exciting you about your industry right now?   Justin Rangooni  26:21 Well, that's a great, great question to wrap it up on because I think it's this is an exciting sector to be in. I think we're catching the wave right now on some really big possibilities and opportunities for the sector. Because we're energy storage we can provide that value on the utility scale. And through to the distribution side and behind the meter to the residential. I think energy storage is really starting to take off and really becoming seen as a mainstream resource and a tool in our- in Canada's electricity system. So that's what's really exciting and really excited to see what the rest of the decade is going to bring for energy storage.   Dan Seguin  26:57 Well, Justin, this is it. We've reached the end of another episode of the thinkenergy podcast. If your listeners want to learn more about you and your organization, how can they connect?   Justin Rangooni  27:10 They can go on to energystoragecanada.org. We have a refreshed website, they can take a look and and find out some more information see all the work that we're doing see a page of our growing membership list, which includes Hydro Ottawa. Also they can attend our conference in October, it will be in person fingers crossed. Downtown Toronto is what we call it the only national conference focused on energy storage. So it's something if you're interested in storage. You don't want to miss it.   Dan Seguin  27:41 Again, Justin, thank you so much for joining us today. I hope you had lots of fun.   Justin Rangooni  27:46 I always do. This is fantastic. Thank you so much for having me back. Thank you, Daniel.   Dan Seguin  27:50 Thanks for tuning in to another episode of the thinkenergy podcast. And don't forget to subscribe and leave us a review wherever you're listening. And to find out more about today's guests or previous episodes, visit thinkenergypodcast.com. I hope you'll join us again next time as we spark even more conversations about the energy of tomorrow.  

Podcasting is Praxis
UNLOCKED: E101 - For Years You Have Been Asking, Who Is Boaty McBoatface (Featuring WTYP)

Podcasting is Praxis

Play Episode Listen Later Apr 30, 2022 93:04


We're on holiday this week, so enjoy this episode from the vaults: From Normal Island to Artificial Island, we take Liam and Rocz from Well There's Your Problem on a terrible journey across international waters powered only by Bitcoin mining rigs and dubious theories about what consent is. Featuring: First Mate David (@SanitaryNaptime) Seasoned Sea Salt Seasoner Rob (@CountRThe) Keelhauler Jamie (@anxietycowboy) Bermuda Triangle Abductee James (@anarchonbury) Canonical Baller Rocz (@who_shot_jgr) Yo-Ho-Fiddle-De-Fuck You, Buddy Liam (@notliamanders0n)

Things I Text My Brother
Ep 22 - Johnny AppleSwede and News Right Fresh From Heaven

Things I Text My Brother

Play Episode Listen Later Feb 16, 2022 34:18


This episode starts with a dramatic reading of a text exchange between the brothers Drouillard regarding Johnny Appleseed's Swedenborgian seed-planting mission and goes on to discuss The Unsinkable Molly Brown, alternative spirituality, Paul Bunyan, Boaty McBoatface, Björn Borg, Emanuel Swedenborg, Pastafarianism, the Fort Wayne TinCaps, and the fact that we will need more than jam to make it through a nuclear winter. Father Art blesses us with another visit as well. Follow us @ThingsITextMyBrotherPodcast on Instagram where you can leave us notes for us to tackle in future segments of Ablutions and Edification. Like, subscribe, and do all the other things which podcasts tell you to do. Then, tell a friend, enemy, and total stranger. For those who love the experience of audio draped over a static image, head over to the Things I Text My Brother page on YouTube! Please consider helping to save lives by joining the Things I Text My Brother group through the American Red Cross and donating whatever you can. Whether you are able to give some blood, some time, some money, or some awareness to the cause, all of it helps save lives. https://3cu.be/blood ———————— Textstomybrother@gmail.com ———————— MUSIC AND SOUNDS Theme Music: Still Pickin by Kevin MacLeod (Royalty free music) (filmmusic.io) "Still Pickin" Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 4.0 License http://creativecommons.org/licenses/by/4.0/ ———————— Lovely Piano Music Under Dramatic Reading: Relaxing Piano Music by Kevin MacLeod Link: https://incompetech.filmmusic.io/song/4273-relaxing-piano-music License: https://filmmusic.io/standard-license ———————— Church bells and various sounds effects: https://mixkit.co/free-sound-effects/ Mixkit Sound Effects Free License https://mixkit.co/license/

Well... That’s Interesting
In-Betweeni 072: Goldfish Can Navigate Tiny Cars + A Hero Named Boaty McBoatface

Well... That’s Interesting

Play Episode Listen Later Jan 30, 2022 28:08


You heard it hear first folks! One day we'll be taking our pet fish for walks, and/or they will become our overlords. Also, Boaty McBoatface. A hero with some staggering news. --- Love the show and wanna show some love? Venmo Tip Jar: @WellThatsInteresting Instagram: @wellthatsinterestingpod Twitter: @wti_pod Oh, BTW. You're interesting. Email us YOUR facts, stories, experiences... Nothing is too big or too small. We'll read it on the show: wellthatsinterestingpod@gmail.com --- Support this podcast: https://anchor.fm/wellthatsinteresting/support

Science Night
Talking Bodies with Adam Taylor

Science Night

Play Episode Listen Later Jan 14, 2022 44:10


This week Prof. Adam Taylor of Lancaster Univ. is talking to us about his attempts to teach the people of Britain more about their bodies, and his work on a very rare disease. In the news, we're talking about fish cars and a check-in with our favorite autonomous submarine. Our Guest Prof. Adam Taylor is the Director of the Clinical Anatomy Learning Centre & Professor in Anatomy at Lancaster Univ. He is an anatomist with a passion for understanding how the human body is formed and how it functions in both health and disease. Your Hosts Steffie Diem (https://twitter.com/SteffiDiem) Jason Organ (https://twitter.com/OrganJM) James Reed (https://twitter.com/James_Reed3) Credits Editing-James Reed (https://twitter.com/James_Reed3) Mastering- Chris Goulet (https://twitter.com/gr8goulet) Music: Intro and Outro- Wolf Moon by Unicorn Heads | https://unicornheads.com/ | Standard YouTube License Additional Sounds- Inside a Computer Chip by Doug Maxwell |https://www.mediarightproductions.com/ | Standard YouTube License Octonauts Theme by Doug Hendley | Copyright Brown Bag Films 2010 https://www.brownbagfilms.com/work/octonauts The Science Night Podcast is a member of the Riverpower Podcast Mill family www.scinight.com

Digital Planet
Robots under the Thwaites Glacier

Digital Planet

Play Episode Listen Later Jan 12, 2022 44:36


Huge robots, including a seven-metre two-tonne vessel named Ran, are on their way to the Thwaites Glacier to learn more about the retreating ice and its impact on Climate Change. But this won't be the only tech that's being deployed on the 65-day mission; British Antarctic Survey's Boaty McBoatface and the Autosub Long Range vehicle operated by the National Oceanography Centre in the UK, will travel under the ice shelf along with Ran. Professor Anna Wåhlin from the University of Gothenburg tells us more about her robot Ran and about the data she'll be collecting. Tiny light engines We're talking to Ed Tang, the CEO of Avegant. They're the company behind the world's smallest light engines for augmented reality. Developing projectors thinner than the width of a pencil means we're on the brink of AR glasses that will barely look different from standard glasses. Alongside talking about how this technology works, Ed also spoke to us about what this means for the future of AR. James Webb telescope tech Space journalist Kate Arkless-Gray is live on the show to tell us about the tech that got the James Webb Telescope into space and how vital it is that none of the tech deployed goes wrong - unlike the Hubble space telescope, repair missions to James Webb are impossible. The programme is presented by Gareth Mitchell with expert commentary from Ghislaine Boddington. Studio Manager: Nigel Dix Producer: Ania Lichtarowicz (Image: Ran navigates its way under the ice front of Thwaites Glacier. Photo credit: Filip Stedt)

Science Weekly
Is the world's most important glacier on the brink of collapse?

Science Weekly

Play Episode Listen Later Jan 11, 2022 11:37


It's been called the most important glacier in the world. The Thwaites glacier in Antarctica is the size of Florida, and contains enough water to raise sea levels by over half a metre. Over the past 30 years it has been melting at an increasing pace, and currently contributes 4% of annual global sea level rise. Ian Sample speaks to marine geophysicist Dr Rob Larter about a new research mission to the Thwaites glacier, the role of Boaty McBoatface and what it's like to see a region melt away before your eyes. Help support our independent journalism at theguardian.com/sciencepod

Kottke Ride Home
Fri. 01/07 - Boaty McBoatface and the Doomsday Glacier

Kottke Ride Home

Play Episode Listen Later Jan 7, 2022 17:50


How Boaty McBoatface is helping diagnose the severity of the situation at the Doomsday Glacier in Antarctica. Plus, it looks like solar shingles are finally actually a thing. And something to try this weekend––the Dutch practice of uitwaaien.Sponsors:ExpressVPN, ExpressVPN.com/kottke for an extra 3 months FREE on a one-year packageShopify, Get a 14-day free trial at shopify.com/kottkeLinks:How Explosives, a Robot, and a Sled Expose a Doomsday Glacier (Wired) Boaty McBoatface Is Set to Confront Antarctica's Doomsday Glacier (Gizmodo)Doomsday Glacier in Antarctica Could Collapse Soon: New Research (Rolling Stone)Scientists explore Thwaites, Antarctica's 'doomsday' glacier (AP)What Antarctica's 'Doomsday' Glacier Could Mean For The World (Science Alert)10/19/2020 - Grand Duke Travis of Westarctica Wants To Save the Planet (Kottke Ride Home) The solar roof could finally become a reality thanks to GAF's nailable solar shingles (The Verge)Solar shingles you can nail to a roof unveiled by GAF Energy (Venture Beat)GAF Energy's easy-install solar shingles aim to outshine Tesla roofs and traditional panels (Tech Crunch)Forget hygge, it's time for uitwaaien (Washington Post)Uitwaaien: the Dutch invention you never knew you needed, until now (Dutch Review)Uitwaaien, or Outblowing, Is the Dutch Cure for the Winter Blues (Mental Floss)09/17/2020 episode - Practice Friluftsliv This Winter (Kottke Ride Home)Corona's New Beer Adds Vitamin D, Removes Alcohol (AdWeek) Corona Looks to Conquer the "Vitamin D Beer" Market With Odd New "Sunbrew 0.0" Non-Alcoholic Beer (Paste)Wes Anderson to Direct Benedict Cumberbatch in Roald Dahl Film Adaptation (Collider)Wes Anderson to make new Roald Dahl adaptation with Benedict Cumberbatch (The Guardian)Kottke.OrgJackson Bird on TwitterSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Multiple Nerdgasm
441: The Reccomendum

Multiple Nerdgasm

Play Episode Listen Later Nov 4, 2021 65:21


Need somewhere to lay low while something you did blows over? Matt's Vermont house has become a respite for those who may be in some trouble.Links:Dune: Part Two set for Fall 2023 Denis Villeneuve wants to make at least three Dune movies Eternals has lowest score of any Marvel film Hayden Christensen to return for Ahsoka series Alec Baldwin hides out near Matt's Vermont house Production companies may to switch to prop guns Rust armorer shifts blame Richard Stanley files charges against accuser Boaty McBoatface launches

Sadistically Speaking
Episode 56 - Let's Go Santa

Sadistically Speaking

Play Episode Listen Later Nov 2, 2021 10:33


The current "Let's Go Brandon" movement is a glorious example of counter-culture that has been a hallmark of this country.  Let's relish in it.  Join together in a cheer and try to forget the forces that would rather tear us apart.  Also, make sure to score some drugs for the upcoming Christmas cartoon watching season.  #TopperThePenguin

The Measure of a Fan
This is That Star Trek Thing (Enterprise - Shockwave part II, with Benjamin Connell)

The Measure of a Fan

Play Episode Listen Later Oct 13, 2021 72:52


We're back! Physicist, writer, and the original Boaty McBoatface, Benjamin Connell, joins PJ, Mat and Eliot to kick off season two of Enterprise, and watch Shockwave part 2. Archer is trapped in the future, the Suliban have captured the Enterprise, and we're finally recording in person again! I saw a gazelle once... Follow the podcast on Instagram, Facebook and Twitter If you enjoy the podcast, and would like to support it, you can buy us a coffee on ko-fi.com Check out Eliot's music on Soundcloud Follow Mat on Instagram Follow PJ on Twitter and Instagram Follow Benjamin on Twitter This episode was recorded in September 2021.

Pillow Scream Radio
Ep. 012 - To Hell With Kings! (03/27/21)

Pillow Scream Radio

Play Episode Listen Later Mar 29, 2021 93:00


This was a fun one. News topics include: the Boulder Shooting, gun laws, Boaty McBoatface in the Suez Canal, our Beautiful Boy Bernie in Bessemer, and the new (Republican) voter suppression laws just passed in Georgia. But the main attraction is the oft-forgotten Milwaukee Socialists! Once nicknamed the "Sewer Socialists" for their commitment to public health and sanitation, the three socialist mayors of Milwaukee proved that socialism works at the lowest level--improved quality of life, arts, recreation, workers' rights and general humanity. Oh and they were anti-monarchists aka total G's (they also ran a balanced budget every year, if you're one of the weirdos that cares about that). Follow us on Twitter: @pillowscreampod And help us reach more vets by giving us some stars on Apple Podcasts! Apparently that's all that matters in PodWorld.

A Breath of Fresh Earth
Stubble Burning

A Breath of Fresh Earth

Play Episode Listen Later Dec 15, 2020 23:14


Rf@richardfriedman.net What's going on in India? Why are farmers burning their fields? Did you know the enormous city of Chennai almost ran out of water in 2019? Coca-Cola is a major polluter. Maybe it's time I abandon my favorite beverage? Talk is cheap. {00:54} Stubble Burning {06:00} Chennai {08:22} Hero of the Week {10:35} Villian of the Week {11:23} In the MiX, Boaty McBoatface, Rudy, Lucy, and a romantic movie {21:01} Scientist Birthday You can find my books here with the links to find your favorite retailer. Climate Fiction novels: Escape to Canamith https://books2read.com/u/bWP9y1 The Two Worlds of Billy Callahan https://books2read.com/u/mvnvLX Cli/Fi short stories- A Climate Carol and Other Cli-Fi Short Stories. Available in print or audiobook. https://books2read.com/u/38roQL https://www.rev.com/transcript-editor/Edit?token=X_TIB7BX9Vkn7TdapooG9E8f8VsH3RvIDf00TcuQX-irvzHXaR5ez3YA6xFLzqqOqbP12Spj6_tEr-nrG_LlSC3AGu4&loadFrom=DocumentDeeplink&ts=8.72 (00:08): Welcome to a breath of fresh earth, taking the commitment to a clean environment, to the next level. Your host, Rick Friedman will Chrome the climate hero and villain of the week. Along with discussing worldwide environmental issues, showcasing new products, designed with the longevity of our planet in mind and putting the spotlight on the individuals, making a big impact in helping the climate and pollution crisis through social media. Now, your host, Rick Friedman Santa Claus (https://www.rev.com/transcript-editor/Edit?token=Z6_n2S6VoG3OcCds0JKy9fwwIuskOetk2rCaULpcvn8AG07hc1maQ2Qmc9EYLE4EMx3Gb5lpcbE_f8aPVwYzwGnn7yM&loadFrom=DocumentDeeplink&ts=49.1 (00:49)): [inaudible] Rick (https://www.rev.com/transcript-editor/Edit?token=jZm9BM6oyb61jYqBSsfF9GUJGTyK1Aek8Cn1Ii8gnxxzyc0Drwww4zqHrGb0qAiZkrcxk4VdO_HKEPv-CjQl8SUANYo&loadFrom=DocumentDeeplink&ts=53.75 (00:53)): Pollution in Delhi. India is a major problem. The situation is aggravated by delhi's geography. The city is landlocked and it sits in a kind of a natural bowl surrounded by industrial and agricultural areas. There's no coastal breeze. So the pollution just hovers over the city to emissions from cars and trucks and even dust from the roadside contributes almost 80% of the particulate matter. That nasty 2.5 that we talk about and then to make it even worse. Once a year at harvest time farmers across the neighboring States set fire to their fields to clear them for the next season. That's known as stubble burning. I'll have more about that in a minute. Back to Delhi, the public works department installed 23 anti-smog guns throughout the city and 150 water tankers that sprinkle water on the trees, roads, and construction sites all over the city. This year, they've sprayed over 7 million liters of water. Rick (https://www.rev.com/transcript-editor/Edit?token=C9283TCp7hHvMImLAW7xbQR29n01zqSKE2tM6qAtAMYg0vx14we1kcSMcfimtMOyptKt0z5OjYQUHwthzKh1HE_copM&loadFrom=DocumentDeeplink&ts=109.46 (01:49)): We'll talk about a water shortage in India in a minute. So what are they doing? They're spraying water into the air, hoping that it sticks to some of the particulate matter and it falls to the ground like what rain does. Of course rain lowers the level of air pollution, but this is just a cheap attempt and a waste of time and money and resources fix the problem. Don't cover it up with a squirt gun, a big squirt gun, but still it's just spraying water. The best solution obviously would be to reduce the pollution at their source. Yeah, it'll be expensive to fix India's air pollution problem, just like anybody, but people are dying in huge numbers in India from air pollution in 2019 more than 1.5 million people died from air pollution. All right. So let's talk about stubble burning. I never even heard that phrase until last year. Rick... Support this podcastSupport this podcast at — https://redcircle.com/a-breath-of-fresh-earth/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

The Clink Tank
Episode 35: Boaty McBoatface

The Clink Tank

Play Episode Listen Later Aug 20, 2020 93:48


We are back and season 3 is ready to roll with our 34th episode. Patrick stirs up our “Concoction of the Week - the Boaty McBoatface" As the gang reviews Patrick's "Whatcha' Rolled" Movie pick - Boat Trip. Category is? Comedy(Bad) (Please note this episode was recorded right before we went into quarantine) Our Patreon go to: www.Patreon.com/TheClinkTank Follow us on Twitter: @TheClinkTank @pmdoneghy @whiteyrob and @mattybaughs. And keep up with the craziness at www.TheClinkTank.com Subscribe, Rate & Review us on iTunes, SoundCloud, Stitcher & GooglePlay!

newline
Proactive Security with Eric Higgins

newline

Play Episode Listen Later May 13, 2020 72:23


Resources:Eric's book, Security from ZeroEric's company, Brindle ConsultingEric's TwitterAmelia's TwitterNate's TwitterWelcome to the podcast. Our show is a conversation with experienced software engineers where we discuss new technology, career advice, and help you be amazing at work.I'm Nate Murray and I'm Amelia Wattenberger and today we're talking with ex-Google engineer Eric Higgins who is the founder of Brindle Consulting and co-author of the book Security from Zero.https://www.brindleco.com/In this episode we talk about how to think about security as developer and how to take the responsibility we have seriously. We talk about how to take a preventative and proactive approach to your security, and that means we cover:How to deal with extortion threats by having a bug bounty programHow to think about automation tools when it comes to securityWhat resources you should read if you want to get better at securityHow much does a web developer need to know about security, really?Eric has worked in security for a long time and he does a great job at being pragmatic to make sure the security goals are in line with the business goals. Amelia and I really enjoyed our conversation with Eric and I'm sure you will, too. Let's get started. Eric Higgins PodcastNate: [00:00:00] All right. So Eric, welcome to the show. Just kidding. Thanks for having me, Nate. Your company is brittle consulting, so tell us about it.Eric: [00:00:07] Brindle consulting. I basically help my clients who work in the tech sector and have customers, have been customers. They're profitable, but they've.Avoided working on security for a little bit too long, and now they are finally starting to realize that they have some problems that they need to address, and it's becoming overwhelming. So I help them create a very practical security program so they can start to address these things so that they stop from feeling like they're reacting to all this stuff and start taking some proactive approaches.Nate: [00:00:37] What kind of stage company are we talking about here? . On Bug BountiesEric: [00:00:39] the types of stages of clients that I thought I would get are very different than what I've actually had to work with.here's like the common denominator in all these  cases.Usually they'll start to get emails to a gall, have like a security@mycompany.com email address set up where people can report security issues and they. Inevitably, we'll start to receive these emails from security researchers. I'm quoting here, security researchers, and it's usually people who are running these scripts that look for common vulnerabilities against like somebody's website, and.They're basically trying to extort these companies for money to pay out because they don't have a bug bounty program in place. And what that really means is that they don't have a policy in place to say that for these types of vulnerabilities that we're willing to, pay, you'd report to us responsibly.This is how much we pay, right? And this is the rules by which this game is played. So they start to get overwhelmed because they constantly get hit by all these things or all these emails from these researchers, and they start to feel overwhelmed. And it gets to the point where the individuals who are responding to all these emails or all of these security related issues start to realize that like they can't get any of their normal work done because they're just buried in all these security related requests and they realize like it just like, and any other company for any other position, you need somebody to be doing this stuff so that you're not the one doing it. So then they come to me and they say, how do we avoid this problem? Maybe we're not at the stage yet where we can hire somebody to work on security full time for a variety of reasons, but maybe we can do some things to make sure that we don't feel like we're buried in this work and we're not constantly getting distracted from working on our product, but still making sure that we maintain a certain level of security and know how to respond when these things come up.Nate: [00:02:26]Yeah. I want to talk about the bug bounty programs a little bit. So going back, you're saying you used air quotes around security researchers.The implication is they're maybe not really researchers, but maybe they, what's the idea that they have, they're using automated scripts or something to find these vulnerabilities and they're just trying to. Collect bounties? Are they actually trying to say like, we found the security hole and we're going to exploit it.You don't pay us a ransom. What are you implying here?Eric: [00:02:49] So it's a little bit more of the former, I mean, I guess there's a hint of the ladder in there. So here's what I really mean by this. So not to admonish anyone, because I think that there, I mean, I know that there are a lot of real security researchers out there who play by the rules, but there's a certain class of individuals.And there seems to be a network of them that they tend to come from like third world countries or where they have internet access and like they're just looking for some way to make money. Right. So, you know, it's noble cause I suppose, but they specifically seem to target companies that don't have a published.Responsible disclosure policy. So responsible disclosure is really like the umbrella term for what a bug bounty policy is, or a bug bounty program. It's a way to report security issues to accompany in a responsible way, which is the opposite, would be like they just publish about it on like Reddit or hacker news or a blog or something and make it public to the world without telling you first.Right? So the old school mentality. Or approach to this that a lot of companies used to take was if you reported security issues to us, we would assume that you were a hacker and we would start to litigate against you, right? We would take you to court and Sue you cause you're hacking us. So that approach doesn't really work like that stupid and nobody should do it.And I have a firm position on that instead. The way that the landscape has shifted is now there's actually companies. In existence that will help you create and run above bounty program where it's an incentivized responsible disclosure program. That's what the bug bounty is. And you basically say, like for this class of security issues, we'll pay you X amount of dollars.So just to give you some examples. So Google I think has different classes of bounties that they'll pay out. And I think the highest is something like $100,000 and that's if you can find a security, like a major security issue in like the Chrome browser or Android operating system for their phones.Right? So there's a very high level of payout for very like deeply technical and like widely exploitable type of security issue. More commonly for like the class of companies that I work with, they'll have some kind of web application. It will be vulnerable to like SQL injection or something else. It's like relatively common that these, I would say the lower tier of security researchers, they're looking for all these low hanging fruit that they can run some kind of software and scan for these things and find them pretty quickly.Then they contact the companies by email and say, Hey, I thought all these issues, I would love to get paid for my work. So the problem with this is that there's, I guess a few problems with this. The first is like they're not really. Doing a lot of work, right? They're bringing it to your attention, which is great.But as soon as those companies, and this has happened to a number of my clients, as soon as you pay out with one of them, they tell all of their friends and their network that this company pays out. Then like you start to get inundated, you get pile on with all these security reports and they may have run the scan once and like are sharing all these different security issues with their friends so they can all kind of get paid.So it's a little problematic and it's problematic because. The companies haven't said, these are the rules and here's what we're willing to pay. So when it comes time to like reward these researchers who are reporting these issues, they don't have any guidelines to follow to save. This is how much we're going to pay for this type of vulnerability or this type of vulnerabilities out of scope.You can't stalk our employees on Facebook or LinkedIn and try to extort us for higher payment because you disagree with, because there's no written policy to say, these are what the rules are and we use what the payments are. That's kind of where they get stuck, right? Like they. Not having the policy in place is really like the key driver to this and these researchers, the air quote, researchers are starting to target those kinds of companies because they know that they can get payment and kind of extort them for a little bit higher.Nate: [00:06:21] What are the types of classes of like the tiers for the types of bugs that the people typically pay out for? And also who gets to decide? Is it just like the company gets to decide somewhat arbitrary early and they say, like we said, that if you find SQL injection, we'll pay out, you know, $1,000 or there are many cases where it's ambiguous what the actual vulnerability was.Eric: [00:06:40] I would say it used to be more ambiguous than it is now because bug bounty programs are. Much more prolific than they used to be. It's become almost standardized to say, like for this class of vulnerability, this is the payment tier we're going to pay out. So here's the common case. So it is set by the companies.To answer your direct question, the payment tiers are set by the company and usually goes along with what stage they're at and like what their financials look like. So they'll set some kind of a budget for the year to say, this is the max we want to pay for security issues through this bug bounty program for the year.So let's say it's. I don't know, $10,000 or $30,000 whatever it happens to be, it's usually pretty low around that ballpark. So then they can say, well, we're going to expect in the first year to get, based on our priors, however many we've had from these researchers, maybe twice that many, because now we're like publishing that this thing's available.So we'll expect it to see more for a specific. Type of vulnerability, like let's say it's low hanging fruit, you're using an older version of some Java script library. Then maybe has some kind of weird vulnerability in it or the vulnerability one, its dependencies or something like that, but the effects of that aren't very great.Like the impact isn't great to your web application. It just happens to be like, Oh, this isn't a best practice. The threat level is pretty low. So thanks for reporting it. Here's like $100 like so the lower end is usually like maybe a hundred bucks, something like that, maybe $50 it all depends on the company, what they decide to set.So at the higher end of the types of security vulnerabilities that the companies are looking for are things like remote code execution. Like you can. Fill out some form on our web application and somehow run code on our server that we didn't expect you to run. Or you can somehow access everything that's in our database so you're not supposed to be able to access.So the classes for security issues. Are fairly well documented. There's like, you know, five or six general categories they fall into, but it's really the level of impact that that security vulnerability that the reporting has and whether or not it can be reproduced and it's well documents and all of a sudden things kind of play into whether or not it's actually granted as a true vulnerability or a valid report.So the level of impact that the security issue has is being recorded usually ties directly to the level of payment. So, you know, a company that's first starting off, I usually recommend a couple of things. First.  your payment size pretty low, especially for the first year, because you're going to get a ton of low hanging fruit and you're not going to want to pay like $10,000 per whatever, weird JavaScript vulnerability that it's relatively low.So, so Kevin, pretty low for the first couple of years. And then the second piece of advice I usually give that they don't always follow is to use a managed bug bounty program. And what that means is you pay these companies who provide the software. It's almost like. I'll use get hub as an example, like their get hub.In this scenario, they're offering the software that hosts this bug bounty program. So that's where the security reports go to and are listed and are managed by teams of manage bug bounty program is where that company also provides. So their employees to review and triage the tickets and make sure that they're like written in the proper format, they're reproducible and all these things before they actually come to your teams.That really helps to reduce the amount of noise because especially at the very beginning, what you go public with, your bug bounty program. You tend to get a really, really  poor signal to noise ratio and you want to try and improve that level. So I usually set the caps pretty low, make sure it's managed for like the first year because you're going to have to manage all the noise and then as time goes on, you start to increase your budget, you increase the tiers, you can increase the scope, and if you hire people who can manage this thing, then maybe you don't have to pay that company, whatever they charge for somebody to manage it for you.Managed Bug Bounty ProgramsNate: [00:10:19] What are the major players in that space?  who are the companies that, or maybe  the defaults to go to?Eric: [00:10:25] The two main ones right now at the time of recording our hacker one and the other is called bug crowd. For all intents and purposes, they offer nearly the exact same services. Their marketing material in their sales team will tell you that there is slight differences between them and there are, there are some differences.There's differences for the types of integrations their software provides. They'll tell you that there's a different number of. Security researchers in their platform, and in a lot of ways it's very similar to Uber versus Lyft. Hacker one was first in the same way that the Uber was first and Lyft came later.Same is true. Both crowded came later, and also in that same way, I would say that based on my experience, hacker one is a little bit more aggressive with like their sales and marketing techniques. In the same way that Uber is a little bit more aggressive with their sales and marketing techniques. That being said, it work successfully with both these companies.I'm not trying to like bash any of them by making a negative correlation between any of these companies based on, you know, whatever your predilections happened to be about Uber and Lyft. So those are the main players. Now, interestingly. At my previous role at Optimizely, we use a company called Cobolt who also did, or also offered a bug bounty program as software package, like  as a service.And recently when I reached out to them to see if they're still doing this, they have transitioned away from that model and more towards almost like an automated model where it's. They scan your systems from the inside and try and look for these vulnerabilities. At least that's the way that I am remembering my understanding of it.It seemed kind of complicated and expensive when I talked to them. Maybe it's a great product, but it was interesting that they had completely pivoted away from the previous model where they were kind of competing with hacker one and bug crowd to something that's completely new. The Role of Automation in the Future of Cyber SecurityAmelia: [00:12:01] How much of this space do you think is going to be automated in the next few 10 years?Eric: [00:12:06] So my background, I should clarify, is as a software developer, so I tried to think of the question of automation in terms of a software developer, like what's possible to automate. And I'm like, what should be automated? So, so this is actually a really interesting question because I've started to see in the last couple of years a lot more tools that.Offer automation for all these kinds of problems. Like the security space is just like one aspect of this, and I'm sure that like, you know, by next year we're going to have all kinds of crazy blockchain distributed Kubernetes, AI driven security tools that are out there trying to sell us products.Whether or not they work, I think is a different question. And if you think about the last few years, like there was this huge push like, Oh man, machine learning is going to solve all these problems for us and is going to solve all these problems for us. And then a couple of years later people start to realize like, Oh, you machine learning is a cool tool for a specific set of problems, like finding patterns and making sure that you're including things in the same kind of pattern.So more for AI. Like there's certain things that they're really good at, but it is not like general AI. Like it doesn't. Do all of the things that a human being can do very simply. So you have to kind of back away from that. And like we've started to see people sort of backing away from these like very grandiose claims about what those things can do or what they're capable of.So I think to answer your question, I think the same is really true as it currently stands for security software. There's a lot of companies who are offering crazy AI driven, automated tools to do all these things, but whether or not they actually do the things they say, like I think is a different question.And. It's really up to the companies buying whether or not they want to go through a pilot program and see if it works for them. What are they willing to pay for it? I think fundamentally, the question for any kind of software as a service comes down to what am I paying for this and how does that correlate to the number of employees that I would normally have to hire to do that job?Right? Are they automating something that. Is easy to automate that we could do ourselves. Like is it, you know, just trying to match them patterns that we know and like could just add a filter to Splunk or whatever logging software we have, or they're doing something more advanced where we're like, we would have to build out a huge crazy complex platform, two ingress, all this data and then, you know, run a bunch of code against it to find like weird patterns that we would not normally see.How much time does that save us? Not only like at the initial, but also like over the longterm. And I think the same answer is true for a lot of software as a service. Like if you're going to charge a company $30,000 a year for software, but it would cost them an engineer. Per year to do that same job, like an engineer is going to cost them $100,000 or more.So they're saving a ton of money by using the software instead of hiring an engineer to do that job. So maybe that's a roundabout way of answering your question, but like that's the way that I think about these things. I don't have a lot of firsthand experience with a lot of the newer automation tools that are coming out.Maybe they're great. Maybe they're junk. I mean, I haven't seen evidence in either direction yet, but my gut reaction to me, I've just like worked in security too long, so I'm always like a little bit skeptical. I'm usually pretty skeptical about what they're offering, like whether or not it's worth the price that they're asking.How You Detect HacksNate: [00:15:03] You mentioned  using Splunk to  track logs and to find abnormal behavior. One of the things that I've noticed when I've seen blog posts about security incidents, they might say, you know, we had an employee who had their admin panel password hacked and the attacker had access to all these accounts for like three days and you know, we were able to track them down and shut them down. What tools would you use to actually detect that? Because for pretty much every company I've worked for, if a hacker got access to an admin's password, no one would ever know, like ever. Like we would never find out that that had happened.So like what tools and processes and monitoring do you put in place to catch something like that?Eric: [00:15:46] You opened that really interesting can of worms. And here's why. So the question that you asked is how do you detect this? Which. In the question itself, you're already telling me that it's too late because it's already happened.So this is really the type of thing that I focus on with my clients is How do you prevent this from happening? How do you make sure this doesn't happen? Because if you can make sure that it never happens or is nearly impossible to happen, or is such a great burden for an attacker. To go after that approach.They're going to do something else. They're going to do something that's easier instead so then like, maybe you don't need a crazy monitoring solution for this kind of hard problem in place because even if you had it now, you know it's too late. They already have it. Right? So how long would it take them if they had ad admin access to your systems to copy all that data?Right? Even if you can shut them out, maybe it took them 30 seconds and like it took 30 seconds just for you to get that email and read it. And they already have your data, so it's too late. Right. So I would rephrase the thought process too. How do you prevent these things from happening in the first place so that you don't have to worry about like, Oh my God, like what are we going to do if this happens?Cause that's a much harder problem. So I focused on the easy thing. So the easy thing is how do you keep people out of the admin. Handle it, of your systems to have access to everything. And just as a preface, I want to point out that I think a lot of my clients and a lot of people I talked to tend to think that attackers are going to try and go through your web application or your mobile application to try and hack your company.But that's a pretty limited approach. And I think threat actors in the space have already started to realize this. So the targets that they're choosing instead are developer machines or developer systems. So. If you have Jenkins running all your CIC CD systems, your continuous integration, continuous deployment, that system probably has keys for all of your servers as keys for all your source code.It probably has rewrite access to your database. It probably has admin level access to everything so that it isn't blocked. So that's a really ripe target. And usually when people set up. The systems, like they just set it up just to the point where it's working, but not necessarily secure. Right. And it's just like an admin.Yeah. Right. It's very common. And that's the thing. And that's kind of the reason, the realization I had when I started consulting is that everybody has the same problems. Everybody's making the same mistakes. So there's a pattern that's pretty easy to solve for in, it's really just a matter of education.So that's kind of what I focus on. So getting back to the question of how do you prevent this from happening. There's a variety of ways, like the easy one that I usually recommend is for anything that requires admin level access. I review who has access to it with my clients and say, do all of these people actually need admin level access on a day to day basis for their jobs?Often the answer's no. Right? There might be a couple people who day to day need admin level access to do their jobs in whatever that system happens to be. For everyone else, they can get a lower level. Admin privilege or whatever it happens to be, or lower level permission. But I admin like they don't need rewrite access to literally everything.So that's the first thing I focused on is who has access to this and this. So this model is called least privilege. So you're offering the least privilege to most people by default. So that one comes up a lot, right? And then the second thing is for the people who have admin access or any access at all, can you enable some type of multifactor off like two factor auth using, you know, the Google authenticator on your phone or like a YubiKey or some other kind of system to make sure that even if your admin password was published on the internet, nobody could really do anything with it.There's something else preventing them from logging in. Just those two things like limiting who has access to admin levels in systems. Enabling multi-factor off. Get you most of the way there. Like you're almost to the point where like it is a really hard target now to get into those systems. Now I could kind of fearmonger you and say like, well, you know, it's an had been a little system in like the person who's the admin is kind of sloppy and they set up SMS for their two factor auth instead of like a, you know, authentication app and maybe their phone gets spooked and now like it's possible it's a compromise that there's all these weird ways to kind of work around these things, but it's a much higher bar.Than it was before where maybe laptop got stolen, right? Or like somebody just like look over their shoulder and saw them log in, or you know, maybe they like sniff their cookie or something like that, and then now they have access to this system. So it raises the bar for that kind of thing just by putting these preventative measures in place.But to answer your question more directly, which was. How do you know about these things after the fact? Normally, any types of systems that have admin paddles, not always, but they will often offer some kind of like auditing system when it, any kind of administrator logs in, it will keep a separate log for all the actions of that person.So click, who logged in, where do they log in from? Like in the world, what was their IP address? What actions did they perform? So if you are talking about like the AWS. Council or like the Google cloud console, they usually offer this kind of system. I think Splunk does as well. So this gives you a couple of things, like you've prevented the ability or not the ability, but you've raised the bar for getting access to these admin systems, or if you've made it much harder to get in, and you also have some kind of system in place to say like for anybody that's in there.What are they doing? Like do  we have some kind of record for what actions have been performed so that we know that if somehow one of those logins were compromised, we have some record of what actually took place act that happened. So hopefully that helps to answer your question. That gives you a little bit more insight into like the kind of things I'd be looking for.Amelia: [00:21:03] It kinda sounds like there is no incentive for actually monitoring the logs.Like you can only get bad news that you can't act on. So if I were a little bit more nefarious, I might just never look atthem.Eric: [00:21:16] That's a good point to bring up. I would say that it depends on the logs you're talking about. If we're talking about like the audit logs that are considered any action that is contained within Ottawa, we assume that it's somebody internal to our company, like somebody who should have access to this, except for the worst case where maybe somebody.Shouldn't have access, does have access to like they're doing something weird. Right? So the audit logs are, they're definitely going to be reactive in the, in that case. But if you think about logging more generally, like if you think about your server logs for your website, right? That actually can be a good leading indicator that an attack.Might be happening or somebody probing your systems. So you can look for all kinds of interesting things in your logs. You can look at like the login page, like all the login URLs and see like is one IP address trying a bunch of different logins and failing? Are they trying one login? And it's constantly feeling like they're trying to brute for somebody's password.So there's a lot of things you can do and get a signal that like. An attack is happening and understand what they're trying to attack in your systems just by looking at the log in without actually having been compromised. So let's say the, in that more general case, you're getting a leading indicator instead of a trailing indicator.So I think both of the things you said are true, but I think it depends on the system that you're talking about.Nate: [00:22:32] Looking at the logs after an attack is sort of reactive. Taking more proactive steps of making sure that you review who has admin access in your review that everyone has two factor auth.That's more of like a proactive approach. Would that fall under the more general umbrella of threat modeling?  we're looking at this and saying, okay, how could we get attacked? We could be attacked by one of our employees losing their credentials somehow, or leaking their credentials. What are some of the other things we might look at to have a process to prevent things before they happen.Eric: [00:23:02] Oh, this is a great question and I'm glad that you brought up threat modeling. So threat modeling is an exercise, and by far, what are the best values for getting the most information to the least amount of time that I do with my clients. So I want to try to explain threat modeling to help you wrap your head around it and like give you some examples like what it is and what it means.It'll help you to answer this question for yourself and the way that you would sort of like think about. The general problem, which is like we have this system in place. What could possibly go wrong with it? Which is the shortest version of like what threat modeling is. So here's the most simple real world example of threat modeling, let's say, and this is something that people do on a day to day basis.So here's a simple example, like you want to go out to lunch from work. And meet up with a friend for lunch right now. There's a lot of considerations that your mind processes before you actually go out to lunch. Is it raining? Do I need to take an umbrella? Right? The thing that could go wrong is like, am I going to get rained on the preventative measures?Like, do I need a rain jacket? Do I need an umbrella or. Another thing that comes up is like, you know, are there any dietary restrictions I have to keep in mind for myself or the person I'm going out to lunch with. If there are like, how are we going to resolve that? Where are we going to choose to go to lunch?Do I have to be back at exactly one o'clock for a meeting with my boss and I can't be late? Like we can't go somewhere that's too far away. So it's really, this is this process by which you think about problems and think about all the different things that could possibly go wrong and then come up with.Different ways of solving them so that you avoid as many of those problems as possible. Now, some of the risks are. You don't want to get caught in like analysis process where you think like, Oh my God, whatever we're trying to do, there are so many things that could go wrong. Like maybe we should just not do it.My advice is to say like the approaches you take is usually the one that has the most pros and the fewest cons rather than no cons cause you'll just never get anything done. If you try and take that approach for threat modeling as it applies to security and it applies to software. Let's think about.Something that's a little bit more practical than like going out to lunch. So let's say we have. I dunno, a basic software system. There's some kind of web application running in production. It has a database somewhere, and we want to say like, what could possibly go wrong with this? Like how could it be compromised or abused?So the approach for this exercise is you get a bunch of. People who work at your company or work with you on this project in the same room together and you just have that conversation. Like I usually start with a different question though. I say like, what are the biggest risks for our company? What could really just ruin us or like put us in a bad situation?And it might be, we've got a lot of really bad PR at this point. We would really struggle to recover from it because we lose a lot of customer trust. We'd end up on the front page of the New York times with all this negative press, and like it would really hurt our brand and they'd go to our competitors and said, so that might be the worst case scenario.So like, how would an attacker. Compromise you in such a way that would make it a really bad PR campaign. Or it could be like, we have a lot of this really sensitive data in the database, like maybe it's personally identifiable information, PII, like people's credit card numbers, or it's their address along with their names and email addresses.All this stuff. Like we cannot allow this data to get leaked because like our customers, again, like they wouldn't trust us. It'd be a huge problem for our company. Going forward. And that's a hard problem to recover from. Like once I data's out on the internet, you can't unleash information. Like that's a hard one to recover from.So you really have to think about how you can prevent it in the first place. Similar to the problem of admin credentials, like after it's done, it's too late, right? You enough solve these problems before it's too late. So just to give you a third one, like maybe the worst case scenario for our company is.Financial, right? What would happen if these attackers got access to our bank accounts? Or you know, maybe we deal in like Bitcoin. Like what if people like could somehow compromise our system and like steal everybody's money. So that would also be problematic. So there's all these different scenarios you could think about that would be worst case scenarios or maybe like, not necessarily worst case, totally disaster, but like hard recover from problems.And then you think about like what ways would an attacker or a malicious actor. Achieve that goal based on everything that we know about how our systems and our software works today. And sometimes this goes beyond. Again, like as I said before, it isn't just your web application or just how your database works.It could be something much more sinister, like maybe you have. A bunch of laptops and people who work from home work from cafes, like you know, Starbucks and a laptop gets stolen and that laptop belonged to a cofounder and the drive wasn't encrypted. Right? So now an attacker like who stole this laptop?Maybe they didn't know what they stole, but they find out and now they have access to the bank account information and login four, your company's bank. Like it's a bad scenario. So how do you prevent that kind of thing from happening? Or maybe something else, like how would they get admin access to one of our systems?Can we prevent that in some way? So it's this way of sort of thinking about the problem and preventing it in advance. And then once you leave, you should have a list, Oh, here's all the things that an attacker could do. And it normally boils down into like a handful of very common things, like all these different threads of attacks.Have you a few things in common, like, you know. We don't have to factor off the Naval, not on all these systems, really, too many people have access to it or drives aren't encrypted or whatever it happens to be. It's usually a handful of things that are common amongst all those attacks. And those are the things that you focus on fixing first because you, I fixed one thing that solves three possible tax, right?So you're really like getting a great value for the time that you're spending and you're also focusing on the right problems instead of like the things that might happen. Maybe like it's a low. Likelihood and maybe low impact if they do happen. Like that's not really where you want to spend your time.You want to focus on the things that are potentially big problems for your company and take the least amount of effort to achieve. So hopefully that helps to answer the question. I would say that the one other thing about threat modeling is, I can give you a recent example from the news where like this kind of went horribly wrong.So I think this was maybe last year. There is a company called Strava who does like fitness trackers. The way that struggle works is like people attach them like a Fitbit and they run around it. It maps out like everywhere they run. So then like the people who were running King see where they ran, what their route was, and then they can keep track of their miles, which is great.But the other thing that Strava did was it would. Publish on a public map everywhere that you were running, which, you know, privacy concerns start to bubble up with this, but people start having fun with it, right? They start drawing like the Nike swoosh with their running patterns, or they draw, you know, spaceships or Darth Vader or tie fighters and all this stuff.People will start to do this more and more, and like this feature gets really popular. But the other thing that happens is that the U S military has soldiers. Who are using these fitness trackers while they're exercising, but they're doing it secret bases around the world. And now you look at Strava map and you have all these little hotspots that show up in the middle of Africa, or you know, somewhere where there's nothing else.And there's this little tiny hotspot and. The effect is that Strava has just now leaked the specific locations of all these secret us military bases around the world. So huge problem, right? How do they not think about this in advance? This ends up on the front page of the New York times, you know, Strava leaks, location of all these secret us military bases.If your Garmin, a competitors' Strava who offers nearly the identical product and has the same problem, you might think like we really dodged a bullet. Because we're not on the front page of the New York times. But three days later or whatever it happened to be like they also were, because they had the exact same issue.It's kind of interesting to me that like they didn't immediately like, we need to fix this now. I'm like, delete this from the internet so that we're not also caught in the same place, but it just goes to show that. I don't know what the root cause was that they both ended up having the exact same problem where they didn't think about what the consequences were, their actions.A more lighthearted example through our modeling is the Boaty McBoatface example. So there is this like online voting system in the UK where they're going to name some military ship or whatever happened to be, and the top voted ship name by far is. Boaty McBoatface right. And really like that's kind of an abuse of the platform.Those weren't the answers that they were hoping to get, but is the answers that they got, what the mitigations were for preventing that? Like maybe the consequences weren't that great for Boaty McBoatface but the consequences for leaking the secret location view as how us military bases is pretty high by comparison.So you have to think of these abuse patterns in addition to how could we actually be hacked. Like Strava wasn't hacked. They like leaked this information out because like. Like the system was working as designed by, it was a use case they hadn't thought about in advance and it was like it published on by default, I assume.So anyway, like those are just some simple examples of threat modeling and like the ways to think about these things from a larger perspective. And I think the last thing I would say about through modeling is it depends who you invite. To this meeting where you conducted the right modeling exercise.Because if I were to ask a database engineer, what's the worst thing that could happen to your company? A database engineer is going to tell you all about the worst things that can happen to their database. Cause like that's their world. So the best person to ask this question to and is usually somebody in executive leadership because they're going to have the best perspective.I'm like. What the company I'd a broader vision is doing, like what the real business risks are. They don't necessarily have to attend a meeting and hear all the nitty gritty details about how the database works with the web application works or two factor off, but they should provide those initial answers to the question of like, what's the worst case scenario for our company?And then everyone else who's more technical can think about their own systems. Either it. You know, managing all the laptops of the company or the database engineer, managing all the data storage systems or the web application engineer running all the Node.js Or Python code. Whatever happens, all those people should have one representative in the room to think about their own systems and how it can contribute to the threat modeling exercise.Security in Today's WebAmelia: [00:32:48] I feel like your examples have highlighted something about how the web itself has evolved over. I don't know, the past 30 years where it used to be this scrappy connection of people in different parts of the world and we get to do weird things and it's all fun and lighthearted and now it feels like we have to grow up because we can't just have fun anymore.People will use our fun.Yeah.Eric: [00:33:14] That's a really interesting way to phrase that. Arguably, fun has always been profitable to some degree, but I think we're not quite as carefree as we once were. It's certainly true that the old internet, as I remember it, like there were still plenty of problems, like security problems, the ability to really like.Make widespread chaos and the old school internet was much harder. And like there's a lot of ways I could speculate or reasons. I can speculate why that's true or more true now than it used to be. So one is like the way that you phrase it was like it was a bunch of small little interconnected websites, right?Like maybe people were hosting on their servers and like when they turn their computer off at night, that website went down until like the next morning when they turned it backAmelia: [00:33:55] on, the store is closed.Yeah.Eric: [00:33:57] The store is closed. Exactly like. And I've had that experience plenty of times when I've seen that for a website I was looking at at 3:00 AM, but now if you think about it, because of the way the industry has grown in evolves, there's servers run all the time and it's cheap.I mean, it's practically free to run a web service. And most of them, a lot of them are consolidated on three major platforms. . AWS and Google cloud, and they're on all the time. And you know, if there happens to be a fundamental security flaw in Google cloud or AWS or Azure, that affects almost everybody, right?And we've seen this come up a few times, I would say like the last seven years. So, you know, when I worked to optimize the is when we had. A number of industry-wide security vulnerabilities come to light. So Heartbleed was one of them. Shell shock was another, and if you were working at the time in the industry, you probably remember like it was all hands on deck.We had to patch all of our systems in like prevent this because the fundamental problem, these cases was that in some version of bashes insecure Nick, you could compromise it remotely. And then the other one was, there was some kind of. Underlying security vulnerability with open SSL, which is the library used by like every Linux server, which is most of the servers on the planet.And this is a huge problem. So everyone had to go out and like patch all servers the exact same time. So for a couple of weeks during these periods of time, nobody was writing code. Everyone is trying to patch their systems to make sure that they weren't the ones that were hacked. And the other thing that is.Also happened is not just that the targets have sort of like shifted from being, well, I could compromise this computer, but it's like off from midnight until 5:00 AM it's just one computer. Right? But now it can compromise all these computers. Right? So the, the targets are much bigger because connectivity has improved.The sharing of information has improved, which is like by far has. More positive effects than it has negative, like there's GitHub and all these ways to share code. But now like the things that can also be shared are, here's a tool called  that allows you to just click on button in, like run some kind of crazy massive attack.Or here's the source code for the myriad worm, which shut off most of the internet. And when was this like 2015 I can't remember exactly. So they can share the, the nasty code, the dangerous code, as well as like the good code that, you know, people write day to day. And I think for the most part, people just want to do the right thing, but there's always going to be malicious actors out there.And it's certainly true that like now they have easier access to some of these tools and it's problematic. But. The good news is that everyone's getting smarter about security. They understand what the attacks are as technology improves, like the attacks, the types of attacks are going to also like mature and evolve with technology, but people are more wise to it now.As has always been true of history, we learned from the mistakes of our past, or at least we should, and hopefully like the technology we build tomorrow is better than the technology we built yesterday. How much should a responsible Web Developer know about security?Amelia: [00:36:51] I bet your experience of these attacks is a very different experience than the experience I as a software developer has.So when Heartbleed came out, I remember all I knew was it's a big deal. We're freaking out and everybody should be upset,Eric: [00:37:08] andAmelia: [00:37:09] maybe I can spend three hours reading up about it to try to understand. So as a software developer who doesn't work in security. How much should I know about security? What are some basic things that I know and how does that differ from, say someone who isn't a software developer?Do they need to know anything.Eric: [00:37:27] Oh, these are both excellent questions and thanks for sharing your experience about Heartbleed. I just want to clarify the, at that time I had a lot of different roles. What I worked to optimize the and security is just like one small portion of that. All of the things I had to focus my time on.And it was really like a group effort of everyone coming together at the company, all the engineers and it professionals to come together as this sort of like make sure that we did the right thing and patch our systems and like communicated to everyone that.  patch things as quickly as we could and to the best of our knowledge, like nothing was compromised.So I think we did everything we could in that situation. We worked as a team to kind of solve the problem. Just like you said, it was kind of pants on fire, like everybody knew, like, Oh my God, this is everyone. It isn't just like some companies, it's everyone except for the few people out there who run Microsoft based servers out there.I'm sure they're laughing at us, but that's okay. We get to laugh at them the rest of the time, I would say. Yeah. So your question was, what should you think about as a software developer about security. On a maybe a regular basis or how do you learn more is, am I remembering correctly? Yeah.Amelia: [00:38:26] How much do I need to know?Like how much should I feel responsible to understand?Eric: [00:38:31] I would say that my general advice, which is less specific about security, is. Take in as much information as you're comfortable with, like, you know, read some more diverse sources. Like I think it's common for, for engineers, especially those who are like just starting out to really focus on how do I write better code.Like that's the one thing they kind of focus on is like, how do I write the best possible code? Like how can I learn all these interesting coding design patterns and like make my code run faster and like have fewer bugs. And I would say that the more diverse sources you can read, the better you'll be at your job on the whole.So. Here's some examples, like try to understand the perspective of like the product and program managers at your company or like the marketing departments. What is their job look like or the support team, what does their job look like? What kind of questions are they getting from your customers on the support team?How are they helping the customers? Like what does that system look like? How do they do their jobs? Do they have to provide technical support? And some companies I've worked at. We were allowed to sit on sales calls like with potential customers and just sit there and listen to the concerns, sometimes security concerns, but sometimes just like the product concerns about from potential customers.We could also sit in on calls with customer, like existing customers in here about their problems. And it really helps to like understand your perspective or a change of perspective to understand their perspective about like, you know, what are the things that actually concern them cause they're going to be different than what you assume they are.Which I think really helps. As far as security goes. Like the same thing is true if you have the opportunity to participate in your company's security program, if they have one, I would say the right way for a company to run a security program is one that's inclusive instead of exclusive, which is to say that like you have office hours, you invite people to join and participate.Instead of saying like security is our world. And like, we're trying to protect you. Just stay back and let us do our jobs. Right? I vehemently disagree with that approach by disagree with this exclusive approach where like they played the new sheriff in town to like, they're trying to protect everybody and no one else can really play the game because it, it has a number of problems with the main two that come to mind right now are nobody likes to be told what to do.They like to understand what they're being asked to do. They can comprehend like, okay, there is a good reason why I have to do this other work instead of like Joe over and it just like, you have to do this, whatever security thing is now. Like that's annoying. Okay. I guess I'll do it. Cause they wrote a new policy.And the other thing is that. By being inclusive, it helps to spread like education and awareness about security. So for example, if you worked at a company, they had an inclusive, you know, anybody contribute security program, you would probably have the opportunity to go in and maybe participate in the threat modeling exercise and you'd have a better understanding for like, you know, what are the threats our company actually faces?Which might inform you later on if you're creating a new feature or a new product for that company. Oh, I know that. If I, you know, create this web service, these are the kinds of threats that. It might face, cause you've experienced that threat modeling exercise before. So I know that I can't use X, Y, and Z type of database.I don't know. Just some random stupid example. So it's really just about like getting. More information in your mind, in a different perspectives in your mind, in all of this stuff will not necessarily be immediately useful. It'll just be one of those things like that later in your life it'll become apparent like, Oh man, I'm so glad that like I participated in that and I'm so glad I learned that thing.Cause like now it actually makes sense and I finally get it. So I would say like I could point you to several different security related blogs and you know, newsletters and Twitter accounts and all this stuff, but you're just going to get so inundated with all these like. Technical details and it's going to drag you down mentally.Cause a lot of them are just like aggregators for like, here's another company that got breached and here's how they got breached and you're going to think that the world is falling apart. I would say that like that's not going to like bring up your spirits about security and like the state of the world.So instead I would focus on like the things that you can learn in your most local community, your local environment. So if your company doesn't have a security program, there might be a local Oh wasp chapter. So ops is like a open security organization. They're around the world. Most cities have like some kind of local chapter.I know the here in Portland, there's like monthly meetings you can go and attend. They usually have some kind of like guest speaker who will give a talk about some thing related to security. So I think engaging those types of communities can be really beneficial as well. You know, if you want to, the other thing you could do is just like attend a security conference.I wouldn't necessarily, I recommend starting with black hat or Devcon in Las Vegas. Those are very intense and very like, I would say deeply technical and like. Culturally heavy. I would say that there's something a little bit more lightweight though. It'd be beneficial. Like if you went to a JavaScript conference and like somebody was talking about JavaScript security, attend that talk, see what you can learn.I think they would probably help you on a more on a day to day basis and going head first into like the deep rabbit hole of security.Amelia: [00:43:14] Right. Don't start with the black diamond ski slope.Eric: [00:43:18] Right? Exactly. Exactly. That's a great analogy. I don't ski, but I get the reference.Amelia: [00:43:23] I also love your answer because I realize that as a front end developer, I don't have to worry about what other people within my company know.Whereas within security. I feel like you have to worry about your coworkers, whether they open a malicious email or the security could be attacked through people, which I think I would find terrifying.Eric: [00:43:46] It's certainly true. So as far as like the nasty email example that you gave, that's such a great one.And like I've seen this firsthand where emails were sent to a company I worked for, there were spooks, so it looked like a legitimate email from one of my coworkers. It looked like any other. Email that you would get if they were like sharing a Google doc with you, right? It would say like, here's the name of the stock.Whatever happens to be in, there's a link in the email and you click on it, you open it. But the clever thing about it, there's two, like the one is like spoofing their email addresses, which is not technically challenging. It's pretty trivial. There's a few things you can do to mitigate that. The clever bit was.They make it look like a legitimate email. We're like, nobody would really be the wiser on a day to day basis. But you open it, you click on the link and it takes you to a page that looks exactly like the modern Google walkin. So now if you type in your password. They have your password and they know your email address.So it's a pretty clever way to fish people and they can get a whole bunch of logins and passwords relatively easily. And I think the other thing that you do that's kind of clever is they've gotten wise, they're not running from their home. Machines, like all these web servers and stuff they have to run are these scripts that they use to target different companies or servers.They just run them on like compromise AWS accounts. So you can't black list like the IP addresses for AWS because then all of your code shuts off. Right. So it's pretty clever the way that they're kind of using the same systems that we use to the right, normal white hat code. As far as your, the concern about, you know, if you work in security, you have to worry about everyone.I think that's true. Like you're going to be worried a lot like, but that's your job. Your job is to be the one worrying so that other people don't have to. But that's kind of the motivating factor. Like if it's keeping you awake at night, then that should lead you into action and like to do something to make sure that that one thing can't happen.So you can spend your nights being awake, worrying about something else, and maybe you can't control. Right. And then you think, you know, if I can't control this thing, what can I do.How Do We Think About Security and New Hardware?Amelia: [00:45:43] So you mentioned this  example before, which is smartwatches, which haven't been around for that long. How much do you have to keep up to date with new technology? Like we have Google homes and our houses and their smartwatches, and there's something new every year.How much do you worry about new devices that come out or have to keep up to date with new tech?Eric: [00:46:05] Maybe you have a Google home in your house, but I don't have one in mind. Well, I guess there's a lot I could say on this, and I'll try and keep it. More succinct. So at a philosophical level, the same problems always persist in the security threats.Simply follow along and mature and evolve with the technological changes that we have. If you had a computer before and you didn't have an iPhone or you know, a smart home, there is still possibility that like your computer could be compromised remotely and the camera could be taken over. The microphone could be taken over and that could lead to.Some kind of disastrous result for you and I, the day to day, like that's not that big of a deal. Like if our computer gets compromised, like, okay, like what's really the worst case cap? If they see me okay. I don't often sit naked in front of my computer, but even if I did, like nobody really is going to want anything to do with that.Let me give another example though. The risks are much higher in the federal government in the Pentagon. They have a policy where if you go into a conference room, you cannot bring a cell phone. You cannot bring a laptop, you can't bring anything that has the ability to record information and has a battery in it or transmit information.It has a battery. Like that's the policy. What that means is. Is that if you want to give a presentation at the Pentagon, you have to print out all of the slides for your presentation on paper and then give a copy of that to every attendee that's in the meeting, and then at the end of the meeting, those all have to get shredded securely.I know this because I have a friend who works in the Pentagon one day. This person who was like. Very concerned because they had to give a presentation the next day. I think it was like right after, right before the government shutdown, all of the printers at the Pentagon, which is the only place they were allowed to print off these classified documents.All the printers at the Pentagon were out of ink. So how do they give their presentation? Right? So it's weird problems that you take on for the sake of security, where for the sake of national security, you can't take any kind of these types of devices that we take for granted. Like, you know, if you. Told somebody in Silicon Valley that you had to print off a proper presentation.They couldn't bring their laptops and phones into a meeting. You would get fired. They would think you're crazy and like kick you out of the company probably, or just tell you that you're paranoid. So I used to live in DC and I worked in a similar environment that, so for me, like having lived on both coasts and in both of the DC area, then also in Silicon Valley, the differences are so stark.It's really crazy. But it also goes to show like. The vast differences are the vast levels of security that people take on based on the level of risk. So I would say like that's the fundamental thing to keep in mind is what are the risks that you want to avoid if you're going to like enable internet of things devices in your home.I may not have a Google home in my house, but I do have a nest thermostat. And I know that the nest thermostat doesn't have a microphone in it and like, you know, could it be compromised remotely? Probably we're going to do make it too hot or cold in my house. Big deal. Right? But it's a nest thermostat is so much better than like a non nest thermostat.They're like, why would I not have a net service set? There's so great. Just a couple of days ago, the ring doorbell company, like it was published that there was like, these podcasts are so like taking over people's ring doorbells in their house and like harassing people across the country. With the ring doorbells.Right. Which is crazy. So I don't have a ring doorbell because I know that their security is pretty low. And that's really the problem with the internet of things stuff, is that they want to make these things cheap, which means they have to compromise on something. And the one thing they usually compromise is the security of their product.And that's actually how the myriad worm spread is. They didn't pay for a bunch of servers that had really high bandwidth. They compromised a bunch of internet of things devices and use them like a swarm to take down like internet servers around the world, which is crazy. It was just like people's cameras and stuff in their houses.They use it as like a zombie to like send more traffic to things. Those are the kinds of things I think about. Like, you know, you could have those things, no big deal, but just be aware of what the risks are and whether or not you trust the company behind the device that you were just right.Amelia: [00:50:00] It seems like it's so as a trade off between convenience.And money and security.Eric: [00:50:05] I'm glad that you said that. So at my first job back in 2001 I remember stating, and I don't know if I was just trying to be clever, but I said like security is inversely proportional to convenience, and I think that is still true today. But going back to the seatbelt example that I gave you earlier.It is, you could argue inconvenient to get into a car and have to book your seatbelt. It's inconvenient to have a seatbelt on. If you want to like take off your jacket or put a jacket on, you're too high or too cold. It's it convenient to have a seatbelt on if you are in the back seat and you dislike over, but it's a trade off between the level of security that provides.It might be inconvenient. You might be a little cold or a little hot early cancer site across the car or whatever. But it's better than flying out of the windshield if you happen to get an accent. Right. So it's constantly this trade off where like convenience versus security. I think it's still true. I would say that because technology is improving so much, they are lowering how inconvenient it is.So here's some good examples or recent examples. Like I have an Android phone and it has a fingerprint reader on the back and it's great. I can unlock that thing in a split second and it just, boom, there it is. I don't have to type in a password or put in a code. And same thing is true for like the neuro iPhones that are in like the new pixel phones is, they have like face unlock.So you just look at the thing and unlocks where you. If you're a James Bond and you are tied up on a chair somewhere and they want to like unlock your phone, they just pointed your face and now you know, if you're under arrest, like you can't prevent that from happening. But like, you know, most of us aren't James Bond.So I don't think that that isn't necessarily like the primary concern that you want you to have, but is the way that I would usually recommend thinking about these things. The Dangers of Wireless Security and SerendipityAmelia: [00:51:40] Your seatbelt example brings up the point of I think about how dangerous it is to drive versus how dangerous it is to take a flight cross country and driving is way more dangerous, but I still get really scared every time I take a long flight because it feels so much scarier.So I bet in the security world there are things that don't feel like big risks are and things that are big risks, but they feel like not a big deal when you think about them.Eric: [00:52:08] Here are a couple things that come to mind. The first one is wifi. So why fi wireless internet is like something that's so prevalent now.That we assume that when we go to the airport, there's going to be free wifi. We assume that when we go to a restaurant, there's going to be free wifi. We assume that what we go to work, there'll be a wifi. We can catch you. So our phones have service. We assume that there's going to be wifi, like everywhere we go and when there isn't, it seems like a huge problem.Because there's free wifi everywhere. That means there's a network that you're connecting to. Who knows who else is on that network, right? When you go to the airport, who knows who else is on the network at the airport? Who knows if they're monitoring all the traffic that's going through computer, who knows if they compromise the router at the airport.That's a bigger problem than I think people realize like wifi, security. Even though you have like your crazy long password on your router and you keep it up to date all the t

WIRED Science: Space, Health, Biotech, and More
Boaty McBoatface Gears Up for Epic Swim Across the Arctic

WIRED Science: Space, Health, Biotech, and More

Play Episode Listen Later Feb 21, 2019 5:52


Boaty McBoatface may be better known for its name than for its oceangoing prowess. But the autonomous underwater vehicle and darling of the internet is headed to greater things: embarking on the longest journey of an AUV by far, with an uninterrupted, roughly 2,000-mile crossing of the Arctic Ocean. The submersible robot got its moniker when it became the consolation prize in a 2016 publicity stunt.

Fun Kids Science Weekly
Boaty McBoatface and the deadliest time in history

Fun Kids Science Weekly

Play Episode Listen Later Jul 1, 2017 20:51


Boaty McBoatface - the unmanned yellow submarine, has just come back from his first mission! We chat to Professor Wynn, the chief scientist of robotics at the national oceanography centre, to find out all about it, plus where he's off to next. We also find out about the bottom of the sea with Marina Ventura and Techno Mum explains about those clever cards banks give us with money on them!Join Fun Kids Podcasts+: https://funkidslive.com/plusSee omnystudio.com/listener for privacy information.

Canary Cry News Talk
CCNT “NeuroLaw, Time Crystals & Hipster Pope” - 03.14.2017

Canary Cry News Talk

Play Episode Listen Later Mar 14, 2017 29:01


Pig Cop http://nypost.com/2017/03/07/nypd-patrol-pig-hams-it-up-downtown/   AI that knows if you're guilty or not (Criminal Mind Reading Robot) http://www.dailymail.co.uk/sciencetech/article-4301796/Mind-reading-AI-knows-guilty-innocent.html   Intel buys MobileEyes, moves to Israel, Driverless Cars http://www.reuters.com/article/us-intel-mobileye-idUSKBN16K0ZP https://techcrunch.com/2017/03/13/reports-intel-buying-mobileye-for-up-to-16b-to-expand-in-self-driving-tech/   Pope so Hip, Driving Electric Car http://www.huffingtonpost.com/entry/pope-francis-electric-car_us_58bd82fbe4b0d2821b4f9826   Boaty McBoatFace to explore AntArctica https://www.theguardian.com/world/2017/mar/13/boaty-mcboatface-to-go-on-first-antarctic-mission?CMP=fb_gu   Time Crystals Created https://www.rt.com/viral/380171-time-crystal-matter-atoms/?utm_source=rss&utm_medium=rss&utm_campaign=RSS

iReadit
#253 - Your Microwave is Watching

iReadit

Play Episode Listen Later Mar 14, 2017 49:01


Help support the show! - http://ww.patreon.com/dailyinternet       #10 - What's a short, clean joke that gets a laugh every time?   #9 - MIT researchers create new form of matter   #8 - Renewable energy is now Australia's cheapest energy option, even when the cost of storage to make the intermittent power sources reliable is added.   #7 - Scottish independence: Nicola Sturgeon to ask for second referendum   #6 - Terrible news: Netflix has renewed A Series of Unfortunate Events for a second season   #5 - Female politician proposes law to fine men $100 for masturbating as 'act against an unborn child'   #4 - The worlds longest hockey game has been played in Norway.   #3 - Boaty McBoatface to go on its first Antarctic mission.   #2 - Kellyanne Conway suggests Barack Obama was spying on Donald Trump through a microwave   #1 - In Big Win For Big Cats, China Approves National Park Larger Than Yellowstone    Follow us on Social: Facebook: http://www.facebook.com/ireadit Instagram: https://instagram.com/ireaditcast Twitter: http://twitter.com/ireaditcast E-mail: feedback.ireadit@gmail.com   Voicemail: (508)-738-2278   Michael Schwahn: @schwahnmichael Nathan Wood: @bimmenstein "Music" Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 http://creativecommons.org/licenses/by/3.0/

The Mind Renewed : Thinking Christianly in a New World Order
TMR 143 : Dr. John H. Walton : The Lost World of Adam & Eve

The Mind Renewed : Thinking Christianly in a New World Order

Play Episode Listen Later May 13, 2016 52:12


Did God really create the world in six days? Or is the Bible actually saying something subtly different? Did God make Eve from Adam's rib? Or is that a misreading of the text? To discuss these and other absorbing questions arising from his fascinating-yet-controversial book, The Lost World of Adam and Eve, we are joined by Dr. John H. Walton, Professor of Old Testament at Wheaton College and Graduate School, Illinois. Analysing Genesis chapters 2 and 3 in the context of other Ancient Near East literature, Walton proposes literary and theological understandings of the "Adam and Eve" narrative that in some ways complement—yet in other ways challenge—traditional interpretations. Prior to his current position as Professor of Old Testament at Wheaton College and Graduate School, Dr. Walton was Professor of Old Testament at Moody Bible Institute in Chicago for twenty years. Some of his other books include: The Lost World of Scripture, The Lost World of Genesis One, Ancient Near Eastern Thought and the Old Testament and The Essential Bible Companion. (For show notes please visit http://themindrenewed.com)

The New Generation Project Podcast
Episode 62: IYH Revenge Of The Taker

The New Generation Project Podcast

Play Episode Listen Later May 11, 2016 159:36


The times they are a changin' in the World Wrestling Federation. It's April 1997 and with Bret Hart's heel turn, he has made amends with his brother Owen and Brother-In-Law Davey Boy Smith to form The Hart Foundation. And they are all bloody over Episode 62 of ‘The New Generation Project Podcast' where we take a look at “In Your House: Revenge Of The Taker”. Featuring; your suggestions for 5000/1 wrestling bets, Adam's single launch, the burden of insight, the greatest ‘Raw' angle of all time, the dire episode of ‘Raw' that lead into this show, Boaty McBoatFace, we discuss the recent WWE releases, The American Bad Ass a few years early, tons of suspect refereeing, tons of nerve holds, Davey Boy Smith & Owen Hart visit a bathroom, Furnas & LaFon's new gimmick and the WWF bury angles that they booked themselves. Plus the answers to the questions; What has Paul named his baby? Where is Vader? How did a flight get stopped by maths? Did the owner of the company make a female performer bark like a dog? What is Paul's Achilles heel? What has Savio Vega achieved since joining The Nation of Domination? Was Steph McGovern on ‘Good Morning Kuwait'? Who celebrates in a toilet? And who exactly is The Honky Tonk Man's protégé?

Tech Talk Radio Podcast
May 7, 2016 Tech Talk Radio Show

Tech Talk Radio Podcast

Play Episode Listen Later May 7, 2016 58:46


Apple Mail (configuring SPAM), iPhone field test mode, AdBlock (configuration in IE), Profiles in IT (Robert Pera, founder Ubiquiti Networks), lessons from a lost computer (backup, encryption, email), data storytelling (extract it, visualize it, communicate it), new Android malware (looks like Chrome update), Government open data (tranparency, accountabliliy), Device of the Week (ResetPlug, automatically reset your router), Idea of the Week (self-driving golf carts on campuses), sad day for Boaty McBoatface (another name chosen), Dumb Name of the Week (fog computing, latest trend in distributing computing). This show originally aired on Saturday, May 7, 2016, at 9:00 AM EST on WFED (1500 AM).

iReadit
#86 - NY Primaries vote Boaty McBoatface for President.

iReadit

Play Episode Listen Later Apr 20, 2016 47:36


#10 - Are we this damn lazy nowadays?   #9 - Marina Lonina: Ohio teen claims she livestreamed 10-minute rape for "evidence"   #8 - Runescape   #7 - Ben Cohen and Jerry Greenfield (aka Ben & Jerry) arrested in Washington   #6 - There should be a take your parent to work day so that they can see what their kid has grown up to be.   #5 - Solar is now cheaper than coal, says India energy minister | India is on track to soar past a goal to deploy more than 100 gigawatts of solar power by 2022   #4 - British govt poo-poos winning 'Boaty McBoatface' name for ship - After Internet users overwhelmingly voted to christen Britain's new $300 million research ship "Boaty McBoatface" in an online naming poll, a govt official suggests the name won't be used.   #3 - We are the investigative journalists who worked on the Panama Papers AMA!   #2 - New York City primary voters outraged by broken machines, closed polling places   #1 - TIL the USSR had a televised song contest. Since few people had phones, viewers would turn their house lights ON if they liked a certain song (OFF if they didn't). The state energy co. recorded the size of each power spike & reported the results to the station to determine points for each contestant Rita Repulsa   Show contact E-mail: feedback.ireadit@gmail.com Twitter: @ireaditcast Phone: (508)-738-2278   Michael Schwahn: @schwahnmichael Nathan Wood: @bimmenstein "Music" Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 3.0 http://creativecommons.org/licenses/by/3.0/

The Gadget Spot
4-19-16 Stealth Ships and Boaty McBoatface

The Gadget Spot

Play Episode Listen Later Apr 19, 2016 66:33


Doom Beta, Halo 3 Multiplayer on PC, Video Game Talk, Stealth Ship, Golbin Glider, Roomba Reviews, HTC 10, and a Really Expensive Camera, 

The Sailing Rode
TSR 019 Buying a New Catamaran with Out Chasing Stars - Part 2

The Sailing Rode

Play Episode Listen Later Mar 30, 2016 65:41


In this episode, we feature part two of our interview with Amy and David Alton from the Out Chasing Stars blog about equipping their new Foutaine Pajot Helia 44 Catamaran and boat and health insurance while cruising. Intro News We talk about our spring boat cleaning.  Lots of polishing and waxing.  See a couple of our favorite products below. Listener email -Stephanie from Lake Ontario, NY sent some great product recommendations that we have added to our Amazon store,  just look for the listener recommendations area. We plan to release the final Miami Boat Show video this week, check out our YouTube channel. Cruising Outpost Magazine is providing a one year subscription for us to give away to one of out listeners.  To enter, just subscribe to one or all of our social media sites, Youtube, Facebook, Twitter, and Instagram.   We will pick a subscriber on April 8th. Meet up with us the weekend of April 1st (Brandy's Bday weekend!) at Captain Hirams in Sebastian, FL (map)  We will also be at the Tortuga Music Festival April 15-17 at Ft. Lauderdale Beach.   We will also be meeting with friends at the Bahia Mar Marina across the street from the festival Interview - Part 2 with Out Chasing Stars Their boat, Starry Horizons, a Fountaine Pajot Helia 44 Check out their blog, Out Chasing Stars and their YouTube channel to follow their cruising adventures.   They just transited the Panama Canal and made a passage to the Galapagos. Sailing News UK Reseach Ship Naming Contest, "Boaty McBoatface" leading favorite Students Track Model Sailboat Across the Atlantic  track the boats online here Ex-Google CEO Pays $4.75 for Boat Slip Cool Video of Global Ship Traffic via Satellite and AIS Product of the Week Our favorite marine polish and wax: Meguiar's M4965 Marine/RV Fiberglass Restoration System   Woody Wax is great for treating your decks and non-skid to repel dirt. Book Review:  Things I Wish I'd Known Before I Started Sailing by John Vigor This book is loaded with great sailing, cruising, and boat maintenance tips   Amazon Store Please use our Amazon Affiliate link or if you are in Canada, use the Amazon.CA affiliate for anything you buy on Amazon or look at over 90 items we have in our TSR Amazon store.  We use all the items on our boat and include notes of why we like them.  We also added over 40 sailing and cruising books we recommend.  You pay the same low Amazon price and we get a small commission. Please help us Support Podcast We need your help to spread the word about the Podcast.  Please share the podcast with your sailing & cruising friends and ask them to subscribe on iTunes or Stitcher.  You can send them these links: iPhone iTunes link: https://itunes.apple.com/us/podcast/the-sailing-rode/id1033604152 Android Stitcher link: http://www.stitcher.com/podcast/the-sailing-rode It also helps when you share the podcast links on social media and sailing forums. Please like or follow us on Youtube, Facebook, Twitter, and Instagram  We will follow you too! Remember to tag your Instagram sailing related pictures with #thesailingrode Send us your feedback on the show and any show topic ideas to Crew@TheSailingRode.com Patreon If you enjoy the podcast, you can support us on our Patreon site and get some special rewards. Check it out at this link: https://www.patreon.com/TheSailingRode How it works:  Patreon is designed for you to support your favorite content creators.  You can support our podcast creations by signing up for various levels of support.  You can set a maximum monthly amount so if we release a lot of podcasts in one month, you still only pay your maximum amount.  In return, you get some rewards for your support.  It is kind of like giving us a tip or buying us a drink after a good show. Thanks for listening and all your support!  We wish you fair winds and hope to see you on the water soon. –  Steve & Brandy

The Stephen and Kevin Show
#23: Firing Clients, Best Client Gift Ideas, Crowdsourcing Gone Wrong

The Stephen and Kevin Show

Play Episode Listen Later Mar 28, 2016 13:03


Stephen Boswell and Kevin Nichols of The Oechsli Institute talk about Boaty McBoatface (crowdsourcing gone wrong), the best client gifts we've ever seen (and some related strategies), and how to transition clients to other advisors.  Have a question?  Ask on Twitter or Instagram using #AskStephenAndKevin. About the Podcast Stephen Boswell (author of Best Practices of Elite Advisors) and Kevin Nichols (author of The Indispensable LinkedIn Sales Guide) host a lively discussion around three questions coming from #AskStephenAndKevin. The Oechsli Institute is a thought leader for financial advisors, financial planners, and financial firm leadership looking to improve their abilities to attract and service affluent clients. Tune in if you want to know things like: - The most effective financial advisor marketing strategies - How affluent consumers conduct digital due diligence - Elite financial advisor client service models - Tips for getting referrals from clients and COIs - Online branding for elite financial advisors - How to use LinkedIn, Twitter, Facebook and Instagram for prospecting Questions for our next episode? #AskStephenAndKevin www.oechsli.com 800-883-6582 Tags: financial advisor, financial planner, RIA, insurance agent, marketing, sales, social media, LinkedIn, Twitter, Facebook, Instagram, affluent, luxury, millennial, baby boomer

The Stephen and Kevin Show
#23: Firing Clients, Best Client Gift Ideas, Crowdsourcing Gone Wrong

The Stephen and Kevin Show

Play Episode Listen Later Mar 28, 2016 13:03


Stephen Boswell and Kevin Nichols of The Oechsli Institute talk about Boaty McBoatface (crowdsourcing gone wrong), the best client gifts we've ever seen (and some related strategies), and how to transition clients to other advisors.  Have a question?  Ask on Twitter or Instagram using #AskStephenAndKevin. About the Podcast Stephen Boswell (author of Best Practices of Elite Advisors) and Kevin Nichols (author of The Indispensable LinkedIn Sales Guide) host a lively discussion around three questions coming from #AskStephenAndKevin. The Oechsli Institute is a thought leader for financial advisors, financial planners, and financial firm leadership looking to improve their abilities to attract and service affluent clients. Tune in if you want to know things like: - The most effective financial advisor marketing strategies - How affluent consumers conduct digital due diligence - Elite financial advisor client service models - Tips for getting referrals from clients and COIs - Online branding for elite financial advisors - How to use LinkedIn, Twitter, Facebook and Instagram for prospecting Questions for our next episode? #AskStephenAndKevin www.oechsli.com 800-883-6582 Tags: financial advisor, financial planner, RIA, insurance agent, marketing, sales, social media, LinkedIn, Twitter, Facebook, Instagram, affluent, luxury, millennial, baby boomer

The Bachelor Lifestyle
EP. 112: Boaty McBoatface

The Bachelor Lifestyle

Play Episode Listen Later Mar 22, 2016 73:39


RIP LA Law Benny, LeBron James is a 13-year-old girl, Adam LaRoche is a douche, Boaty McBoatface, Hulk Hogan, accents and people who say "amazeballs."Support this podcast at — https://redcircle.com/the-baller-lifestyle-podcast/exclusive-contentAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

Daily Mail
DailyMail: Food Stamps 4 BMW

Daily Mail

Play Episode Listen Later Mar 21, 2016 17:54


Dude who had sex in the Las Vegas Ferris Wheel ends up dead, Harlem funeral home holds open casket wake and cremation with the wrong body, Internet named a 300 million dollar boat Boaty McBoatface, dude tries to buy a BMW with food stamps, neighbor invokes Human Rights Act to have 4 year old's tree house torn down