Podcasts about gdpr

Share on
Share on Facebook
Share on Twitter
Share on Reddit
Share on LinkedIn
Copy link to clipboard

European Union regulation on the processing of personal data

  • 2,922PODCASTS
  • 6,666EPISODES
  • 34mAVG DURATION
  • 1DAILY NEW EPISODE
  • Jun 28, 2022LATEST

POPULARITY

20122013201420152016201720182019202020212022



    Best podcasts about gdpr

    Show all podcasts related to gdpr

    Latest podcast episodes about gdpr

    Ninja News, l'economia digitale
    Semaforo rosso per Google Analytics in Italia, la prima volta di Gucci in una DAO

    Ninja News, l'economia digitale

    Play Episode Listen Later Jun 28, 2022 4:08


    Stai ascoltando un estratto gratuito di Ninja PRO, la selezione quotidiana di notizie per i professionisti del digital business. Con Ninja PRO puoi avere ogni giorno marketing insight, social media update, tech news, business events e una selezione di articoli di approfondimento dagli esperti della Redazione Ninja. Vai su www.ninja.it/ninjapro per abbonarti al servizio.Google Analytics non sarebbe conforme al GDPR. A dirlo è stato il Garante per la protezione dei dati personali in Italia, con una pronuncia dai risvolti potenzialmente drastici per chi gestisce siti web. L'Authority si è espressa sulla spinosa questione del trasferimento dei dati all'estero e in particolare verso paesi privi «di un adeguato livello di protezione», come gli Stati Uniti. Nella nota, il Garante ha richiamato tutti i gestori di siti web e i titolari del trattamento a "verificare la conformità delle modalità di utilizzo di cookie e altri strumenti di tracciamento utilizzati, con particolare attenzione a GA". Per saperne di più abbiamo chiesto un chiarimento all'avvocato Giovanni Maria Riccio, pertner E-Lex. Puoi ascoltarlo nella versione podcast della newsletter. Il visore VR di Apple arriverà a gennaio. L'indiscrezione parte dall'analista Ming-Chi Kuo, esperto di previsioni sul colosso di Cupertino. I visori di Apple decreteranno un "punto di svolta" nel mercato della realtà aumentata e virtuale e probabilmente comprenderanno anche "una modalità trasparente" per non staccare l'attenzione dall'ambiente circostante. Una funzione del tutto simile a quella dei prototipi presentati nei giorni scorsi da Meta. Pharrell Williams diventa Chief Brand Officer di Doodles. Il popolare progetto di token non fungibili (NFT) ha appena assunto il produttore musicale come responsabile del marchio con l'obiettivo di estendere verso l'esterno la propria community. Williams produrrà anche un album ispirato agli NFT, intitolato Doodles Records, che sarà lanciato da Columbia Records. Dopo il singolo di Eminem e Snoop Dogg, una nuova dimostrazione di una collaborazione in fermento tra Web3 e mondo musicale.

    DataKnightmare: L'algoritmico è politico
    DK 6x32 - Acqua cheta rovina i ponti

    DataKnightmare: L'algoritmico è politico

    Play Episode Listen Later Jun 27, 2022 20:30


    Tomo tomo cacchio cacchio, il Garante lavora. E ha tirato fuori dal cappello la bomba: usare Google Analytics in Italia è illecito, salvo che si dimostri il contrario (e buona fortuna). Ma le autorità stanno palesemente parlando a nuora perché suocera intenda. Come lo vedete il cloud?

    ถามอีก กับอิก Tam-Eig
    ถามอีกกับอิก TE 549 | PDPA เรื่องที่คนมักเข้าใจผิด หุ้นตัวไหนได้ประโยชน์?

    ถามอีก กับอิก Tam-Eig

    Play Episode Listen Later Jun 27, 2022 71:13


    ถามอีก กับพี่กลด คุณทรงกลด วงศ์ไชย ผู้ช่วยกรรมการผู้จัดการ บล.ที่ปรึกษาการลงทุน เอฟ เอส เอส อินเตอร์เนชั่นแนล จำกัด และดร.อุดมธิปก ไพรเกษตร กรรมการผู้จัดการ บริษัท ดิจิทัล บิสิเนส คอนซัลท์ จำกัด คุยอะไรกันบ้าง? - ภาพรวม PDPA - ความผิดตามกฎหมายอาญา - มุมมองต่อกฎหมาย PDPA - ภาพ Supply Chain ที่เกี่ยวข้อง - 3 มิติที่แทรกอยู่ในตัวกฎหมาย - ขนาดตลาด - โอกาสการลงทุนในธีมที่เกี่ยวข้องกับ PDPA - กรณี Google ที่ผิดกฎ GDPR ในยุโรป - ภาพรวมการลงทุนในไตรมาสสาม - ทิ้งท้าย ฝากติตดาม

    Craig Peterson's Tech Talk
    Been to a Hospital Website Lately? Facebook May Have Your Personal Information!

    Craig Peterson's Tech Talk

    Play Episode Listen Later Jun 26, 2022 85:29


    Been to a Hospital Website Lately? Facebook May Have Your Personal Information! Hey, Facebook isn't the only company doing this, but there's an article from the markup. They did a study and caught Facebook. This is absolutely crazy -- receiving sensitive medical information. We're gonna talk about that right now. [Automated transcript follows] This is really concerning for a lot of people. And, and for good reason, frankly, I've been talking about this. [00:00:22] I, I think the first time I talked about it was over a decade ago and it has to do with what are called pixels. Now, marketers obviously want to show you ads and they want show you ads based on your interest. And frankly, as a consumer, if I'm looking for a new F one. I wouldn't mind seeing ads from competing car dealers or, you know, used car places, et cetera, to try and sell me that Ford truck. [00:00:53] It makes sense, right? If I'm looking for shoes, why not show me ads for shoes, but what happens when we start talking about the medical business about the legal business things get murky and people get very upset. You see the way these pixels work is you'll put a pixel, like for instance, a Facebook pixel. [00:01:15] If you go to Craig peterson.com, I've got this pixel on there from Facebook. And what it allows me to do now is retarget Facebook user. So you go to my site to go to a page on my site, and this is true for, uh, pretty much every website out there. And. I know that you went and you were looking for this, so I can retarget you in an ads. [00:01:37] I'll show you an ad. In other words, on Facebook now I've never actually done that ever. Uh, I I'm like the world's worst marketer, frankly. Uh, and, uh, but I do have that on there because it gives me some other numbers, statistics, and, and really helps you to understand how the website's being used, which I think makes a whole lot of sense. [00:01:58] So there are marketers that are using this for obvious reasons. Now, I think you understand what the pixel is. It is literally a little picture that is one pixel by one pixel, and it tends to blend in, I think even in most cases, now these pixels from different. Places like Facebook are actually transparent. [00:02:19] So you, you don't even see it on the page, but the idea is now they have a foothold on a website that doesn't belong to them. In this case, Facebook now has access to information about a website that you visited that has nothing to do with Facebook. okay. So that's the basics of how these pixels work and they're almost impossible to get rid of because in reality, many websites, mine included will even grab graphics from other websites just because you know, it it's, I'm quoting another article I pull in their graphic. [00:03:00] Of course, they'm gonna point to that other site. Why would I take that picture? Put it on my site. I don't own the rights to it. But if he'll let me that other website will, let me go ahead and show that graphic on my website, cuz there's ways to restrict it. If they don't want me doing that, they could stop me from doing it. [00:03:18] Then I I'm going to just go to the original website so they can get the credit for it's their property still. I'm not violating any copyright laws, et cetera. Does that make sense to. So what's the difference between the Facebook pixel and a picture I'm pulling from another random website? Well, the obvious thing is it's coming from a Facebook domain of some sort. [00:03:40] So, so there are ways to stop it, but there's just as many ways to get around stopping it, frankly. Well, Let's move on to something a little more sensitive. We have had problems that I reported on years ago of people going to an emergency room in a hospital. Now, when you're in that emergency room, your phone has GPS capabilities still. [00:04:06] It knows you went in the emergencyentrance to the hospital and you are. Opening it up. Maybe you're looking around, maybe you're reading articles, maybe you're plotting your trip home using Google maps. You are being tracked depending on what apps you have on your phone. If you have an Android versus an iPhone, what you've enabled, what you haven't enabled. [00:04:29] Right? All of that sort of stuff. well, this now has become a problem because as I reported there have been people who went to the hospital, went to the emergency room and started seeing ads from what you might call ambulance, chasing lawyers. Have you been injured? Is it someone else's fault? Call me right now. [00:04:54] Do he cheat him in. if that sort of thing showed up on your phone, would you get a little upset, a little nervous saying, what are they doing, trying to cash in on, on my pain, maybe literal pain. And it's not as though those ads are just showing up while you are in the emergency room, because now they've tagged you. [00:05:15] They know that you are in that emergency room. So off they'll. They will go ahead and track you and send you ads even after you leave. Hey, I wanna remind you if you want to get this, uh, this week's list of articles. I, I put out every week, my insider show notes. It has become very popular. Thousands of people get that every week. [00:05:41] Go right now to Craig peterson.com. I'll also send out a little bit of training. I do that. I have special reports. I send out. I've got more stuff I'm doing, but you gotta be on the email list. Craig peterson.com to get on my free email list now. What's happened here now is markup went ahead and looked at Newsweek's top 100 hospitals in America. [00:06:06] They went to their websites and they found about a third of the hospitals using what's called the Meel. That is the Facebook pixel I was referring to earlier. So it sends a little bit of data. Whenever someone clicks a button to let's say, schedule a doctor's appointment. Why does it do that? Well, because the Facebook pixel is on the scheduling page. [00:06:33] Let's say there's scheduling page for oncology on the website. I guess who knows that you are going to see an oncologist? Facebook? Why? Well, because the hospital has put a Facebook tracking pixel on that page. So Facebook knows, Hey, he was on the oncologist page. Maybe he has cancer. I should start showing him ads from other hospitals and from cancer medications, et cetera, etcetera, that is happening. [00:07:03] Right now, 33 of these top 100 hospitals in America. Th these are the top 100, according to Newsweek's list. Have that information. Now that data is connected to your internet. Address. So it's kinda like your computer's mailing address and they can link that back to usually to a specific individual or to a household. [00:07:30] So now they have a receipt of the appointment request. that's gone to Facebook now. They don't have everything you filled out on the page or anything, you know, you added in your social security number, maybe other medical information. Facebook didn't get all of that, but they do know that you visited the hospital's website and which pages you visited on that website. [00:07:56] So markup went ahead and contacted these hospitals. So, for example, John John's Hopkins hospital, they did find a Facebook pixel tracking on the appointment, scheduling page. They informed John's Hopkins of how that is a leak of personal information. And after being contacted by the markup, they did not remove the track. [00:08:27] also, by the way, when the markup reached out to them, the hospital did not respond UCLA Reagan medical center. They had of course a pixel and they did remove it from the scheduling page. Although they declined to comment, New York Presbyterian hospital, all these hospitals have that pixel and they did not remove it. [00:08:49] Northwestern Memorial hospital. Again, they got the tracking pixel did not remove it after they were informed about the security problems, duke university hospital, same thing. Most of these, by the way, did not respond to them. University of Pennsylvania, Houston Methodist hospital, the university of Chicago medical center. [00:09:11] Uh, the last two of those did remove the pixel. Uh, Scripps Memorial hospital out in LA JOA, California. There are many Brigham and women's Faulkner hospital. They were informed that they had the tracking picture pixel on the, on the, uh, scheduling page. They did not remove it, but you know, the time of this article, a Tufts medical center, same thing did not remove it, uh, out in Sanford in San Diego. [00:09:39] Same problem. John's Hopkins Bayview medical center, John Jefferson health, Thomas Jefferson university, hospitals, Loyola. These are big name hospitals. I'm looking at these that goes on and on sharp Memorial hospital, Henry Ford hospital. Uh, let's see some more, I'm trying to, oh, Massachusetts general hospital. [00:10:00] They did not have the tracking pixel Brigham in women's hospital, no tracking pixel on the scheduling page. So some of these hospitals were already doing it right. They re they recognized that putting this Facebook. Pixel on may help them with some of the marketing and understanding the market a little better, which is what I do, but it's also giving personal information, personal health information to Facebook and Facebook's advertisers. [00:10:32] So they didn't put it on so good for them. Again, mass general Brigham and women's, uh, Sanford Mount Sinai, university of Michigan hospital and, and others, of course. So very good news there in general. Again, don't be worried about a pixel on just a random website because it probably is being used to help with stats to know what's being used on the website. [00:10:58] And maybe, maybe just maybe using it to send a little ad to you on Facebook later. Of course, you're listening to Craig Peter son. You can get my insider show notes for absolutely free. And my little mini trainings. Oh three to five minutes every week@craigpeterson.com. Just sign up on the homepage. [00:11:23] You know, I've got it on my homeowner's policy. I have a special business policy for it. And it's something that you should seriously consider, but you need to understand first. So we're gonna talk about it. What is cyber insurance? Uh, that's what's up now? [00:11:41] Cyber insurance is something that many businesses have looked at, not all businesses have, which is kind of crazy. If you ask me according to the industry statistics right now, less than 1% market penetration for cyber insurance and is expected to. [00:12:02] Into a $20 billion industry by 2025. That is some serious money. So what is this cyber insurance? For instance, there's a rider on my home insurance for, for cyber insurance and I have special cyber insurance from a, a big company underwritten, but it is for anything that happens. In my business, that's related to cyber security and it also covers my clients because that's what we do for living is cyber security. [00:12:37] If they are following our guidelines. So it's pretty darn cool when you get right down to it, because these risks that we have in the digital world are really every. So if you're a large organization, if you're a small little enterprise, are you going to get hacked? You know, bottom line, anybody could potentially get hacked because the bad guys have gotten pretty good. [00:13:06] And most of us in business have gotten pretty lax AADA because of all of this, but not everybody understands when we're talking about cyber insurance. What does cyber mean? Well, the idea is that cyber insurance is created to protect organizations and individuals against digital risks. So we're talking about things like ransonware malware fishing campaigns. [00:13:34] So for instance, I got a call just this week from a listener who again, had their operating account emptied out, hated when that happens. And so they lost everything. They lost all of the money in the account and they're trying to get it back. I got an email this week and, uh, from a lady that I, there's not much I can do for her. [00:13:56] I pointed her in the right direction, but her father, I think it was, had his digital wallet of cryptocurrency completely emptied, completely stolen. Can you believe this sort of stuff, right? It's happening every day. You might have insurance that covers that, but you might not. Traditional insurance policies are only looking at physical risks, so they will take the physical risk things like damage to equipment, or maybe you have livestock or you have stock an inventory, a building different locations. [00:14:38] That's your standard stuff. But cyber insurance is to allow businesses to transfer the costs associated with recovery from the losses incurred when there's some form of cybersecurity breach. Now that's a pretty big deal. because the losses can be huge. It isn't just ransomware where maybe it, it costs you a million dollars in ransom payments. [00:15:08] Or if you're an individual, a retiree, maybe it only costs you 25,000 in ransom payments. And I know that's a lot, especially for retiree. But there is loss of reputation. There's loss of business, cuz you couldn't conduct business cuz you couldn't use your computers. Right? All of that sort of stuff. You got people that you have to bring in, you have to bring in a special team to try and recover your data. [00:15:33] Maybe try and figure out what had happened. Right. All of that sort of stuff. So be careful cyber insurance, a lot of people kind of mistake it for policy that pays off. Attackers to retrieve or unlock data. That's not what it's really for cyber insurance is something that allows you to, I guess the term in, in the industry is transfer risk when your online security controls fail and. [00:16:01] Basically all of them could fail. It, it, it depends, right? If you're a huge company, you can hire a bigger team for a security operation center, but at the same time, you also have more employees that are causing more problems. So look at it entirely business interruption, payments to experts to recover the data. [00:16:23] Compensation for bodily injuries, uh, depending obviously on the resulting damage and the particular policy and the rates are gonna vary based on the maturity of your cyber defenses. So this is something that I've been big on for a long time, the cyber security maturity CMMC and what that helps 'em to determine is. [00:16:49] What are your rates gonna be? So if you went out and you're just using the cable modem that they, that the, uh, company, your cable company provided for you, or you go to a big box retailer, and that's where you bought your firewall and switches, and you've got your wonderful little Lenovo PCs or Dows or whatever, and you're running, uh, Norton antivirus. [00:17:13] You are not well covered. You are not very mature from a cybersecurity standpoint. The other thing you need to be able to do is make sure you've got your asset management all in line, that you have policies and procedures in place for when things happen. You gotta have it all put together, but the average cyber insurance policy for a small to mid-size company in 2021 was about $1,600. [00:17:41] For $1 million in cyber liability coverage. Now that's not really bad at all. Now there are limits to what the provider will pay. They will often, if you do get nailed, They'll come in and double check that, everything that you said, all of those boxes that you checked when you were applying for your cyber security insurance, make sure you actually did all of them. [00:18:08] Okay. Yeah. Kind of a big deal. And you not only will they not pay out, if you didn't do everything that you said you were going to be doing. but the other problem is you might end up getting sued by. Okay. So expect a counter suit if you decide to soothe them. So don't lie on those fors people. Okay. All right. [00:18:32] Um, cyber claims, unlike non-technical events, like again, a fire flood storm damage, the cyber insurance claim might be determined by means of attack and your ability or your effort to prevent it. As I was saying, make sure you've got the checklist and this is something I think I, I should probably put a course together on to help you guys with, or maybe even a little bit of consulting for people. [00:19:01] Let me know, just send an email to me, me@craigpeterson.com. And uh, if you're interested in more info about cyber insurance, you can either look at this week's newsletter that you can. By again, going to Craig peterson.com and a link to this particular article I'm looking at, or you can tell me, Hey, listen, I'd love a little course or little support, a little help. [00:19:24] Okay. I think it makes a lot of sense. So does your business qualify for cyber insurance? Well, some do some don't, uh, you might not see yourself as a target. For the bad guys, but I'll tell you, my 85 year old father was conned by some of these cyber attack guys. Okay. And he doesn't have much money. He, he's not the bank of, uh, England bank of America. [00:19:52] None of these big banks or anything. Oh. Is a retiree living at home trying to make ends meet. So the same, thing's true for you as a business, you as an individual now. You are vulnerable most likely to a cyber attack, but you've got to really manage your risk posture. You gotta do things, right. So that's the bottom line there. [00:20:16] That's what we try and help you do. But you can find information about this again, you can just email me, me, Craig peterson.com and ask for the info on cyber insurance, or if you're already a subscriber to my newsletter. That went out Tuesday morning. So just check your mail. Maybe it's in the spam box from Tuesday morning and you'll find a lot more information linked right from there. [00:20:42] Craig peterson.com stick around. We'll be right back. [00:20:51] There are a lot of complaints about how some of these cryptocurrencies are very non green using tons of energy. And now the prices are going down. We're seeing a number of really weird things happening. [00:21:07] Cryptocurrency, as you probably have heard, has taken a tumble. Now, some of the cryptocurrencies, particularly of course, someone you might know most is Bitcoin use a lot of computing power. [00:21:20] You see, what they're trying to do is basically solve a very complex mathematical problem. And in order to do that, they need a lot of computing power. Now you can certainly run it on your little desktop computer, that program to compute those things. It's called mining. So you're mining for Bitcoin. [00:21:42] You're, you're trying to solve these mathematical problems and there's a theoretical limit to how many Bitcoins could actually potentially be mind looking right now. They're saying that circulating Bitcoin right now. Is about 19 million Bitcoin that are out there. And Bitcoin is worth about $20,000 right now, down from its huge, huge, huge high. [00:22:11] That was, uh, more than two and a half times. What it's worth right now. So, how do you mind? Well, if you take that computer and you run the software, it's gonna do some mining and it is probably going to cost you more in electricity nowadays to mine. One Bitcoin than that Bitcoin is worth. In fact, it certainly will cost you more now. [00:22:37] Uh, that's why the people that are professional Bitcoin minors have taken a different tact and what they've done. Is they found places where they can get cheap electricity. For instance, Finland, where they're using geothermal produced electricity. They're also using the cold air outside in order to cool down. [00:23:00] The computers themselves as they're trying to compute this, but there's another thing that they've been doing. And that is well, how about we buy a coal plant? That's been shut down and that's happened. So they take that coal plant. They bring it back online. They burn the coal, they produce electricity at a cheaper rate than they could buy it. [00:23:23] but behind all of this is the computing power. And what miners found a long time ago is it's better to have thousands of compute units working on solving these problems than it is just having. I don't know how many CPUs are in your computer for eight. Com, um, CPUs. How many? Well, I, how far can you get with those? [00:23:48] Yeah, they're fast, but we need thousands of computers. So what they found is that GPU's graphical processing units. Kind of met their goals. You see a GPU is actually composed of thousands of computers, little compute units. Now they can't do real fancy math. They can't do anything particularly fancy. [00:24:13] They're really designed to move. Pixels around on a screen. In other words, they're designed to help gamers have a nice smooth game while they're playing. They can be used. In fact, they're used all of the time in desktop computers, just for regular display of a webpage, for instance, or if you're watching a video, all of that is part of what they're doing. [00:24:39] With graphic processing units. And if you've been paying attention, you probably have noticed if you particularly, if you're a gamer that the price for GPUs has gone way up, not only has it gone way up and it isn't just due to the lockdown and the supply chain problems. but they're very, very, very hard to get now. [00:25:02] Yeah. Some of that is due to supply chain problems. No doubt about it. But most of these GPUs, according to some of the numbers I've seen, have actually been bought by these professional mining companies. In fact, many of them have gone the next step and they have what called custom silicone. These are completely customized process. [00:25:28] sometimes they're using Asics. Sometimes they're using other things, but these custom processors that are really good at solving that problem that they have to solve in order to mine, a bit Bitcoin or one of these other currencies. So you, you see how that all works. There's a number of GPU manufacturers and something else interesting has happened because of the drop in value of pretty much all of the cryptocurrencies. [00:26:00] And that is these GPS are going byebye. Right. Do does a company that is now no longer trading. That's no longer operating. Uh, we've seen at least two of these crypto mining companies just completely disappear. So now all of their hardware is going up for sale. You'll find it on EBA. So I, I wanna warn you, if you are looking for a GPU of some sort for your computer, maybe if you're a gamer, be very, very careful. [00:26:37] We've got a buyer beware situation here because you're not just buying a GPU. A graphics processing card, uh, that has been lightly used. It was sitting in a terminal. Maybe it's a GPU. Like I use them where, when I'm doing video editing, it does use the GPU, even some of the audio editing. It uses the GPU. [00:26:59] I'm looking at it right now and I've got some, uh, GPU utilization going on. I've got about, uh, 6% of my GPU in use right now on this computer. So. What the problem is is that these minors who are selling their old GPUs have been running them full Bo 24, 7. That's hard on anything. Isn't it. So what, uh, what's happening here is that you are seeing a market getting flooded with GPUs. [00:27:35] You really don't wanna. All right. Does that make sense? Uh, you know, there we've lost more than 50% this year already in some of these, uh, cryptocurrencies that are out there coin base has had an interesting year Celsius, a major cryptocurrency bank, suspended withdrawals, uh, just here in the last few. [00:28:01] Coin based crypto exchange announced a round of layoffs. Also here, they paused their hiring a month or two ago. It it's not going very well and prices for new and used graphic cards are continuing to fall. The peak price was late in 2021, a little bit early in 2022, but now you can go to Amazon new egg, best buy and buy current generation GPUs for prices that really would seem like bargain six months ago. [00:28:35] And pricing for used GPUs has fallen even further, which is the caveat aura URA thing here that I'm warning everybody about. You need to proceed. With caution. So there's a lot of scams, a lot of bait and switches. You know, that's been kind of normal for some things over the years on eBay. I'm afraid, but I've had pretty good luck with eBay, but any high value eBay purchase CPUs have been mining cryptocurrencies at full tilt for months or years have problems in new GPU. [00:29:12] Would not have had, you know, this heat that they generate, the dust that gets into them, that the heat is messing with can really degrade the performance and degrade the usage of that GPU here over time. Dust can also, uh, cause problems with the thermal paste that's in them could be dried out thermal paste because of the heat and that causes them to crack and causes other problems. [00:29:40] So if you buy a used GP that looks dirty or runs hot, removing and cleaning the fan and heat sink, reapplying, fresh thermal paste. Could potentially restore loss performance, and maybe you can even get that new Sony PlayStation because GPS are becoming available. Again. Visit me online Craig peterson.com and get my weekly insider show notes right there. [00:30:07] Craig peterson.com. Sign up now. [00:30:13] Self-driving is relatively new technology. And, uh, our friends at Tesla just fired an employee who posted videos of a full self-driving accident. Uh, he's done it before. [00:30:30] Tesla has a very interesting background. In fact, Elon Musk has gotten more interesting over time. And particularly lately the stuff he's saying, the stuff he's doing, but his companies have really made some amazing progress. [00:30:48] Now, one of the things that Elon did pretty well pretty early on was he decided he was going to start selling. A self-driving feature for his cars. And back in the day, you could buy it. This was before it was ready at all for, I think it was 5,000 and, uh, it was good for whenever they came out with it. [00:31:15] And then it went up to 7,000 and then I think it went to 12,000 and now it's you pay him monthly, but in reality, There are no fully self-driving qualified Teslas on the road today. It will be a little while before that happens. So this ex Tesla employee by the name of John Burnell is quoted in ours Technica saying that he was fired for posting YouTube videos about Tesla's full self-driving beta. [00:31:48] Now this is called F S D. And if you know, Computers, you know what beta is? Beta means, Hey, you know, should work, could work, probably has some problems. And that's exactly what it is. Now. Tesla told California regulators that the full self-driving beta lacks true autonomous features. And that's probably how they got by getting with putting this car on the road, these cars on the road. [00:32:19] So this X employee. Says that Tesla also cut off access to the full self driving beta in the 2021 Tesla model three that he owns. Now. He said that he paid for it. He had it legitimately, and yet Tesla cut him off from, and I guess. Anybody can try and sign up for it. I don't know all of the details behind getting that beta code. [00:32:46] If you wanted to, you probably could investigate a little bit further, but the video that he posted on February 7th provided a frame by frame analysis of a collision of his Tesla with a Ballard, a a Ballard. Those are those stanchions, those, uh, cement pillars. They usually have. Plastic on the outside that you'll see, you know, protecting sidewalks or in this case it was protecting a bike lane in San Jose. [00:33:19] So he said, no matter how minor this accident was, it was the first full self-driving beta collision caught on camera. That is irrefutable. And he says I was fired from Tesla in February with my U YouTube being cited as the reason why, even though my uploads are for my personal vehicle off company, time or property with software, I paid for. [00:33:45] And he has a, um, channel called AI addict that you can find over there on YouTube if it hasn't been taken down yet. Right. Uh, he said that he got a notice that his full self-driving beta was disabled be based on his recent driving data, but that didn't seem to fit because the morning I got fired, he says I had zero proper use strikes. [00:34:10] On my vehicle. So yeah, I, I can't say as I really would blame him, uh, him being in this case, Elon Musk for firing this guy, but it's an interesting little video to watch. It's like two and a half minutes. You'll see. And it, the guy has his hand on the steering wheel and the car is steering. Itself down the roadway and there's no other traffic really on the road. [00:34:38] I don't know when this was like a, a Sunday or something, but you can see on the screen, it is detecting things like the, the little, uh, construction pillars that are on the side of the road. And he's in a left. Turn only lane and his Tesla turns, left the steering. Wheel's kind of going a little back and forth, right? [00:34:58] As it tries to make up his mind what it's going to do and he's driving down, he just passed a ups truck. Although I would not have passed personally, the way he passed, which is the. The car decided it was going to, um, get closer to that ups truck. I, I would've purposely gone further away. And then what happens is he goes around another corner where there's some Ballards. [00:35:26] That are in the roadway. And of course the idea behind them is so the cars don't go in and accidentally strike a cyclist. But around that corner where there is a crosswalk crossing the street, there's no Ballard. So people don't have to kind of get around them. And then the Ballards start off again. So the Tesla got kind of confused by this and looking at the screen, it doesn't show the, these Ballards. [00:35:56] Being recognized. So the driver of the car grabs the stern wheel takes over at the very last second, but did actually hit the Ballard. Uh, no two ways about it here. He hit it and the car is stopped and it's just a minor scratch. He's showing it on his, uh, on his screen here. But I gotta say overall, it looks like it performed quite admirably. [00:36:24] And the fact that this apparently is the. Uh, the only time it was actually caught on video. That's interesting too, but the cars of course have cameras on them too. So I'm sure. In other cases it did record a video of it. So CNBC said it obtained a copy of Tesla's internal social media policy, and it says it makes no direct reference. [00:36:48] To criticizing the company's product in public. So we'll see what happens. Uh, apparently too, they are saying that this is the first accident in a year of testing this full self-driving. So that is darn good, frankly. And, uh, he's saying, you know, some people are saying I should have reacted sooner, which I should have. [00:37:09] But in my year of testing, the full stop driving is usually really good at detecting objects last minute and slowing to avoid. So I don't know. We'll see what happens here. Tesla's doing a very good job. Hey, and I got another car story for you. This one, I. Think is totally, totally cool. You might remember Congress passed a law back in the seventies saying that we had to have what these cafe standards for vehicles efficiencies. [00:37:36] In other words, you had to have certain fuel efficiency across all of the cars that you manufactured, you know? Okay. It is good enough, whatever. And, uh, they, they weren't able to make. uh, the car manufacturers, they weren't able to hit it until they came up with a whole new ignition technology for the cars. [00:38:00] And that of course is fuel injection. You might remember we had car braiders and all of the cars, not very efficient. The engines themselves aren't very efficient, but we came up with fuel injection. And that helped the car manufacturers to meet these new cafe standards. Now, unfortunately, car manufacturers have removed weight from the cars in order to gain fuel efficiency in order to meet these federal requirements. [00:38:28] So they've done things like taking out the full size spare tire, right? You, you had that before and that full size spare tire is now replaced with. Stupid a little tire, right? That, you know, you can limp down the road a little ways, but not very far, but they've also removed steel and various metals from other parts of the car. [00:38:47] And many people have said it's made the cars less safe. The same time they've added more safety features like the side impact airbags and, and other things and, and airbags that will Mame. But, but that's a different story entirely. Uh, but this is very, very cool because there's a company called transient plasma systems TPS, and they came up with this new advanced ignition system that uses plasma. [00:39:17] They've designed it in such a way that it replaces your spark plugs in your. And now they put the ignition module in that uses nanosecond duration, pulses of plasma to ignite that air fuel mixture that's inside the cylinder. So you're still doing the fuel injection, but you're igniting it with a nanosecond worth of. [00:39:43] Plasma. Isn't that just amazing. So they've tested that technology 2019 is when they came out with it and they did some bench testing, but now it's almost ready for production. So they're doing now with vehicle manufacturers, validation testing. It is frankly very cool. And they don't have to do it on brand new engines either. [00:40:08] They will come up with retro Kitt fixed fixes. Now, imagine this getting 20% better mileage by basically replacing your spark plugs and a little more firmware changes in your engine controller. No question about that one, right. But this is frankly. Absolutely amazing. Now it's going to take a lot of years before we move to electric vehicles. [00:40:34] For a lot of reasons. We're not ready. The country isn't ready. The infrastructure isn't ready. People aren't ready. The cars aren't ready. We don't even know what. To do with the batteries. People complain about nuclear waste while there are now huge fields full of these batteries while they're trying to figure out what do we do with the used batteries from these electric or hybrid cars, because man, they it's a huge problem. [00:40:59] All kinds of toxic stuff in them. And they haven't been good at being able to recycle 'em it's not like the old lead acid batteries. That are very easy to recycle. So it's going to be years before they really stop selling any of these internal combustion engines and even longer before they ban internal combustion engines. [00:41:21] From the roadways. So this plasma ignition system is going to really, really help 20%. That is darn good. And I am looking at the article right now. They used this Toyota engine. This is a 2.5 liter Toyota Camry Atkinson cycle, thermal efficiency around 40%, which is absolutely amazing. Good job Toyota. And. [00:41:48] Replaced the spark plug with this. Ignition system, this new ignition system using of course plasma and they found some amazing, amazing, uh, statistics here improvements. So in some cases they're seeing. The spark plugs and the plasmas getting 6% increase in fuel economy and others are seeing 20% increases. [00:42:17] Of course, they've got to do more testing, extreme heat, extreme, cold, wet, dry, but that's gonna be happening. And we might see this in our cars in the next couple of years. Make sure you sign up right now. For my newsletter, get my insider show notes for free Craig peterson.com. [00:42:39] Hey, it looks like if you did not invest in crypto, you were making a smart move and not moving. Wow. We got a lot to talk about here. Crypto has dived big time. It's incredible. What's happened. We get into that more. [00:42:56] Crypto currencies. It, it it's a term for all kinds of these basically non-government sanctioned currencies. [00:43:06] And the idea behind it was I should be able to trade with you and you should be able to trade with me. We should be able to verify the transactions and it's kind of nobody's business as to what's happening behind the scenes. And yet in reality, Everybody's business because all of those transactions are recorded in a very public way. [00:43:30] So crypto in this case does not mean secret or cryptography. It's actually referring to the way the ledgers work and your wallets and, and fact, the actual coins themselves, a lot of people have bought. I was talking with my friend, Matt earlier this week and Matt was saying, Hey, listen, uh, I made a lot of money off of crypto. [00:43:57] He's basically a day trader. He watches it. Is it going up? Is it going down? Which coin is doge coin? The way to go? Cuz Elon must just mentioned it. Is it something else? What should I do? And he buys and sells and has made money off of it. However, a lot of people have. And held onto various cryptocurrencies. [00:44:19] Of course, the most popular one. The one everybody knows about is Bitcoin and Bitcoin is pretty good stuff, you know, kind of bottom line, but 40% right now of Bitcoin investors are underwater. Isn't that incredible because of the major dropoff from the November peak. And this was all started by a problem that was over at something called Tara Luna, which is another cryptocurrency now. [00:44:51] You know, already that there is a ton of vol a ton of, uh, changes in price in various cryptocurrencies, Bitcoin being of course a real big one where, you know, we've seen 5,000, $10,000 per Bitcoin drops. It, it really is an amazingly, uh, fluid if you will coined. So there's a number of different people that have come out with some plans. [00:45:19] How about if we do kinda like what the us dollar used to do, which is it's tied to a specific amount of gold or tied to a specific amount of silver. Of course, it's been a while since that was the case. Uh, president Nixon is the one that got us off of those standards, but. Having gold, for instance, back in your currency means that there is going to be far less fluctuation and your currency means something. [00:45:49] See, the whole idea behind currency markets for government is yeah, you do print money and you do continue to increase the amount of money you print every year. Because what you're trying to do is create money for the. Goods product services that are created as well. So if, if we create another million dollars worth of services in the economy, there should be another million dollars in circulation that that's the basic theory. [00:46:20] Monetary theory really boiling it. Right. Down now of course, you know, already our government has printed way more than it. Maybe should have. It is certainly causing inflation. There's no doubt about that one. So they're looking at these various cryptocurrencies and saying, well, what can we do? How can we have like a gold standard where the us dollar was the currency the world used and it, its value was known. [00:46:46] You see, having a stable currency is incredibly important for consumers and businesses. A business needs to know, Hey, listen, like we sign a three year contract with our vendors and with our customers. And so we need a stable price. So we know what's our cost going to be, what can we charge our customer here? [00:47:06] Can the customer bear the price increases, et cetera. The answer to most of those questions of course is no, they really, they really can't is particularly in this day and age. So having a. Fixed currency. We know how much it's worth. I know in two years from now, I'm not gonna be completely upside down with this customer because I'm having to eat some major increases in prices. [00:47:31] And as a consumer, you wanna look at it and say, wow, I've got a variable rate interest rate on my mortgage. And man, I remember friends of mine back in the eighties, early eighties, late seventies, who just got nailed by this. They had variable rate interest loan on their home because that's all they could get. [00:47:50] That's all they could afford. So the variable rate just kept going up. It was higher than credit cards are nowadays. And I remember a friend of mine complaining, they had 25% interest and that's when they lost a house because 25% interest means if you have a a hundred thousand dollars loan, you got $25,000 in interest that year, you know, let alone principal payments. [00:48:14] So it, it was a really. Thing. It was really hard for people to, to deal with. And I, I can understand that. So the cryptocurrency guys. I said, okay, well let's tie it to something else. So the value has a value and part of what they were trying to tie it to is the us dollar. That's some currencies decided to do that. [00:48:39] And there were others that tried to tie it to actual. Assets. So it wasn't just tied to the dollar. It was okay. We have X dollars in this bank account and that's, what's backing the value of our currency, which is quite amazing, right. To think about that. Some of them are backed by gold or other precious metals. [00:49:02] Nowadays that includes a lot of different metals. Well, this one coin called Tara Luna dropped almost a hundred percent last week. Isn't that amazing. And it had a sister token called Tara us D which Tara Luna was tied to. Now, this is all called stablecoin. Right? The idea is the prices will be stable. and in the case of Tara and Tara S D the stability was provided by a computer program. [00:49:37] So there's nothing really behind it, other than it can be backed by the community currencies themselves. So that's something like inter coined, for instance, this is another one of the, there are hundreds of them out there of these, uh, cryptocurrencies. The community backs it. So the goods and services that you can get in some of these communities is what gives value to inter Pointe money system. [00:50:03] Now that makes sense too, right? Because the dollar is only worth something to you. If it's worth something to someone else, right. If you were the only person in the world that had us dollars, who, who would want. Like, obviously the economy is working without us dollars. So why would they try and trade with you? [00:50:24] If you had something called a us dollar that nobody else had, or you came up with something, you made something up out of thin air and said, okay, well this is now worth this much. Or it's backed by that, et cetera. Because if again, if you can't spend it, it's not worth anything. Anyhow, this is a very, very big deal because on top of these various cryptocurrencies losing incredible amounts of money over the last couple of weeks, We have another problem with cryptocurrencies. [00:50:59] If you own cryptocurrencies, you have, what's called a wallet and that wallet has a transaction number that's used for you to track and, and others to track the money that you have in the cryptocurrencies. And it it's, um, pretty good little. Fun function or feature. It's kind of hard for a lot of people to do so they have these kind of crypto banks. [00:51:21] So if you have one of these currencies, you can just have your currency on deposit at this bank because there's, there's a whole bunch of reasons, but one of the reasons is if. There is a, a run on a bank, or if there's a run on a cryptocurrency, currencies have built into them incredibly expensive penalties. [00:51:45] If you try and liquidate that cryptocurrency quickly. And also if there are a lot of people trying to liquidate it. So you had kind of a double whammy and people were paying more than three. Coin in order to sell Bitcoin. And so think about that. Think about much of Bitcoin's worth, which is tens of thousands of dollars. [00:52:05] So it's overall, this is a problem. It's been a very big problem. So people put it into a bank. So coin base is one of the big one coin coin base had its first quarter Ernie's report. Now, this is the us' largest cryptocurrency exchange and they had a quarterly loss for the first quarter of 2022 of 430 million. [00:52:35] That's their loss. And they had an almost 20% drop in monthly users of coin. So that's something right. And they put it in their statement, their quarterly statement here as to, you know, what's up. Well, here's the real scary part Coinbase said in its earning earnings report. Last Tuesday that it holds the. [00:53:01] 256 billion in both Fiat currencies and crypto currencies on behalf of its customers. So Fiat currencies are, are things like the federal reserve notes, our us dollar. Okay. A quarter of a trillion dollars that it's holding for other people kind of think of it like a bank. However, they said in the event, Coinbase we ever declare bankruptcy, quote, the crypto assets. [00:53:31] We hold in custody on behalf of our customers could be subject to bankruptcy proceedings. Coinbase users would become general unsecured creditors, meaning they have no right to claim any specific property from the exchange in proceedings people's funds would become inaccessible. Very big deal. Very scary for a very, very good reason. [00:53:57] Hey, when we come back, uh, websites, you know, you go, you type stuff in email address, do you know? You don't even have to hit submit. In most cases, they're stealing it. [00:54:09] I'm sure you've heard of JavaScript in your browser. This is a programming language that actually runs programs right there in your web browser, whether you like it or not. And we just had a study on this. A hundred thousand websites are collecting your information up-front. [00:54:26] This is not a surprising thing to me. I have a, in my web browser, I have JavaScript turned off for most websites that I go to now, JavaScript is a programming language and it lets them do some pretty cool things on a webpage. [00:54:44] In fact, that's the whole idea behind Java. Uh, just like cookies on a web browser where they have a great use, which is to help keep track of what you're doing on the website, where you're going, pulling up other information that you care about, right? Part of your navigation can be done with cookies. They go on and on in their usefulness, but. [00:55:06] Part of the problem is that people are using them to track you online. So like Facebook and many others will go ahead and have their cookies on other websites. So they know where you're going, what you're doing, even when you're not on Facebook, that's by the way, part of. The Firefox browser's been trying to overcome here. [00:55:31] They have a special fenced in mode that happens automatically when you're using Firefox on Facebook. Pretty good. Pretty cool. The apple iOS devices. Use a different mechanism. And in fact, they're already saying that Facebook and some of these others who sell advertiser, Infor advertisers information about you have really had some major losses in revenue because apple is blocking their access to certain information about you back to Javas. [00:56:07] It's a programming language that they can use to do almost anything on your web browser. Bad guys have figured out that if they can get you to go to a website or if they can insert and add onto a page that you're visiting, they can then use. Your web browser, because it's basically just a computer to do what well, to mind Bitcoin or other cryptocurrencies. [00:56:34] So you are paying for the electricity for them as your computer is sitting there crunching on, uh, these algorithms that they need to use to figure out how to find the next Bitcoin or whatever. Be, and you are only noticing that your device is slowing down. For instance, our friends over on the Android platform have found before that sometimes their phones are getting extremely hot, even when they're not using them. [00:57:01] And we've found that yeah, many times that's just a. Bitcoin minor who has kind of taken over partial control of your phone just enough to mind Bitcoin. And they did that through your web browser and JavaScript. So you can now see some of the reasons that I go ahead and disable JavaScript on most websites I go to now, some websites aren't gonna work. [00:57:24] I wanna warn you up front. If you go into your browser settings and turn off JavaScript, you are going. Break a number of websites, in fact, many, many websites that are out there. So you gotta kind of figure out which sites you want it on, which sites don't you want it on. But there's another problem that we have found just this week. [00:57:45] And it is based on a study that was done. It's reported in ours Technica, but they found. A hundred thousand top websites, a hundred thousand top websites. These include signing up for a newsletter making hotel reservation, checking out online. Uh, you, you probably take for granted that you nothing happens until you hit submit, right? [00:58:11] That used to be the case in web 1.0 days. It isn't anymore. Now I wanna point out we, I have thousands of people who are on my email list. So every week they get my, my, uh, insider show notes. So these are the top articles of the week. They are, you know, usually six to 10 articles, usually eight of them that are talking about cybersecurity, things of importance in. [00:58:39] The whole radio show and podcast are based on those insider show notes that I also share with the host of all of the different radio shows and television shows that I appear on. Right. It's pretty, pretty cool. So they get that, but I do not use this type of technology. Yeah. There's some JavaScript that'll make a little sign up thing, come up at the top of the screen, but I am not using technology that is in your face or doing. [00:59:08] What these people are doing, right? So you start filling out a form. You haven't hit cement. And have you noticed all of a sudden you're getting emails from. Right. It's happened to me before. Well, your assumption about hitting submit, isn't always the case. Some researchers from KU LUN university and university of Lue crawled and analyzed the top 100,000 websites. [00:59:37] So crawling means they have a little robot that goes to visit the webpage, downloads all of the code that's on the page. And then. Analyzed it all right. So what they found was that a user visiting a site, if the, the user is in the European union is treated differently than someone who visits the site from the United States. [01:00:01] Now there's a good reason for this. We've helped companies with complying with the GDPR, which are these protection rules that are in place in the European union. And that's why you're seeing so many websites. Mine included that say, Hey, listen, we do collect some information on you. You can click here to find out more and some websites let you say no, I don't want you to have any information about me. [01:00:26] We collect information just so that you can navigate the site properly. Okay. Very basic, but that's why European union users are treated differently than those coming from the United States. So this new research found that over 1800 websites gathered an EU user's email address without their consent. So it's almost 2000 websites out of the top 100,000. [01:00:54] If you're in the EU and they found. About well, 3000 websites logged a us user's email in some form. Now that's, before you hit submit. So you start typing in your email, you type in your name and you don't hit submit. Many of the sites are apparently grabbing that information, putting it into the database and maybe even started using it before you gave them explicit permission to do. [01:01:27] Isn't that a fascinating and the 1800 sites that gathered information on European news union users without their consent are breaking the law. That's why so many us companies decided they had to comply with the GDPR because it's a real big problem. So these guys also crawled websites for password leaks and May, 2021. [01:01:55] And they found 52 websites where third parties, including Yex Yex is. Big Russian search engine a and more were collecting password data before submission. So since then the group went ahead and let the websites know what was happening, what they found, uh, because it's not necessarily intentional by the website itself. [01:02:21] It might be a third party, a third party piece of software. That's doing it. They, they informed those sites. Hey, listen, you're collecting user data before there's been explicit consent to collect it. In other words, you, before you hit the submit button and they thought, wow, this is a very surprising, they thought they might find a few hundred website, but. [01:02:45] Course of a year now they found that there were over 3000 websites really that were doing this stuff. So they presented their findings at Usenet. Well, actually they haven't presented 'em yet. Cuz it's gonna be at use N's. In August and these are what they call leaky forums. So yet another reason to turn off JavaScript when you can. [01:03:09] But I also gotta add a lot of the forums do not work if JavaScript's not enabled. So we gotta do something about it. Uh, maybe complain, make sure they aren't clutching your data. Maybe I should do a little course on that one so you can figure out are they doing it before even giving permission? Anyhow, this is Craig Peter son. [01:03:29] Visit me online. Craig Peter son.com and sign up for that. No obligation inside your show notes. [01:03:36] We are shipping all kinds of military equipment over to Ukraine. And right now they're talking about another $30 billion worth of equipment being shipped to what was the world's number one arms dealer - Ukraine. [01:03:53] I'm looking right now at an article that was in the Washington post. And you know, some of their stuff is good. [01:04:01] Some of their stuff is bad, I guess, kinda like pretty much any media outlet, but they're raising some really good points here. One of them is that we are shipping some pretty advanced equipment and some not so advanced equipment to Ukraine. To help them fight in this war to protect themselves from Russia. [01:04:24] Now, you know, all of that, that's, that's pretty common. Ultimately looking back in history, there have been a lot of people who've made a lot of money off of wars. Many of the big banks financing, both sides of wars. Going way, way back and coming all the way up through the 20th century. And part of the way people make money in war time is obviously making the equipment, the, and supplies and stuff that the armies need. [01:04:57] The other way that they do it is by trading in arms. So not just the supplies. The bullets all the way through the advanced missile systems. Now there's been some concerns because of what we have been seen online. We've talked about telegram here before, not the safest web, you know, app to use in order to keep in touch. [01:05:24] It's really an app for your phone and it's being used. Ukraine to really coordinate some of their hacker activities against Russia. They've also been using it in Russia, te telegram that is in order to kind of communicate with each other. Ukraine has posted pictures of some of the killed soldiers from Russia and people have been reaching out to their mothers in Russia. [01:05:53] They've done a lot of stuff with telegram it's interest. And hopefully eventually we'll find out what the real truth is, right? Because all sides in the military use a lot of propaganda, right? The first casualty in war is the truth. It always has been. So we're selling to a country, Ukraine that has made a lot of money off of selling. [01:06:19] Been systems being an inter intermediary. So you're not buying the system from Russia? No, no. You're buying it from Ukraine and it has been of course, just as deadly, but now we are sending. Equipment military great equipment to Ukraine. We could talk about just that a lot. I, I mentioned the whole lend lease program many months ago. [01:06:45] Now it seems to be in the news. Now takes a while for the mainstream media to catch up with us. I'm usually about six to 12 weeks ahead of what they're talking about. And so when we're talking about Lynn Le, it means. We're not giving it to them. We're not selling it to them. We're just lending them the equipment or perhaps leasing it just like we did for the United Kingdom back in world. [01:07:10] Wari, not a bad idea. If you want to get weapons into the hands of an adversary and not really, or not an adversary, but an ally or potential ally against an adversary that you have, and they have. But part of the problem is we're talking about Ukraine here. Ukraine was not invited in NATO because it was so corrupt. [01:07:33] You might remember. they elected a new president over there that president started investigating, hired a prosecutor to go after the corruption in Ukraine. And then you heard president Joe Biden, vice president at the time bragging about how he got this guy shut down. Uh, yeah, he, he got the prosecutor shut down the prosecutor that had his sights on, of course hunter Biden as well as other people. [01:08:00] So it it's a real problem, but. Let's set that aside for now, we're talking about Ukraine and the weapon systems we've been sending over there. There have been rumors out there. I haven't seen hard evidence, but I have seen things in various papers worldwide talking about telegrams, saying. That the Ukrainians have somehow gotten their hands on these weapons and are selling them on telegram. [01:08:30] Imagine that, uh, effectively kind of a dark web thing, I guess. So we're, we're saying, well, you know, Biden administration, uh, you know, yeah. Okay. Uh, that, that none of this is going to happen. Why? Well, because we went ahead and we put into the contracts that they could not sell or share or give any of this equipment away without the explicit permission of the United States government. [01:09:01] Well, okay. That, that kind of sounds like it's not a bad idea. I would certainly put it into any contract like this, no question, but what could happen here? If this equipment falls into the hands of our adversaries or, or other Western countries, NATO countries, how do you keep track of them? It it's very hard to do. [01:09:22] How do you know who's actually using them? Very hard to do so enforcing these types of contracts is very difficult, which makes a contract pretty weak, frankly. And then let's look at Washington DC, the United States, according to the Washington post in mid April, gave Ukraine a fleet of I 17 helicopter. [01:09:49] Now these MI 17 helicopters are Russian, originally Soviet designs. Okay. And they were bought by the United States. About 10 years ago, we bought them for Afghan's government, which of course now has been deposed, but we still have our hands on some of these helicopters. And when we bought them from Russia, We signed a contract. [01:10:16] The United States signed a contract promising not to transfer the helicopters to any third country quote without the approval of the Russian Federation. Now that's according to a copy of the certificate that's posted on the website of Russia's federal service on military technical cooperation. So there you. [01:10:38] Russia's come out and said that our transfer, those helicopters has grossly violated the foundations of international law. And, and you know, what they, it has, right. Arms experts are saying that Russia's aggression Ukraine more than justifies us support, but the violations of the weapons contracts, man, that really hurts our credibility and the, our we're not honoring these contracts. [01:11:06] How can we expect Ukraine to honor those contracts? That's where the problem really comes in. And it's ultimately a very, very big problem. So this emergency spending bill that it, you know, the $30 billion. Makes Ukraine, the world's single largest recipient of us security assistance ever. They've received more in 2022 than United States ever provided to Afghanistan, Iraq, or Israel in a single year. [01:11:40] So they're adding to the stockpiles of weapons that we've already committed. We've got 1400 stinger anti-aircraft systems, 5,500 anti tank, Mitch missiles, 700 switch blade drones, nine 90. Excuse me, long range Howards. That's our Tillery 7,000 small arms. 50 million rounds of ammunition and other minds, explosives and laser guided rocket systems, according to the Washington post. [01:12:10] So it's fascinating to look. It's a real problem. And now that we've got the bad guys who are using the dark web, remember the dark web system that we set up, the onion network. Yeah. That one, uh, they can take these, they can sell them, they can move them around. It is a real problem. A very big problem. What are we gonna do when all of those weapons systems come back aimed at us this time? [01:12:40] You know, it's one thing to leave billions of dollars worth of helicopters, et cetera, back in Afghanistan is the Biden administration did with their crazy withdrawal tactic. Um, but at least those will wear out the bullets, missile systems, Howard, yours, huh? Different deal. [01:13:01] It seems like the government calls war on everything, the war against drugs or against poverty. Well, now we are looking at a war against end to end encryption by government's worldwide, including our own. [01:13:18] The European union is following in America's footstep steps, again, only a few years behind this time. [01:13:27] Uh, but it's not a good thing. In this case, you might remember a few have been following cybersecurity. Like I have back in the Clinton administration, there was a very heavy push for something called the clipper chip. And I think that whole clipper chip. Actually started with the Bush administration and it was a bad, bad thing, uh, because what they were trying to do is force all businesses to use this encryption chip set that was developed and promoted by the national security agency. [01:14:04] And it's supposed to be an encryption device that is used to secure, uh, voice and data messages. And it had a built in. Back door that allowed federal state, local law enforcement, anybody that had the key, the ability to decode any intercepted voice or data transmissions. It was introduced in 93 and was thank goodness. [01:14:32] Defunct by 1996. So it used something called skip Jack man. I remember that a lot and it used it to transfer dilly or Diffy excuse me, Hellman key exchange. I've worked with that before crypto keys. It used, it used the, uh, Des algorithm, the data encryption standard, which is still used today. And the Clinton administration argued that the clipper chip was. [01:14:59] Absolutely essential for law enforcement to keep up with a constantly progressing technology in the United States. And a lot of people believe that using this would act as frankly, an additional way for terrorists to receive information and to break into encrypted information. And the Clinton administration argued that it, it would increase national security because terrorists would have to use it to communicate with outsiders, bank, suppliers, contacts, and the government could listen in on those calls. [01:15:33] Right. Aren't we supposed to in United States have have a right to be secure in our papers and other things, right? The, the federal government has no right to come into any of that stuff unless they get a court order. So they were saying, well, we would take this key. We'll make sure that it's in a, a lock box, just like Al gore social security money. [01:15:55] And no one would be able to get their hands on it, except anyone that wanted to, unless there was a court order and you know how this stuff goes, right. It, it just continues to progress. And. A lot worse. Well, there was a lot of backlash by it. The electronic privacy information center, electronic frontier foundation boast, both pushed back saying that it would not. [01:16:20] Only have the effect of, of not, excuse me, have the effect of this is a quote, not only subjecting citizens to increased impossibly illegal government surveillance, but that the strength of the clipper trips encryption could not be evaluated by the public as its design. Was classified secret and that therefore individuals and businesses might be hobbled with an insecure communication system, which is absolutely true. [01:16:48] And the NSA went on to do some things like pollute, random number generators and other things to make it so that it was almost impossible to have end-to-end encrypted data. So we were able to kill. Many years ago. Now what about 30 years ago? Uh, when they introduced this thing? Well, it took a few years to get rid of it, but now the EU is out there saying they want to stop end, end encryption. [01:17:16] The United States has already said that, or the new director of Homeland security has, and as well as Trump's, uh, again, Homeland security people said we need to be able to break the. And, and we've talked about some of the stories, real world stories of things that have happened because of the encryption. [01:17:37] So the EU has now got a proposal forward that would force tech companies to scan private messages for child sexual abuse material called CSAM and evidence of grooming. Even when those messages are supposed to be protected by end to end encrypt. So we know how this goes, right? It, it starts at something that's, everybody can agree on, right? [01:18:05] This child, sexual abuse material, uh, abductions of children, all, you know, there's still a lot of slavery going on in the world. All of that stuff needs to be stopped. And so we say, ye

    GDPR Weekly Show
    GDPR Weekly Show Episode 202 :- Japan. Russia, Hybrid Working, Tarmac, Data Reform, Childcare, MGM Hotels, Queensland, Pittsburgh, Data Breach, MCG Health, Trident Care, Location Data

    GDPR Weekly Show

    Play Episode Listen Later Jun 25, 2022 36:52


    Coming up in this week's episode: Japanese man loses USB key with details of all city residents. Russia leads league table for data breaches, Survey confirms trends towards Hybrid Working, Tarmac warned after data breach, A look at changes planned via the UK Data Reform Bill, Childcare apps find to lack data security measures, MGM Hotels and Resorts data appears on Telegram, Queensland proposes changes to data protection legislation, University of Pittsburgh pays compensation after data breach, What additional costs does a data breach bring? MCG Health data breach, Trident Care data breach, Spain and Austria dispute whether location data is personally identifiable data as defined by GDPR

    SDM Interview Show
    Episode 245: Talking Privacy Policies and Terrmageddon

    SDM Interview Show

    Play Episode Listen Later Jun 24, 2022 36:06


    Rob Cairns talks to Hans and Donata Skillrud about privacy policies and Termageddon. Show Highlights: Why privacy policies matter. GDPR, California and Canada. Why you must have a privacy policy. What is Terrmageddon?

    Panetta Tech News
    33. Panetta Paper: Il GDPR va riformato?

    Panetta Tech News

    Play Episode Listen Later Jun 24, 2022 7:28


    Secondo il garante europeo della privacy Wojciech Wiewiórowski occorre intervenire sul regolamento per la protezione dei dati per renderlo più efficace e risolvere le storture delle sue applicazioni.Ce ne parla il nostro partner da Bruxelles, Vincenzo Tiani.

    Podnicast s Petrom Chodelkom
    189. Monika Valentová (Finstat): O expanzii HitHorizons a nakupovaní dát za státisíce eur

    Podnicast s Petrom Chodelkom

    Play Episode Listen Later Jun 23, 2022 40:18


    Monika Valentová je spoluzakladateľka dátovej spoločnosti Finstat a riaditeľka expanzie platformy HitHorizons. Pomáha spoločnostiam rozširovať a rozvíjať svoje podnikanie. V 189. epizóde sa dozviete:aká bola hlavná myšlienka expanzie ,ako v praxi spracujú získané dáta a spätnú väzbu od klientov, aké verejné databázy fungujú v Česku,ktoré informácie sú pre firmu dostupné,od okoho nakupujú dáta v zahraničí,v akej finančnej výške sa pohybuje získavanie dát,akým spôsobom získavajú klientov v zahraničí,aká je marketingová stratégia firmy,ako GDPR ovplyvnilo chod firmy a čo je možné zverejniť,kto si najčastejšie kupuje produkty Finstatu a HitHorizonts,aká je nákladovosť expanzie, kto je hlavný investorom firmy Finstat, z akých ľudí sa skladá tím Finstatu, čím sa líšia od konkurencie a aká je ich vízia.  Všetky epizódy Podnicastu nájdete na podnicast.com alebo na Spotify, Apple Podcasts a Google Podcasts.Dvojtýždenný (ne)biznisový newsletter SEDMIČKA, v ktorom sa dozviete zaujímavé tipy a triky, môžete začať odoberať na podnicast.com/sedmicka.Ak nám chcete dať spätnú väzbu, máte nápad na zlepšenie alebo by ste v Podnicaste chceli počuť niečo konkrétne, napíšte nám na peter@podnicast.com. Ďakujeme, že ste s nami a počúvate Podnicast s Petrom Chodelkom.

    Life with GDPR
    FRC Report on Compliance with the UK Modern Slavery Act Update

    Life with GDPR

    Play Episode Listen Later Jun 23, 2022 21:16


    Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, we review the recently released Financial Reporting Council (FRC), the UK Anti-Slavery Commissioner, and Lancaster University (Management School) report on a sample of a hundred major companies' modern slavery statements and their strategic and governance reports. Some of the highlights  include: 1.     Why the Report? 2.     Some successes but much criticism. 3.     Public responses when slavery issues are uncovered. 4.     Why contracts are a part of the solution. 5.     Key takeaways from the Report. Resources For more information on the FRC Report, check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices

    Serious Privacy
    What do Internal Monologues and Republicans have in Common? Serious Privacy (a week in privacy with Paul and K)

    Serious Privacy

    Play Episode Listen Later Jun 22, 2022 32:49


    This episode of Serious Privacy, Paul Breitbarth of Catawiki and Dr. K Royal of Outschool meet to discuss some recent events in the privacy and data protection world, such as the proposed American Data Protection and Privacy Act, as the hearings, featuring comments presented from Caitriona Fitzgerald, Deputy Director of the Electronic Privacy Information Center (EPIC); David Brody, Managing Attorney, Digital Justice Initiative, Lawyers' Committee for Civil Rights Under Law; Bertram Lee, Senior Policy Counsel, Data Decision Making, and Artificial Intelligence, Future of Privacy Forum (FPF); Jolina Cuaresma, Senior Counsel, Privacy & Technology PolicyCommon Sense Media; John Miller, Senior Vice President of Policy and General Counsel, Information Technology Industry Council; Graham Dufault, Senior Director for Public Policy, ACT | The App Association; Doug Kantor, General Counsel, National Association of Convenience Stores; and Maureen K. Ohlhausen, Co-Chair, 21st Century Privacy Coalition.Tune in to hear about the ADPPA, as well as news about the European Data Protection Board plenary session, and a new bill that passed in MN on education technology & privacy for students. As always, if you have comments or questions, let us know - LinkedIn, Twitter @podcastprivacy @euroPaulB @heartofprivacy @trustArc and email seriousprivacy@trustarc.com. Please do like and write comments on your favorite podcast app so other professionals can find us easier. 

    The Geek In Review
    Peter Baumann: There is So Much Value In Your Data… Once You Control the Risks

    The Geek In Review

    Play Episode Listen Later Jun 22, 2022 52:19


    [Ed. Note: This week marks The Geek in Review's 4th Anniversary. We thank you all for listening, subscribing, and telling your colleagues about what you hear. We'd love to hear more from you on what your favorite episodes are or what topics you'd like us to cover. Tweet us at @gebauerm and @glambert with your thoughts. Thank You Listeners!! - GL/MG] We all know the saying "High Risk, High Reward." But when it comes to data security, Peter Baumann, CEO and co founder of ActiveNav, we derive the value of the data because we just can't get through the risk. There are three things always facing businesses whenever there is data involved, and that is the protection of the business's reputation, the costs involved in non-compliance, and then the exponential growth of data within the organization. We are so focused on reacting to these three variables, that we simply cannot do anything on the value of the data itself. Peter talks with us about the number of existing patchwork of regulations around the world, and how it makes it too difficult for business and organizations to comply. And while most experts suggested that regulations like GDPR would only govern those with businesses or people in Europe, it's become the de facto compliance bar for privacy and data security for many businesses. He suggests that the US Government needs to step in an set a clear regulatory path around data privacy and security so that businesses know what the rules are, and the legal industry can better advise their clients on what steps they need to take to be compliant. We dive deep in this episode and talk about what is structured and data. And how the existence of "dark data" within a business is what brings the highest risk of all. While doing data assessments on Terabytes and even Petabytes of data is extremely expensive, data breaches are even more expensive. The goal in Peter's mind is to get to "zero dark data" so that you can stop worrying completely on the risks, and start understanding the value within your data. Contact Us Twitter: @gebauerm or @glambert Voicemail: 713-487-7270 Email: geekinreviewpodcast@gmail.com Music: Jerry David DeCicca Transcript available on 3 Geeks and a Law Blog

    GDPR Weekly Show
    GDPR Weekly Show Episode 201 :- UK Data Reform Bill, Shoprite, Eye Care Leaders, Schneck, TikTok, Kaiser Permanente, Desjardins, Lake Charles Sherriff's Office

    GDPR Weekly Show

    Play Episode Listen Later Jun 22, 2022 25:31


    Coming up in this week's episode: UK Government issues more details on Data Reform Bill, Shoprite data breach, Eye Care Leaders ransomware attack affects healthcare providers across USA, Schneck facing lawsuit after data breach, TikTok moves US user's data to Oracle to allay privacy concerns, Kaiser Permanente data breach, Desjardins order to pay $200 million after data breach, Lake Charles Sherriff's Office data breach

    Risk Management Show
    Understanding and managing risk as a holistic concept with Edward Cahill

    Risk Management Show

    Play Episode Listen Later Jun 22, 2022 11:56


    In this episode you will hear Edward's insights on holistic approach to risk management, and how organisations can leverage external information and best practices to improve their risk management. Edward Cahill is the CEO of ONBORD, an all-in-one, digital KYC, AML, Credit Decisioning and Anti-fraud technology. It helps organisations transform their business with paperless processes that ensure they are regulatory and GDPR compliant. Their plug-and play solution also helps increasing efficiency and decrease risk. If you want to be our guest, or you know some one who would be a great guest on our show, just send your email to info@globalriskconsult.com with a subject line “Global Risk Community Show” and give a brief explanation of what topic you would like to to talk about and we will be in touch with you asap.    

    Altalex News
    Privacy: ammonito l'avvocato per il ritardo sulla richiesta del cliente di accesso ai dati

    Altalex News

    Play Episode Listen Later Jun 22, 2022 3:30


    Il Garante, con il provvedimento n. 17/2022 ha chiarito che le informazioni richieste devono essere fornite entro un mese dalla richiesta.>> Leggi anche l'articolo: https://bit.ly/3HA7K6k>> Scopri tutti i podcast di Altalex: https://bit.ly/2NpEc3w

    GDPR Weekly Show
    GDPR Weekly Show Episode 200 :- Exclusive interview with UK No1 Motivational Business Speaker Brad Burton

    GDPR Weekly Show

    Play Episode Listen Later Jun 18, 2022 24:57


    Coming up in episode 200: An exclusive interview with the UK'S No1 Motivational Business Speaker, Brad Burton. We discuss Brad's history, his thoughts on current affairs, his 3 hot tips for business, how he got his business through the Covid-19 pandemic, Tim Peake and many other items in a jam packed half hour of business positivity. Don't worry, our normal mix of GDPR news and articles will return on Wednesday next week (22nd), we just thought we would do something a little different for our 200th episode. There is also a competition to win some unique prizes. We hope you enjoy this week's episode and normal service will be resumed on Wednesday. Finally, a massive thank you to all of you, our 75,000 listeners around the globe who make the whole GDPR Weekly Show experience worthwhile for us, and we hope, worthwhile for you too. Here's to episode 300!

    Craig Peterson's Tech Talk
    How Private is Crypto? What About WhatsApp and Signal?

    Craig Peterson's Tech Talk

    Play Episode Listen Later Jun 18, 2022 82:20


    How Private is Crypto? What About WhatsApp and Signal? Cryptocurrencies were thought to be like the gold standard of security, of having your information stay private. Maybe you don't want to use regular currency and transactions. It's all changed. [Automated transcript follows.] [00:00:14] We have had such volatility over the years when it comes to what are called cryptocurrencies. [00:00:21] Now I get a lot of questions about cryptocurrencies. First of all, let me say, I have never owned any cryptocurrencies and I do not own any crypto assets at all. Most people look at crypto currencies and think of a couple of things. First of all, an investment. An investment is something that you can use or sell, right? [00:00:42] Typically investments you don't really use. It's like a house. Is it an investment? Not so much. It's more of a liability, but people look at it and say listen, it went from what was a 10,000. Bitcoins to buy a pizza to, it went up to $50,000 per Bitcoin. There's a pretty big jump there. [00:01:03] And yeah, it was pretty big. And of course, it's gone way down and it's gone back up and it's gone down. It's gone back up. But the idea of any kind of currency is can you do anything with the currency? You can take a dollar bill and go and try and buy a cup of coffee. Okay. A $10 bill and buy a cup of coffee in most places anyways. [00:01:26] That sounds like a good idea. I could probably use a cup of coffee right now and get a tickle on my throat. I hate that. But if you have something like Bitcoin, where can you spend it? You might remember Elon Musk was saying, yeah, you can use Bitcoin to buy a Tesla. Also Wikipedia would accept donations. [00:01:45] Via Bitcoin, there were a number of places online that you could use. Bitcoin. In fact, there's a country right now in south central America that has Bitcoin as its currency. That's cool too. When you think about it, what is, so what are you gonna do? Latin American country? I'm trying to remember what it is. [00:02:05] Oh yeah. It's all Salvador. The first country in the world to adopt Bitcoin is an official legal tender. Now there's a number of reasons they're doing that and he can do it basically. If you got a dictator, you can do almost anything you want to. So in El Salvador, they've got apps that you can use and you can go and buy a tree taco using Bitcoin using their app. [00:02:31] So there you go. If you have Bitcoin, you can go to El Salvador and you can buy all of the tacos and other basic stuff you might wanna buy. But in general, No you can't just go and take any of these cryptocurrencies and use them anywhere. So what good are they as a currency? we already established that they haven't been good as an investment unless you're paying a lot of attention and you're every day buying and selling based on what the movement is. [00:02:59] I know a guy that does exactly that it's, he's a day trader basically in some of these cryptocurrencies, good for. But in reality, is that something that makes sense in a long term? Is that going to help him long term? I don't know. I really don't because again, there's no intrinsic value. [00:03:18] So some of the cryptocurrencies have decided let's have some sort of intrinsic value. And what they've done is they've created what are generally known as stable coins. And a stable coin is a type of cryptocurrency that behind it has the ability to be tied to something that's stable. So for instance, one that really hit the news recently is a stable coin that is tied to the us dollar. [00:03:46] And yet, even though it is tied to the us dollar and the coin is a dollar and the dollar is a coin. They managed to get down into the few pennies worth of value, kinda like penny. so what good was that, it has since come back up, some are tied to other types of assets. Some of them say we have gold behind us. [00:04:09] Kinda like what the United States used to do back when we were on the gold standard. And we became the petrol dollar where countries were using our currency are us dollars, no matter which country it was to buy and sell oil. Things have changed obviously. And we're not gonna talk about. The whole Petro dollar thing right now. [00:04:30] So forget about that. Second benefit. Third benefit is while it's crypto, which means it's encrypted, which means we're safe from anybody's spine on us, anybody stealing it. And of course that's been proven to be false too. We've seen the cryptocurrencies stolen by the billions of dollars. We've seen these cryptocurrencies lost by the billions of dollars as well. [00:04:58] That's pretty substantial. We get right down to it, lost by the billions because people had them in their crypto wallets, lost the password for the crypto wallet. And all of a sudden, now they are completely out of luck. Does that make sense to you? So the basic. Idea behind currency is to make it easier to use the currency than to say, I'll trade you a chicken for five pounds of nail. [00:05:25] Does that make sense to you? So you use a currency. So you say the chicken is worth five bucks. Actually chicken is nowadays is about $30. If it's a LA hen and those five pounds of nails are probably worth about $30. So we just exchanged dollars back and forth. I think that makes a lot of sense. One of the things that has driven up the value of cryptocurrencies, particularly Bitcoin has been criminal marketplaces. [00:05:53] As you look at some of the stats of ransoms that are occurring, where people's computers are taken over via ransomware, and then that person then pays a ransom. And what happens when they pay that ransom while they have to go find an exchange. Pay us dollars to buy cryptocurrency Bitcoin usually. And then they have the Bitcoin and they have to transfer to another wallet, whether or not the bad guys can use the money. [00:06:25] Is a, again, a separate discussion. They certainly can than they do because some of these countries like Russia are going ahead and just exchanging the critical currencies for rubs, which again, makes sense if you're Russia. Now we have a lot of criminals that have been using the Bitcoin for ransoms businesses. [00:06:49] Publicly traded businesses have been buying Bitcoin by the tens of millions of dollars so that they have it as an asset. In case they get ransom. Things have changed. There's a great article in NBC news, by Kevin Collier. And Kevin's talking about this California man who was scammed out of hundreds of thousands of dollars worth of cryptocurrency. [00:07:15] Now this was a fake romance scam, which is a fairly common one. It. It tends to target older people who are lonely and a romance starts online and they go ahead and talk and kind of fall in love. And it turns out she or he has this really almost terminal disease. If only they had an extra, a hundred thousand dollars to pay for the surgery. [00:07:45] You, you know the story, so he was conned out of the money. What's interesting to me is how the investigation and investigative ability has changed over the years. Probably about five years ago, I sat through a briefing by the secret service and. In that briefing, they explained how they had gone and very, quite cleverly tracked the money that was being sent to and used by this dark web operator who ran a site known as a silk road. [00:08:22] And that site was selling illegal things online. Oh, and the currency that they were tracking was Bitcoin. Yes, indeed. So much for cryptocurrency being secure it, five years ago, the secret service was able to do it. The FBI was able to do it and they couldn't do a whole lot about it. But part of the problem is all of your transactions are a matter of public record. [00:08:52] So if someone sends you a fraction of a Bitcoin. That is now in a ledger and that ledger now can be used because when you then spend. Fraction of a Bitcoin somewhere else, it can be tracked. It is tracked is a hundred percent guaranteed to be tracked. And once it's tracked government can get in. [00:09:15] Now, in this case, a deputy district attorney in Santa Clara county, California, was able to track the movement of the cryptocurrency. Yeah. So this district attorney, okay. Deputy district attorney, not the FBI, not the secret service, not the national security agency, a local district attorney in Santa Clara county, California, not a particularly huge county, but. [00:09:44] She was able to track it. And she said that she thinks that the scammer lives in a country where they can't easily extradite them. And so they're unlikely to be arrested at any time soon. So that includes countries like Russia that do not extradite criminals to the United States. Now getting into the details. [00:10:03] There's a great quote from her in this NBC news article, our bread and butter these days really is tracing cryptocurrency and trying to seize it and trying to get there faster than the bad guys are moving it elsewhere, where we can't. Grab it. So she said the team tracked the victim's money as it bounced from one digital wallet to another, till it ended up at a major cryptocurrency exchange where it appeared the scammer was planning to launder the money or cash out, they sent a warrant to the exchange. [00:10:35] Froze the money and she plans to return it to the victim. That is a dramatic reversal from just a few years back when cryptocurrencies were seen as a boon for criminals. Amazing. Isn't it? Stick around. We get a lot more to talk about here and of course, sign up online Craig peterson.com and get my free newsletter. [00:11:01] There have been a lot of efforts by many companies, Microsoft, apple, Google, to try and get rid of passwords. How can you do that? What is a password and what are these new technologies? Apple thinks they have the answer. [00:11:17] Passwords have been the bane of existence for a long while. And if you'd like, I have a special report on passwords, where I talk about password managers, things you can do, things you should do in order to help keep your information safe, online things like. [00:11:34] Bank accounts, et cetera. Just email me, Craig peterson.com and ask for the password special report and I'll get it to you. Believe me it's self-contained it's not trying to get you to buy something. Nothing. It is entirely about passwords and what you can do again, just email me, me@craigpeterson.com and we'll get right back with you. [00:11:56] Give us a couple of days, passwords are a problem. And over the years, the standards for passwords have changed. I remember way back when some of the passwords might be 2, 3, 4 characters long. and back then, those were hard to crack. Then Unix came along. I started using Unix and when was that? [00:12:16] Probably about 81. And as I was messing around with Unix, I. They used to had a couple of changes in how they did passwords. They added assault to it. They used basically the same cipher that the Germans used in world war II, that enigma cipher, which again was okay for the times today, we have much more powerful ciphers and the biggest concern right now, amongst real cybersecurity people. [00:12:43] Government agencies is okay. So what are we going to do when these new quantum computers come along with their artificial intelligence and other things, that's going to be a bit of a problem because quantum computers are able to solve problems in fractions of a second. Even that traditional computers cannot solve it. [00:13:10] It's a whole different thing. I want you to think. Something here. I, if you have a handful of spaghetti now we're talking about hard spaghetti, not cooked spaghetti and they all dried out and they are a varying links. How could you sort those into the smallest to largest, if you will, how could you find which ones were the longest, perhaps? [00:13:37] Which ones were the shortest? There's an analog way of doing that and there's a digital way of doing that. So the digital way for the computer would be. To measure them all and compare the measurements and then identify how long the longest one was. And then maybe you'd have to go back and try and find that. [00:13:55] So you can imagine that would take some time, the analog way of doing that. Cuz there still are analog computers out there and they do an amazing job in certain tasks, but the analog way of doing that is okay. So you take that bundle of various length spaghetti and you slam it on the table. What's gonna happen while those pieces of dried spaghetti are going to self align, right? [00:14:22] The shortest ones are going to be down at the bottom and the tallest one's gonna be sticking out from the top. So there you go. There's your tallest, your longest pieces of spaghetti, and it's done. Instantly. So that's just an idea here, quantum, computing's not the same thing, but that's a comparison really of digital and analog computers, but it's the same type of thing. [00:14:45] Some of these problems that would take thousands of years for digital computer. To work out, can just take a fraction of a second. It's absolutely amazing. So when we're looking at today's algorithms, today's programs for encrypting things like military information, secret telegrams, if you will going back and forth in inside the secretary of state embasies worldwide. [00:15:10] Today they're considered to be quite secure, but with quantum computing what's gonna happen. So there are a lot of people out there right now who are working on trying to figure out how can we come up with an algorithm that works today with our digital computers and can be easily solved by quantum computer. [00:15:34] We have a pretty good idea of how quantum computers are going to work in the future, how they work right now, but this really gets us to the next level, which is cool. Franklin. That's a little bit here about cybersecurity. How about you and your password? How does this all tie in? [00:15:51] There are a few standards out there that people have been trying to pass is it's no longer the four character password you might remember. Oh, it needs to be eight to 10 characters, random mix of upper lowercase, special digits, character numbers. You remember those? And you should change it every 30 days. [00:16:09] And those recommendations changed about three or four years ago when the national Institute of standards and technology said, Hey guys pass phrase is much better than the, what we've been doing because people are gonna remember it and it can be longer. So if you are using I have some past phrases I use that are 30 characters or more. [00:16:33] And I mix up the case and I mix up mix ins on special characters and some numbers, but it's a phrase that I can remember and I have different phrases for different websites. Cause I use a password manager right now. I have about 3,100 entries in my password manager. That's a lot. And I bet you have a lot more passwords or at least a lot more websites and accounts than you realize. [00:17:03] And so that gets to be a real problem. How do you make all of this work and make it easy for people? One of the ways that that. They're looking at using is something called the Fido alliances technique. And the idea behind Fido is actually similar to what I do right now. Cause I use one password.com. [00:17:24] I have an app on my phone and the phone goes ahead and gives me the password. In fact, it'll. Put it in. I have plugins in my browsers. It'll put it right into the password form on the website. And then it'll ask me on my phone. Hey, is that really you? And I'll say yes, using duo and TA I'm logged in it's really quite cool. [00:17:48] Fido is a little different than that, but the same, the whole idea behind Fido is you registered a website and the website will send a request to the Fido app. That's on your phone. So now on your phone, you'll use biometrics or maybe one time pass key, those six digit keys that change every 30 seconds. [00:18:13] And so now you on your phone, you say yeah. That's me. That's good. That's me. Yeah. Okay. And then the app will exchange with the website using public key cryptography. A public key and it's gonna be unique public key for that website. So it'll generate a private key and a public key for that website. [00:18:35] And now TA a, the website does not have your password and cannot get your password. And anytime you log in, it's going to ask you on your smartphone. Is this. And there's ways beyond smartphones. And if you wanna find out more about passwords, I've got, again, that free, special report, just Craig peterson.com. [00:18:59] Email me, just email me@craigpeterson.com and I'll make sure we send that off to you and explains a lot about passwords and current technology. So Fido is one way of doing this and a few different companies have gone ahead and have invested some. Into final registration, because it requires changes on the websites as well in order to. [00:19:25] With Fido. Now you might use a pin, you might use the biometrics, et cetera, but apple has decided they've come up with something even better. Now there's still a lot of questions about what apple is doing, but they are rolling it into the next release of iOS and also of Mac operating system. And you'll be able to use that to secure. [00:19:48] Log into websites. I think Apple's gonna get a lot of traction on this and I think it's gonna be better for all of us involved here. We'll see. There's still a lot of UN unanswered questions, but I'll keep you up to date on this whole password technology stick around. [00:20:08] There are ways for us to communicate nowadays easy ways, but are the easy ways, the best ways, the question here, frankly. And part of this answer has to do with WhatsApp and we'll talk right now. [00:20:23] Many people have asked me about secure messaging. You probably know by now that sending text messages is not secure. [00:20:34] In fact, it could be illegal if you have any personal information about. Patients or maybe employees, you just can't send those over open channels. So what apple has done for instance is they've got their messaging app and if the message is green, it's just reminding you that this is a text message. Now they stuck with green because that was the industry's standard. [00:21:01] Green does not mean safe in the apple world when it comes to iMessage. Blue does. So they've got end to end encryption. So if the message is blue, that means the encryptions in place from side to side, there are on the other end of the spectrum. There are apps like telegram, which are not. Particularly safe. [00:21:22] Now, telegram has pulled up it socks a little bit here, but in order to have end to end encryption and telegram, you have to manually turn it on. It is not on by default. I also personally don't trust telegram because of their background, things that they've done in the past. Avoid that. [00:21:43] WhatsApp is something I've been asked about. I had a family member of a service member who was overseas, ask if WhatsApp was safe for them to communicate on cuz they didn't want third parties picking. Private messages, things you say and do online with friends and family are not necessarily things there are for public consumption. [00:22:06] So the answer that I gave was yeah, you might remember Facebook getting WhatsApp. They bought it and deciding they were going to make some changes to the privacy settings in. now that was really a big mistake. They said we're gonna add advertisements. How are you going to effectively advertise? [00:22:27] If you don't know what we're talking about, have you noticed advertising platforms? If you look up something or someone else in your house looks up something, if your neighbors are looking up, they assume that you might be interested in it as well. So what do they do? They go ahead and show you ads for that brand new pair of socks that you never really cared about, but because the algorithms in the background figured yeah, that's what you've been talking about. [00:22:55] Let's pass out your pair of socks. So if Facebook is going to. Add into WhatsApp, what's going to happen. Are they going to be monitoring what you're saying? And then sending you some of these messages, right? These ads, because of that, a lot of people started looking for a more secure. Platform and that's frankly, where Moxi Marlin spike comes in a fun name, the bloom in this case, but he started a company called signal. [00:23:30] He didn't just start it. He wrote the code for it, the server code, everything. And the whole idea behind signal was to have a guaranteed safe end to end way to communicate. A third party with a friend, a relative, et cetera. So signal is something that I've used in the past. And I used from time to time now, as well, depending on who I'm talking to. [00:23:56] And it does allow you to send messages. It does allow you to talk. You can do all kinds of stuff with it. So now there's an issue with signal. It's disappointing. Moxi has stepped down from running signal. There's a company behind it in January, 2022. And he said, the company's begin off. They can run themselves. [00:24:19] He's still on the board of direct. And the guy who's currently the head of signal is also a very privacy focused guy, which is really good too signal by the way is free. And you can get it for pretty much any platform you would care to have it for a very nice piece of software. I like what they've done. [00:24:38] Now the problem is that some of those people at signal have decided that they should have a way of making payments inside signal. So a few months ago, they went ahead and added into signal, a piece of software that allows you to send. Payments online. Now this is a little concerning and the let's talk about some of the reasons for the concern. [00:25:09] Basically what we're seeing is a cryptocurrency that Moxi himself helped to put in place now, I guess that's good cuz he understands it. It's supposedly a cryptocurrency that is privacy. Focused. And that's a good thing. What type of crypto is it? That's privacy focused. And how good is it going to be? [00:25:34] Those are all good questions, but here's the biggest problem. I think that comes from this. We've got our friends at Facebook, again, trying to add crypto payments to their various messenger and other products. We're seeing that from a lot of these communication systems, cuz they can skim a little off the top legally, charge you a fee and then make their money that way. But. What happens when you put it into an encrypted messaging app? Bottom line, a lot of bad things can happen here because now all of a sudden you come under financial regulations, right? Because you are performing a financial. Function. So now potentially here, there could be criminal misuse of the app because you could have ransomware and they say, reach us on signal. [00:26:33] Here's our signal account. And go ahead and send us crypto. it's called mobile coin by the way, this particular cryptocurrency. So now all of a sudden you are opening up the possibility of all kinds of bad things happening and your app signal, which was originally great for messaging now being used nefariously. [00:26:57] I think that's a real problem. Now, when it comes to money transfer functions with cryptocurrencies to say that they're anonymous, I think is a hundred percent a misnomer because it's really pseudo anonymous. It's never completely anonymous. So now you've increased the legal attack surface here. So now the various regulators and countries around the world can say, Hey. [00:27:26] This is no longer just a messaging app. You are using it to send money. We wanna track all money transactions. And so what does that mean? That means now we need to be able to break the encryption or need to shut down your app, or you need to stop the ability to send money. So the concern right now with signal is we really could have some legal problems with signal. [00:27:53] And we could potentially cause some real life harm. On the other side of, this is what Moi Marlin spike has been really driving with signal over the years, which is we don't want anyone to be able to break into signal. So there's a particularly one Israeli based company that sells tools that you can buy that allow you to break into smartphone. [00:28:20] And they're used by everybody from criminals. You can even buy some of these things on eBay. And they're used also by law enforcement agencies. So he found that there was a bug in one of the libraries that's used by this Israeli soft. To where that causes it to crash. And so he puts some code into signal, at least he threatened to that would cause any of the scanning software that tries to break into your smartphone to fail to crash. [00:28:53] Yeah. Yeah. Cool. Greg Peterson here, online Craig peterson.com and really you are not alone. [00:29:09] I got some good news about ransomware and some bad news about B E C business email compromise. In fact, I got a call just this just this week from someone who had in fact again, had their operating account emptied. [00:29:27] Ransomware is a real problem, but it's interesting to watch it as it's evolved over the years. [00:29:36] We're now seeing crackdowns driving down ransomware profits. Yes, indeed. Ransomware's ROI is dropping the return on investment. And so what we're starting to see is a drive towards more. Business email compromise attack. So we'll talk about those, what those are. And I have a couple of clients now that became clients because of the business email compromises that happened to them. [00:30:10] A great article that was in this week's newsletter. You should have received it Tuesday morning from me. If you are signed up for the free newsletter. Craig peterson.com/subscribe. You'll get these usually Tuesday morning. It's my insider show notes. So you can get up to speed on some of the articles I'm talking about during the week that I talk about on the radio. [00:30:38] And of course talk about here on the radio show and podcast and everything else as well. So what we're seeing here, according to dark readings, editor, Becky Bracken is some major changes, a pivot by the bad guys, because at the RSA conference, they're saying that law enforcement crackdowns try cryptocurrency regulations. [00:31:05] We've been talking about that today and ransomware as a service operator. Downs are driving the return on investment for ransomware operations across the world all the way across the globe. So what is ransomware as a service? I think that's a good place to start because that has really been an Albert Cross around our next for a long time. [00:31:30] The idea with ransomware is they get you to download some software, run some software that you really should not be running. That makes sense to you. So you get this software on your computer, it exfil trades files. So in other words, it takes files that you have sends them. Off to the bad guys. And then once it's done that, so it'll send like any word files, it finds Excel, other files. [00:32:00] It might find interesting once it's done that, then it goes ahead and encrypts those files. So you no longer have access to them and it doesn't just do them on your computer. If you share a drive, let's say you've got a Gdrive or something else on your computer that is being mounted from either another computer or maybe a server. [00:32:24] It will go ahead and do the same thing. With those files. And remember it, isn't just encrypting because if you have a good backup and by the way, most businesses that I've come into do not have a good backup, which is a real problem because their backups fail. They haven't run. I had one case where we helped the business out and it had been a year and a half since they had a successful backup and they had no. [00:32:52] They were dutifully carrying home. These USB drives every day, plug in a new one in, and the backups were not running. Absolutely amazing. So anyhow, ransomware is a service then. So they've encrypted your files. They've exfiltrated. In other words, they've taken your files and then they demand a ran. [00:33:14] So usually it's like this red screen that comes up and says, Hey all your files are belong to us and you need to contact us. So they have people who help you buy Bitcoin or whatever they're looking for. Usually it's Bitcoin and send the Bitcoin to them. And then they'll give you what's hopefully a decryption. [00:33:38] Now what's particularly interesting about these decryption keys is they work about half of the time. So in other words, about half of the time, you'll get all your data back about half the time. You will not, it's just not good. So if you are a small operator, if you are just a small, bad guy and it's you and maybe somebody else helping you, you got your nephew there helping you out. [00:34:03] How are you going to. Help these people that you're ransoming by the cryptocurrency. How are you going to threaten them with release of their documents online? Unless you have a staff of people to really help you out here? That's where ransomware's a service comes in. The whole idea behind RA is. [00:34:25] You can just be a one man shop. And all you have to do is get someone to open this file. So you go ahead and register with the ransomware service provider and they give you the software and you embed your little key in there, so they know it's you. And then you send it off in an email. You might try and mess with those people to get them to do something they shouldn't do. [00:34:49] And. That's all you have to do because once somebody opens up that file that you sent them, it's in the hand of these service guys and ransomwares the service guys. So the, these ransomwares of service people will do all of the tech support. They'll help people buy the Bitcoin. They'll help them pay the ransom. [00:35:11] They'll help them recover files, to a certain extent. Does this make sense to you? Yeah, it's kinda crazy. Now I wanna offer you, I've got this document about the new rules for backup and again, it's free. You can get it. No problem. Just go ahead and email me, me@craigpeterson.com m@craigpeterson.com because the backups are so important and. [00:35:38] Just like password rules have changed. The rules have changed for backups as well. So just drop me an email me@craigpeterson.com and ask for it and we'll make sure we send it off to you and is not trying to sell you more stuff. Okay. It's really is explaining the whole thing for you. I'm not holding anything back. [00:35:54] These ransoms, the service operators, then get the payment from you and then pay a percentage anywhere from 80% to 50%, sometimes even lower to the person who ransom due. Isn't that just wonderful. So our law enforcement people, as well as in other countries have been going after the ransomware as a service providers, because if they can shut down. [00:36:21] These RAs guys just shutting. One of them down can shut down thousands of small ransomware people. Isn't that cool works really well. So they have been shut down. Many of them there's one that just popped its head back up again. After about six months, we'll see how far they get, but it is a very big. [00:36:46] Blow to the whole industry, ransomware really because of these O as a service operators has become a centralized business. So there's a small number of operators responsible for the majority of these thousands of hundreds of thousands of attacks. Really. It's probably worse than. So couple of dis big groups are left the KTI group and lock bit, and they've got more than 50% of the share of ransomware attacks in the first half of 2022. [00:37:18] But now they're going after them. The feds. And I think that makes a whole lot of sense, because who do you go for while you go for the people who are causing the most harm and that's certainly them. So I expect they'll be shut down sometimes soon, too. Ransomware had its moment over the last couple of years, still a lot of ransomware out there, still a lot of problems, but now we're seeing B C business, email compromise tactics, and I did a. [00:37:50] At television appearance, where I was working with the the newsmaker or whatever they call them, talking heads on that TV show and explaining what was happening. And the most standard tactic right now is the gift card swindle. I should put together a little video on this one, but it was all, it's all about tricking employees into buying bogus gift cards. [00:38:18] So this good old fashioned Grif is still working. And what happened in our case is it was actually one of the newscasters who got an email, supposedly from someone else saying, Hey we wanna celebrate everybody. And in order to do that, I wanna give 'em all gift cards. So can you go out and buy gift cards? [00:38:42] And so we messed around with them. It was really fun and said, okay what denomination, how many do you think we need? Who do you think we should give them to? And of course we knew what we were doing. Their English grammar was not very good. And it was really obvious that this was not. [00:38:59] The person they were pretending to be. So that happens and it happens a lot. They got into a business email account, the email account of that newscaster. So they were able to go through their email, figure out who else was in the business, who was a trusted source inside of the business. So they could pretend that that they were that newscaster and send emails to this trusted source. [00:39:31] And today these business email compromise attacks are aimed at the financial supply chain. And once these threat actors are inside, they look for opportunities to spoof vendor emails, to send payments to controlled accounts. And the worst case I know of this is a company that sent $45 million. To a scammer. [00:39:57] And what happened here is the, this woman pretended to be the CEO who was out of the country at the time and got the CFO to wire the money to her. An interesting story. We'll have to tell it to you sometime, but it's a real problem. And we just had another one. We've had them in school districts, look, 'em up online, do a duck dot, go search for them and you'll find them right. [00:40:24] Left and center because social engineering works. And frankly, business email compromise is a clear threat to businesses everywhere. I, as I mentioned, we had one listens to the show, contact us just last week. Again, $40,000 taken out of the operating account. We had another one that had a, I think it was $120,000 taken out of the operating account. [00:40:53] And another one that had about $80,000 taken outta the operating account. Make sure you're on my newsletter. even the free one. I do weekly free trainings. Craig peterson.com. Make sure you subscribe now. [00:41:10] Facebook's about 18 years old coming on 20 Facebook has a lot of data. How much stuff have you given Facebook? Did you fall victim for that? Hey, upload your contacts. We'll find your friends. They don't know where your data is. [00:41:26] It's going to be a great time today because man. This whole thing with Facebook has exploded here lately. [00:41:35] There is an article that had appeared on a line from our friends over at, I think it was, yeah. Let me see here. Yeah. Yeah. Motherboard. I was right. And motherboards reporting that Facebook doesn't know what it does with your data or. It goes now, there's always a lot of rumors about different companies and particularly when they're big company and the news headlines are grabbing your attention. [00:42:08] And certainly Facebook can be one of those companies. So where did motherboard get this opinion about Facebook? Just being completely clueless about your personal data? It came from a leaked document. Yeah, exactly. So I, we find out a lot of stuff like that. I used to follow a website about companies that were going to go under and they posted internal memos. [00:42:38] It basically got sued out of existence, but there's no way that Facebook is gonna be able to Sue this one out of existence because they are describing this as. Internally as a tsunami of privacy regulations all over the world. So of course, if you're older, we used to call those TIAL waves, but think of what the implication there is of a tsunami coming in and just overwhelming everything. [00:43:08] So Facebook internally, they, their engineers are trying to figure out, okay, so how do we deal? People's personal data. It's not categorized in ways that regulators want to control it. Now there's a huge problem right there. You've got third party data. You've got first party data. You've got sensitive categories, data. [00:43:31] They might know what religion you are, what your persuasions are in various different ways. There's a lot of things they might know about you. How are they all CATA categorized? Now we've got the European union. With their gen general data protection regulation. The GDPR we talked about when it came into effect back in 2018, and I've helped a few companies to comply with that. [00:43:56] That's not my specialty. My specialty is the cybersecurity side. But in article five, this European law mandates that personal data must be collected for specified explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes. So what that means is that every piece of data, like where you are using Facebook or your religious orientation, Can only be collected and used for a specific purpose and not reused for another purpose. [00:44:34] So there's an example here that vice is giving in past Facebook, took the phone number that users provided to protect their accounts with two factor authentication and fed it to its people, feature as well as. Advertisers. Yeah. Interesting. Eh, so Gizmoto with the help of academic researchers caught Facebook doing this, and eventually the company had to stop the practice. [00:45:01] Cuz this goes back to the earlier days where Facebook would say, Hey, find out if your friends are on Facebook, upload your contacts right now. And most people. What did you know back then about trying to keep your data private, to try and stop the proliferation of information about you online and nothing. [00:45:21] I think I probably even uploaded it back then thinking that'd be nice to see if I got friends here. We can start chatting, et cetera. According to legal experts that were interviewed by motherboard who wrote this article and has a copy of the internal me memo, this European regulation specifically prohibits that kind of repurposing of your phone number of trying to put together the social graph and the leak document shows that Facebook may not even have the ability to limit. [00:45:53] how it handles users data. Now I was on a number of radio stations this week, talking about this and the example I gave, I is just look at an average business from the time it start, Facebook started how right. You scrape in pictures of young women off of Harvard universities. Main catalog, contact page, and then asking people what do you think of this rate? This person rate that person and off they go, trying to rate them. Yeah. All that matters to a woman, at least according to mark Zuckerberg or all that matters about a woman is how she looks. Do I think she's pretty or not ridiculous what he was doing? [00:46:35] I, it just, oh, that's Zuckerberg, right? That's. Who he is not a great guy anyways. So you go from stealing pictures of young ladies asking people to rate them, putting together some class information and stuff there at Harvard, and then moving on to other universities and then opening up even wider and wider. [00:47:00] And of course, that also created demand cuz you can't get on. If you're not at one of the universities that we have set it up for. And then you continue to grow. You're adding these universities, certain you're starting to collect data and you're making more money than God. So what do you do? You don't have to worry about inefficiencies. [00:47:20] I'll tell you that. One thing you don't have to do is worry about, oh, GE we've got a lot of redundant work going on here. We've got a lot of teams working on basically the same thing. No, you've got more money than you can possibly shake a stick at. So now you go ahead and send that money to this group or that group. [00:47:41] And they put together all of the basic information, that, that they want. They are. Pulling it out of this database and that database, and they're doing some correlation writing some really cool sequel queries with some incredible joins and everything else. And now that becomes part of the main code for Facebook. [00:48:02] And then Facebook goes on to the next little project and they do the same thing. Then the next project, then the next project. And then someone comes along and says Hey, we. This feature, that feature for advertisers and then in that goes, and then along comes candidate Obama. And they, one of the groups inside Facebook says yeah here we go. [00:48:25] Here's all of the information we have about everybody and it's free. Don't worry about it. And then when Trump actually bought it and hired a company to try and process some of that information he got in trouble. No but the Obama. The whole campaign could get access to anything they wanted to, again, because the data wasn't controlled, they had no idea who was doing what with the data. [00:48:50] And according to this internal memo, they still don't know. They don't even know if they can possibly comply with these regulations, not just in Europe, but we have regulations in pretty much all of the 50 states in the us Canada of course, has their own Australia, New Zealand think about all the places. [00:49:12] Facebook makes a lot of money. So here's a quote from that we build systems with open borders. The result of these open systems and open culture is well described with an analogy. Imagine you hold a bottle of ink in your hand, the bottle of ink is a mixture of all kinds of user data. You pour that ink into a lake of water. [00:49:34] Okay. And it flows every. The document red. So how do you put that ink back in the bottle, in the right bottle? How do you organize it again? So that it only flows to the allowed places in the lake? They're totally right about that. Where did they collect it from it? Apparently they don't even know where they got some of this information. [00:49:58] This data from reminds me of the no fly list. You don't know you're on it and you can't get yourself off of it. It is crazy. So this document that we're talking about was written last year by. Privacy engineers on the ad and business product team, whose mission is to make meaningful connections between people and businesses and which quote sits at the center of a monetization strategy. [00:50:22] And is the engine that powers Facebook's growth. Interesting problems. And I see this being a problem well into the future for more and more of these companies, look at Twitter as an example that we've all heard about a lot lately. And I've talked about as well along comes Elon Musk and he says wait a minute now. [00:50:41] Now I can make Twitter way more profitable. We're gonna get rid of however many people it's well over a thousand, and then we are going to hire more people. We're gonna start charging. We're gonna be more efficient. You can bet all of these redundancies that are in Facebook are also there on Twitter. and Twitter also has to comply with all of these regulations that Facebook is freaking out about. [00:51:09] It, for really a very good reason. So this document is available to anybody who wants to look at it. I'm looking at it right now, talking about regulatory landscape and the fundamental problems Facebook's data lake. And this is a problem that most companies have not. As bad as Facebook does, but most companies, you grow. I have yet to walk into a business that needs help with cybersecurity and find everything in place as it should be, because it grew organically. You started out with a little consumer firewall, router and wifi, and then you added to it and you put a switch here and you added another switch behind that and move things around. [00:51:54] This is normal. This is not total incompetence on the part of the management, but my gosh, I don't know. Maybe they need an Elon Musk. Just straighten them out as well. Hey, stick around. I'll be right back and sign up online@craigpeterson.com. [00:52:13] Apparently looting is one of the benefits of being a Russian soldier. And according to the reports coming out of Ukraine, they've been doing it a lot, but there's a tech angle on here that is really turning the tables on these Russian looters. [00:52:30] This is really something, we know in wars, there are people that loot and typically the various militaries try and make sure, at least recently that looting is kept to an absolute minimum. [00:52:45] Certainly the Americans, the British, even the Nazis during world war II the the socialists they're in. Germany they tried to stop some of the looting that was going on. I think that's probably a very good thing, because what you end up with is just all of these locals that are just totally upset with you. [00:53:10] I found a great article on the guardian and there's a village. Had been occupied for about a month by Russian troops and the people came back, they are just shocked to see what happened. They're giving a few examples of different towns. They found that alcohol was stolen and they left empty bottles behind food rappers, cigarette butts, thrown all over the place in apartments and homes. [00:53:39] Piles of feces blocking the toilets, family photographs torn, thrown around the house. They took away all of the clothes. This is a code from one of the people, literally everything, male and female coats, boots, shirts, jackets, even my dresses and lingerie. This is really something. It, the Soviets didn't do this, but now Russian. [00:54:02] Military apparently does. So over the past couple of weeks, there've been reporting from numerous places where Russian troops had occupied Ukrainian territory and the guardian, which is this UK newspaper collected evidences suggests looting by Russian forces was not merely a case of a few way, word soldiers, but a systematic part of Russian military behavior across multiple towns. [00:54:29] And villages. That's absolutely amazing. Another quote here, people saw the Russian soldiers loading everything onto Euro trucks, everything they could get their hands on a dozen houses on the villages. Main street had been looted as well as the shops. Other villagers reported losing washing machines, food laptops, even as sofa, air conditioners. [00:54:53] Being shipped back, just you might use ups here, they have their equivalent over there. A lady here who was the head teacher in the school. She came back in, of course, found her home Lood and in the head teacher's office. she found an open pair of scissors that had been jammed into a plasma screen that was left behind because if they can't steal it, they're gonna destroy it. [00:55:19] They don't only leave anything behind. They found the Russians had taken most of the computers, the projectors and other electronic equipment. It's incredible. So let's talk about the turnaround here. A little. You might have heard stories about some of these bad guys that have smashed and grabbed their way into apple stores. [00:55:38] So they get into the apple store. They grab laptops on iPads, no longer iPods, cuz they don't make those anymore. And I phones. And they take them and they run with them. Nowadays there's not a whole lot of use for those. Now what they have been doing, some of these bad guys is they take some parts and use them in stolen equipment. [00:56:03] They sell them on the used market, et cetera. But when you're talking about something specific, like an iPhone that needs specific activation. Completely different problem arises for these guys because that iPhone needs to have a SIM card in order to get onto the cell network. And it also has built in serial numbers. [00:56:26] So what happens in those cases while apple goes ahead and disables them. So as soon as they connect to the internet, let's say they put 'em on wifi. They don't get a SIM card. They don't. service from T-Mobile or Verizon or whoever it might be. So now they disconnect to the wifi and it calls home, cuz it's gonna get updates. [00:56:45] So on download stuff from the app store and they find that it's been bricked. Now you can do that with a lot of mobile device managers that are available for. All kinds of equipment nowadays, but certainly apple equipment where if a phone is lost or stolen or a laptop or other pieces of equipment, you can get on the MDM and disable it, have it remotely erased, et cetera. [00:57:11] Now, police have had some interesting problems with that. Because a bad guy might go ahead and erase a smartphone. That's in the evidence locker at the police station. So they're doing things like putting them into Fairday cages or static bags or other things to try and stop that. So I think we've established here that the higher tech equipment is pretty well protected. [00:57:36] You steal it. It's not gonna do you much. Good. So one of the things the Russian stole when they were in it's called I think you pronounce it. Mela me pole which is again, a Erian city is they stole all of the equipment from a farm equipment dealership and shipped it to Chenia. Now that's according to a source in a businessman in the area that CNN is reporting on. [00:58:06] So they shipped this equipment. We're talking about combines harvesters worth 300 grand a piece. They shipped it 700 miles. and the thieves were ultimately unable to use the equipment, cuz it had been locked remotely. So think about agriculture equipment that John Deere, in this case, these pieces of equipment, they, they drive themselves. [00:58:33] It's autonomous. It goes up and down the fields. Goes any pattern that you want to it'll bring itself within a foot or an inch of your boundaries, of your property being very efficient the whole time, whether it's planting or harvesting, et cetera. And that's just a phenomenal thing because it saves so much time for the farmer makes it easier to do the companies like John Deere. [00:58:58] Want to sell as many pieces of this equipment as they possibly can. And farming is known to be a, what not terribly profitable business. It certainly isn't like Facebook. So how can they get this expensive equipment into the hands of a lot of farmers? What they do is they lease it. So you can lease the equipment through leasing company or maybe directly from the manufacturer and now you're off and running. [00:59:26] But what happens if the lease isn't paid now? It's one thing. If you don't pay your lease on a $2,000 laptop, right? They're probably not gonna come hunting for you, but when you're talking about a $300,000 harvester, they're more interested. So the leasing company. Has titled to the equipment and the leasing company can shut it off remotely. [00:59:51] You see where I'm going with this so that they can get their equipment in the hands of more farmers cuz the farmers can lease it. It costs them less. They don't have to have a big cash payment. You see how this all works. So when the Russian forces stole this equipment, that's valued. Total value here is about $5 million. [01:00:11] They were able to shut it all. And obviously, if you can't start the engine, because it's all shut off and it's all run by computers nowadays, and there's pros and cons to that. I think there's a lot of cons, but what are you gonna do? How's that gonna work for you? It. Isn't going to work for you. [01:00:32] And they were able to track it. It had GPS trackers find out exactly where it was. That's how they know it was taken to Chenia and could be controlled remotely. And in this case, how'd they control it. They completely. Shut it off. Even if they sell the harvesters for spare parts, they'll learn some money, but they sure can be able to sell 'em for the 300 grand that they were actually worth. [01:00:57] Hey, stick around. We'll be right back and visit me online@craigpeterson.com. If you sign up there, you'll be able to get my insider show note. And every week I have a quick five. Training right there in your emails, Craig Peter san.com. That's S O N in case you're wondering. [01:01:22] If you've been worried about ransomware, you are right to worry. It's up. It's costly. And we're gonna talk about that right now. What are the stats? What can you do? What happens if you do get hacked? Interesting world. [01:01:38] Ransomware has been a very long running problem. I remember a client of ours, a car dealership who we had gone in. [01:01:49] We had improved all of their systems and their security and one of their. People who was actually a senior manager, ended up downloading a piece of ransomware, one of these encrypted ones and opened it up and his machine, all of a sudden TA, guess what it had ransomware on it. One of those big reds. [01:02:12] Greens that say pay up is send us this much Bitcoin. And here's our address. All of that sort of stuff. And he called us up and said, what's going on here? What happened? First of all, don't bring your own machine into the office. Secondly, don't open up particularly encrypted files using the password that they gave. [01:02:33] and thirdly, we stopped it automatically. It did not spread. We were able to completely restore his computer. Now let's consider here at the consequences of what happened. So he obviously was scared. And within a matter of a couple of hours, we actually had him back to where he was and it didn't spread. [01:02:59] So the consequences there they weren't that bad. But how about if it had gotten worse? How about if they ransomware. Also before it started holding his computer ransom, went out and found all of the data about their customers. Would, do you think an auto dealership would love to hear that all of their customer data was stolen and released all of the personal data of all of their customers? [01:03:25] Obviously not. So there's a potential cost there. And then how long do you think it would take a normal company? That thinks they have backups to get back online. I can tell you it'll take quite a while because the biggest problem is most backups don't work. We have yet to go into a business that was actually doing backups that would work to help restore them. [01:03:52] And if you're interested, I can send you, I've got something. I wrote up. Be glad to email it back to you. Obviously as usual, no charge. and you'll be able to go into that and figure out what you should do. Cause I, I break it down into the different types of backups and why you might want to use them or why you might not want to use them, but ransomware. [01:04:15] Is a kind of a pernicious nasty little thing, particularly nowadays, because it's two, two factor, first is they've encrypted your data. You can't get to it. And then the second side of that is okay I can't get to my data and now they're threatening to hold my data ransom or they'll release. So they'll put it out there. [01:04:38] And of course, if you're in a regulated industry, which actually car dealers are because they deal with financial transactions, leases, loans, that sort of thing you can lose your license for your business. You can U lose your ability to go ahead and frankly make loans and work with financial companies and financial instruments. [01:05:00] It could be a very big deal. so there are a lot of potential things that can happen all the way from losing your reputation as a business or an individual losing all of the money in your operating account. And we, again, we've got a client that we picked up afterwards. That yes, indeed. They lost all of the money in their operating account. [01:05:24] And then how do you make payroll? How do you do things? There's a new study that came out from checkpoint. Checkpoint is one of the original firewall companies and they had a look at ransomware. What are the costs of ransomware? Now bottom line, I'm looking at some stats here on a couple of different sites. [01:05:44] One is by the way, KTI, which is a big ransomware gang that also got hacked after they said we are going to attack anyone that. That doesn't defend Vlad's invasion of Ukraine, and then they got hacked and their information was released, but here's ransomware statistics. This is from cloud words. First of all, the largest ransom demand is $50 million. [01:06:11] And that was in 2021 to Acer big computer company. Now 37% of businesses were hit by ransomware. In 2021. This is amazing. They're expecting by 2031. So in about a decade, ransomware is gonna be costing about $265 billion a year. Now on average Ransomware costs businesses. 1.8, 5 million to recover from an attack. [01:06:41] Now that's obviously not a one or two person place, but think of the car dealer again, how much money are they going to make over the year or over the life of the business? If you're a car dealer, you have a to print money, right? You're selling car model or cars from manufacturer X. And now you have the right to do that and they can remove that. [01:07:03] How many tens, hundreds of millions of dollars might that end up costing you? Yeah. Big deal. Total cost of ransomware last year, 20 billion. Now these are the interesting statistics here right now. So pay closer attention to this 32% of ransomware victims paid a ransom demand. So about her third paid ransom demand. [01:07:27] Last. It's actually down. Cuz my recollection is it used to be about 50% would pay a ransom. Now on average that one third of victims that paid a ransom only recovered 65% of their data. Now that differs from a number I've been using from the FBI. That's a little bit older that was saying it's little better than 50%, but 65% of pain victims recovered their data. [01:07:55] Now isn't that absolutely amazing. Now 57% of companies are able to recover the data using a cloud backup. Now think about the different types of backup cloud backup is something that can work pretty well if you're a home user, but how long did it take for your system to get backed? Probably took weeks, right? [01:08:19] For a regular computer over a regular internet line. Now restoring from backup's gonna be faster because your down link is usually faster than your uplink. That's not true for businesses that have real internet service ours. It's the same bandwidth up as it is down. But it can take again, days or weeks to try and recover your machine. [01:08:39] So it's very expensive. And I wish I had more time to go into this, but looking at the costs here and the fact that insurance companies are no longer paying out for a lot of these ransomware attacks, it could be incredibly expensive for you incredibly. So here you. The number one business types by industry for ransomware tax retail. [01:09:13] That makes sense. Doesn't it. Real estate. Electrical contractors, law firms and wholesale building materials. Isn't that interesting? And that's probably because none of these people are really aware, conscious of doing what, of keeping their data secure of having a good it team, a good it department. So there's your bottom line. [01:09:40] Those are the guys that are getting hit. The most, the numbers are increasing dramatically and your costs are not just in the money. You might pay as a ransom. And as it turns out in pretty much every case prevention. Is less expensive and much better than the cure of trying to pay ransom or trying to restore from backups. [01:10:06] Hey, you're listening to Craig Peterson. You can get my weekly show notes by just going to Craig peterson.com. And I'll also send you my special report on how to do passwords stick around will be right back. [01:10:24] You and I have talked about passwords before the way to generate them and how important they are. And we'll go over that again a little bit in just a second, but there is a new standard out there that will eliminate the need for passwords. [01:10:40] I remember, I think the only system I've ever really used that did not require passwords was the IBM 360. [01:10:49] Yeah, 360, you punch up the cards, all of the JCL you feed the card deck in and off it goes. And does this little thing that was a different day, a different era. When I started in college in university, we. We had remote systems, timeshare systems that we could log into. And there weren't much in the line of password requirements in, but you had a username. [01:11:18] You had a simple password. And I remember one of our instructors, his name was Robert, Andrew Lang. And his password was always some sort of a combination of RA Lang. So it was always easy to guess what his password was. Today, it has gotten a lot worse today. We have devices with us all of the time. [01:11:40] You might be wearing a smart watch. That requires a password. You of course probably have a smart phone. That's also maybe requiring a password, certainly after boots nowadays they use fingerprints or facial recognition, which is handy, but has its own drawbacks. But how about the websites? You're going to the systems you're using when you're at work and logging in, they all require passwords. [01:12:10] And usernames of some sort or another well, apple, Google, and Microsoft have all committed to expanding their support for a standard. That's actually been out there for a few years. It's called the Fido standard. And the idea behind this is that you don't have to have a password in order to log. Now that's really an interesting thing, right? [01:12:37] Just looking at it because we're so used to having this password only authentic. And of course the thing to do there is make sure you have for your password, multiple words in the password, it should really be a pass phrase. And between the words put in special characters or numbers, maybe mix. [01:12:59] Upper lowercase a little bit. In those words, those are the best passwords, 20 characters, 30 characters long. And then if you have to have a pin, I typically use a 12 digit pin. And how do I remember all of these? Cuz I use a completely different password for every website and right now, Let me pull it up. [01:13:21] I'm using one password dot com's password manager. And my main password for that is about 25 characters long. And I have thirty one hundred and thirty five. Entries here in my password manager, 3,100. That is a whole lot of passwords, right? As well as software licenses and a few other things in there. [01:13:48] That's how we remember them is using a password manager. One password.com is my favorite. Now, obviously I don't make any money by referring you there. I really do like that. Some others that I've liked in the past include last pass, but they really messed. With some of their cybersecurity last year and I lost my faith in it. [01:14:08] So now what they're trying to do is make these websites that we go to as well as some apps to have a consistent, secure, and passwordless sign in. and they're gonna make it available to consumers across all kinds of devices and platforms. That's why you've got apple, Google, and Microsoft all committing to it. [01:14:32] And you can bet everybody else is going to follow along because there's hundreds of other companies that have decided they're gonna work with the Fido Alliance and they're gonna create this passwordless future. Which I like this idea. So how does this work? Basically you need to have a smartphone. [01:14:50] This is, I'm just gonna go with the most standard way that this is going to work here in the future. And you can then have a, a. Pass key. This is like a multifactor authentication or two factor authentication. So for instance, right now, when I sign into a website online, I'm giving a username, I'm giving a password and then it comes up and it asks me for a code. [01:15:14] So I enter an a six digit code and that code changes every 30 seconds. And again, I use my password manager from one password dot. In order to generate that code. So that's how I log into Microsoft sites and Google sites and all kinds of sites out there. So it's a similar thing here now for the sites for my company, because we do cyber security for businesses, including regulated businesses. [01:15:41] We have biometrics tied in as. so to log into our systems, I have to have a username. I have to have a password. I then am sent to a single sign on page where I have to have a message sent to my smart device. That then has a special app that uses biometrics either a face ID or a fingerprint to verify who I am. [01:16:06] Yeah, there's a lot there, but I have to protect my customer's data. Something that very few it's crazy. Actual managed security services providers do, but it's important, right? By the way, if you want my password. Special report, just go to Craig peterson.com. Sign up for my email list. [01:16:29] I'll send that to you. That's what we're sending out right now for anyone who signs up new@craigpeterson.com. And if you'd like a copy of it and you're already on the list, just go ahead and email me M E. At Craig peterson.com and ask for the password special report where I go through a

    Irish Tech News Audio Articles
    US Congress Releases Draft of American Data Privacy and Protection Act

    Irish Tech News Audio Articles

    Play Episode Listen Later Jun 17, 2022 9:46


    A draft bipartisan bill was released last week by congressional leaders, and if it is adopted, the bill will go on to establish a comprehensive privacy law federally for the first time in the history of the nation. It is named the American Data Privacy and Protection Act, and its shortened version is the ADPPA, which will be providing people in America with several rights that relate to data collected from them. It would include rights for accessing this data, deleting the data, correcting the data, and also preventing using this data without acquiring consent from the individual in question. The response would be that businesses in numerous sectors will be facing new consequences related to the data they are collecting from the individuals they are serving. The best part is that the ADPPA is already sharing most of its features with other comprehensive privacy laws that are active on the state level, like the CCPA or the California Consumer Privacy Act, which have been adopted in recent years. It has also borrowed several elements from the health privacy law in America and the regulations that have been adopted from HIPAA or the Health Insurance Portability and Accountability Act. However, in many respects, it is more sophisticated than these laws, and it will be America's answer to the GDPR or General Data Protection Regulation, which is the governing privacy framework for Europe. Releasing the draft legislation signals a crucial compromise between the Republican and Democratic leaders from the Commerce and House Energy Committee. They managed to come together on important issues like the private right of action and state law preemption. There has been some criticism about the draft bill in some quarters. Some advocates of privacy hold the view that the legislation isn't as comprehensive as it should be and representatives of various industries viewing some provisions, like allowing the private right of action, believe it to be an unacceptable measure. Hence, it's still not clear if the ADPPA will get enough support from everyone to be enacted as a new law. How Will the ADPPA Be Applicable to Different Entities? The ADPPA will be applied in broad terms to ‘covered data', which is collected by ‘covered entities.' The meaning of covered data is any information that can be linked to an individual or identifies an individual. The only thing excluded from covered data is information that is available publicly, de-identified data, and employee data. On the other hand, covered entities involve a party or an entity that processes, collects, and transfers covered data, which comes under the Federal Trade Commission or FTC's jurisdiction. Unlike some privacy laws that are applied state-wide, the ADPPA will also apply to small businesses that don't have much revenue as well as nonprofit businesses. There are also no exceptions made for government entities, even though the courts interpret other laws that have used the same language as not being applicable to state and federal agencies. However, most businesses in the financial services, healthcare, and education sector won't be required to follow the law for all the data that they collect and hold. Apart from that, those small businesses which don't have any interstate commerce will be outside the jurisdiction of the FTC and would also be exempted from following the law. Additionally, organizations with at least $41 million or less in annual revenue won't be required to follow some parts of the law, according to the ‘small data exception.' The Duties When the ADPPA is adopted as a law, it will place numerous duties and other requirements, especially on covered entities regarding covered data. These will include the following: Data Minimization Covered data can't be unnecessarily used or collected by covered entities. Prohibited and Restricted Practices Some practices will be completely prohibited or restricted. There will be significant limits on allowing covered entities to allow t...

    Security Voices
    The Compliance Episode - History, Theater & Industry-Reshaping Impact

    Security Voices

    Play Episode Listen Later Jun 16, 2022 67:31


    First, a confession: this is the last episode we would have envisioned when we started Security Voices. Compliance was as mundane as it is mandatory– where's the fun in that? Where's the untold, fascinating story of the person who summited the tallest mountain? Rose from ashes to improbable success? In the short years that have passed since we started in early 2019, the world has changed dramatically. And so has compliance. From driving cyberinsurance premiums to becoming the security baseline for even startups to achieve in their early days, compliance is now an undeniable juggernaut. While SOC2 defines the scope of many companies' security gameplans, GDPR and its kin drives how we respond to breaches whereas industry specific mandates influence what data we have, how we defend it and even where we store it. In this episode, Jack and Dave welcome both Abby Kearns and Shrav Mehta to demystify exactly what's happening in the world of compliance from 2 unique perspectives. Abby speaks from her work on software assurance as CTO at Puppet (and beyond) whereas Shrav's angle is that of a compliance startup CEO. Plainly stated: code on one side, standards and certifications on the other. Both increasingly important and horribly complex.This 4 person dialogue traces the roots of compliance back to the early days of security and the inception of PCI DSS, one of the first widely impactful compliance initiatives to hit the industry. We chart the course of compliance to today and unpack where it has had meaningful impact… and where it is mere box-checking theater we could do without. In a similar fashion, we examine the path to software compliance today and the inevitability of automation given the dramatic changes in release speed and frequency. Abby provides a sober take on where we are today including a dialogue on what it means for response to threats such as Log4shell.If you're a longtime listener, this episode connects back to so many of our past interviews, from Carey Nachenberg (supply chain security) to Andy Ellis (compliance perspective) and Nand Mulchandani who recently became CTO of the CIA. We hope you appreciate the references if you already heard this episodes, and if you haven't, consider giving them a listen as they're some of our favorites and pass the test of time with flying colors.

    The Stack Overflow Podcast
    Privacy is a moving target. Here's how engineering teams can stay on track.

    The Stack Overflow Podcast

    Play Episode Listen Later Jun 16, 2022 26:52


     Ever since personal information started flowing into applications on the web, securing that information has become more and more important. General security and privacy frameworks like ISO-27001 and PCI provide guidance in securing systems. Now the law has gotten involved with the European Union's GDPR and California's CPRA. More laws are on the way, and these laws (and the frameworks) are changing as they meet legal challenges. With the legal landscape for privacy shifting so much, every engineer must ask: How do I keep my application in compliance?On this sponsored episode of the podcast, we talk with Rob Picard and Matt Cooper of Vanta, who get that question every day. Their company makes security monitoring software that helps companies get into compliance quickly. We spoke about the shifting sands of privacy rules and regulations, tracking data flows through systems and across corporate borders, and how security automation can put up guardrails instead of gates. Many security frameworks are undergoing modernization to reflect the way that distributed applications function today. And more countries and US states are passing their own privacy regulations. The privacy space is surprisingly dynamic, forcing companies to keep track of these frequent changes to stay current and compliant. Not everyone has in-house legal experts to follow the daily developments and communicate those to the engineering team. For an engineering team just trying to understand the effort involved, it may be helpful to start figuring out where your data flows. Tracking it between internal services may be overkill; instead, track it across corporate boundaries, from one database, cloud provider, SaaS system, and dependency. Each of those should have their own data privacy agreement—plug into your procurement process to see what each piece of your stack promises on a privacy level. Your DevOps and DevSecOps teams will probably want to automate much of the security engineering process as possible. Unfortunately, automating security is hard. The best path may not be to automate the defenses on your system; it might be better to instead automate the context that you provide to engineers. If someone wants to add a dependency, pop up a reminder that these dependencies can be fickle. Automate the boring stuff—context, reminders, to-dos—and let humans do the complex problem solving we're so good at. If you're looking to add an in-house security expert as a service, check out Vanta.com. Their platform monitors connects to your systems and helps you prep for compliance with one or more security frameworks. If those frameworks change, you don't need to do anything. Vanta changes for you. 

    Podcasting Sucks!
    Acast? More Like SPAM-Cast

    Podcasting Sucks!

    Play Episode Listen Later Jun 15, 2022 14:48


    In today's episode I'll be screaming, not literally but directly, at Acast for their shady, jackass marketing techniques marketing techniques. They're violating the spirit of GDPR because GDPR dosn't apply in America and many other countries. If you're a Swedish, it may seem as though I'm mocking your culture in this episode. That's because I kind of am, but it's entirely intended to offend and insult Acast and should be considered non-transferrable to the larger Swedish population. I apologize in advance. -- Acast's SPAM Email (NSFW): [link]   Sonantic Examples: [link]   Deepbrain AI Examples: [link]  Sign up for the Discord [link]  Try Podcast Studio Pro: [link]  Subscribe to my Substack : [link] 

    The FIT4PRIVACY Podcast - For those who care about privacy
    062 Protecting Your Privacy with Kelly Finnerty and Punit Bhatia - The FIT4PRIVACY Podcast (Full)

    The FIT4PRIVACY Podcast - For those who care about privacy

    Play Episode Listen Later Jun 15, 2022 26:44


    In this episode of the FIT4PRIVACY Podcast, Punit is joined by Kelly Finnerty for a conversation about Protecting Your Privacy. How do you as individual protect your privacy? We discuss three dimensions first we expect from the state some protection by laws, second dimension is to expect organization to follow those rules and keeps data safe. And the Third dimension is about individual responsibility that things start with us. Let us some moment to listen and learn from this podcast. KEY CONVERSATIO N POINTS What Are The Things People Can Do To Take Care Of Protecting Their Privacy? Why Do We Need To Protect Privacy? Techniques That Can Be Used to Protect Privacy How To Make Settings On Browser More Secure And Private ABOUT THE GUEST Kelly Finnerty is the Director of Brand and Content for Startpage - the world's most private search engine. She has lived and worked in four countries helping global businesses grow their audiences. When she's not discussing how people can better protect their online privacy, Kelly enjoys living by the beach and being active outdoors. Startpage's mission is to protect people's worldwide right to privacy. If you wish to use private search, Startpage can be your search engine. Startpage's Privacy Please! blog and newsletter with the latest news, guides and updates: https://www.startpage.com/privacy-please/ Startpage's Twitter handle: @startpage Kelly's Twitter handle: @Kelly_Startpage Email: privacyplease@startpage.com ABOUT THE HOST Punit Bhatia is one of the leading privacy experts who works independently and has worked with professionals in over 30 countries. Punit works with business and privacy leaders to create an organization culture with high privacy awareness and compliance as a business priority. Selectively, Punit is open to mentor and coach privacy professionals. Punit is the author of books “Be Ready for GDPR” which was rated as the best GDPR Book, “AI & Privacy – How To Find Balance”, “Intro To GDPR”, and “Be an Effective DPO”. Punit is a global speaker who has spoken at over 30 global events. Punit is the creator and host of the FIT4PRIVACY Podcast. This podcast has been featured amongst top GDPR and privacy podcasts. As a person, Punit is an avid thinker and believes in thinking, believing, and acting in line with one's value to have joy in life. He has developed the philosophy named ‘ABC for joy of life' which passionately shares. Punit is based out of Belgium, the heart of Europe. RESOURCES Websites: www.fit4privacy.com, www.punitbhatia.com CONNECT LinkedIn https://www.linkedin.com/in/punitbhatia/ Podcast http://hyperurl.co/fit4privacy YouTube http://youtube.com/fit4privacy Email hello@fit4privacy.com --- Send in a voice message: https://anchor.fm/fit4privacy/message

    Hillman Podden
    ✔️ GDPR-säkra dina formulär på hemsidan

    Hillman Podden

    Play Episode Listen Later Jun 15, 2022 16:20


    Om du samlar in personuppgifter via din webbplats via en lead magnet, ett nyhetsbrev osv behöver dina formulär vara GDPR-säkrade. Det här behöver inte bli speciellt komplicerat MEN det är viktigt att du ser till att dina formulär verkligen uppfyller kraven för GDPR så att det följer de lagar och regler som finns. I det här avsnittet får du tips på vad du kan göra för att GDPR-säkra dina formulär på hemsidan. Det här är tips som många egenföretagare utgår från. Samtidigt vill vi vara tydliga med att vi inte är jurister så om du är osäker på vad som gäller i din specifika bransch rekommenderar vi att du tar kontakt med en GDPR-specialist.    Vill du boosta ditt företag online? Gå utmaningen (kostnadsfritt):

    Screaming in the Cloud
    Not Just a Dinosaur with Guillermo Ruiz

    Screaming in the Cloud

    Play Episode Listen Later Jun 14, 2022 34:19


    Full Description / Show Notes Guillermo talks about how he came to work at OCI and what it was like helping to pioneer Oracle's cloud product (1:40) Corey and Guillermo discuss the challenges and realities of multi-cloud (6:00) Corey asks about OCI's dedicated region approach (8:27) Guillermo discusses the problem of awareness (12:40) Corey and Guillermo talk cloud providers and cloud migration (14:40) Guillermo shares about how OCI's cost and customer service is unique among cloud providers (16:56) Corey and Guillermo talk about IoT services and 5G (23:58) About Guillermo RuizGuillermo Ruiz gets into trouble more often than he would like. During his career Guillermo has seen many horror stories while building data centers worldwide. In 2007 he dreamed with space-based internet and direct routing between satellites, but he could only reach “the Cloud”. And there he is, helping customer build their business in someone else servers since 2011.Beware of his sense of humor...If you ever see him in a tech event, run, he will get you in problems.Links: Twitter: https://twitter.com/IaaSgeek, https://twitter.com/OracleStartup LinkedIn: https://www.linkedin.com/in/gruizesteban/ TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. I've been meaning to get a number of folks on this show for a while and today is absolutely one of those episodes. I'm joined by Guillermo Ruiz who is the Director of OCI Developer Evangelism, slash the Director of Oracle for Startups. Guillermo, thank you for joining me, and is Oracle for Startups an oxymoron because it kind of feels like it in some weird way, in the fullness of time.Guillermo: [laugh]. Thanks, Corey. It's a pleasure being in your show.Corey: Well, thank you. I enjoy having you here. I've been trying to get you on for a while. I'm glad I finally wore you down.Guillermo: [laugh]. Thanks. As I said, well, startup, I think, is the future of the industry, so it's a fundamental piece of our building blocks for the next generation of services.Corey: I have to say that I know that you folks at Oracle Cloud have been a recurring sponsor of the show. Thank you for that, incidentally. This is not a promoted guest episode. I invited you on because I wanted to talk to you about these things, which means that I can say more or less whatever I damn well want. And my experience with Oracle Cloud has been one of constantly being surprised since I started using it a few years ago, long before I was even taking sponsorships for this show. It was, “Oh, Oracle has a cloud. This ought to be rich.”And I started kicking the tires on it and I came away consistently and repeatedly impressed by the technical qualities the platform has. The always-free tier has a model of cloud economics that great. I have a sizable VM running there and have for years and it's never charged me a dime. Your data egress fees aren't, you know, a 10th of what a lot of the other cloud providers are charging, also known as, you know, you're charging in the bounds of reality; good for that. And the platform continues to—although it is different from other cloud providers, in some respects, it continues to impress.Honestly, I keep saying one of the worst problems that has is the word Oracle at the front of it because Oracle has a 40-some-odd-year history of big enterprise systems, being stodgy, being difficult to work with, all the things you don't generally tend to think of in terms of cloud. It really is a head turn. How did that happen? And how did you get dragged into the mess?Guillermo: Well, this came, like, back in five, six years ago, when they started building this whole thing, they picked people that were used to build cloud services from different hyperscalers. They dropped them into a single box in Seattle. And it's like, “Guys, knowing what you know, how you would build the next generation cloud platform?” And the guys came up with OCI, which was a second generation. And when I got hired by Oracle, they showed me the first one, that classic.It was totally bullshit. It was like, “Guys, there's no key differentiator with what's there in the market.” I didn't even know Oracle had a cloud, and I've been in this space since late-2010. And I had to sign, like, a bunch of NDAs a lot of papers, and they show me what they were cooking in the oven, and oh my gosh, when I saw that SDN out of the box directly in the physical network, CPUs assign, it was [BLEEP] [unintelligible 00:03:45]. It was, like, bare metal. I saw that the future was there. And I think that they built the right solution, so I joined the company to help them leverage the cloud platform.Corey: The thing that continually surprises me is that, “Oh, we have a cloud.” It has a real, “Hello fellow kids,” energy. Yes, yeah, so does IBM; we've seen how that played out. But the more I use it, the more impressed I am. Early on in the serverless function days, you folks more or less acquired Iron.io, and you were streets ahead as far as a lot of the event-driven serverless function style of thing tended to go.And one of the challenges that I see in the story that's being told about Oracle Cloud is, the big enterprise customer wins. These are the typical global Fortune 2000s, who have been around for, you know—which is weird for those of us in San Francisco, but apparently, these companies have been around longer than 18 months and they've built for platforms that are not the latest model MacBook Pro running the current version of Chrome. What is that? What is that legacy piece of garbage? What does it do? It's like, “Oh, it does about $4 billion a quarter so maybe show some respect.”It's the idea of companies that are doing real-world things, and they absolutely have cloud power. Problems and needs that are being met by a variety of different companies. It's easy to look at that narrative and overlook the fact that you could come up with some ridiculous Twitter for Pets-style business idea and build it on top of Oracle Cloud and I would not, at this point, call that a poor decision. I'm not even sure how it got there, and I wish that story was being told a little bit better. Given that you are a developer evangelist focusing specifically on startups and run that org, how do you see it?Guillermo: Well, the thing here is, you mentioned, you know, about Oracle, many startup doesn't even know we have a cloud provider. So, many of the question comes is like, how we can help on your business. It's more on the experience, you know, what are the challenges, the gaps, and we go in and identify and try to use our cloud. And even though if I'm not able to fill that gap, that's why we have this partnership with Microsoft. It's the first time to cloud providers connect both clouds directly without no third party in between, router to router.It's like, let's leverage the best of these clouds together. I'm a truly believer of multi-cloud. Non-single cloud is perfect. We are evolving, we're getting better, we are adding services. I don't want to get to 500 services like other guys do. It's like, just have a set of things that really works and works really, really well.Corey: Until you have 40 distinct managed database services and 80 ways to run containers, are you're really a full cloud provider? I mean, there's always that question that, at some point, the database Java, the future is going to have to be disambiguating between all the different managed database services on a per workload basis, and that job sounds terrible. I can't let the multi-cloud advocacy pass unchallenged here because I'm often misunderstood on this, and if I don't say something, I will get emails, and nobody wants that. I think that the idea of building a workload with the idea that it can flow seamlessly between cloud providers is a ridiculous fantasy that basically no one achieves. The number of workloads that can do that are very small.That said, the idea of independent workloads living on different cloud providers as is the best fit for placement for those is not just a good idea, it is the—whether it's a good idea or not as irrelevant because that's the reality in which we all live now. That is the world we have to deal with.Guillermo: If you want distributed system, obviously you need to have multiple cloud providers in your strategy. How you federate things—if you go down to the Kubernetes side, how you federate multi-clusters and stuff, that's a challenge out there where people have. But you mentioned that having multiple apps and things, we have customers that they've been running Google Cloud, for example, and we build [unintelligible 00:07:40] that cloud service out there. And the thing is that when they run the network throughput and the performance test, they were like, “Damn, this is even better than what I have in my data center.” It's like, “Guys, because we are room by room.” It's here is Google, here it's Oracle; we land in the same data center, we can provide better connectivity that what you even have.So, that kind of perception is not well seen in some customers because they realize that they're two separate clouds, but the reality is that most of us have our infrastructure in the same providers.Corey: It's kind of interesting, just to look at the way that the industry is misunderstanding a lot of these things. When you folks came out with your cloud at customer initiatives—the one that jumps out to my mind is the dedicated region approach—a lot of people started making fun of that because, “What is this nonsense? You're saying that you can deploy a region of your cloud on site at the customer with all of the cloud services? That's ridiculous. You folks don't understand cloud.”My rejoinder to that is people saying that don't understand customers. You take a look at for example… AWS has their Outpost which is a rack or racks with a subset of services in them. And that, from their perspective, as best I can tell, solves the real problem that customers have, which is running virtual machines on-premises that do not somehow charge an hourly cost back to AWS—I digress—but it does bring a lot of those services closer to customers. You bring all of your services closer to customers and the fact that is a feasible thing is intensely appealing to a wide variety of customer types. Rather than waiting for you to build a region in a certain geographic area that conforms with some regulatory data requirement, “Well, cool, we can ship some racks. Does that work for you?” It really is a game-changer in a whole bunch of respects and I don't think that the industry is paying close enough attention to just how valuable that is.Guillermo: Indeed. I've been at least hearing since 2010 that next year is the boom; now everybody will move into the cloud. It has been 12 years and still 75% of customers doesn't have their critical workloads in the cloud. They have developer environments, some little production stuff, but the core business is still relying in the data center. If I come and say, “Hey, what if I build this behind your firewall?”And it's not just that you have the whole thing. I'm removing all your operational expenses. Now, you don't need to think about hardware refresh, upgrade staff, just focus on your business. I think when we came up with a dedicated region, it was awesome. It was one of the best thing I've seen their Outpost is a great solution, to be honest, but if you lose the one connectivity, the control plane is still in the cloud.In our site, you have the control plane inside your data center so you can still operate and manage your services, even if there is an outage on your one site. One of the common questions we find on that area is, like, “Damn, this is great, but we would like to have a smaller size of this dedicated region.” Well, stay tuned because maybe we come with smaller versions of our dedicated regions so you guys can go and deploy whatever you need there.Corey: It turns out that, in the fullness of time, I like this computer but I want it to be smaller is generally a need that gets met super well. One thing that I've looked into recently has been the evolution of companies, in the fullness of time—which this is what completely renders me a terrible analyst in any traditional sense; I think more than one or two quarters ahead, and I look at these things—the average tenure of a company in the S&P 500 index is 21 years or so. Which means that if we take a look at what's going on 20 years or so from now in the 2040s, roughly half—give or take—of the constituency of the S&P 500 may very well not have been founded yet. So, when someone goes out and founds a company tomorrow as an idea that they're kicking around, let's be clear, with a couple of very distinct exceptions, they're going to build it on Cloud. There's a lot of reasons to do that until you hit certain inflection points.So, this idea that, oh, we're going to rent a rack, and we're going to go build some nonsense, and yadda, yadda, yadda. It's just, it's a fantasy. So, the question that I see for a lot of companies is the longtail legacy where if I take that startup and found it tomorrow and drive it all the way toward being a multinational, at what point did they become a customer for whatever these companies are selling? A lot of the big E enterprise vendors don't have a story for that, which tells me long-term, they have problems. Looking increasingly at what Oracle Cloud is doing, I have to level with you, I viewed Oracle as being very much in that slow-eroding dinosaur perspective until I started using the platform in some depth. I am increasingly of the mind that there's a bright future. I'm just not sure that has sunk into the industry's level of awareness these days.Guillermo: Yeah, I can agree with you in that sense. Mainly, I think we need to work on that awareness side. Because for example, if I go back to the other products we have in the company, you know, like the database, what the database team has done—and I'm not a database guy—and it's like, “Guys, even being an infrastructure guy, customers doesn't care about infrastructure. They just want to run their service, that it doesn't fail, you don't have a disruption; let me evolve my business.” But even though they came with this converged database, I was really impressed that you can do everything in a single-engine rather than having multiple database implemented. Now, you can use the MongoDB APIs.It's like, this is the key of success. When you remove the learning curve and the frictions for people to use your services. I'm a [unintelligible 00:13:23] guy and I always say, “Guys, click, click, click. In three clicks, I should have my service up and running.” I think that the world is moving so fast and we have so much information today, that's just 24 hours a day that I have to grab the right information. I don't have time to go and start learning something from scratch and taking a course of six months because results needs to be done in the next few weeks.Corey: One thing that I think that really reinforces this is—so as I mentioned before, I have a free tier account with you folks, have for years, whenever I log into the thing, I'm presented with the default dashboard view, which recommends a bunch of quickstarts. And none of the quickstarts that you folks are recommending to me involve step one, migrate your legacy data center or mainframe into the cloud. It's all stuff like using analytics to predict things with AI services, it's about observability, it's about governance of deploy a landing zone as you build these things out. Here's how to do a low-code app using Apex—which is awesome, let's be clear here—and even then launching resources is all about things that you would tend to expect of launch database, create a stack, spin up some VMs, et cetera. And that's about as far as it goes toward a legacy way of thinking.It is very clear that there is a story here, but it seems that all the cloud providers these days are chasing the migration story. But I have to say that with a few notable exceptions, the way that those companies move to cloud, it always starts off by looking like an extension of their data center. Which is fine. In that phase, they are improving their data center environment at the expense of being particularly cloudy, but I don't think that is necessarily an adoption model that puts any of these platforms—Oracle Cloud included—in their best light.Guillermo: Yeah, well, people was laughing to us, when we released Layer 2 in the network in the cloud. They were like, “Guys, you're taking the legacy to the cloud. It's like, you're lifting the shit and putting the shit up there.” Is like, “Guys, there are customers that cannot refactor and do anything there. They need to still run Layer 2 there. Why not giving people options?”That's my question is, like, there's no right answers to the cloud. You just need to ensure that you have the right options for people that they can choose and build their strategy around that.Corey: This has been a global problem where so many of these services get built and launched from all of the vendors that it becomes very unclear as a customer, is this thing for me or not? And honestly, sometimes one of the best ways to figure that out is to all right, what does it cost because that, it turns out, is going to tell me an awful lot. When it comes to the price tag of millions of dollars a year, this is probably not for my tiny startup. Whereas when it comes to a, oh, it's in the always free tier or it winds up costing pennies per hour, okay, this is absolutely something I want to wind up exploring and seeing what happens. And it becomes a really polished experience across the board.I also will say this is your generation two cloud—Gen 2, not to be confused with Gentoo, the Linux distribution for people with way more time on their hands than they have sense—and what I find interesting about it is, unlike a lot of the—please don't take this the wrong way—late-comers to cloud compared to the last 15 years of experience of Amazon being out in front of everyone, you didn't just look at what other providers have done and implement the exact same models, the exact same approaches to things. You've clearly gone in your own direction and that's leading to some really interesting places.Guillermo: Yeah, I think that doing what others are doing, you just follow the chain, no? That will never position you as a top number one out there. Being number one so many years in the cloud space as other cloud providers, sometimes you lose the perception of how to treat and speak to customers you know? It's like, “I'm the number one. Who cares if this guy is coming with me or not?” I think that there's more on the empathy side on how we treat customers and how we try to work and solve.For example, in the startup team, we find a lot of people that hasn't have infrastructure teams. We put for free our architects that will give you your GitHub or your GitLab account and we'll build the Terraform modules and give that for you. It's like now you can reuse it, spin up, modify whatever you want. Trying to make life easier for people so they can adopt and leverage their business in the cloud side, you know?[midroll 00:14:45]Corey: There's so much that we folks get right. Honestly, one of the best things that recommends this is the always free tier does exactly what it says on the tin. Yeah, sure. I don't get to use every edge case service that you've built across the board, but I've also had this thing since 2019, and never had to pay a penny for any of it, whereas recently—as we're recording this, it was a week or two ago—that I saw someone wondering what happened to their AWS account because over the past week, suddenly they went from not using SageMaker to being charged $270,000 on SageMaker. And it's… yeah, that's not the kind of thing that is going to endear the platform to frickin' anyone.And I can't believe I'm saying this, but the thing says Oracle on the front of it and I'm recommending it because it doesn't wind up surprising you with a bill later. It feels like I've woken up in bizarro world. But it's great.Guillermo: Yep. I think that's one of the clever things we've done on that side. We've built a very robust platform, really cool services. But it's key on how people can start learning and testing the flavors of your cloud. But not only what you have in the fleet here, you have also the Ampere instances.We're moving into a more sustainable world, and I think that having, like, the ARM architectures in the cloud and providing that on the free space of people can just go and develop on top, I think that was one of the great things we've done in the last year-and-a-half, something like that. Definitely a full fan of a free tier.Corey: You also, working over in the Developer Evangelist slash advocacy side of the world—devrelopers, as I tend to call it much to the irritation of basically everyone who works in developer relations—one of the things that I think is a challenge for you is that when I wind up trying to do something ridiculous—I don't know maybe it's a URL shortener; maybe it is build a small app that does something that's fairly generic—with a lot of the other platforms. There's a universe of blog posts out there, “Here's how I did it on this platform,” and then it's more or less you go to GitHub—or gif-UB, and I have mispronounced that too—and click the button and I wind up getting a deploy, whereas in things that are rapidly emerging with the Oracle Cloud space, it feels like, on some level, I wind up getting to be a bit of a trailblazer and figure some of these things out myself. That is diminishing. I'm starting to see more and more content around this stuff. I have to assume that is at least partially due to your organization's work.Guillermo: Oh, yeah, but things have changed. For example, we used to have our GitHub repository just as a software release, and we push to have that as a content management, you know, it's like, I always say that give—let people steal the code. You just put the example that will come with other ideas, other extensions, plug-in connectors, but you need to have something where you can start. So, we created this DevRel Quickstart that now is managed by the new DevRel organization where we try to put those examples. So, you just can go and put it.I've been working with the community on building, like, a content aggregator of how people is using our technology. We used to have ocigeek.com, that was a website with more than 1000 blog and, like, 500 visits a day looking after what other people were doing, but unfortunately, we had to, because of… the amount of X reasons we have to pull it off.But we want to come with something like that. I think that information should be available. I don't want people to think when it comes to my cloud is like, “Oh, how you use this product?” It's like no, guys how I can build with Angular, React the content management system? You will do it in my cloud because that example I'm doing, but I want you to learn the basics and the context of running Python and doing other things there rather than go into oh, no, this is something specific to me. No, no, that will never work.Corey: That was the big problem I found with doing a lot of the serverless stuff in years past where my first Lambda application took me two weeks to build because I'm terrible at programming. And now it takes me ten minutes to build because I'm terrible at programming and don't know what tests are. But the problem I ran into for that first one was, what is the integration format? What is the event structure? How do I wind up accessing that?What is the thing that I'm integrating with expecting because, “Mmm, that's not it; try again,” is a terrible error message. And so, much of it felt like it was the undifferentiated gluing things together. The only way to make that stuff work is good documentation and numerous examples that come at the problem from a bunch of different ways. And increasingly, Oracle's documentation is great.Guillermo: Yeah, well, in my view, for example, you have the Three-Tier Oracle. We should have a catalog of 100 things that you can do in the free tier, even though when I propose some of the articles, I was even talking about VMware, and people was like, “[unintelligible 00:22:34], you cannot deploy VMware.” It's like, “Yeah, but I can connect my [crosstalk 00:22:39]—”Corey: Well, not with that attitude.Guillermo: Yeah. And I was like, “Yeah, but I can connect to the cloud and just use it as a backup place where I can put my image and my stuff. Now, you're connecting to things: VMware with free tier.” Stuff like that. There are multiple things that you can do.And just having three blocks is things that you can do in the free tier, then having developer architectures. Show me how you can deploy an architecture directly from the command line, how I can run my DevOps service without going to the console, just purely using SDKs and stuff like that. And give me the option of how people is working and expanding that content and things there. If you put those three blocks together, I think you're done on how people can adopt and leverage your cloud. It's like, I want to learn; I don't want to know the basics of I don't know, it's—I'm not a database guy, so I don't understand those things and I don't want to go into details.I just they just need a database to store my profiles and my stuff so I can pick that and do computer vision. How I can pick and say, “Hey, I'm speaking with Corey Quinn and I have a drone flying here, he recommends your face and give me your background from all the different profiles.” That's the kind of solutions I want to build. But I don't want to be an expert on those areas.Corey: Because with all the pictures of me with my mouth open, you wouldn't be able to under—it would make no sense of me until I make that pose. There's method to—Guillermo: [laugh].Corey: —my insane madness over here.Guillermo: [laugh] [unintelligible 00:23:58].Corey: Yeah. But yeah, there's a lot of value as you move up the stack on these things. There's also something to be said, as well, for a direction that you folks have been moving in recently, that I—let me be fair here—I think it's clown shoes because I tend to think in terms of software because I have more or less the hardware destruction bunny level of aura when it comes to being near expensive things. And I look around the world and I don't have a whole lot of problems that I can legally solve with an army of robots.But there are customers who very much do. And that's why we see sort of the twin linking of things like IoT services and 5G, which when I first started seeing cloud providers talking about this, I thought was Looney Tunes. And you folks are getting into it too, so, “Oh, great. The hype wound up affecting you too.” And the thing that changed my mind was not anything cloud providers have to say—because let's be clear, everyone has an agenda they're trying to push for—but who doesn't have an agenda is the customers talking about these things and the neat things that they're able to achieve with it, at which point I stopped making fun, I shut up and listen in the hopes that I might learn something. How have you seen that whole 5G slash IoT slash internet of Nonsense space evolving?Guillermo: That's the future. That's what we're going to see in the next five years. I run some innovation sessions with a lot of customers and one of the main components I speak about is this area. With 5G, the number of IoT devices will exponentially grow. That means that you're going to have more data points, more data volume out there.How can you provide the real value, how you can classify, index, and provide the right information in just 24 hours, that's what people is looking. Things needs to be instant. If you say to the kids today, they cannot watch a football match, 90 minutes. If you don't get the answer in ten, they move to the next thing. That's how this society is moving [unintelligible 00:25:50].Having all these solutions from a data perspective, and I think that Oracle has a great advantage in that space because we've been doing that for 43 years, right? It's like, how we do the abstraction? How I can pick all that information and provide added value? We build the robot as a service. I can configure it from my browser, any robot anywhere in the world.And I can do it in Python, Java. I can [unintelligible 00:26:14] applications. Two weeks ago, we were testing on connecting IoT devices and flashing the firmware. And it was working. And this is something that we didn't do it alone. We did it with a startup.The guys came and had a sandbox already there, is like, “let's enable this on [unintelligible 00:26:28]. Let's start working together.” Now, I can go to my customers and provide them a solution that is like, hey, let's connect Boston Dynamics, or [unintelligible 00:26:37] Robotics. Let's start doing those things and take the benefits of using Oracle's AI and ML services. Pick that, let's do computer vision, natural language processing.Now, you're connecting what I say, an end-to-end solution that provides real value for customers. Connected cars, we turn our car into a wallet. I can go and pay on the petrol station without leaving my car. If I'm taking the kids to takeaway, I can just pay these kind of things is like, “Whoa, this is really cool.” But what if I [laugh] get that information for your insurance company.Next year, Corey, you will pay double because you're a crazy driver. And we know how you drive in the car because we have all that information in place. That's how the things will roll out in the next five to ten years. And [unintelligible 00:27:24] healthcare. We build something for emergencies that if you have a car crash, they have the guys that go and attend can have your blood type and some information about your car, where to cut the chassis and stuff when you get prisoner inside.And I got people saying, “Oh gee, GDPR because we are in Europe.” It's like, “Guys, if I'm going to die, I don't care if they have my information.” That's the point where people really need to balance the whole thing, right? Obviously, we protect the information and the whole thing, but in those situations is like hey, there's so many things we can do. There are countless opportunities out there.Corey: The way that I square that circle personally has always been it's about informed consent, when if people are given a choice, then an awful lot of those objections that people have seemed to melt away. Provided, of course, that is an actual choice and it's not one of those, “Well, you can either choose to”—quote-unquote—“Choose to do this, or you can pay $9,000 a month extra.” Which is, that's not really a choice. But as long as there's a reasonable way to get informed consent, I think that people don't particularly mind, I think it's when they wind up feeling that they have been spied upon without their knowledge, that's when everything tends to blow up. It turns out, if you tell people in advance what you're going to do with their information, they're a lot less upset. And I don't mean burying it deep and the terms and conditions.Guillermo: And that's a good example. We run a demo with one of our customers showing them how dangerous the public information you have out there. You usually sign and click and give rights to everybody. We found in Stack Overflow, there was a user that you just have the username there, nothing else. And we build a platform with six terabytes of information grabbing from Stack Overflow, LinkedIn, Twitter, and many other social media channels, and we show how we identify that this guy was living in Bangalore in India and was working for a specific company out there.So, people was like, “Damn, just having that name, you end up knowing that?” It's like there's so much information out there of value. And we've seen other companies doing that illegally in other places, you know, Cambridge Analytics and things like that. But that's the risk of giving your information for free out there.Corey: It's always a matter of trade-offs. There is no one-size-fits-all solution and honestly, if there were it feels like we wouldn't have cloud providers; we would just have the turnkey solution that gives the same thing that everyone needs and calls it good. I dream of such a day, but it turns out that customers are different, people are different, and there's no escaping that.Guillermo: [laugh]. Well, you mentioned dreamer; I dream direct routing between satellites, and look where I am; I'm just in the cloud, one step lower. [laugh].Corey: You know, bit by bit, we're going to get there one way or another, for an altitude perspective. I really want to thank you for taking so much time to speak with me today. If people want to learn more, where's the right place to find you?Guillermo: Well, I have the @IaaSgeek Twitter account, and you can find me on LinkedIn gruizesteban there. Just people wants to talk about anything there, I'm open to any kind of conversation. Just feel free to reach out. And it was a pleasure finally meeting you, in person. Not—well in person; through a camera, at least being in the show with you.Corey: Other than on the other side of a Twitter feed. No, I hear you.Guillermo: [laugh].Corey: We will, of course, put links to all of that in the [show notes 00:30:43]. Thank you so much for your time. I really do appreciate it.Guillermo: Thanks very much. So, you soon.Corey: Guillermo Ruiz, Director of OCI Developer Evangelism. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice along with an insulting comment, to which I will respond with a surprise $270,000 bill.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.