POPULARITY
12 月 3 日,英特尔的 CEO 帕特·基尔辛格(Pat Gelsinger)突然宣布辞去首席执行官职务。很多报道透露,基辛格其实是在董事会的压力下「被迫退休」。最近半年,关于英特尔这家芯片巨头的负面消息接连不断。从公司市值上看,过去五年的时间,英特尔的市值缩水了近一半。为了应对财务压力,英特尔近期也宣布了一项高达100亿美元的成本削减计划,以及将裁员约 1.5 万名员工的消息。这一系列的坏消息都预示着这个曾经的科技霸主正经历着其历史上最为艰难的时期。 我们今天的话题就是想一起来分析以下曾经辉煌的英特尔正在遭遇的困境,刚刚辞职的 CEO Pat Gelsinger 为挽回公司所做的一些努力,以及他离开后公司可能的未来。 本期人物 硅谷徐老师,AI 高管、连续创业者、斯坦福客座讲师,小红书和微信视频号:硅谷徐老师 |公众号:硅谷云| YouTube: Byte into Future Yaxian,「科技早知道」监制 Sam Li, 曾任职英特尔,现从事虚拟机和高性能计算架构的研发工作 Tom Qin, 连续创业者,曾任职小米,熟悉半导体产业及电子产品供应链体 主要话题 [03:22] Windows 操作系统与 x86 架构形成的 Wintel 联盟让英特尔几乎独占了个人计算机市场 [05:24] 英特尔卖掉 ARM 架构许可证,从此错失掉手机芯片市场 [13:14] 苹果曾希望与英特尔合作开发手机芯片,却遭英特尔拒绝 [15:51] 在成熟的 CPU 带来的市场成功面前,GPU 在英特尔的研发被边缘化 [19:23] 技术的护城河变成了创新的绊脚石,这样的例子在科技企业中屡见不鲜 [22:26] 失去手机芯片市场之后:英特尔的晶圆厂已无法再与台积电相抗衡 [26:46] 假如时光可以倒流,英特尔的 CEO 们还会做出同样错误的决定吗? [32:58] CEO Pat Gelsinger 的传奇人生:18 岁加入英特尔,08 年负气出走,21 年重新回归 [34:43] Pat 上任后的晶圆厂复兴计划:一个正确但注定失败的选择 [38:57] 冒险精神:大公司最需要也最稀缺的企业文化 [42:10] 悲观的现实和乐观的未来:英特尔可能面临分拆,但硅谷精神将永续 幕后制作 监制:Yaxian 后期:Jack 运营:George 设计:饭团 商务合作 声动活泼商务合作咨询 (https://sourl.cn/6vdmQT) 加入声动活泼会员,支持我们创作好内容 2021 年我们发起了「声动胡同会员计划」,这是一个纯支持项目,支持我们不断制作可信赖的、扎实的商业信息。得益于这些支持,我们每档节目内容和形式不断突破,听友们越来越多、也常在苹果中国年度榜、CPA、喜马拉雅榜上有名。 为了感谢各位的支持,我们会在每周向付费会员们提供一封播客手记,手记中会记录我们在节目之外更多的思考和观察,你可以通过它和我们保持更深度的交流;付费会员还能免费收听所有我们旗下的付费内容,如「不止金钱」和「跳进兔子洞第三季」。新会员 365 元一年,相当于一天一块钱。欢迎点击此处成为好内容的支持者。 加入我们 加入我们:声动活泼正在寻找商业化合作经理、播客节目监制的全职伙伴,以及早咖啡内容实习生,详情点击招聘入口; 关于声动活泼 「用声音碰撞世界」,声动活泼致力于为人们提供源源不断的思考养料。 我们还有这些播客:声动早咖啡 (https://www.xiaoyuzhoufm.com/podcast/60de7c003dd577b40d5a40f3)、声东击西 (https://etw.fm/episodes)、吃喝玩乐了不起 (https://www.xiaoyuzhoufm.com/podcast/644b94c494d78eb3f7ae8640)、反潮流俱乐部 (https://www.xiaoyuzhoufm.com/podcast/5e284c37418a84a0462634a4)、泡腾 VC (https://www.xiaoyuzhoufm.com/podcast/5f445cdb9504bbdb77f092e9)、商业WHY酱 (https://www.xiaoyuzhoufm.com/podcast/61315abc73105e8f15080b8a)、跳进兔子洞 (https://therabbithole.fireside.fm/) 、不止金钱 (https://www.xiaoyuzhoufm.com/podcast/65a625966d045a7f5e0b5640) 欢迎在即刻 (https://okjk.co/Qd43ia)、微博等社交媒体上与我们互动,搜索 声动活泼 即可找到我们。 期待你给我们写邮件,邮箱地址是:ting@sheng.fm 声小音 https://files.fireside.fm/file/fireside-uploads/images/4/4931937e-0184-4c61-a658-6b03c254754d/gK0pledC.png 欢迎扫码添加声小音,在节目之外和我们保持联系。 Special Guests: Sam Li, Tom Qin, and 雅娴.
Enjoying the show? Hating the show? Want to let us know either way? Text us!Microsoft recently introduced its CoPilot + PCs as a fully integrated lineup...based on ARM processors (Qualcomm's Snapdragon specifically), unified memory, and requirements around the onboard TPUs.Hmm...sound very Apple-like, no?With an apparent revitalized push back into the consumer space, what does this mean for the future of the hardware? Specifically, the Wintel era meant infinite flexibility, configurability, and backwards compatibility, stemming all the way back in time.Will the voices of prosumer builders be silenced on Windows? Will developers rejoice as Windows powered machines with MacBook form factors come to bear? Could this actually be better for everyone to have more stable hardware platforms?Come join us as we dive into these topics to prognosticate towards a potentially better future for computing...
Paul Spain is joined by guest Bill Bennett to dive into the latest in technology news and trends. The conversation begins with a nostalgic look at Bill's early years as a journalist covering the revolution in technology, before moving on to discuss the dominance of ARM in mobile devices and the potential impact of ARM-based laptops on the PC market.The episode also explores groundbreaking developments in transportation technology, the challenges and benefits of electric ferries, and the potential impact of gaming on driving skills.Furthermore, the transition from Wintel to Arm-based chips, the importance of local AI models, and the future of Intel in the face of competition are also explored. Join us as we delve into these topics and more in this episode of the NZ Tech Podcast.
https://youtu.be/5IDt9Bpokbk Sean Campbell is the CEO of Cascade Insights, a competitive intelligence and market research firm for B2B technology companies. We discuss the benefits of niching down, what it takes to manage remote teams successfully, and the 3 things all your clients expect from your business. --- Manage Well Remotely with Sean Campbell Our guest is Sean Campbell, founder and CEO of Cascade Insights, a consulting firm that empowers B2B technology companies with customized market research and marketing services. Sean, welcome to the show. Hey, thanks for having me on. So, Sean, tell me a little about your long and winding journey to founding Cascade. What prompted you in this direction? Well, the first thing I always say is that I didn't want to be a business owner. I didn't even think it was on the agenda. I thought business school students who were getting up at 8 a.m. to go to accounting class were just kind of silly, the liberal arts graduate myself said. And so, I was studying a degree to do radio and television production as my bachelor's degree, actually. And then I had always thought I would like to be a professor. That's what I was aiming for. And I got a master's degree in communication, and I was still on the track to do that. And then a lovely woman entered my life, and I started to ask myself if I wanted to be a starving professor. For the full record, she was completely happy to follow me wherever I wanted to go. It wasn't like she was asking me to get rid of that dream or anything. But you know, like a lot of people do in their 20s, I said, you know, well, maybe I could make a living doing something other than that, or maybe I go back and get a PhD at some point. So, I ended up taking a job as a technical trainer in an era where that was like extremely common. Microsoft was like pushing out a bunch of new technology all the time. This is like the mid 90's. And there were these like training centers where you could basically go be trained for a new five days on some new technology. And I went in and did that because I always had a little bit of a hobby and dinking around with a computer. And anyway, long story short, I ended up getting a bunch of technical certifications, working for some of these outfits. And then I found myself in the interesting position of circa around 1999, I could become an independent trainer and I could start a company with a few other individuals, two other guys, which we call 3Leaf Solutions. And we started out just selling training as kind of independent trainers. Like we were still training people on Microsoft technologies through their kind of approved coursework, but we were being paid as like independent consultants instead of working for a company. And where that led to is, you know, to this day, I'm not sure how we lucked out this way, but we did. The organization that we were working with at the time, when the three of us left, had been doing work for Microsoft. And through some contractual arrangements, we were allowed to continue that working relationship with Microsoft. So, my very first account in life was the largest technology company. At its moment, I think you could arguably say of its largest moment of dominance, because back then, 97% of computing devices were Windows. And if you think about today, we'll never go there again. I mean, you go in your average room and you say, who has an Android or an iOS? You don't expect 97% of the room to have an iOS device, right? And so it was a really good learning experience, even though maybe initially I wasn't thinking of it that way, that great, my first account is this like, mega list that we get to work with, and then my second account was Intel, and some of that was because the two of them partnered so much, they were, to some extent, it's used less today in the lingo, but they were known as Wintel, and so, and yet they were two diametrically different organizations,
Běžné počítače s Windows a procesory ARM se na trhu objevují od roku 2012. Windows 10 a 11 už k téhle architektuře přistupují rozumně, takže se na ni mohou překompilovat klasické programy a ty neupravené běží díky emulaci. ARMové notebooky se koupit dají a i přes všechny pokroky se vrháte do významného kompromisu. Běží na nich Windows, ale…Procesorům ARM chyběl výkon, Qualcomm nicméně chystá výkonný desktopový procesor. Jak potvrdil pár hodin po dotočení podcastu, měl by to nandat i AMD a Intelu. Není to další planý slib? Může ještě ARM v počítačích s Windows zaujmout? K čemu by se případně takové procesory (ne)hodily?01:29 – Predikovali jsme před 5 roky04:56 – Desetiletí Windows na ARMu11:55 – Kde jsme a kam kráčíme22:49 – Hledáme výhody ARMu35:18 – Predikce na dalších 5 let
日前討論到芯片的市場現象,有讀者提問:「為何台積電無法賺更多錢?」首先,有個因果關係我們必須搞清楚:世界上只有少數生產芯片的工廠,例如台積電,究竟是因為這個行業難度很高?還是因為成本高但又不是特別賺錢,所以不是很多人願意投資,結果令到工廠的數目不多?其實前日的文章,主要就是想讓大家重新了解,像半導體行業,雖然某些時候可以賺取豐富收益,然而大多數時候,賺錢能力一般;而當中提到可以賺取豐富收益的「特殊環境」,例如是微型電腦興起的 1980 、 1990 年代,Wintel 組合,是某程度上是歷史的偶然。我也明白朋友為何對「台積電股價不及 NVIDIA 」的現象大惑不解。因為在我們深層的思維當中,認定了「困難的事情必然是賺錢的」。同樣道理,難入的大學課程,也一定是最賺錢的神科;這無疑是十分常見的思維方式,但絕對不是合符邏輯的思維。如果極端地打個比喻:我不知有幾多人能做「手倒立跑馬拉松」,難度足夠高吧?那麼「手倒立跑馬拉松」能否賺大錢呢?賺錢與否,與困難度的因果關係又是什麼?我不是說沒有關係,但究竟甚麼是因,甚麼是果呢?趁 DSE 放榜,不如今天打算以選擇科目進入大學為例嘗試解釋,為何狀元學生都選讀醫。選科,其實也是個投資的決定。讀醫又是否真的最賺錢?是因為醫科難入才最賺錢?還是因為做醫生最賺錢,所以最「叻」的學生才去讀醫?醫科 vs 工程每年中學文憑考試(DSE)放榜,傳媒都會例行公事地訪問「狀元」,而「狀元」也會例牌地說讀醫是為了服務人群、救人於危難。坊間也自然有些 Cynical 的人會說,讀醫賺錢多,然後便沒有然後。但我想補充一點,即便你認為讀醫是最賺錢的,但根據我粗略蒐集得來的數據,各行各業賺錢最多的,並非醫生。我們應當分清「賺得最多」和「普遍來說賺得最多」這兩個概念。甚麼行業最賺錢?比如說演藝行業、體育明星,當中有人窮奢極侈,但也有人就只是窮,收入兩極化的情況,可能比社會平均更嚴重。所謂狀元,其實都是保守和避免風險的人。他們選擇讀醫科,說穿了就是:「即使是這個行業中,你的表現只是一般,收入也會普遍地高於社會上的其他行業。」其實入醫科不用明明科科都拿 5**,偏偏這些就是乖學生,所以寧願做多一點,也不願意冒險。我認為這樣的性格,確實適合成為醫生。有些專業就是需要這種思想謹慎,「唔怕一萬最怕萬一」的人;他們雖然很少會做出創新的事,但也不會犯大錯;可以說,他們選了醫科,醫科也選了他們。順帶一提,若以平均收入計,現今美國最賺錢的學科是工程。道聽途說,許多醫科生花在學校讀書,以及在培訓、實習的時間,遠超於其他專業,很多人甚至要到50歲左右,才還清學債。所以,雖然有很多優秀的中學生,在讀本科的時候會仍然說他們會讀準醫科(Pre-med),但最終入醫學院的人其實並不多。另外,工程和醫學都有一個共同特點,就是只要你努力,那怕不是很有創意的人,一樣可以有不錯的事業;但正如以上所講,我們的社會確實需要大量謹慎勤奮的人。但同時社會也要有創新的一面,要有人願意冒險,肯去嘗試用不同方法解決問題,而工程的特點正在於,假如你是個喜歡創新且善於解決問題的人,工程可以給你提供實現理想的機會,相反如果你是喜歡守規矩的人,工程亦一樣有空間讓你發揮。所以,從學生選擇讀甚麼,也可以反映出美國和香港社會文化差異;見到有朋友感嘆香港的教育制度不能培養出具有創新和冒險精神的人,這一點我是十分認同的。投資者 vs 投機者回到今天的主題,假如今天可以讓大家釐清一個概念,那就是困難的事和是否能賺錢,可以是完全沒有關係,應該分開看待。有很多人想當然地覺得,台積電是因為門檻高,所以應該很賺錢,但這其實是個典型的思考陷阱。就正如大家直覺認為,入醫科很難,所以醫生一定賺很多錢。我甚至乎可以大膽講,台積電也好,NVIDIA 也好,當然想讓外界覺得,他們是獨一無二,別人莫講是模仿,那怕是要有基本條件去跟他們競爭也不容易。但試問那一間公司會讓人覺得自己是很易模仿,任何人都做得到?但自從美國 2022 件推出所謂的晶片法案之後,明顯見到台積電的股價對比 NVIDIA ,表現明顯落後了很多。簡單講,未來幾年,美國將會有資金投入製造芯片的工廠;雖說目前芯片供應不足,可能會維持一段日子,但這是只周期性的現象,而不是結構現象。當工廠多了,競爭大了,對台積電不會是好事。然而對 NVIDIA 那卻可能是好事,畢竟選擇多了,成本也應該更低。請記住,股價反映未來;不用等到廠房投產,從股價走勢的分歧,就已經可以預見到未來的市場環境。假如勉強地用「醫生 vs 工程師」作比喻,我會說台積電這種公司,就像DSE 狀元醫生,而 NVIDIA 更像那些有創意的工程師;前者只是希望穩陣地賺取比別人更多的錢,後者則像過山車那樣,更多跌宕起伏。有人可能會先入為主地想:「賺錢嘅嘢,就梗係悶聲發大財喇!」但不要忘記,在另一邊廂亦有人會相信,一生人可以賺大錢的機會不多,可能就只有幾次時機,錯失了一次,可能要等十年、廿年,所以他們只要一見到機會,就狠狠下注,而且是一注獨贏,義無反顧。以上兩種觀點,也是投資和投機的分別。投資計算成本、收入和回報率,是「收租佬」的心態。投機者經常不計成本,不理會目前,心目中只見到最終的理想。投資者是很現實的,投機者卻要有點天真;兩種人幾乎可以說是南轅北轍,風馬牛不相及。投資者和投機者,甚至是對立的;當投機者見到投資者坐享其成,就會想如何在這一池死水,興風作浪。社會,不可能全是投資者,也不可以全是投機者。假如人人都是投機者,個個到一心去做拓荒,最終恐怕連社會最基本需要都沒有人打理。但假如全部人都走去做收租佬,社會亦不會進步;即是,假如所有的人都選擇「穩陣地賺取比別人更多的錢」,社會漸漸會出現一種保守的「尋租文化」。尋租文化又是甚麼呢?現今社會表面上看不起尋租者,很多人在心底裡,卻偏偏想成為當中的一份子。社會對尋租者,最主要指控有三個:一,壓縮成本;二, 囤積居奇哄抬物價;三,賺到盡。但有一點必須搞釐清,壟斷市場也不一定等於有能力去做以上所講的三件事;兩者是有分別的。我甚至乎會覺得,連自己也有點濫用「尋租」這個詞。以上這些問題,來日再談。話說回來,那怕是最簡單的收租,也不等於沒有完全風險。假如你用 4% 借錢來買一個有 4.5% 回報的收租物業,你一樣面對風險,例如物業租不出去,又或者租客不交租等。換個角度看,任何社會都無法完全消除所有的風險;所以每個社會都需要有人願意冒險,資本主義的真正意義在於:「有些人願意犧牲目前的享受,換取未來更大的收入。」未來,是充滿未知的,所以資本主義一定有人會輸錢。記得在 2008 年金融危機,我聽過一句話:「不會輸錢的資本主義,就像沒有原罪的基督教一樣,都是假的。」資本主義的不確定性;有人視為缺點,但正面看其實也可以是優點。如半導體行業周期現象,由市場環境轉變開始,最先是有一、兩家企業願意放手一搏,又或者剛好「食正條水」,在開始的一段時間,這些先行者賺取到不尋常地多的利潤,他們會吸引更多資金,讓產能擴張。但是當每家企業都投入資本,結果整個行業就出現產能過剩;然後就是價格競爭,利潤消散,有些企業甚至因此而倒閉,有些人會失業,有些投資血本無歸,有些借貸變成壞帳,有些銀行或會出現危機。但不少消費者卻可以用更低的代價,享受到從前只有少數人才負擔得起的產品和服務。自從資訊科技革命,很多消費者享用到的服務幾乎是免費的,假如馬克斯時光旅行到今日的美國,他會肯定地說,資訊科技革命,就是在實現共產主義理想。理性思維與慣性思維由於資本主義的不確定性,所以社會裡,必然有投機者。投機者,有人覺得他們只是憑運氣,但他們總是覺得自己有先見之明。投機者不可能等到收集所有資訊之後才作出決定,因為到所有事情都一清二楚,時機已失。投機者必須在限的資訊條件下作決定;而在旁人眼中,這些決定往往是不可理喻。講到這裡,其實已經進入哲學範疇。究竟甚麼是理性?是否經過深思熟慮才算理性?有些人的確是這樣去理解。這也是為何有很多人認為,經濟學是空中樓閣,就是因為他們認為經濟學假設了人是理性的,而人卻不是理性的。對不起,理性不一定等於深思熟慮,更加不等於是完全合符邏輯。理性的假設只不過是:「每個人會視乎自己想達到的目標去作出選擇。」理性,也不代表了解一切而掌握所有資訊。相反,學會如何在資訊不完整的情況下做出決定,這也是一種理性。究竟理性的人會選擇追求穩定,還是追求理想?還是兩者根本沒有必然的矛盾?有人相信悶聲發大財,他們覺得那些想冒險改變世界的人,是不切實際,是「非理性」的。另一邊廂,有些人見到機會,他們也會覺得不願意冒險的人,是「非理性」的。以上的兩個例子,都是誤解了理性。事實上,不論是投資者抑或投機者,大多數都只是憑直覺,他們往往都是先有了決定,事後才穿鑿附會,找個理由解釋自己的行為。正如那些選擇讀醫科的 DSE 狀元,你問他們為甚麼讀醫,他們的解釋卻又是千遍一律的「行貨」。說穿了,我們大多數時候都是依賴慣性思維,但這仍然不代表人是非理性。人,總不可能將每件事都拆解到最基本,然後逐步推理,甚至乎推理的過程,亦其實有很多既定的方法,這些一切都是某程度的慣性思維。現代社會透過教育去灌輸這些慣性思維,節省了很多腦袋的運算能力,所謂社會精英理論上就是純熟地掌握了這些慣性思維的好學生。社會也將他們放置在機器中,擔當比其他人更重要的角色;而這種精英的慣性思維方式,反而普遍地被定義為理性。順帶一提,我有不少朋友眼中的理性,就是做專業人士,每個月不論公司賺蝕,薪水袋袋平安,累積投機的本錢;當每個月都有穩定收入,他們才有條件去買樓、買股票以小博大。反過來說,也有人認為,雖然資本家每個月出糧給你,承擔風險,但他們往往才是真正賺大錢的人;有趣是,而這些資本家在投資過程,往往著眼於資金成本和現金流,他們很少會想一注獨贏十倍八倍。以上專業人士和資本家的觀點,彷彿完全對立,但其實一樣理性。兩種人、兩種心態,其實總是在某種均衡的狀態中。我甚至認為根本不應該如此簡單地二元對立去想問題;人絕對可以追求穩定的投資回報,亦同時是理想主義投機者。事實上,經濟學教曉我們,分散資產是平衡回報和風險,最直接、有效的方法。所以,各位同學,要是你不是甚麼狀元,不是讀醫科的材料,不打緊;要記得是路有很多條,你也不會亦不應只行一條路。事實上,我認識的醫生,很多都會買股票買樓,賣股票賣樓給他們,一樣很賺錢的。最後,有興趣重溫昨天分享的朋友,以下是文章和 Podcast 的連結: This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit leesimon.substack.com/subscribe
In our latest episode, we're thrilled to feature Dan Balcauski, Founder of Product Tranquility, as we navigate the world of SaaS pricing models.About Dan Balcauski Started his career in product management at National Instruments, based in Austin, Texas. Ascended to the role of Product Strategy Principal at SolarWinds, a SaaS company serving DevOps and IT professionals. Made a significant shift to B2C, leading product at LawnStarter Lawn Care. Boasted a successful freelance career as a product manager, earning a place in the top 3% of PM professionals worldwide on Toptal. Imparts his industry knowledge as a program leader at Northwestern University, where he teaches product strategy. In 2019, Balcauski launched Product Tranquility, a venture dedicated to assisting B2B SaaS CEOs in defining pricing and packaging for their products.A Personal AdventureWhat sets Balcauski apart is his remarkable spirit of adventure. Before starting Product Tranquility, he embarked on a personal voyage as an independent travel consultant, planning and undertaking a global expedition through 21 countries. This extraordinary journey demonstrated his fervor for continuous learning, during which he acquired new skills ranging from digital marketing and Spanish proficiency to kiteboarding and Argentine Tango.Join us as we dive deep into the insights and stories Balcauski brings to the table.Value-Based PricingIn our engaging chat, Dan Balcauski brought up some crucial insights regarding the struggles businesses often face while setting up pricing in the SaaS industry. There's often a lack of structure, leading to heated debates rather than an organized approach. To combat this, Balcauski introduces the 'Services' model.Key Challenges in Pricing: An unclear target customer profile: Companies often struggle to understand exactly who they are serving. Poor understanding of how they create customer value: Businesses might be unclear on the unique value they deliver to their customers. Unclear product differentiation: Companies often grapple with distinguishing their products from others in the market. Underappreciation for the depth of decisions in pricing and packaging: Many overlook the vast array of factors impacting pricing, focusing only on surface-level elements. The 'Services' Model:The 'Services' model stands for Segments, Value, Competition, and Strategy, and was designed to address these challenges. Segments: Understand the specific context and constraints of your customer segments, as they dictate what they value most. Value: Recognize how each segment perceives value and rank orders value drivers, influencing how they value your product. Competition: Be aware of the competitive alternatives each segment has available. What would they use if your product didn't exist? Strategy: This comes in the Michael Porter sense of the word. Strategy involves trade-offs; you can't be everything to everyone. Decide who you're going to target, how you position yourselves in their minds, and how you'll balance the different elements of SaaS packaging. This includes price metrics, price models, offer configurations, etc. The combination of these four components informs the price level you set, helping your business achieve its objectives. The 'Services' model ensures a more thoughtful, strategic approach to pricing, moving away from arbitrary decisions.What is value based pricing? Dan Balcauski clarified the concept of value-based pricing and distinguished it from other terms like value metrics and price metrics.Value-Based PricingValue-based pricing, at its core, concerns how value is divided between buyer and seller in a transaction. This notion dates back to Adam Smith and the concept of trade, where specialization and trading lead to overall improvements for everyone involved.“...goes all the way back to Adam Smith with trade, right, you've got the butcher, the baker, and the candlestick maker, they don't all try to, you know, bake their own bread and cut their own meat, etc. Because it's better if we all specialize, we're all better off if we specialize in trade, right.” - Dan Balcauski Value Metric vs. Price Metric Value Metric: Using a 'Jobs to be Done' framework, the value metric is how customers measure the effectiveness of your product in achieving their specific outcomes. These outcomes could be economic (saving time, decreasing costs, increasing revenue), emotional (reducing anxiety, boosting status), or social (contributing to causes like climate change, equal rights, education, health care). Price Metric: While value metrics focus on the customer, price metrics focus on the product. The price metric is the unit of value for which the customer is charged concerning the product (e.g., number of users, API transactions, gigabytes of data transferred, etc.). Ideally, the value metric and price metric should be correlated, meaning that the way customers derive value from your product should inform the units by which you charge. Outcome-Based PricingThe question of charging based on actual value delivered, like a CRM charging based on deals closed every month instead of the number of users, led to the discussion of outcome-based pricing. This model aligns the vendor with the customer's success, creating a 'pure' form of value-based pricing.While this approach is theoretically appealing, Balcauski explains it doesn't always work in practice. Exceptions include companies like Stripe, which directly participates in the payment flow and therefore aligns its success with its clients' success.Outcome-based pricing may not work well for companies outside the flow of the success metric. It can lead to complications in reporting and potential conflicts, given that what is considered 'success' may not be clearly defined or could be interpreted differently by different parties. Therefore, while enticing, outcome-based pricing requires careful implementation to avoid straining customer relationships.Bundling and Unbundling in Pricing Models**Bundling, Unbundling, and Usage-Based Pricing**Bundling and unbundling, while seemingly contrary, are not in tension with usage-based pricing. These concepts represent different dimensions of product packaging that can evolve independently. According to the Silicon Valley CEO Jim Clark, the only two ways to make money in business are bundling and unbundling.The history of the PC industry illustrates this with the evolution from monolithic providers like IBM to the unbundling of the operating system from the CPU architecture (as seen with the Wintel monopoly), and then back to bundling via Apple's integration of software and hardware. Dan highlights that such industry transformations often occur cyclically and are influenced by broader market trends rather than by single companies.The Nuances of Pricing MetricsPricing metrics, while essential for defining a product's price, can either aid or hinder a company's competitive positioning. The choice of pricing metric depends significantly on the market context and should ideally align with the customer's business needs and the perceived value of the product. Innovative pricing strategies, like Rolls Royce's "power by the hour" for jet engines, demonstrate how such metrics can mirror customer value, thereby streamlining the buying process.However, such innovative strategies may require substantial resources to educate the market about the change and may be more successful if driven by industry leaders or highly innovative products. Finally, Dan advises caution when attempting to be distinctive with pricing metrics, as this can result in increased effort to justify the difference to potential customers.AI and Pricing for Solo TravelersThe final part of the interview revolved around a hypothetical AI application designed to assist solo travelers, with features like tracking reservations, making dynamic dinner reservations, and offering real-time travel updates. The proposed monetization strategy is a freemium model, with added features for premium users.In response to this idea, Dan expresses concern about the target audience of solo personal travelers due to their potential limited spending power. He urges the developers to consider different customer segments thoroughly, understanding their specific needs and the context in which they'll be using the app.The importance of understanding customers' contexts is emphasized, using the example of airlines, who vary ticket prices based on the nature and timing of travel. Understanding these distinct customer segments and their unique value drivers can guide pricing decisions effectively.In addition, Dan encourages the consideration of competitive alternatives from a 'Jobs to be Done' perspective. Instead of focusing on similar apps or startups, the developers should consider what the target user is currently using to solve their problem if the proposed app didn't exist. By understanding these competitive alternatives and their inherent limitations, developers can better define their product's differentiated value and devise a pricing strategy that accurately captures this value.Episode Recap In this intriguing episode, Dan Balcauski offers his deep expertise and unique perspectives on the world of SaaS pricing models. We delve into various aspects, ranging from the 'Services' model to value-based pricing, outcome-based pricing, bundling and unbundling, as well as the exciting realm of AI in pricing strategies. Each topic comes with a host of insights and stories from Dan's vast experience, illustrating the depth of his knowledge and his ability to communicate complex ideas with clarity and impact.Balcauski's unique background, blending his passion for product strategy and global travel, sets the stage for an engaging, insightful conversation that leaves listeners with a wealth of valuable takeaways. Whether you're an established SaaS CEO or a budding entrepreneur, the wisdom shared by Dan Balcauski is sure to elevate your understanding of pricing and packaging in the SaaS industry. Listen to the full episode now. And don't forget to follow Dan: Product Tranquility Dan's LinkedIn
We've talked about the history of microchips, transistors, and other chip makers. Today we're going to talk about Intel in a little more detail. Intel is short for Integrated Electronics. They were founded in 1968 by Robert Noyce and Gordon Moore. Noyce was an Iowa kid who went off to MIT to get a PhD in physics in 1953. He went off to join the Shockley Semiconductor Lab to join up with William Shockley who'd developed the transistor as a means of bringing a solid-state alternative to vacuum tubes in computers and amplifiers. Shockley became erratic after he won the Nobel Prize and 8 of the researchers left, now known as the “traitorous eight.” Between them came over 60 companies, including Intel - but first they went on to create a new company called Fairchild Semiconductor where Noyce invented the monolithic integrated circuit in 1959, or a single chip that contains multiple transistors. After 10 years at Fairchild, Noyce joined up with coworker and fellow traitor Gordon Moore. Moore had gotten his PhD in chemistry from Caltech and had made an observation while at Fairchild that the number of transistors, resistors, diodes, or capacitors in an integrated circuit was doubling every year and so coined Moore's Law, that it would continue to to do so. They wanted to make semiconductor memory cheaper and more practical. They needed money to continue their research. Arthur Rock had helped them find a home at Fairchild when they left Shockley and helped them raise $2.5 million in backing in a couple of days. The first day of the company, Andy Grove joined them from Fairchild. He'd fled the Hungarian revolution in the 50s and gotten a PhD in chemical engineering at the University of California, Berkeley. Then came Leslie Vadász, another Hungarian emigrant. Funding and money coming in from sales allowed them to hire some of the best in the business. People like Ted Hoff , Federico Faggin, and Stan Mazor. That first year they released 64-bit static random-access memory in the 3101 chip, doubling what was on the market as well as the 3301 read-only memory chip, and the 1101. Then DRAM, or dynamic random-access memory in the 1103 in 1970, which became the bestselling chip within the first couple of years. Armed with a lineup of chips and an explosion of companies that wanted to buy the chips, they went public within 2 years of being founded. 1971 saw Dov Frohman develop erasable programmable read-only memory, or EPROM, while working on a different problem. This meant they could reprogram chips using ultraviolet light and electricity. In 1971 they also created the Intel 4004 chip, which was started in 1969 when a calculator manufacturer out of Japan ask them to develop 12 different chips. Instead they made one that could do all of the tasks of the 12, outperforming the ENIAC from 1946 and so the era of the microprocessor was born. And instead of taking up a basement at a university lab, it took up an eight of an inch by a sixth of an inch to hold a whopping 2,300 transistors. The chip didn't contribute a ton to the bottom line of the company, but they'd built the first true microprocessor, which would eventually be what they were known for. Instead they were making DRAM chips. But then came the 8008 in 1972, ushering in an 8-bit CPU. The memory chips were being used by other companies developing their own processors but they knew how and the Computer Terminal Corporation was looking to develop what was a trend for a hot minute, called programmable terminals. And given the doubling of speeds those gave way to microcomputers within just a few years. The Intel 8080 was a 2 MHz chip that became the basis of the Altair 8800, SOL-20, and IMSAI 8080. By then Motorola, Zilog, and MOS Technology were hot on their heals releasing the Z80 and 6802 processors. But Gary Kildall wrote CP/M, one of the first operating systems, initially for the 8080 prior to porting it to other chips. Sales had been good and Intel had been growing. By 1979 they saw the future was in chips and opened a new office in Haifa, Israiel, where they designed the 8088, which clocked in at 4.77 MHz. IBM chose this chip to be used in the original IBM Personal Computer. IBM was going to use an 8-bit chip, but the team at Microsoft talked them into going with the 16-bit 8088 and thus created the foundation of what would become the Wintel or Intel architecture, or x86, which would dominate the personal computer market for the next 40 years. One reason IBM trusted Intel is that they had proven to be innovators. They had effectively invented the integrated circuit, then the microprocessor, then coined Moore's Law, and by 1980 had built a 15,000 person company capable of shipping product in large quantities. They were intentional about culture, looking for openness, distributed decision making, and trading off bureaucracy for figuring out cool stuff. That IBM decision to use that Intel chip is one of the most impactful in the entire history of personal computers. Based on Microsoft DOS and then Windows being able to run on the architecture, nearly every laptop and desktop would run on that original 8088/86 architecture. Based on the standards, Intel and Microsoft would both market that their products ran not only on those IBM PCs but also on any PC using the same architecture and so IBM's hold on the computing world would slowly wither. On the back of all these chips, revenue shot past $1 billion for the first time in 1983. IBM bought 12 percent of the company in 1982 and thus gave them the Big Blue seal of approval, something important event today. And the hits kept on coming with the 286 to 486 chips coming along during the 1980s. Intel brought the 80286 to market and it was used in the IBM PC AT in 1984. This new chip brought new ways to manage addresses, the first that could do memory management, and the first Intel chip where we saw protected mode so we could get virtual memory and multi-tasking. All of this was made possible with over a hundred thousand transistors. At the time the original Mac used a Motorola 68000 but the sales were sluggish while they flourished at IBM and slowly we saw the rise of the companies cloning the IBM architecture, like Compaq. Still using those Intel chips. Jerry Sanders had actually left Fairchild a little before Noyce and Moore to found AMD and ended up cloning the instructions in the 80286, after entering into a technology exchange agreement with Intel. This led to AMD making the chips at volume and selling them on the open market. AMD would go on to fast-follow Intel for decades. The 80386 would go on to simply be known as the Intel 386, with over 275,000 transistors. It was launched in 1985, but we didn't see a lot of companies use them until the early 1990s. The 486 came in 1989. Now we were up to a million transistors as well as a math coprocessor. We were 50 times faster than the 4004 that had come out less than 20 years earlier. I don't want to take anything away from the phenomenal run of research and development at Intel during this time but the chips and cores and amazing developments were on autopilot. The 80s also saw them invest half a billion in reinvigorating their manufacturing plants. With quality manufacturing allowing for a new era of printing chips, the 90s were just as good to Intel. I like to think of this as the Pentium decade with the first Pentium in 1993. 32-bit here we come. Revenues jumped 50 percent that year closing in on $9 billion. Intel had been running an advertising campaign around Intel Inside. This represented a shift from the IBM PC to the Intel. The Pentium Pro came in 1995 and we'd crossed 5 million transistors in each chip. And the brand equity was rising fast. More importantly, so was revenue. 1996 saw revenues pass $20 billion. The personal computer was showing up in homes and on desks across the world and most had Intel Inside - in fact we'd gone from Intel inside to Pentium Inside. 1997 brought us the Pentium II with over 7 million transistors, the Xeon came in 1998 for servers, and 1999 Pentium III. By 2000 they introduced the first gigahertz processor at Intel and they announced the next generation after Pentium: Itanium, finally moving the world to the 64 bit processor. As processor speeds slowed they were able to bring multi-core processors and massive parallelism out of the hallowed halls of research and to the desktop computer in 2005. 2006 saw Intel go from just Windows to the Mac. And we got 45 nanometer logic technology in 2006 using hafnium-based high-k for transistor gates represented a shift from the silicon-gated transistors of the 60s and allowed them to move to hundreds of millions of transistors packed into a single chip. i3, i5, i7, an on. The chips now have over a couple hundred million transistors per core with 8 cores on a chip potentially putting us over 1.7 or 1.8 transistors per chip. Microsoft, IBM, Apple, and so many others went through huge growth and sales jumps then retreated dealing with how to run a company of the size they suddenly became. This led each to invest heavily into ending a lost decade effectively with R&D - like when IBM built the S/360 or Apple developed the iMac and then iPod. Intel's strategy had been research and development. Build amazing products and they sold. Bigger, faster, better. The focus had been on power. But mobile devices were starting to take the market by storm. And the ARM chip was more popular on those because with a reduced set of instructions they could use less power and be a bit more versatile. Intel coined Moore's Law. They know that if they don't find ways to pack more and more transistors into smaller and smaller spaces then someone else will. And while they haven't been huge in the RISC-based System on a Chip space, they do continue to release new products and look for the right product-market fit. Just like they did when they went from more DRAM and SRAM to producing the types of chips that made them into a powerhouse. And on the back of a steadily rising revenue stream that's now over $77 billion they seem poised to be able to whether any storm. Not only on the back of R&D but also some of the best manufacturing in the industry. Chips today are so powerful and small and contain the whole computer from the era of those Pentiums. Just as that 4004 chip contained a whole ENIAC. This gives us a nearly limitless canvas to design software. Machine learning on a SoC expands the reach of what that software can process. Technology is moving so fast in part because of the amazing work done at places like Intel, AMD, and ARM. Maybe that positronic brain that Asimov promised us isn't as far off as it seems. But then, I thought that in the 90s as well so I guess we'll see.
科技業擺脫疫情糾纏的第一年,沒想到卻是輪番裁員惡夢的開始,PC業者堪稱其中重災區,宏碁創辦人施振榮更是直指,PC產業到了轉型關鍵時刻了。 原先科技業期待的疫後新常態商機,如今PC產業卻面臨罕見的大衰退。本集節目精彩內容搶先看:蘋果Mac成為2022年PC市場唯一成長的品牌,若蘋果也賣不動,PC市場恐怕將凝視全面衰退的深淵。x86處理器世代更新潮來到,高階、電競NB逐漸出現換機潮動能。高階NB能見度愈來愈好,折疊式產品將有一番新氣象。 主持人 李立達 DIGITIMES Research分析師 蕭聖倫 收聽《科技聽IC》:https://pse.is/4fjhvz更多科技趨勢https://pse.is/4drbp9留言心得回饋 https://pse.is/4ee2ft異業合作洽詢 service@ic975.com
科技業擺脫疫情糾纏的第一年,沒想到卻是輪番裁員惡夢的開始,PC業者堪稱其中重災區,宏碁創辦人施振榮更是直指,PC產業到了轉型關鍵時刻了。 原先科技業期待的疫後新常態商機,如今PC產業卻面臨罕見的大衰退。本集節目精彩內容搶先看:蘋果Mac成為2022年PC市場唯一成長的品牌,若蘋果也賣不動,PC市場恐怕將凝視全面衰退的深淵。x86處理器世代更新潮來到,高階、電競NB逐漸出現換機潮動能。高階NB能見度愈來愈好,折疊式產品將有一番新氣象。 主持人 李立達 DIGITIMES Research分析師 蕭聖倫 收聽《科技聽IC》:https://pse.is/4fjhvz更多科技趨勢https://pse.is/4drbp9留言心得回饋 https://pse.is/4ee2ft異業合作洽詢 service@ic975.com
科技業擺脫疫情糾纏的第一年,沒想到卻是輪番裁員惡夢的開始,PC業者堪稱其中重災區,宏碁創辦人施振榮更是直指,PC產業到了轉型關鍵時刻了。 原先科技業期待的疫後新常態商機,如今PC產業卻面臨罕見的大衰退。
欢迎收听雪球和喜马拉雅联合出品的财经有深度,雪球,国内领先的集投资交流交易一体的综合财富管理平台,聪明的投资者都在这里。听众朋友们大家好,我是主播匪石-34,今天分享的内容叫横看成岭侧成峰,来自长安卫公。从生活和投资来看,我转了这个弯。今年以前,我一直认为投资大致能赚的是三类钱:公司成长的钱、市场错误定价的钱、市场估值提升的钱。但其实,这只是正向思维,慢慢的发现,还可以逆过来想。横看成岭侧成峰日本流传过一个有趣的对话,和投资做交易很相关。杜鹃不鸣,当如何?织田信长:令其鸣;丰成秀吉:诱其鸣;德川家康:待其鸣。大多数价投的思维,其实只在德川家康这一层,但其实织田信长和丰成秀吉也曾做过二世枭雄。从投资进化的路程来看,织田信长和丰成秀吉,可以搭上快车道。不过,最终的归宿,都还是要做德川家康。今年应该是我投资的第三轮进化,我开始深刻的意识到,投资这个行当,不确定性太大了,如果你执着于精确求证和自证,往往会让自己陷入循环自证的怪圈。正如:70年前,你觉得搞地球勘探没品味的德州石油佬,应该搞不出来什么高科技。然而德州仪器 却成为世界上第一款量产硅晶体管的公司并且超越了肖克利的飞兆半导体公司,将半导体从锗时代带到了硅时代。60年前,英特尔 、超威、微软都抱大腿的蓝色巨人IBM在商用计算机看不到对手,应该屹立不倒。但怎么也想不到,为什么后发推出更好用的OS/2个人电脑操作系统,却再也打不过Wintel组合。40年前,你也想不到被日本半导体打到吐血的英特尔,会放弃主营的内存业务,专注微处理器。麦肯锡调研,在全球范围内,仅有26%的企业能够通过转型,但是英特尔成功了。30年前,日本占领了全球内存60%以上的份额,英特尔、仙童、莫斯泰克等美国本土的芯片大厂都撑不下去了,你也想不到最后居然是爱达华州的乡巴佬镁光凭借土豆洲的成本优势在半导体内存领域活了下来,撑到了广场协议。15年前,你也很难想到高通抓住了安卓智能手机处理器的机会,用专利和基带集成打败了占领塞班时代手机芯片的德州仪器。10年前,你非常有眼光,看好中国电商的发展。但也无法想到,阿里巴巴10年近乎0收益,回头一看,发现拼多多、京东、美团、抖快都在攻入阿里的腹地,于是失望的接受阿里只是一家平庸公司的事实。当然,现在你也想不到,一个三年前正在某研究所摸鱼搞地球物理反演的石油佬,现在正在这里打字和你嘚吧嘚投资。这些新的认知,对我投资很大的一个底层影响就是:之前很多年,我都比较坚信时势造英雄,但当我经历慢慢丰富之后,发现英雄造时势似乎才是更有意思的。我开始相信,世界是有奇点的,而这些奇点往往能带着事物走向不确定性和艺术性。所以,最终还是长安的名言说得对:公司、股价和人生一样,大起大落真是太刺激了。后面,具体看好的投资标的我会在周报里慢慢讲。当然,你如果看了我上面举的例子,大概会知道我明年的关注点在哪。这篇年终总结嘛,还是得从大处着眼,谈一谈得失,今年做得还行的点在于:1、投资收益还不错,港美股收益145%,A股收益308%,整体资金收益在165%左右;2、资产突破A8,算是以后不愁吃穿;3、投资体系基本稳定下来,完成了分散+进攻性充足的仓位配置;4、总体还是忙碌的一年,没有虚度。2022,经历的事情太多,情绪波动太大,生活观、工作观、生命观、投资观上都经历了横看成岭侧成峰的过程。不过,本质上,作为一个喜欢和A老师高强度交流打板心得的纯粹价值投资者,我每天都在应对奇点。但在今年这个奇点爆炸的年份,其实我更期待奇点能收敛一些,让事情的可预测性变得更强一些,准备也能更充分些。从收益本身来讲,我承认有一部分运气的成分。最后的结果,我大体满意,但比起我盯着的那些金字塔尖让我佩服的A老师来说,只能说还无法望其项背,佩服的五体投地。最后,感恩雪球,我现在的投资社交圈,有大概90%的最亲密的战友都来自于雪球。遇见了很多朋友和老师,改变了我的人生。希望明年能收益继续保持住,继续扩大公司池子。要来一场全国旅行,多谈几个女朋友。毕竟,人生苦短,要及时行乐。
Lay of The Land's conversation today is with Steve Santamaria, CEO of Folio Photonics, where he is focused on innovating storage media with the first-ever enterprise-scale, immutable active archive solution that delivers breakthrough cost, security, and sustainability!Steve — who resides here in Chagrin Falls — is a seasoned technology executive, entrepreneur, and student of disruptive technologies. Steve spent 14 years at Intel where he led an array of strategic projects including: Intel's Microsoft partnership, colloquially referred to as Wintel, investment in China Software Park Program (with launches in Hangzhou, Nanjing, Shenzhen and Chengdu), global expansion of the Intel Developer Program, formation of the Visual Computing Group to move Intel into more graphics-oriented businesses such as VR and 3D animation and the launching of various Intel Service businesses including Intel Online Services, AppUp and Tizen.Prior to Intel, Steve had a successful sales and business development career with companies including: Control Data, Ceridian, Parametric Technology and Giga Information Group. Most recently, Steve started two companies: WebTuner Corp., an OTT video streaming company, and Envelop VR, which created the first Windows desktop environment for virtual reality.Really enjoyed getting Steve's perspective on the history and future of storage, the prospects for Folio Photonics's opportunity looking forward, Cleveland's whole ecosystem, and his reflections on leadership! Hope you enjoy my conversation with Steve Santamaria--Learn more about Folio PhotonicsConnect with Steve Santamaria on LinkedInFollow Steve Santamaria on Twitter @SSantamaria7 --Connect with Jeffrey Stern on LinkedInFollow Jeffrey Stern on Twitter @sternJefeFollow Lay of The Land on Twitter @podlayofthelandhttps://www.jeffreys.page/
Tjenare! I det här avsnittet tar jag upp något som är ett problem för de flesta, inklusive mig själv. Och det är hur man får tid till sina språkstudier! -------------------- Sample of the transcript at the bottom! -------------------- Om du vill stödja podden och få transkript till alla avsnitt kan du bli patron - det kostar bara 5€ per månad! Gå in på min hemsida www.swedishlinguist.com och klicka på länken till min Patreon-sida! På min hemsida kan du också hitta information om kursen Strong Swedish! Kursen för dig som vill nå en avancerad nivå i svenska. -------------------- If you want to support the podcast and get transcripts to all episodes, you can become a patron - it's only 5€ per month! Go to my website www.swedishlinguist.com and click the link to my Patreon page! On my website you can also find information about the course Strong Swedish! The course for you who want to reach an advanced level in Swedish. ------------------- Instagram: swedish.linguist YouTube: Swedish Linguist Facebook: Swedish Linguist Letar du efter en svenskalärare? Jag har alltid använt italki för att hitta lärare. Klicka här för att få 10$ krediter på italki när du köper för minst 20$! Länken är en affiliate link, så du stödjer mig när du använder den :) ------------------- Ett smakprov (sample) av transkriptet: (du kan också läsa det på min hemsida) (Tänk på att detta är transkriberat talspråk, det ser inte ut som vanlig skriven svenska!) Ja men tjenare, välkommen till Simple Swedish Podcast! Idag ska jag prata om ett vanligt problem – att få tid till sina språkstudier! Och först, som vanligt, så ska jag tacka några patrons, några nya patrons! Så tack till Rabia, Tim, Wintel, Jeff Jeff Jeff, Beyhan och Emily. Jättestort tack till er för att ni stödjer den här podden. Och såklart, alla patrons får transkript till alla avsnitt, som kommer varje vecka som poddavsnitt. Okej, så du har säkert samma problem som mig, och som dom flesta andra människor som jobbar, studerar, liksom, har ett liv. Och det är att det kan vara ganska svårt att hitta tid till sina språkstudier. Så, ja, det ska jag prata om nu. För att, det tar lång tid att lära sig ett språk. Och man behöver lägga tid på sina studier varje dag - i alla fall nästan varje dag - under en lång tid, liksom, månader och år. Och i början så har man ofta ganska mycket motivation. Det känns nytt och spännande, och man känner att man blir bättre ganska snabbt. Och det är oftast lätt att hitta tid när man är motiverad. Så, ja.. Men oftast så börjar man tappa motivation efter några veckor, eller efter några månader. Alltså motivationen börjar gå ner. Och ja, det är inte nytt och spännande längre, och andra saker börjar liksom komma i vägen, börjar hända. Man kanske får mycket att göra på jobbet. Man kanske behöver studera andra saker, man kanske har nåt prov som man behöver studera till. Man kanske reser. Man kanske..ah, nåt jobbigt kanske händer, till exempel nån kris, eller man blir deprimerad. Ah, det är mycket som kan hända, och man kanske tänker “ah, jag fortsätter med språket när jag får tid”. Jag har inte tid just nu, jag fortsätter när jag får mer tid. Men, det här funkar inte när man vill lära sig ett språk, i alla fall inte om man vill nå en hög nivå i ett språk. Man måste helt enkelt lägga tiden, och göra det varje dag. Typ varje dag i alla fall. ...för hela transkriptet tillsammans med översättningar på svåra ord och uttryck, klicka här!
TechBytes 05 : 2022 Music Technology Quarter Time Review ! Hosted by Vin Curigliano of AAVIM Technology , I am joined by guest co-hosts Pete Brown of Microsoft and Chris Mann of Link Audio. We cover the results of the recent BETA testing results of the BUS extension test, and detail the performance variables experienced while we navigated the thread scheduling dips and curves across multiple DAW's. We follow up on the Cubase 12 release and the rollout of the transition from eLicenser, discuss some exciting new Music Tech releases , as well as revisit the continuing fallout of the chip shortages. We then dive headlong into the accelerating CPU Wars , detail some cross platform comparative benchmark results covering MAC M1 v MAC x86 v Wintel, share some more stories from the tech support trenches, and much more. Host & Guest Links : AAVIM Technology : www.aavimt.com.au DAWbench : www.dawbench.com Microsoft : www.microsoft.com Pete Brown : https://twitter.com/Pete_Brown Link Audio : www.linkaudio.com.au VO : Andrew Peters : www.andrewpetersvo.com Music Themes : Original DAWbench VI Theme Music composed by Rob John : Independent Music Productions : http://www.indmusicprods.com DAWbench Radio Show ReMix by Erin McKimm : www.erinmckimm.com All Rights Reserved : © AAVIMT 2022
Guest:Mark W. YuskoChief Executive Officer and Chief Investment Officer, Morgan Creek Capital Management & Managing Partner, Morgan Creek Digital AssetsMark Yusko is the Founder, CEO and Chief Investment Officer of Morgan Creek Capital Management. He is also the Managing Partner of Morgan Creek Digital Assets. Morgan Creek Capital Management was founded in 2004 and currently manages close to $2 billion in discretionary and non-discretionary assets. Prior to founding Morgan Creek, Mr. Yusko was CIO and Founder of UNC Management Company (UNCMC), the Endowment investment office for the University of North Carolina at Chapel Hill. Before that, he was Senior Investment Director for the University of Notre Dame Investment Office.Mr. Yusko has been at the forefront of institutional investing throughout his career. An early investor in alternative asset classes at Notre Dame, he brought the EndowmentModel of investing to UNC, which contributed to significant performance gains for theEndowment. The Endowment Model is the cornerstone philosophy of Morgan Creek, as is the mandate to Invest in Innovation. Mr. Yusko is again at the forefront of investing through Morgan Creek Digital Assets, which was formed in 2018. Morgan Creek Digital is an early stage investor in blockchain technology, digital currency and digital assets through the firm's Venture Capital and Digital Asset Index Fund.Mr. Yusko received a BA with Honors from the University of Notre Dame and an MBA in Accounting and Finance from the University of Chicago.Hosted By:Austin WillsonMichael O'ConnorBZ: welcome back to another episode of the long-run show. This is your host, Austin Willson, along with Mike OConnor. And today we are going to be having another guest on our show. We have Mark Yusko from Morgan Creek Capital. He's actually the founder and CIO of Morgan Creek capital and the chief managing partner of Morgan Creek digital.Hopefully I got that right, Mark. And we're going to be good. We're going to be talking about we're gonna be talking about a lot of different things today. Spanning many different aspects. Obviously, mark, you have a lot of experience investing money and allocating capital and also a lot of experience just with thinking about large long run issues which is the name of the show.M: One of the things that I really don't like is everything is focused on short term and social media. And that just the explosion of content has made it even shorter and shorter. And really, if you think about investing, the art of investing, it really is about the longterm. And it's nice. You're nice to say I have a lot of experience. That's just a very nice way of saying I'm old and I am and that's actually a good thing because it means you survived all the mistakes that you made when you were young. But importantly it goes to. My whole career has been around. Long-term thinking, I a series of happy accidents. I didn't plan to be an investment guy. I planned to be an architect. And then I tried pre-med and none of those things really fit. But I went to work for an insurance company out of business school and the guy who was doing investments retired. And so I was now the investment guy. And what I found is it was the perfect thing for me as a science guy. And science is all about format hypothesis, forming experiment, gathering data, testing the hypothesis, and then deciding if it's right or wrong. And that's exactly what you do in investing, right? You come up with this form an experiment.You, you make exposure and then you test it. You gather the data and the market tells you whether you're right or wrong. And part of the. my aha moment over my career was that time arbitrage. So long run thinking, right? The title of your show is the ultimate win in investing. If you have a long time preference, if you have the ability to think longer term than the average investor, you will make more money. And that's kinda cool. And you don't have to be right as often either. That's the nice thing is you don't have to always be right or prove that you're right. Which is very dangerous and investing. Yeah. So quick. Went to school. I said to be an architect or a doctor then went to business.School, came out, went into investing. And my next happy accident was I went back to my Alma Mater. I went back to Notre Dame and I got into endowment management. And what I realized was I thought investing when I worked for the bond management part of the insurance company and then an equity firm. Was that It was just about picking stocks and bonds. That's what investing does. That's what the TV tells you. You should pick stocks IBM or GM or Ford. And what I realized is those were 15% of the longterm returns. 85% of returns comes from asset allocation. The big picture allocation of capital across stocks, bonds, currencies, commodities within stocks. Do I go international? Do I go domestic? Do I go technology? Do I go healthcare? And those big asset allocation decisions drove everything. So the endowment model of investing, which I learned at Notre Dame brought with me down here to university of North Carolina at chapel hill. Whereas the CIO there, that's what I learned. And all that endowment model means is you have a long time horizon. It's permanent capital. Therefore you have this ability to take advantage of time arbitrage. The second thing is you have to have an equity bias, because if you want to have a long term positive return, you need to outperform inflation and bonds just don't do that by very much. So you have to have an equity orientation, but equity doesn't mean stocks. You mean stocks? It means private equity. It means venture capital. It means commodity equity. There's all kinds of equities. And then the next stage was I left the university back actually now a long time ago, back in 2004, and I formed Morgan Creek Capital and more capital is just about bringing the endowment model to other investors, taking this idea of alternative, thinking about investments to the masses. Now everyone says what do you mean alternative thinking? I'm like I don't like the term alternative investments. People talk about it all the time. Hedge funds or private equity or venture capital. Those are alternative investments. alternative to what? you own stocks, you own bonds, you own currencies and you own commodities. How I own them in a mutual fund, in a hedge fund, in a private partnership, doesn't change the nature that I own. Stocks, bonds, and currencies and commodities. And the problem is whoever thought of the term alternatives, who was not a marketing guy or gal, they were not very smart. People don't like alternative stuff, alternative medicine, alternative music.They don't like alternative stuff. They're afraid of it. . And so what did he do? Tape put 5% in alternatives and 95% in tradition. That doesn't make any sense because if the traditional stuff isn't attractive, why would you want to own it? So fast forward Morgan Creek over the years has migrated from, this alternative thinking about investments to my big aha moment, which was investing in infrastructure around technological innovations. And it's a wave of about 14 year cycle is where the big wealth is created. on Twitter it's my pin tweet. The greatest wealth is created by investing in something that you believe in before others even understand. you will be mocked, you'll be ridiculed and it's worth it. And so back four years ago, we set up Morgan Creek digital subsidiary of Morgan Creek capital to focus on long-term investing in the digital asset ecosystem and having a blast. had more fun than I've ever had my career. And I love every stage of my career. But I'm having way more fun. Now I get to hang out with young smart people. I get to focus on this innovative technology. That's changing the world anyway.BZ: I love the term time arbitrage. That is just such a great term. And I find it so interesting because like you mentioned, using the that's so interesting, the endowment model, because that seems so foreign to wall street of the last couple of decades, or, having this model that you're actually considering long-term implications. You're not just looking for the next big short or something like that. What's been the reception from others in the field of that. Cause it seems like so much common sense to be able to look at the long-term, but it's pretty uncommon. What's been the reception ?M: We actually created a vehicle a number of years ago called the endowment fund and it took off, it was the most successful launch of a product in Merrill Lynch's history and everybody piled in and then something happened, gold financial crisis happened. We actually did well relatively well. We didn't do well. Absolutely. But we did less badly than everybody else. And, in investing the most important thing, right? There's three rules to investing rule. Number one, don't lose money rule number two, don't lose money rule number three, don't forget the first two rules and Roy Neuberger coined that phrase.And it's because of math. If I'm down 10, I got to be up 11. If I'm down 20, I gotta be up 25. I'm down 50. I gotta be up 100 to get even, God forbid you're like Russian market. I'm down 95 when it gets back to even which it will. Cause this has happened before. You'll be up 20 fold buying Russian equities. Great idea for the long-term not for the next week or the next month, but if you can buy spare bank at this price, you make 20 times your money, probably over a long-term period because you're down 95%. But that idea of avoiding the downside is what the endowment model is all about. And what happened though is after the gold financial crisis, the FED and other central banks around the world started pumping liquidity into the market. And that changed things. And what it did is it created this illusion that stocks, the S&P or going up every year. And so over the last 13 years has been pretty much a bull market in nominal terms, not in real terms, but in nominal terms. And maybe people not want to be value oriented. They want to be momentum players. They didn't want to take the long-term. They didn't want to make an investment today in a company that might take 10 years to harvest an S&P is up 15% every year. I'll just do that. So the endowment model kind of faded and can got out of favor and, necessity is the mother of invention that led us to say, all right, if nobody wants to think like long-term investors, then we'll find products that are, and the problem there was, we had an asset liability mismatch. We let people come out of the fund on any quarter, but we were making investments for long-term periods of time. And that doesn't work very well. It's like a bank. I give everybody, went to the bank to take their money. That's a problem. Cause there's not enough money for all the. Because they took $1 and lent it out 11 times and made lots of dollars. And there's nothing wrong with that. Fractional reserve banking is not in itself evil. It just, it operates on faith and custom where everybody doesn't run to the bank at the same time. And the same thing is true in long-term investments. If everybody wants their liquidity, they can't get it. So now we raise vehicles with longer-term lockups so we can focus on making those long-term investments.BZ: Interesting. Very interesting. So this kind of shifts and long-term cycle, or I guess midterm cycle, you were saying the 14 year investing in something that you're very convicted about, how did that fit into the endowment model or was that a kind of the next iteration for you?M: So it definitely fits into this endowment model of investing. But it was a discovery by being at the endowment actually. So I go back now and it's easy to tell the story because I grew up on the west coast. I grew up in Seattle and my dad sold and installed mainframe computers in hospitals. That's what he did cause they didn't have computers. And so if you go back to 1954, there was this innovation out in Boston, outside of route 128 around computing and suddenly companies could have computers. And 14 years later, there's an innovation out in Silicon valley on a microchip is suddenly computers can be smaller and companies like Intel and Cisco were formed and they did pretty well. Right then in 1982, 14 years later. And why it's always 14 years. I don't know exactly, but it's really because young people invent all the new stuff, because they don't know not to. And they don't know what they don't know. And so they just go ahead and do it. Marc Andreessen, 19 years old, he invented the browser. Larry and Sergei invented this company, Google, which I'll talk about in a second in their twenties. And so it's that young generation that gets innovation going. Cause the old guys are like, I'm fine. My flip phone is fine. I don't need a smart phone. And it's true. Confirmed myself that as I get older, but the key was I grew up in Seattle, many of my friends, they don't work anymore.They went to work for this little company called Microsoft. I was too stupid to do that. Now I defend myself saying if you've seen the picture of the original Microsoft 11, you wouldn't blame. Now there are multibillionaires. I'm not, I shouldn't make fun of them, but they looked pretty funny. We all looked bad in the seventies. Clothes were bad. Hair was bad. But look at the picture tonight, Google the original Microsoft 11, you go, oh my God, I wouldn't work for those guys either. So Steve bomber's mom said, honey, why would you work for that company? No one would ever want a computer in their house. He has 18 billion reasons. He was right. Mom was wrong. So 14 years later, I'm at my Alma Mater. I'm at Notre Dame and I'm working in the endowment office and we had the chance to make this investment in a company called Sequoia at the time. No one, not no one, but very few people knew who Sequoia was. It was not a famous venture capital fund. In fact, it was on the verge of failure because Don Valentine, the famous founder had hired this guy Michael Moritz, Michael was a wall street journal reporter. He had never done a deal before. The other partners like Don, what the hell? We're the future? Why are you hiring this kid? It turns out Michael turned out to be a pretty good investor, Yahoo, Google a few other things and maybe one of the greatest venture capitalists of all time, but we gave them 5 million bucks. They put half a million dollars in Google. And I actually remember. I remember saying guys, I don't get it. They're 20 search engines. There is web crawler and AltaVista and ask Jeeves, what do you need Google for? It's a stupid name. Now it's a verb, right? We totally reinvented search because Larry and Sergei young guys figured out that the way to do search is not to search the whole internet. There are 1.7 billion websites in the world. Half of them are owned by Google. What are you talking about, Mark? Think about it. When you start typing a question. They've set up a website for every question that has ever been asked. And as soon as you start asking the question, it directs you to a little tiny slice and they've already put all the information that you need to know. And sometimes maybe there's some bias, but that's how they do search and it revolutionized everything. And so we put in 500 K and we took out 200 million. So I now had this aha moment. This is a long story for an epiphany, but I had this epiphany that investing was about long-term investments in infrastructure companies around this cycle. And so 14 years later the mobile phone comes along and apple releases the smartphone The iPhone, their stock goes down 46. Think about this for a second. this iPhone and the stock goes down because people are never going to pay $500 for a phone.My flip phone is just fine. My Razor's awesome. Apple's now the biggest, most valuable company in the world. And I remember being back in Seattle at Craig macaws house, he was having an event for venture capital people. And Craig is a very famous pioneer in cellular telephony, the original flip phones. And I'm asked, as I asked his family office, guy said, do you think the mobile net will be as big as the internet? He's mark, you can me ask me if they want a computer? Yeah, whatever, ask them if they want a phone. Like I already have two, I don't need another one. So yeah, it's going to be a big deal. And what it did is it created the first network. 1 phone not valuable at all.2 phones, a little more valuable, 2 million phones, pretty valuable, 2 billion phones, really valuable. And the network effect is exponential and the people are bad at math. People suck at math, but that's just linear math. If I say what's two times two, both of you will say four. I say, all right guys, what's 17 times 23. I'll wait. That is the limit of human intelligence. The average person can not do 17 times 23 in their head. And so how are you at nonlinear? Exponential regression? Not very good. And so I do this challenge all the time. I say, take out a piece of paper, fold it in half, pull it in half again. I defy you to fold it seven times and it was a bag full of seven times. No problem. And they're like, whoa, okay. I can't fold it seven times. If you could fold it 20 times. It would be as high as your house. If you could fold it 30 times, it'd be the atmosphere. If you could get to 50, it'd be to the sun. And 100 is the known universe. So exponential growth is a really big deal. And so the network effect created these massive opportunities and the light bulb went off for me, just get in front of those waves. So buy things and you know how to find them, whatever the old people like me now say, will rot your brain or is a fad..anytime those two terms, come out, just buy it, tuck it in a drawer and go away.BZ: I love that guy that was going to be, yeah, that was going to be my follow-up ETF. And the 14 year pattern Have you seen that be very consistent? M: It's incredibly consistent and okay. What's amazing. So you went 1954 was the mainframe and they had four years, 1954 to 1958. We could make a fortune in deck and Wang and it's winching. Then you have a crash. Then 14 years later, 1968-1972 Intel Fairchild, et cetera. Then you have a crash then 1982 to 1986. Everything's great. Microsoft. Wintel. They have a crash then in 2010? No. Then in 1999, then in 1996, around the internet, 1996 to 2000, everything's awesome. Yahoo, eBay et cetera, Google, then you have a crash 2010 to 2014 to 2015. You have a little crash wasn't as big as the other crash, but there was a crash right now in 2024, which is the beginning of the blockchain era or the trust net as I call it. So the internet 1996, the mobile net 2010 and the trust net 2024. It's when everything in the world, everything in the world, everything of value, every stock, every bond, every currency, every commodity, every private piece of real estate, every piece of art, every collectible car, every private business, all $700 trillion of assets in the world will be tokenized. What does that mean? All a token is an entry on a block. It's an entry on a public ledger. That's all it is. It's not super crazy and exciting. It's really pretty simple, but it's code and we can trust code differently than we can trust people. And if you think about this, every technological evolution goes to making that trust in code better. When the internet first came out, people are like, I don't know what this thing isn't. It doesn't really work very well. And Netflix started a company and they're like, all right, we're going to use it. We're going to have video on demand. If demand is defined as four days, it took four days to download a movie. No one's going to wait four days to download a movie. So they almost went bankrupt and it wasn't until bandwidth was increased because South Korea innovated around broadband and suddenly you could deliver it in less than four days as a Netflix done pretty well. Pets.com. I'm going to deliver, pet food over the internet.Failed. It's the poster child of the failure of the internet, chewy.com. It's the same damn company, exactly the same, but we needed GPS tracking. We needed instantaneous access to information, to broadband. So it's these inflection points in technology and why they're 14 years. Again, it doesn't really matter, but it is very consistent. And so 2024, as great as it's been in blockchain and Bitcoin and all this other stuff, it hasn't even started. The players have entered the stadium, they're warming up. We haven't even played the National Anthem. And I was like, oh, it's the third ending? The eighth inning game. the game hasnt started.BZ:I think that's a phenomenal point because it's amazing how much we're already talking about Bitcoin and blockchain and web3. And it's The current figures are maybe 5% of the world has cryptocurrency. Like global adoption is still so early that it just seems like it's the next huge network effectM:If you overlay Mike, to that point, if you overlay the internet adoption and web three adoption or blockchain adoption, we're in 1997. Around the time when we invested in Google. And E-bay, I remember taking E-bay to our board at Notre Dame and they're like, let me get this straight. You want us to put money in a garage sale? Really? No. Think about this. So they were against it. The firm benchmark capital, some of the best investors on the planet they put in, they raised an $85 million fund, $85 million, not a lot of money. And they put a bunch of money into eBay, not all of it, but a decent amount. They took out $10 billion. The whole fund was a 96 X the whole fund. So she put it in a dollar, you got $96 back and on a garage sale company because people didn't get it or look at the market cap of PayPal today. And how many of the PayPal mafia are out there doing amazing things. humans are optimistic, right? If you weren't optimistic, you'd literally sit in your house in sheer shuttering because you wouldn't go outside. Cause you could get shot. He get eaten by a bear, all kinds of bad things could happen, but we're optimistic. And so we go on it's I always say, who was the third guy who went out to try to get a Mastodon with a spear? Cause the first two didn't come back. So who was the third guy who figured out, if he hit him right under the chin, you can kill the Mastodon. He was a hero, but, or who was the first person that tried surgery on without anesthetic before we figured that out. So we're optimistic and we try new stuff and that's good. And we have progress, but we're unable to imagine the unimaginable, right? We can't imagine. Right now we are talking to each other. We're actually, we're not talking to it. We're talking to a metal box, right? A metal and glass box. And it's coming in my glass metal and glass box into the airwaves, into a cell tower down through fiber optic cable out another cell tower into the airwaves, into your metal glass box and into your earphones in real time. Are you kidding me? I could imagine that 20 years ago, 30 years ago, no one. So it's really hard to invest for that long cycle opportunity set because you can't imagine. So who could imagine that money as we know it, which isn't money it's currency, the only money is gold because money is something exist in the absence of a liability dollars are not money they are currencies. But who could imagine that all of money will eventually be entries on a book? Not very many people. Yeah. It's amazing to me. And you spoke to this. The thing that we are the worst status imagining unimaginable, right? Cause we have a word for it that, that just goes to show you how big a bias it is.BZ: We have a word for it. It's unimaginable. And so I think the bias is to go, okay I can't do that. Or I guess the thought process is, I have this bias. I can't really know what's next because I can't see it. So therefore, I'm going to tighten my time horizon. I'm going to look for the short play I'm going to, and nothing against day-trading.I've seen it to be profitable, but I'm going to look for this short, interim intraday play or a week play or month play. At the expense of a longer term play, that may be an investment that may pay off 96X like, like the eBay story. And so it's a great, it's interesting that biting, there's nothing wrong with trading.M:There's nothing inherently bad about trading. It's hard. It's work and it goes to income and passive income and investing, we all work hard, right? We're doing what we do. We either create content or we manage somebody's assets or we make widgets, we all have this work that we do, but you think about it, the return on that, that work pales in comparison that if you can have something, take up a piece of real estate that you own, that someone else pays you rent and you make money while you're sleeping, it's actually a pretty cool or a Royalty. Think about Qualcomm that every time somebody builds an Android phone, they get paid. That's cool. And so they monetize their intellectual property and then you get into investing. Sure. If I can figure out if CEO, Adam tomorrow is going to wake up and do another great deal, like buying a gold mine, maybe I can get out ahead of AMC and it'll go up and I'll make some money, but what if he wakes up and he makes a bad investment, actually gold mines are usually are bad investments, but maybe this will be a good one, but what if it makes a bad investment? And it goes the other way. That's that? I don't have control of any of that, but if I can Intuit that, let's see. All right. Blockchain technology is really just an operating system for this injured, connected everything. Okay. That's interesting. So what makes money. When goods get traded marketplaces exchanges.So what if I just own a little piece of one of the exchanges like Coinbase, it doesn't matter if the price goes up, price goes down, people got to trade it. They take a cut. That sounds pretty good. If you look exchanges or there's the NASDAQ exchange with London stock exchange or the Brazilian , all of those have been great investments over the long term. Even the LME before they killed themselves the other day, by letting the Chinese billionaire say, "oh, I'm sorry. I know I lost money, but I'm not going to let you take it from me." And they screwed everybody else. Just mind numbing, how to destroy the capital of a business and one easy lesson, but there's time arbitrage. Right? There's short-term thinking I got this angry Chinese billionaire, right? Who's given us a lot of commissions saying he's not going to honor his margin call and I'll just cancel all the trades. That sounds good. Oh, shit. I just killed the golden goose because now no one will ever trust my exchange again, ever. Let's go to a different exchange. That's negative time arbitrage.BZ: So the way to, and I guess I, wasn't trying to position, day trading versus long-term investing because you're exactly right. They are very different. I guess my question that I was building to is with that bias in mind.How do we look at all of the trends that are out there, right? Because we could make an argument for metaverse right. that is the next 14 year cycle. Not withstanding there's crossover between the two, obviously, not withstanding that crossover. Okay. This is what I'm going to do. Or quantum computing, this is going to be the next large leap in computing technology. We're going to be able to calculate things we've never been able to before. So how do we think through these things that we might be seeing as trends or fads? And I like your rule earlier. Okay. "If some old fart says, oh, this is just a fad buddy, look into it." But how do we think through that? I tend to be more cynical. So I'm thinking, all right, great. We have all these trends. But how do we imagine the unimaginable? Sounds like a riddleM: it's the question that all of us should be spending at least a little time on, in fact, one of the best things to become a better investor is to spend some time every day or at least every few days just away. Not staring at your screen, take a hike, take a walk, meditate, whatever it is, and actually just think and try to cobble together these ideas because you're a hundred percent right. But the metaverse oh it's just Facebook. No, come on. Just think about that one for just one second. The metaverse is the decentralization of technology and the eraser of nation states and industrial conglomerates. That's clearly what the decentralized world is. So the idea of a centralized organization being the metaverse, it's an oxymoron it's jumbo shrimp, or military intelligence or whatever, and it just doesn't work. but the metaverse is big. Okay. So most, so maybe the metaverse is this next trend? And my 14 year cycle is all about computing power mainframes, microcomputers personal computers, internet mobile net trust net. And to your point, maybe the next is quantum net actually like that. I'm going to think about that a lot. Im going skiing next week with my son. So there are other cycles could be coincidence with the same 14 year cycle, or maybe they could be offset maybe within the 14 year cycle. There's a seven year offset for these other secondary or second order effects. Yeah, the metaverse is clearly something that, that is created out of this innovation around computing power. And so we do have to think, okay what does that mean? Does it mean I should invest in these centralized organizations that are renaming themselves? It's like when we were in long island ice tea named themselves long island blockchain stock went crazy for awhile, but what do you do? You don't do anything in blockchain. you make tea, but it's a great meme play, right? But they did it in 2000 and last bubble. I lived it and I, we invested in a company, true story called art technology group and what they did all this company. Did they help companies change their name to die? Because if you change your name to.com price went up. So these guys actually then listed as a public company. They were consulting company, long story short. We'd put some money in, through a firm called tutor ventures up in Boston. And our cost basis was 50 cents. The stock went public at a hundred dollars. Okay. So maybe 200 times our money. And I called the principal and I said, what should we do? He says, I'm an insider. I can't really talk. But I can tell you two things, revenue is 6 million market cap is 6 billion. And there was a silence. He's mark, did you hear me, Mike? Yeah. I heard you ı was like SELL, GET RID OF IT NOW! Here's the crazy part. It went to four. So it went down 96%. And I think about that at four, it was still an eight. Off our call list, but we sold at a hundred made 200 X. But the thing is that company didn't do anything. And these, so the third part of the question is, so you've got the main wave then how do you have then do you have these other opportunity waves, but then you got the scams that come into it that you want to avoid. So there's lots of crosscurrents and how you try to think about these big themes. But then the other thing is if you spend too much time thinking about it and not enough time acting on it, right yet, paralysis by analysis, you miss all the opportunities. And this is, to me, one of the things that's most, most important about investing is winning investors.Great investors lose more often than bad investors. They do win a lot, but they lose a lot. The reason losers, bad investors don't win or lose. They don't do anything. They're so afraid of losing that. They don't actually commit capital. So to your point, rather than try to figure out, do I, can I figure out which is the one I like to put bets and there are bets in a lot of different places. And then when things start to go double up, most people want to double down, right? When things go against them, they want to put more money in to prove that they're right in the market's wrong. The market is never wrong. The market is always right. You are wrong. And when we make mistakes, it's okay. As long as you Ralph. Okay. And we need to talk about this. Cause cause from Dean Smith and it's March madness and Tarell's play tonight, so recognize them. Not that hard. It's usually right in your face. Here's the hard part. Admit it. Yes. I made a mistake. there was a show on TV a hundred years ago called happy days. And there was this guy, Arthur Fonds rally, the cool guy. He said, Hey, and he couldn't say the word wrong. He couldn't say the word wrong. You got to say, you're wrong. Then you got to learn from it. Most important thing. And thinking investing is with every investment we get richer or wiser. Never both. We either learn something or we make money because when we're right, we don't actually analyze. We just say, oh, look how smart we are. Whoa, of course it was so good when you lose money and then you've got to forget it. And the forgetting is really important. And this goes to the other great coach who is still in the tournament as well. University of duke at Durham down the street, coach K has this great line. He says, you know what? Separates great. Players slash investors from the average? No, he says the greats focus on the next play. Watch the tournament game tonight and see how many times did you, so miss a shot go down and commit to a stupid foul. Cause they're thinking about the shot, a great player, doesn't even remember taking the shot, goes back, plays good, different defense steals A ball makes a layup.Bad investors they're constantly focused on, oh man, I'm a mistake. And I just can't believe it. It. Got to learn from it, but you got to erase it, forget it and go get the next up.BZ: Individual plays versus ETFs?M: You guys probably both play Fortnite. I watched my son play Fortnite. Does he take a shotgun or a sniper rifle? He takes both. Cause a shot is really good in some situations and the sniper is really good at another. So yes, the answer is yes. You definitely want a spray and pray and the whole spray and pray.I prefer spray and then water, the seeds that start growing. Okay. That's better to me and I pray a lot too, but hope is not an investment strategy. Hope is a four-letter word, particularly in investing, but the sniper rifle a hundred percent. And here's the thing. If you're willing to do the work, the sniper rifles really awesome, because if you actually will do the work that most people won't, then you get a better shot. And if you take that better shot, you can make a lot more concentrated portfolios, make you rich. Every great fortune in the world came from constant. Concentrated stock position, concentrated real estate position, contrary to business ownership, every fortune start with concentration. Now the joke is how do you create a small fortune start with a large fortune and stay concentrated, concentrated long enough competitors will come up and chip away and take all your wealth. So diversification keeps you rich. So if you are in the business of making money, which when we're young, we should be and ice. And I'm really good at talking because I sucked when I was young. I didn't do any of this stuff. I talk about. In fact, I sent a pre out to myself the other day, maybe a year ago, advice to my younger self, all the things that I did wrong, that I want people not to do wrong. And the key somebody asked me, how do you become a better investor in. Like all the time, a lot, like all the time and do the shotgun and do the sniper. And, but when it goes against you just move on, just sell and move on. And when things start going, don't pull your weeds. Don't pull your flowers, right? Peter Lynch has this great line. He says, investing is super simple. You pull your weeds and you water your flowers. But he says, the average investor does the opposite. They pull their flowers. Cause they're so afraid to loosen and they water their weeds because they want to prove they're right. Soros is not whether you're right or wrong. That has nothing to do with anything. It's how much money you make when you're winning, how much money you lose when you're wrong. And if you can constantly minimize your loss. First loss of the best loss and let your winners run and then do that work so that you think about a sniper. You guys have seen the movie sniper? .Does he just like randomly pull the thing out of his bag and then start shooting? No, he plans. He sets the stage. He gets where no one can see him. He's got the stuff, the cammo on. He lines up the shot, he waits and he makes the kill. So it's not like that's planning. And so if you do the work you set the stage, you do the plan, you get the cammo, you get the right rifle. You get the right ammunition. Yeah. You'll make some, you make some great investments. But that does mean an ETF is bad. Now the problem, the only thing on ETS, just make sure they actually do what they say they're gonna do in what you name the ETF. So you could have value ETFs that are filled with 30 times revenue. These is crap companies. Yeah. It's not value now, but the new value when it goes down 95%. But, and again, this personal experience. So when I, my first job, I had a 401k and, we had six options and one of them was the blue chip growth fund. And I had a thesis that the world was going to get lousy. This is back in 1991, 1992. Oh, we're going to have recession. I'm like, I'm going to put my money in the high quality blue chips. So I moved all my money there and we had the recession just like we thought, and this thing went down 40%. What the fuck? Probably shouldn't say that, but what the hell? And I go on, I look and it says in the footnotes though, "the blue chips of tomorrow" What the hell? This is my fault. I didn't read. I gotta pull that prospectus.BZ: It's interesting. I want to go back to what you said earlier, And I agree with everything you said, and I think it's actually one of, one of the episodes we recorded about two months ago. At this point we talked about just thinking about. How you invest in approach money and what are your biases and knowing yourself. And so for me, I know that I am very bad at acting quickly.I take, and I do the analysis paralysis. For me at certain points and this is one of them right now. I don't have the time to go and research and then implement and act quickly. Cause I know I won't. So I'm just going to buy a bow broad basket for now and hold it. And then like you said, in your answer, there's different ways to double down and concentrate, right? Whether that's your skills, whether that's, I'll say starting a business, right? So there are different ways to think about investing, especially as an individual. And so I, I'm interested to hear what you would say about the asset allocation portion that you said earlier, that's almost more important than picking the winners and losers because it seems like you can build a great portfolio that has a phenomenal asset allocation out of individual stocks, right? And individual positions. You can also do it with ETFs and it might be easier for the individual to do that. Factor in a lot of things. You've got to do your research on those ETFs. You can't be buying on the name of the tick thing, but it's that's the answer more than one or the other, right?M: Yup. No, you're a hundred percent right. Austin and the ETFs are an amazing tool because they give you big swaths of the canvas. So if you think of a canvas and it's got all the different colors all over and, international and emerging markets and developed markets and equities and fixed income and commodities and currencies and derivatives and leverage and all the things that you need to build a diversified portfolio. Using individual securities, you can do it. It's hard, like super hard because you got to decide, okay, I want autos, but do I want European autos or Japanese autos? Or, what about this Tesla thing? Is that really a car company? Oh, I thought it was a software company. It's a car. It sits out, it collects dust, just like every other car. And, oh, by the way, you're only in your car 3% to 4% of the time. Think about that. You're inside your car 3% to 4%. So I would say don't spend a lot of money on cars unless you're like really into cars. But the interesting thing about all of this is how you build that portfolio is important. So if you think about the four steps of investment asset allocation, manage your selection, portfolio construction and security selection. So the 85% is in those first three, that is the allocation piece. And then the security selection piece is the 15%. So it really doesn't matter over the term, whether you own Ford or GM, it actually doesn't. In short periods of time, it can matter a lot for sure. But over long periods of time, it's less important than knowing should I be in automobiles or should I be in flying cars or should I be in, whatever. So the big picture asset allocation, should I be in stocks or bonds? Credit or equity, should I be in currencies or commodities? Should I be long biased or should I be long short? Should I be fully hedged? Should I be in cash? Should I be in, in emerging markets or international? Where's the growth, all of those big pictures. It's those asset allocation decisions are really important. So that's where I always start. And I try to come up with five big themes 10-year trends that I think are going to drive investment and growth. And one of mine is the middle classification of the emerging markets, right? There's about 3.5 B that live at middle-class or below around the world. Most of them in Southeast Asia and. Most of them are going to move up. And it's just math got to move up. Now, China alone, China took 750 million people out of abject poverty and put them in the middle-class over the last 30 years. I don't know. Maybe those people that want to move up. They've seen Dallas. They want that life. So there's probably some opportunities in retail and consumer in China over the next. Give or take giving us the size of the U S and Europe put together. So that's a big thing. How do you play that theme? I could buy a and have bought this ETF called K web. Why? Because it owns technology companies that are making those middle-class lives better now marked I think is down 90% in the last year. Yup. So I bought it two weeks ago because anytime something's down that much, you gotta buy it. It doesn't matter what it is. If something's down 90%, you got to buy it. And so how else would you play the growth? The Asian consumer commodities is going to be more in demand. So I play it that way. Then you got to say how am I going to implement? That's the manager selection piece. So manager selection. I could do it myself. I, Mike and I could go decide, we're going to go rifle, shoot. We're going to sniper. And we're going to pick the stocks. SoI'm going to buy Alibaba. I'm going to buy jd.com. Totally fine. Totally acceptable. But what if we miss Mae Twan? What if we miss Pendo that K web is going to have them all. So that's outsourcing the manager to the group. That's doing that. Now the challenge with that is you got to pick between the managers and Howard marks has this great line. He says the problem with picking managers and picking people to manage your money is you have to decide between the good person who sounds good and the bad person who sounds good. They don't let the person who sounds bad, make the presentation. And it's so true. They all sound awesome. But then there's portfolio construct. This is, let's say I pick 10 things, either individual stocks or ETFs or hedge fund managers or mutual funds. I got 10, 10%, each 50% to one and 5% to the others that matters. It matters a lot actually. And there's capitalization waiting. There's equal waiting, there's rebalancing or not rebalancing. So all those portfolio construction things matter. Now the nice thing is most of us, we have lives. So it's like the cobbler's kids who have no shoes. We intend to manage our portfolio and we intend to rebalance and we intend to do all the work, if I look at my IRA, I have this little IRA from your way back when, and I look at that relative to the things that I do, or I just put it in my funds that are managed by people in my firm. It ain't close. You have all these great ideas. Why didn't you just put them in your IRA? Because I got busy and I didn't do it. And I wasn't smart like Peter teal to put in, private shares, which is what I really should have done, should put private shares at Morgan Creek. And then I should have written them down to the, basically zero in the global financial crisis like he did. And so then he gets this big basis and it created billions of dollars. Now I wouldn't have created billions of dollars, Peter is a genius. He's a mad genius, but anyway, so it's a long way of saying allocation first, spend your most time there because it's the most impactful. And particularly for younger investors, I have this thing that don't listen to anything I, or any other pundit on diversified portfolios and portfolio management. Under 60 years old, don't listen to that. Just concentrate on venture capital, equities tech. Like I believe it's not hyperbole. I believe it should be against the law for 25 to 65 year old people to own bonds. It is the waste of time and money. You don't need the volatility reduction because your volatility reduction comes from your future earnings. That is your fixed income.BZ: What are your emotions and feelings looking at blockchain now? Is this kind of is this really exciting?M:Oh, my God. It's the greatest look. It's the greatest wealth creation opportunity. I'll see in my lifetime and I'm gonna be around a long time. I got an 11 year old still. So I, I have this funny thing, we're a good Catholic family. I joke we had nine. We just skipped the middle six. So we have two older kids and a baby. And so we're going to be, I'm going to be around a long time. We'll be working for a long time. And so I'm not going here, but this is the greatest wealth creation opportunity I've ever seen because we're building on great tech. When you built the internet, you were building on shitty tech client server technology is really bad when you built the mobile net. You're building on pretty good tech. The internet was pretty good, but now you're building on top of an installed mobile net infrastructure. That is extraordinary and blockchain is a technological advance that is not linear, but exponential. So all these things are incredibly powerful. So I look, I got exposed to blockchain and Bitcoin in 2013. I didn't understand it. And so I was not a cryptography student and I missed it. I got blockchain, I got infrastructure my whole 14 year cycle thing and have done quite nicely. We've made good investments in infrastructure but I missed the opportunity of, a generation to really be early in, in behind joke that I got introduced to it the same month as the Winkle vie. And they're multibillionaires and I'm not. but there's a movie called the graduate and the graduate. There's a scene where he's asking his uncle for advice is one word plastics, go into plastics, which was good advice in the sixties. And today I said one word, "Jack blockchain go out to California. He wanted to live in San Francisco, said, go work at Coinbase." And he goes out and he interviewed and talks to people and it's I don't know, dad, maybe it's gonna be a big deal. I'm just going to KPMG safe. Gets me to San Francisco. " you're going to hate it whenever he did hate it. Quit after nine months" Coinbase goes public. Cause I find the right should have gone to Coinbase, but not as bad as you think you are. I might go, oh, do tell. I told you to go to quit, but you didn't lever up the house and put on Bitcoin. I'm like, "oh you a little shit." Okay. That's fair. No, one's crying for my son. Cause he works for snowflake and he's doing great, but, and I'm really proud of him, but I think it's interesting. It's a long winded way of saying I have never been more excited in my life. I've never had this much fun in my whole career and I loved my career. I loved every stage of my career. But my career has been in chapters, right? Chapter one, I work for not-for-profits. I was an allocator. I had fun. I loved it. I got second income working for the universities. Chapter two, I built a really nice asset management company, Morgan Creek, capital chapter three three years into a 20 year stint of tokenizing the world. And I really am having more fun. Now I get to hang out with young, smart, really creative people. I'm seeing technological innovation like the world has never seen. I now spend all my time doing venture capital, which has just so much fun backing founders and watching them build things. And it's, again, back to that long game, if you think that there are only four ways in the world that you can make money, all four require you to take risk. If you leave your money in cash, you get the risk free rate. Hence the name because you're not taking any risks. And unfortunately, if you do that, all your wealth is chewed up by inflation, right? Leave your money in the bank today, you get less than one. Inflation is eight, that sucks. So you gotta take risks. You can take credit risk, first risk.You can buy a bond. Now bonds are an actual claim. If you don't get paid, you can Sue pretty good deal. But you don't get paid a lot. You can take 2% above Risk-free rate not a very good deal. Look at bonds day, 2.4%. Woo big deal. And then you can take equity risk. Second risk equities are contingent claim. Meaning you only get paid if all the bond holders get paid. And so that's, that makes 7%above risk free rate. That's pretty good. So equity should be at the core of your portfolio. Then you can take illiquidity risk, private investments, private equity, private real estate, private equity, private debt, better get 5% more, 12% above risk-free. Awesome. 14, 15% compounded venture capital, even higher. And then you can use structure or leverage and leverage cuts both ways. Sometimes it's good. Sometimes it's bad, but illiquidity and venture capital and innovation as an asset class. And for all the ribbing she's taken, Cathy Wood is exactly right. Innovation is an asset class. It is where you want to invest for the longterm. And that's what I'm doing right now.BZ: That's amazing. Mark. It's been so good to have you on, I know we're running out of time here. But it's just been an absolute pleasure for both myself and Austin. Thank you so much for the time.M:I appreciate you guys having me on the show. I love this. That you guys are doing a show on the longterm, instead of all the day trading stuff again, nothing wrong. Day-trading totally fine. But sometimes you got to step back, take a hike, think big thoughts and really enjoyed the conversation to appreciate all your hard work, getting ready for it. And we'll talk again soon.Support this podcast at — https://redcircle.com/the-long-run-show/donations
Noemi Planas, general manager of WIN, on the Worldwide Independent Network turning 15 and activities to celebrate it. She talks about how WIN was created, defining moments and how they connect independent music associations globally. Noemi also highlights WIN's annual conference WINCON, The Fair Digital Deals Declaration and WINTEL. She also shares what they're currently working on and their plans for the future. As usual, discover what's on her playlist.On Noemi's playlist: Tu Que Vienes a Rondarme by Maria Arnal i Marcel Bages
Live conferences have an opportunity to come back and they are powerful. To be in that energy and that love in that community. It plants the seeds for a new vision of how I can be of service to my community. And I realize that the relationship with my boys is healed. Administrative: (See episode transcript below)Check out the Tools For A Good Life Summit here: Virtually and FOR FREE https://bit.ly/ToolsForAGoodLifeSummitStart podcasting! These are the best mobile mic's for IOS and Android phones. You can literally take them anywhere on the fly.Get the Shure MV88 mobile mic for IOS, https://amzn.to/3z2NrIJGet the Shure MV88+ for mobile mic for Android https://amzn.to/3ly8SNjGet A Course In Miracles Here! https://amzn.to/3hoE7sAAccess my “Insiders Guide to Finding Peace” here: https://belove.media/peaceSee more resources at https://belove.media/resourcesEmail me: contact@belove.mediaFor social Media: https://www.instagram.com/mrmischaz/https://www.facebook.com/MischaZvegintzovSubscribe and share to help spread the love for a better world!As an Amazon Associate I earn from qualifying purchases.Transcript: Mischa Z: 00:53 Oh my gosh. I better start recording quick. I'm looking at the battery power on my phone and it says 26. And I'm actually trying recording with a Motiv video app. It turns out there's a Motiv video app. So I have this portable mic, the Shure MV88 for an apple, the MV88+ for um, Android. You can go to my show notes, click the link and support my efforts. If you're going to get one of those mic by purchasing through my, um, through my link, I am an Amazon affiliate. You'll get the same great price that Amazon has to offer. You just will be supporting me and my efforts. So if you're going to buy a mic, grab one of those two, they are the best. I have them both. Use them for my eye pads on my Mac's or your Wintel or whatever it is. Um, I think Wintel just gave away my age. Do they even say Wintel? Tell anymore? Um, anyhow, I needed to pull out the mic. I needed to start recording. I was just at Funnel Hacking Live Funnel Hacking Live. You can go to www.funnelhackinglive.com/2022 and get tickets for Funnel Hacking Live 2022 October in Orlando, Florida. I just got done. It was awesome. It was epic. Dare I say, life-changing dare I say life-changing there. Um, there as in not they are, but they're.Mischa Z: 02:52 Oh my gosh. I can't tell you how many thoughts I have going through my mind right now. Um, I did not record. I was there from Tuesday. I jumped on a plane Tuesday, September 21st, 2021. And got home Sunday, the 26th, September, 2021 and did not record one episode. And, um, it's full on at that Funnel Hacking Live so full on, I mean, all day, every day. What there's 2,500 people there live. 2000 people, 3000 people, um, that, uh, zoomed in. It was sold out, which is pretty crazy given the environment. I am Vaxxed. This is not to say whether that's good, bad, whatever, alls I know I was inspired to go. I did. And, uh, pretty cool because, oh gosh, let's see. Why was it cool? One thing is that, you know, conference live conferences, at least in the moment in America, um, have an opportunity to come back and gosh, how powerful are they so powerful to be in that energy and that love in that community. Funnel hackers, where we are...I'm going to say, I am part of the family.Mischa Z: 04:27 I am all in. The Kool-Aid you see that big jug of Kool-Aid squarely on the table in front of you. I am drinking that Kool-Aid oh, yes, I am. I am being indoctrinated into the system and thank God. Um, where, where do I want to go with this? Um, where was I going with all this I'm indoctrinated into the, um, the community, the Funnel Hacking Live community. As a matter of fact, I sort of went backwards into it though. I started with the high end coaching program, the Two Comma Club X, which is like expensive entry into it. So glad I did it still, it will be re-upping of course, as I record this. Um, but it is a financial commitment and my heart pulled me to it. I signed up, this is back in actually September of last year, um, probably a year ago to the date as I record this, which is pretty awesome. Morning. Um, holy mackerel, you know, I just have a new vision of how I can of service to the world within this community. Um, there was one of the big moments was as I was flying there.Mischa Z: 06:13 I super cool, actually on the airplane, I wrote the email that went out to my email list. Hello, any of my beautiful email list listeners. I just thought it was so cool. I bought my iPad so I could do all this. I bought an iPad that iPad Air 4. I'll be sure to get that link up on the, um, on, uh, on, uh, my Amazon, uh, page or on my, uh, that link in the show notes. And again, please support me, right? Like part of this whole thing is, uh, is, uh, you know, we, we, uh. It's a labor of love for me. And, um, anything you can do to support that, um, I'm asking you, I, I, whatever, just... I'm and part of that as I go sideways again, is that I've really realizing how can I support other people and, and how can I click on their affiliate links and buy through their, through their channels?Mischa Z: 07:26 Cause at, for a time I would have a propensity to want to go direct, but people are putting their spirit into efforts and why would I feel the need to bypass them? I don't anymore. And I see it now, I got a friend who makes sunglasses and, um, I can get a discount from him. I'm sure. Actually not. I'm sure I have in the past, he makes incredible 3 D printed sunglasses. They're amazing. And they're made with, um, out of castor bean oil. So castor beans. Like they grow, it's a weed, at least in Encinitas, it's a weed and they grow. So you can make 3 D printed goods out of weed beans that are amazing and beautiful and functional. And you're not perhaps adding to the, um, the fossil fuel dilemma. Wow! I've got so many paths going. So I'm flying on the plane.Mischa Z: 08:46 I believe I know how I'm supposed to serve my audience. You know, I, I went through this major, uh, people in my life where I quit my career and, uh, you know, did this amazing work, um, a big chunk of it was with Kyle cease. Kyle Cease has what's called the Entrepreneurial Journey. No, it's the Complete Journey. He also has the Entrepreneurial Shift. I did them both, but the first big, big, big shift for me and some of my darkest moments of desperation when I was willing finally, to be open to some outside help was I dove into Kyle Cease's program, did his Complete, what's called the Complete Journey. I encourage anyone to go do it. That is not an affiliate link for me, but Google Kyle Cease's Complete Journey. Don't think buy, buy it. Anyhow, I did that. And, uh, it, it was a major transformation for me. It was a catalyst to me, healing relationships with my children. And I had this major, massive moment at the FHL 2021, where I just was where Tony Robbins was speaking. And he had us do this exercise, gratitude exercise. And I just realized how healed those relationships are with my two boys Cooper and Waylon who are 18 and 20. Love you boys. Um, like this, this, I was sobbing with gratitude.Mischa Z: 10:33 Two guys were there with me. I mean, there were thousands of people there. It was mayhem. And, um, and, uh, who was it? It was Rick, Rich Hayhurst. He's amazing. Google him and James Mays. James Mays owns a music school that a School Of Rock was based on, uh, James, sorry to call you out. Right. Cause well, but both amazing gentlemen, you should Google them and take advantage of their services. So Rick helps with, uh, internet marketing and, uh, he's got a company called Blitz Blitz B. Anyway, I just say that because I I'm just checking time. All right. I'm going to have a part to, uh, I'm just saying that because listen for part two and I will continue the story love to all, that's what we call an open loop. Okay. Peace out. Thank you.
iPhone 13 reviews are out! What does the majority say about Apple's "better than ever" flagship? Could this give way to a Google home run with the Pixel 6 line gaining more steam? "Wintel" seems to be rearing it's ugly head. All of this and more on this weeks episode of Jaydan and Laramie Talk Tech. Links: Apple quote on USB-C You can also watch this episode on YouTube Follow us on social: Instagram Twitter YouTube
A version of this essay was published by swarajya magazine at https://swarajyamag.com/technology/has-apple-peakedApple CEO Tim Cook recently celebrated 10 years at its helm. It is the most valuable company in history, at about $2.5 trillion -- an unimaginably stratospheric number -- and Cook has steered it to its massive valuation. That is a surprise to many who thought Cook, basically an operations man, would never be able to fill the shoes of the flamboyant and dashing Steve Jobs. Cook has indeed done a remarkable job of steering Apple. But what next? The last real innovation Apple produced is the iPhone, and that was a while ago: 2007, to be precise. It is still a huge money-spinner, but where exactly has Apple innovated since then, except in minor, supporting products like the Apple Watch and the Apple Airpods? There is an interesting claim by management theorist Simon Sinek that what distinguishes Apple is the ‘why?’ question. Why does Apple exist? Well, in Steve Jobs’ terminology, it was to make “insanely great products”. As Sinek would say, “Want to buy one?”. Jobs saw a lot of wonderful new technologies at Xerox PARC and intuitively understood how these were transformative, and so he adapted them. In stark contrast, other technology companies have mundane goals: profit margins, market penetration, etc. But that differentiation -- design excellence -- may well have walked out the door with the exits of Steve Jobs and Jonathan Ive, the chief designer. And brilliant design doesn’t always succeed, unless you are able to respond to the unarticulated needs of the people who will buy the products (which is the gospel of the discipline of ‘design thinking’, which, confusingly, is not about design per se but about solving problems the way a designer would).Apple did have its share of fiascos: for instance the hand-held computer (personal digital assistant) named the Newton. Its demise almost brought the company down, and led to the exit of Jobs. On the other hand, the original Macintosh was a thing of beauty, and it was vastly superior to the competition. But my question remains, where is the innovation today? I hear there’s an Apple Car coming, or Apple Glasses, but they are not really “wow!”. Apple always shows up at the top of the list of innovative companies, but that is mostly resting on its laurels.I must make a disclaimer: I have a love-hate relationship with Apple. The very first computer that I personally owned was a Macintosh Plus that I bought for a princely sum even though I got a university student discount. It was the obvious choice at the time: along with a dot-matrix printer it enabled me to produce presentable reports, graphs and term papers. The alternative on offer was DOS-based PCs, which, although they had Lotus 1-2-3, were distinctly user-unfriendly and far less appealing. Source: Macintosh Plus, Photo by Thomas Millot on UnsplashThat Mac lasted me a long time: robust, rugged and reliable, in an all-in-one, portable chassis. Later, while working in Silicon Valley, I bought my second Mac, a Macintosh 2. This was a more conventional device with a separate monitor and CPU box. I bought it at a sale when the company Go went under: it was developing an OS for handheld devices, but it ran out of runway. To be honest, I didn’t like that Mac as much as the earlier one. But the real surprise came when I decided I needed a laptop a few years later. I found out that Windows-based laptops had come a long way, and I could buy one for roughly $1000, which was significantly less than Apple’s laptops were going for. So I bought a Toshiba; I have never bought an Apple laptop, although I had one from work a few years ago. It was nice, but for an office worker, and not a media creator, it was not more appealing than a Windows laptop. These days I am happy with my Chromebook, using a Windows machine only to run specialized applications, or some like Audacity that don’t run on the Chromebook. That sticker shock was the turning point for me. Maybe I was wrong in turning down a better put-together product than the average Windows laptop, but I was not willing to pay a premium for a consumer item. I may have been wrong, because my average Windows laptop has had a lifetime of only 3-4 years while the Macs, I hear, do not get obsolescent so quickly. I hear this about iPhones vs. Android phones too. I didn’t realize it then, but the issue I was up against was Apple’s business model of detailed control over everything. That makes the Apple ecosystem both attractive and forbidding. On the one hand, if you are willing to cede control to Apple, then you have a smooth and pleasant experience. This is what has created legions of Apple fanboyz, who are totally happy with the walled garden, and have no wish to exit. Oddly enough, Apple has become the Big Brother (albeit more benign) that it lampooned in the famous 1984 ad. There is a nice contrast between Apple’s highly integrated model (which incidentally ensures fat margins) and the Wintel model. I would certainly not call Wintel an ‘open’ system, because it was zealously controlled by Microsoft and Intel, but it was (is?) a disintegrated model, because although the principals held the IP tightly and extracted monopoly rents, there were opportunities for third parties to exist, and even thrive, where the two were not present. And they were not ubiquitous, unlike Apple in its own stack. Source: Strategicmanagementinsight.comWhich is the better model? There is no straight answer. Today Apple’s model is incredibly successful. Earlier the Wintel model was incredibly successful too. One of the concerns about Apple going forward is that it may have reached the end of this business model. They are trying to reinvent themselves as a services+product firm, but we will have to wait and see. There are several other issues. The first is, simply, size. It’s hard to sell more iPhones than there are people in a country, I suppose, even if they can afford them and want them. So Apple as a matter of basic economics will slow down, and its juicy profit margins will erode. In fact, I am rather amazed that there aren’t passable Chinese clones of Apple products. Maybe it’s the deterrent effect of Apple’s fearsome lawyers.Or maybe it is the symbiotic relationship between Apple and China. There is the famous story (it may be apocryphal) that the iPhone originally had a plastic screen, but Jobs found it scratched up easily, so at a late stage he insisted on a glass screen. The story goes that the only place where they could quickly ramp up and find enough people to cut and process the glass was in the factories of Apple’s Chinese partners. Source: Photo by David Švihovec on UnsplashSo the supply chain relationship between Apple and Chinese OEM’s has been good for both. I’m not sure if this will be feasible going forward, as there is a general intent on the part of the US to decouple from China (although this is opposed by both Big Tech and Wall Street). So this happy state of affairs in supply chain management is under threat, which may either increase Apple’s costs, or end up in Chinese erecting barriers to market access, or both.There are some clues in China’s recent clampdown on its own ‘high-tech’ companies like Alibaba, Didi Chuxing, etc. that China views these mostly e-commerce entities with disdain, preferring to direct investment towards the harder technologies such as, perhaps, quantum computing, biotechnology, energy, etc. They may well be right. Apple has more tangible products than Microsoft, Alphabet, Facebook, et al; still, when they all announced record earnings in July, investors were a little sceptical about future prospects.My feeling is that these Big Tech firms are sort of moving the deck chairs around on the Titanic. Their core businesses are plateauing, and they will have to enter into each others’ areas to sustain their growth; thus Apple is rumored to be building its own search engine (though it gets some $10 billion dollars from Google to be the search engine of choice on iPhones) and even an advertising platform. But the problem is that they are all following a model of advertising-led revenue (although Apple protests that they do not sell, or have to sell, their users’ data, I suspect they will not let go of user data that easily) or what is known as ‘surveillance capitalism’. This is already raising hackles among consumers as well as regulators concerned about monopolies, which these Big Tech firms do have in their niches.There is an increasing trend towards anonymity or even pseudonymity, and I suspect a business model will emerge where users keep their data to themselves, or demand payment for it. That may put a major crimp on their businesses, that is if the regulators don’t get to them first. There have been record fines imposed by the European Union, Russia, etc on these Big Tech companies, and the US competition authorities may weigh in as well.Whatever goes up will come down. We just don’t know when that will happen. It is certain that Apple will fade, as other champions have, for instance IBM or Toshiba. The question is when. My belief is that the best days are behind Apple, but I have been wrong before, so don’t count them out. The structural and environmental changes we see now argue that Apple is past its best days. 1600 words, Aug 30. 2021 This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit rajeevsrinivasan.substack.com
About CraigCraig McLuckie is a VP of R&D at VMware in the Modern Applications Business Unit. He joined VMware through the Heptio acquisition where he was CEO and co-founder. Heptio was a startup that supported the enterprise adoption of open source technologies like Kubernetes. He previously worked at Google where he co-founded the Kubernetes project, was responsible for the formation of CNCF, and was the original product lead for Google Compute Engine.Links: VMware: https://www.vmware.com Twitter: https://twitter.com/cmcluck LinkedIn: https://www.linkedin.com/in/craigmcluckie/ TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at the Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part my Cribl Logstream. Cirbl Logstream is an observability pipeline that lets you collect, reduce, transform, and route machine data from anywhere, to anywhere. Simple right? As a nice bonus it not only helps you improve visibility into what the hell is going on, but also helps you save money almost by accident. Kind of like not putting a whole bunch of vowels and other letters that would be easier to spell in a company name. To learn more visit: cribl.ioCorey: This episode is sponsored in part by Thinkst. This is going to take a minute to explain, so bear with me. I linked against an early version of their tool, canarytokens.org in the very early days of my newsletter, and what it does is relatively simple and straightforward. It winds up embedding credentials, files, that sort of thing in various parts of your environment, wherever you want to; it gives you fake AWS API credentials, for example. And the only thing that these things do is alert you whenever someone attempts to use those things. It's an awesome approach. I've used something similar for years. Check them out. But wait, there's more. They also have an enterprise option that you should be very much aware of canary.tools. You can take a look at this, but what it does is it provides an enterprise approach to drive these things throughout your entire environment. You can get a physical device that hangs out on your network and impersonates whatever you want to. When it gets Nmap scanned, or someone attempts to log into it, or access files on it, you get instant alerts. It's awesome. If you don't do something like this, you're likely to find out that you've gotten breached, the hard way. Take a look at this. It's one of those few things that I look at and say, “Wow, that is an amazing idea. I love it.” That's canarytokens.org and canary.tools. The first one is free. The second one is enterprise-y. Take a look. I'm a big fan of this. More from them in the coming weeks.Corey: Welcome to Screaming in the Cloud. I'm Corey Quinn. My guest today is Craig McLuckie, who's a VP of R&D at VMware, specifically in their modern applications business unit. Craig, thanks for joining me. VP of R&D sounds almost like it's what's sponsoring a Sesame Street episode. What do you do exactly?Craig: Hey, Corey, it's great to be on with you. So, I'm obviously working within the VMware company, and my charter is really looking at modern applications. So, the modern application platform business unit is really grounded in the work that we're doing to make technologies like Kubernetes and containers, and a lot of developer-centric technologies like Spring, more accessible to developers to make sure that as developers are using those technologies, they shine through on the VMware infrastructure technologies that we are working on.Corey: Before we get into, I guess, the depths of what you're focusing on these days, let's look a little bit backwards into the past. Once upon a time, in the dawn of the modern cloud era—I guess we'll call it—you were the original product lead for Google Compute Engine or GCE. How did you get there? That seems like a very strange thing to be—something that, “Well, what am I going to build? Well, that's right; basically a VM service for a giant company that is just starting down the cloud path,” back when that was not an obvious thing for a company to do.Craig: Yeah, I mean, it was as much luck and serendipity as anything else, if I'm going to be completely honest. I spent a lot of time working at Microsoft, building enterprise technology, and one of the things I was extremely excited about was, obviously, the emergence of cloud. I saw this as being a fascinating disrupter. And I was also highly motivated at a personal level to just make IT simpler and more accessible. I spent a fair amount of time building systems within Microsoft, and then even a very small amount of time running systems within a hedge fund.So, I got, kind of, both of those perspectives. And I just saw this cloud thing as being an extraordinarily exciting way to drive out the cost of operations, to enable organizations to just focus on what really mattered to them which was getting those production systems deployed, getting them updated and maintained, and just having to worry a little bit less about infrastructure. And so when that opportunity arose, I jumped with both feet. Google obviously had a reputation as a company that was born in the cloud, it had a reputation of being extraordinarily strong from a technical perspective, so having a chance to bridge the gap between enterprise technology and that cloud was very exciting to me.Corey: This was back in an era when, in my own technical evolution, I was basically tired of working with Puppet as much as I had been, and I was one of the very early developers behind SaltStack, once upon a time—which since then you folks have purchased, which shows that someone didn't do their due diligence because something like 41 lines of code in the current release version is still assigned to me as per git-blame. So, you know, nothing is perfect. And right around then, then I started hearing about this thing that was at one point leveraging SaltStack, kind of, called Kubernetes, which, “I can't even pronounce that, so I'm just going to ignore it. Surely, this is never going to be something that I'm going to have to hear about once this fad passes.” It turns out that the world moved on a little bit differently.And you were also one of the co-founders of the Kubernetes project, which means that it seems like we have been passing each other in weird ways for the past decade or so. So, you're working on GCE, and then one day you want to, what, sitting up and deciding, “I know, we're going to build a container orchestration system because I want to have something that's going to take me 20 minutes to explain to someone who's never heard of these concepts before.” How did this come to be?Craig: It's really interesting, and a lot of it was driven by necessity, driven by a view that to make a technology like Google Compute Engine successful, we needed to go a little bit further. When you look at a technology like Google Compute Engine, we'd built something that was fabulous and Google's infrastructure is world-class, but there's so much more to building a successful cloud business than just having a great infrastructure technology. There's obviously everything that goes with that in terms of being able to meet enterprises where they are and all the—Corey: Oh, yeah. And everything at Google is designed for Google scale. It's, “We built this thing and we can use it to stand up something that is world-scale and get 10 million customers on the first day that it launches.” And, “That's great. I'm trying to get a Hello World page up and maybe, if I shoot for the moon, it can also run WordPress.” There's a very different scale of problem.Craig: It's just a very different thing. When you look at what an organization needs to use a technology, it's nice that you can take that, sort of, science-fiction data center and carve it up into smaller pieces and offer it as a virtual machine to someone. But you also need to look at the ISV ecosystem, the people that are building the software, making sure that it's qualified. You need to make sure that you have the ability to engage with the enterprise customer and support them through a variety of different functions. And so, as we were looking at what it would take to really succeed, it became clear that we needed a little more; we needed to, kind of, go a little bit further.And around that time, Docker was really coming into its full. You know, Docker solved some of the problems that organizations had always struggled with. Virtual machine is great, but it's difficult to think about. And inside Google, containers we're a thing.Corey: Oh, containers have a long and storied history in different areas. From my perspective, Docker solves the problem of, “Well, it works on my machine,” because before something like Docker, the only answer was, “Well, backup your email because your laptop's about to be in production.”Craig: [laugh]. Yeah, that's exactly right. You know, I think when I look at what Docker did, and it was this moment of clarity because a lot of us had been talking about this and thinking about it. I remember turning to Joe while we were building Compute Engine and basically said, “Whoever solves the packaging the way that Google did internally, and makes that accessible to the world is ultimately going to walk away with a game.” And I think Docker put lightning in a bottle.They really just focused on making some of these technologies that underpinned the hyperscalers, that underpinned the way that, like, a Google, or a Facebook, or a Twitter tended to operate, just accessible to developers. And they solved one very specific thing which was that packaging problem. You could take a piece of software and you could now package it up and deploy it as an immutable thing. So, in some ways, back to your own origins with SaltStack and some of the technologies you've worked on, it really was an epoch of DevOps; let's give developers tools so that they can code something up that renders a production system. And now with Docker, you're able to shift that all left. So, what you produced was the actual deployable artifact, but that obviously wasn't enough by itself.Corey: No, there needed to be something else. And according to your biography, not only it says here that, I quote, “You were responsible for the formation of the CNCF, or Cloud Native Computing Foundation,” and I'm trying to understand is that something that you're taking credit for or being blamed for? It really seems like it could go either way, given the very careful wording there.Craig: [laugh]. Yeah, it could go either way. It certainly got away from us a little bit in terms of just the scope and scale of what was going on. But the whole thesis behind Kubernetes, if you just step back a little bit, was we didn't need to own it; Google didn't need to own it. We just needed to move the innovation boundary forwards into an area that we had some very strong advantages.And if you look at the way that Google runs, it kind of felt like when people were working with Docker, and you had technologies like Mesos and all these other things, they were trying to put together a puzzle, and we already had the puzzle box in front of us because we saw how that technology worked. So, we didn't need to control it, we just needed people to embrace it, and we were confident that we could run it better. But for people to embrace it, it couldn't be seen as just a Google thing. It had to be a Google thing, and a Red Hat thing, and an Amazon thing, and a Microsoft thing, and something that was really owned by the community. So, the inspiration behind CNCF was to really put the technology forwards to build a collaborative community around it and to enable and foster this disruption.Corey: At some point after Kubernetes was established, and it was no longer an internal Google project but something that was handed over to a foundation, something new started to become fairly clear in the larger ecosystem. And it's sort of a microcosm of my observation that the things that startups are doing today are what enterprises are going to be doing five years from now. Every enterprise likes to imagine itself a startup; the inverse is not particularly commonly heard. You left Google to go found Heptio, where you were focusing on enterprise adoption of open-source technologies, specifically Kubernetes, but it also felt like it was more of a cultural shift in many respects, which is odd because there aren't that many startups, at least in that era, that were focused on bringing startup technologies to the enterprise, and sneaking in—or at least that's how it felt—the idea of culture change as well.Craig: You know, it's really interesting. Every enterprise has to innovate, and people tend to look at startups as being a source of innovation or a source of incubation. What we were trying to do with Heptio was to go the other way a little bit, which was, when you look at what West Coast tech companies were doing, and you look at a technology like Kubernetes—or any new technology: Kubernetes, or KNative, or there's some of these new observability capabilities that are starting to emerge in this ecosystem—there's this sort of trickle-across effect, where it's starts with the West Coast tech companies that build something, and then it trickles across to a lot of the progressive forward-leaning enterprise organizations that have the scale to consume those technologies. And then over time, it becomes mainstream. And when I looked at a technology like Kubernetes, and certainly through the lens of a company like Google, there was an opportunity to step back a little bit and think about, well, Google's really this West Coast tech company, and it's producing this technology, and it's working to make that more enterprise-centric, but how about going the other way?How about meeting enterprise organizations where they are—enterprise organizations that aspire to adopt some of these practices—and build a startup that's really about just walking the journey with customers, advocating for their needs, through the lens of these open-source communities, making these open-source technologies more accessible. And that was really the thesis around what we were doing with Heptio. And we worked very hard to do exactly as you said which is, it's not just about the tech, it's about how you use it, it's about how you operate it, how you set yourself up to manage it. And that was really the core thesis around what we were pursuing there. And it worked out quite well.Corey: Sitting here in 2021, if I were going to build something from scratch, I would almost certainly not use Kubernetes to do it. I'd probably pick a bunch of serverless primitives and go from there, but what I respect and admire about the Kubernetes approach is companies can't generally do that with existing workloads; you have to meet them where they are, as you said. ‘Legacy' is a condescending engineering phrase for ‘it makes money.' It's, “Oh, what does that piece of crap do?” “Oh, about $4 billion a year.” So yeah, we're going to be a little delicate with what it does.Craig: I love that observation. I always prefer the word ‘heritage' over the word legacy. You got to—Corey: Yeah.Craig: —have a little respect. This is the stuff that's running the world. This is the stuff that every transaction is flowing through.And it's funny, when you start looking at it, often you follow the train along and eventually you'll find a mainframe somewhere, right? It is definitely something that we need to be a little bit more thoughtful about.Corey: Right. And as cloud continues to eat the world well, as of the time of this recording, there is no AWS/400, so there is no direct mainframe option in most cloud providers, so there has to be a migration path; there has to be a path forward, that doesn't include, “Oh, and by the way, take 18 months to rewrite everything that you've built.” And containers, particularly with an orchestration model, solve that problem in a way that serverless primitives, frankly, don't.Craig: I agree with you. And it's really interesting to me as I work with enterprise organizations. I look at that modernization path as a journey. Cloud isn't just a destination: there's a lot of different permutations and steps that need to be taken. And every one of those has a return on investment.If you're an enterprise organization, you don't modernize for modernization's sake, you don't embrace cloud for cloud's sake. You have a specific outcome in mind, “Hey, I want to drive down this cost,” or, “Hey, I want to accelerate my innovation here,” “Hey, I want to be able to set my teams up to scale better this way.” And so a lot of these technologies, whether it's Kubernetes, or even serverless is becoming increasingly important, is a capability that enables a business outcome at the end of the day. And when I think about something like Kubernetes, it really has, in a way, emerged as a Goldilocks abstraction. It's low enough level that you can run pretty much anything, it's high enough level that it hides away the specifics of the environment that you want to deploy it into. And ultimately, it renders up what I think is economies of scope for an organization. I don't know if that makes sense. Like, you have these economies of scale and economies of scope.Corey: Given how down I am on Kubernetes across the board and—at least, as it's presented—and don't take that personally; I'm down on most modern technologies. I'm the person that said the cloud was a passing fad, that virtualization was only going to see limited uptake, that containers were never going to eat the world. And I finally decided to skip ahead of the Kubernetes thing for a minute and now I'm actually going to be positive about serverless. Given how wrong I am on these things, that almost certainly dooms it. But great, I was down on Kubernetes for a long time because I kept seeing these enterprises and other companies talking about their Kubernetes strategy.It always felt like Kubernetes was a means to an end, not an end in and of itself. And I want to be clear, I'm not talking about vendors here because if you are a software provider to a bunch of companies and providing Kubernetes is part and parcel of what you do, yeah, you need a Kubernetes strategy. But the blue-chip manufacturing company that is modernizing its entire IT estate, doesn't need a Kubernetes strategy as such. Am I completely off base with that assessment?Craig: No, I think you're pointing at something which I feel as well. I mean, I'll be honest, I've been talking about [laugh] Kubernetes since day one, and I'm kind of tired of talking about Kubernetes. It should just be something that's there; you shouldn't have to worry about it, you shouldn't have to worry about operationalizing it. It's just an infrastructure abstraction. It's not in and of itself an end, it's simply a means to an end, which is being able to start looking at the destination you're deploying your software into as being more favorable for building distributed systems, not having to worry about the mechanics of what happens if a single node fails? What happens if I have to scale this thing? What happens if I have to update this thing?So, it's really not intended—and it never was intended—to be an end unto itself. It was really just intended to raise the waterline and provide an environment into which distributed applications can be deployed that felt entirely consistent, whether you're building those on-premises, in the public cloud, and increasingly out to the edge.Corey: I wound up making a tweet, couple years back, specifically in 2019, that the nuclear hot take: “Nobody will care about Kubernetes in five years.” And I stand by it, but I also think that's been wildly misinterpreted because I am not suggesting in any way that it's going to go away and no one is going to use it anymore. But I think it's going to matter in the same way as the operating system is starting to, the way that the Linux virtual memory management subsystem does now. Yes, a few people in specific places absolutely care a lot about those things, but most companies don't because they don't have to. It's just the way things are. It's almost an operating system for the data center, or the cloud environment, for lack of a better term. But is that assessment accurate? And if you don't wildly disagree with it, what do you think of the timeline?Craig: I think the assessment is accurate. The way I always think about this is you want to present your engineers, your developers, the people that are actually taking a business problem and solving it with code, you want to deliver to them the highest possible abstraction. The less they have to worry about the infrastructure, the less they have to worry about setting up their environment, the less they have to worry about the DevOps or DevSecOps pipeline, the better off they're going to be. And so if we as an industry do our job right, Kubernetes is just the water in which IT swims. You know, like the fish doesn't see the water; it's just there.We shouldn't be pushing the complexity of the system—because it is a fancy and complex system—directly to developers. They shouldn't necessarily have to think like, “Oh, I need to understand all of the XYZ is about how this thing works to be able to build a system.” There will be some engineers that benefit from it, but there are going to be other engineers that don't. The one thing that I think is going to—you know, is a potential change on what you said is, we're going to see people starting to program Kubernetes more directly, whether they know it or not. I don't know if that makes sense, but things like the ability for Kubernetes to offer up a way for organizations to describe the desired state of something and then using some of the patterns of Kubernetes to make the world into that shape is going to be quite pervasive, and I'm really seeing signs that we're seeing it.So yes, most developers are going to be working with higher abstractions. Yes, technologies like Knative and all of the work that we at VMware are doing within the ecosystem will render those higher abstractions to developers. But there's going to be some really interesting opportunities to take what made Kubernetes great beyond just, “Hey, I can put a Docker container down on a virtual machine,” and start to think about reconciler-driven IT: being able to describe what you want to have happen in the world, and then having a really smart system that just makes the world into that shape.Corey: This episode is sponsored by our friends at Oracle HeatWave is a new high-performance accelerator for the Oracle MySQL Database Service. Although I insist on calling it “my squirrel.” While MySQL has long been the worlds most popular open source database, shifting from transacting to analytics required way too much overhead and, ya know, work. With HeatWave you can run your OLTP and OLAP, don't ask me to ever say those acronyms again, workloads directly from your MySQL database and eliminate the time consuming data movement and integration work, while also performing 1100X faster than Amazon Aurora, and 2.5X faster than Amazon Redshift, at a third of the cost. My thanks again to Oracle Cloud for sponsoring this ridiculous nonsense. Corey: So, you went from driving Kubernetes adoption into the enterprise as the founder and CEO of Heptio, to effectively, acquired by one of the most enterprise-y of enterprise companies, in some respects, VMware, and your world changed. So, I understand what Heptio does because, to my mind, a big company is one that is 200 people. VMware has slightly more than that at last count, and I sort of lose track of all the threads of the different things that VMware does and how it operates. I could understand what Heptio does. What I don't understand is what, I guess, your corner of VMware does. Modern applications means an awful lot of things to an awful lot of people. I prefer to speak it with a condescending accent when making fun of those legacy things that make money—not a popular take, but it's there—how do you define what you do now?Craig: So, for me, when you talk about modern application platform, you can look at it one of two ways. You can say it's a platform for modern applications, and when people have modern applications, they have a whole variety of different ideas in the head: okay, well, it's microservices-based, or it's API-fronted, it's event-driven, it's supporting stream-based processing, blah, blah, blah, blah, blah. There's all kinds of fun, cool, hip new patterns that are happening in the segment. The other way you could look at it is it's a modern platform for applications of any kind. So, it's really about how do we make sense of going from where you are today to where you need to be in the future?How do we position the set of tools that you can use, as they make sense, as your organization evolves, as your organization changes? And so I tend to look at my role as being bringing these capabilities to our existing product line, which is, obviously, the vSphere product line, and it's almost a hyperscale unto itself, but it's really about that private cloud experience historically, and making those capabilities accessible in that environment. But there's another part to this as well, which is, it's not just about running technologies on vSphere. It's also about how can we make a lot of different public clouds look and feel consistent without hiding the things that they are particularly great at. So, every public cloud has its own set of capabilities, its own price-performance profile, its own service ecosystem, and richness around that.So, what can we do to make it so that as you're thinking about your journey from taking an existing system, one of those heritage systems, and thinking through the evolution of that system to meet your business requirements, to be able to evolve quickly, to be able to go through that digital transformation journey, and package it up and deliver the right tools at the right time in the right environment, so that we can walk the journey with our customers?Corey: Does this tie into Tanzu, or is that a different VMware initiative slash division? And my apologies on that one, just because it's difficult for me to wrap my head around where Tanzu starts and stops. If I'm being frank.Craig: So, [unintelligible 00:21:49] is the heart of Tanzu. So Tanzu, in a way, is a new branch, a new direction for VMware. It's about bringing this richness of capabilities to developers running in any cloud environment. It's an amalgamation of a lot of great technologies that people aren't even aware of that VMware has been building, or that VMware has gained through acquisition, certainly Heptio and the ability to bring Kubernetes to an enterprise organization is part of that. But we're also responsible for things like Spring.Spring is a critical anchor for Java developers. If you look at the Spring community, we participate in one and a half million new application starts a month. And you wouldn't necessarily associate VMware with that, but we're absolutely driving critical innovation in that space. Things, like full-stack observability, being able to not only deploy these container-packaged applications, but being able to actually deal with the day two operations, and how to deal with the APM considerations, et cetera. So, Tanzu is an all-in push from VMware to bring the technologies like Kubernetes and everything that exists above Kubernetes to our customers, but also to new customers in the public cloud that are really looking for consistency across those environments.Corey: When I look at what you've been doing for the past decade or so, it really tells a story of transitions, where you went from product lead on GCE, to working on Kubernetes. You took Kubernetes from an internal Google reimagining of Borg into an open-source project that has been given over to the CNCF. You went from running Heptio, which was a startup, to working at one of the least startup-y-like companies, by some measures, in the world.s you seem to have gone from transiting from one thing to almost its exact opposite, repeatedly, throughout your career. What's up with that theme?Craig: I think if you look back on the transitions and those key steps, the one thing that I've consistently held in my head, and I think my personal motivation was really grounded in this view that IT is too hard, right? IT is just too challenging. So, the transition from Microsoft, where I was responsible building package software, to Google, which was about cloud, was really marking that transition of, “Hey, we just need to do better for the enterprise organization.” The transition from focusing on a virtual machine-based system, which was the state of the art at the time to unlocking these modern orchestrated container-based system was in service of that need, which was, “Hey, you know, if you can start to just treat a number of virtual machines as a destination that has a distributed operating system on top of it, we're going to be better off.” The need to transition to a community-centric outcome because while Google is amazing in so many ways, being able to benefit from the perspective that traditional enterprise organizations brought to the table was significant to transitioning into a startup where we were really serving enterprise organizations and providing that interface back into the community to ultimately joining VMware because at the end of the day, there's a lot of work to be done here.And when you're selling a startup, it's—you're either selling out or you're buying in, and I'm not big on the idea of selling out. In this case, having access to the breadth of VMware, having access to the place where most of the customers are really cared about were living, and all of those heritage systems that are just running the world's business. So, for me, it's really been about walking that journey on behalf of that individual that's just trying to make ends meet; just trying to make sure that their IT systems stay lit; that are trying to make sure that the debt that they're creating today in the IT environment isn't payday loan debt, it's more like a mortgage. I can get into an environment that's going to serve me and my family well. And so, each of those transitions has really just been marked by need.And I tend to look at the needs of that enterprise organization that's walking this journey as being an anchor for me. And I'm pleased with every transition I've made. Like, at every point we've—sort of, Joe and myself, who's been on this journey for a while, have been able to better serve that individual.Corey: Now, I know that it's always challenging to talk about the future, but do you think you're done with those radical transitions, as you continue to look forward to what's coming? I mean, it's impossible to predict the future, but you're clearly where you are for a reason, and I'm assuming part of that reason is because you see an opportunity; you see a transformation that is currently unfolding. What does that look like from where you sit?Craig: Well, I mean, my work in VMware [laugh] is very far from done. There's just an amazing amount of continued opportunity to deliver value not only to those existing customers where they're running on-prem but to make the public cloud more intrinsically accessible and to increasingly solve the problems as more computational resources fanning back out to the edge. So, I'm extremely excited about the opportunity ahead of us from the VMware perspective. I think we have some incredible advantages because, at the end of the day, we're both a neutral party—you know, we're not a hyperscaler. We're not here to compete with the hyperscalers on the economies of scale that they render.But we're also working to make sure that as the hyperscalers are offering up these new services and everything else, that we can help the enterprise organization make best use of that. We can help them make best use of that infrastructure environment, we can help them navigate the complexities of things like concentration risk, or being able to manage through the luck and potential that some of these things represent. So, I don't want to see the world collapse back into the mainframe era. I think that's the thing that really motivates me, I think, the transition from mainframe to client-server, the work that Wintel did—the Windows-Intel consortium—to unlock that ecosystem just created massive efficiencies and massive benefits from everyone. And I do feel like with the combination of technologies like Kubernetes and everything that's happening on top of that, and the opportunity that an organization like VMware has to be a neutral party, to really bridge the gap between enterprises and those technologies, we're in a situation where we can create just tremendous value in the world: making it so that modernization is a journey rather than a destination, helping customers modernize at a pace that's reasonable to them, and ultimately serving both the cloud providers in terms of bringing some critical workloads to the cloud, but also serving customers so that as they live with the harsh realities of a multi-cloud universe where I don't know one enterprise organization that's just all-in on one cloud, we can provide some really useful capabilities and technologies to make them feel more consistent, more familiar, without hiding what's great about each of them.Corey: Craig, thank you so much for taking the time to speak with me today about where you sit, how you see the world, where you've been, and little bits of where we're going. If people want to learn more, where can they find you?Craig: Well, I'm on Twitter, @cmcluck, and obviously, on LinkedIn. And we'll continue to invite folks to attend a lot of our events, whether that's the Spring conferences that VMware sponsors, or VMWorld. And I'm really excited to have an opportunity to talk more about what we're doing and some of the great things we're up to.Corey: I will certainly be following up as the year continues to unfold. Thanks so much for your time. I really appreciate it.Craig: Thank you so much for your time as well.Corey: Craig McLuckie, Vice President of R&D at VMware in their modern applications business unit. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice along with a comment that I won't bother to read before designating it legacy or heritage.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need the Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.
Tal día como hoy, un 12 de agosto de 1981, IBM lanzaba al mercado el IBM 5150, conocido como IBM PC, el ordenador personal que lo cambiaría todo.
TranscriptCorey: This episode is sponsored in part by LaunchDarkly. Take a look at what it takes to get your code into production. I'm going to just guess that it's awful because it's always awful. No one loves their deployment process. What if launching new features didn't require you to do a full-on code and possibly infrastructure deploy? What if you could test on a small subset of users and then roll it back immediately if results aren't what you expect? LaunchDarkly does exactly this. To learn more, visit launchdarkly.com and tell them Corey sent you, and watch for the wince.Jesse: Hello, and welcome to AWS Morning Brief: Fridays From the Field. I'm Jesse DeRose.Amy: I'm Amy Negrette.Tim: And I'm Tim Banks.Jesse: This is the podcast within a podcast where we talk about all the ways we've seen AWS used and abused in the wild. Today, we're going to be talking about AWS, an open-source software. Now, that's kind of a broad topic, but there have been some specific, recent events I'll say, over the last year maybe or maybe even less, related to AWS and open-source software that really got us talking, and I wanted to have a deeper conversation with both of you on this topic.Tim: Well, you should probably start by going over some of the things that you're mentioning, when you say ‘some of these things,' what are those things, Jesse?Jesse: Yeah. So, I think the best place to start is what constitutes open-source software. And specifically, I think, not just what constitutes open-source software, but how does that differ from an open-source company?Tim: So, open-source software can be anything: Linux kernel, bash, anything like that, any Python functioning module. If you make a piece of software, whatever it is, and you license it with one of the various open-source licenses, or your own open-source license or whatever, it's something that the community kind of owns. So, when they get big, they have maintainers, everything like that, but at its essence, it's a piece of software that you can freely download and use, and then you're free to modify it as you need, and then it's up to the specifics of the license to whether you're required to send those modifications back, to include them, or to whatever. But the essence is that it's a piece of software that's free for me to use and free for me to modify under it's license.Jesse: And one of the other things I want to add to that is, correct me if I'm wrong here, but isn't a lot of open-source software is very community-owned, so there's a lot of focus on folks from the community that is using this software giving back not because they need to under the licensing, necessarily, but because they want to continue using this and making it better over time.Amy: I think one of the issues is that becomes a very opinionated kind of statement where there are a lot of people in the open-source community who feel that if you're going to use something and make changes to better suit what your needs are, that you should be able to submit those changes back to the community, or back to whoever owns the base of the software. But that said, it's like the community edition of MySQL before Microsoft bought it, where the assumption was that there's essentially a candidate of it that anyone can use without the expectation of submitting it back.Jesse: So, that's a broad definition of open-source software, but how does open-source software, broadly speaking, differ from an open-source company? I'm thinking specifically there is the open-source software of Elasticsearch, for example, or I should say, previously the open-source software of Elasticsearch that was owned by the open-source company, Elastic. So, what does that relationship look like? How does an open-source company like that differ from the open-source software itself?Tim: So, there are typically a couple of ways. Usually, a company that is the owner of an open-source product still has some kind of retention of the IP in their various licenses that they can do that with, but essentially—and this is in the words of one of the founders of Elastic—that they're benevolent dictators over the software. And so they allow folks to contribute, but they don't have to. And most of those open-source software companies will have a commercial version of that software that has other features that are not available, packages with support or some of the things like that, some kind of value-added thing that you're going to wind up paying for. The best way to describe—like you said—there's the company Elastic and then the product Elasticsearch.I relate back to before: there was Red Hat Linux, which was open-source, and then the company Red Hat. And I remember when they went public and everyone was shocked that a company can make profit off of something they gave away for free. But while the core of the software itself was free, the support was not free, nor was the add-on features that enterprises wanted. And so that tends to be kind of what the business model is, is that you create the software, it's open-source for a while to get a big user base, and then when it gets adopted by enterprises or people that really would pay for support or for other features, that's when the license tends to change, or there's a fork between the open-source version and then the commercial version.Jesse: And it definitely sounds like there can be benefits to an open-source company essentially charging for not just the open-source software, but these extra benefits like supports and additional features because I know I've traced multiple code bugs back to a piece of open-source software that there's a PR or an issue that has been sitting open for months, if not longer because the community just doesn't have the time to look into the issue, doesn't have the time to work on the issue, they are managing it on their own, separate as a side job, separate from their day-to-day work. Whereas if that is a bug that I'm tracing back to a feature in an open-source piece of software, or I should say software that I am paying for through an open-source company, I have a much clearer support path to a resolution to resolving that issue.Tim: And I think what the end up doing is then you see it more like a traditional core software model, like, you know, a la Oracle, or something like that where you pay for the software essentially, but it comes packaged with these things that you get because of it, and then there's a support contract on top of it, and then there's hosting or cloud, whatever it is, on top of that, now, but you would still end up paying for the software and then support as part of the same deal. But as you know, these are for-profit companies. People get paid for them; they are publicly traded; they sell this software; they sell this product, whether it's the services or the hosting, for profit. That is not open-source software. So, if company X that makes software X, goes under, they are acting like the software would then go under as if the software doesn't belong to the community.So, a business that goes after a business is always going to be fair play; I believe they call it capitalism. But when you talk about going after open-source software, you're looking at what Microsoft was doing in the '90s and early 2000s, with Linux and other open-source challenges to the Windows and the other paid commercial enterprise software market. When folks started using Linux and servers because it was free, customizable, and they could do pretty much everything they wanted to or version of it that they were using commercial Unices for, or even replacing Windows for, you didn't really see the commercial Unices going after it because that very specialized use cases; the user had specialized hardware. What folks were doing, they're buying Wintel machines and putting Linux on them, they were getting them without Windows licenses, or trial licenses, throwing Linux on it. And Microsoft really went after open-source; they really went after open-source.They were calling it insecure, they were calling it flash in the pan, saying it would never happen. They ran a good marketing campaign for a long time against open-source software so that people would not use it and would instead use their closed-source software. That is going after open-source, not going after quote-unquote, “Open-source companies.”Jesse: Yeah, I think that's ultimately what I want to dive into next, which is, there's been a lot of buzz about AWS going after open-source, being a risk to open-source software, specifically, with the release of AWS Managed Services for software like Elasticsearch, for example, Kubernetes, Prometheus vs. Other open-source packages that you can now run as a managed service in AWS. There's a lot of concern that AWS is basically a risk to all of these pieces of open-source software, but that doesn't necessarily seem to be the case, based on what we're talking about. One of the things that I want to dive into really specifically here is this licensing idea. Is it important to end-users? How would they know about what license they're using, or if the license changes?Tim: I'll let Amy dig in on it because she's probably the expert of three of them, but I will say one case in point, I remember where licensing did become very important was Java. JDK licenses, when Oracle started cornering the market on enclosing all the licenses, you had to use different types of Javas. So, you had to get, like, open JDK; you couldn't use Sun, Oracle Java, or whatever it was. And so that became a heavy lift of replacing packages and making sure all that stuff was in compliance, and while tracking packages, replacing them, doing all the necessary things because if you're running Java, you're probably running it in production. Why you would, I don't know, but there are those things that you would have to do in order to be able to just replace a package. The impact of the license, even if it doesn't cost a dime for usage, it still matters, and in real dollars and real engineering time.Amy: Even free licensing will cost you money if you do it wrong. The reason why I love talking about licensing is because I used to work for the government—Jesse: [laugh].Amy: —and if you think a large company like Amazon or Microsoft loves doing anything to rattle the cage of smaller businesses, it's not nearly as much as they love doing it to the government. So, any company that has a government-specific license, and the government is not using it, they will get sued and fined for a bunch of money, which sounds like a conflict between a super-large company and the government and who the hell cares about that, but this also translates the way they handle licensing for end-users and for smaller companies. So, for the most part for the end-user, you're going to look at what is generally sent to you to use any piece of licensing, the EULA, the End-User License Agreement, and you're just going to say, “Yeah, fine, this thing is 20 pages long; I'm not going to read this, it's fine.” And for most end-users, that is actually, you're good to go because they're not going to be coming after small, single-person users. What these licenses do is restrict the way larger organizations—be it the government or mid to larger companies—actually use their software, so that—this is a little dating—someone does not buy a single disk that does not report home, and then install that one disk on 20 computers, which is a thing that everyone has seen done if they've been in the industry long enough.Jesse: Yeah.Amy: Yeah. And it means things like licensing inventory is important, to the single you're using this license at home and you install Adobe on three computers, you would think it's not… would not hurt their value very much, but they also make it so that you can't even do that anymore. So, in purchased software, it makes a big deal for end-users; if it's just something free like being able to use some community SQL workbench just to mess around with stuff at home or on personal projects, you're usually going to be okay.Corey: This episode is sponsored in part by our friends at ChaosSearch. You could run Elasticsearch or Elastic Cloud—or OpenSearch as they're calling it now—or a self-hosted ELK stack. But why? ChaosSearch gives you the same API you've come to know and tolerate, along with unlimited data retention and no data movement. Just throw your data into S3 and proceed from there as you would expect. This is great for IT operations folks, for app performance monitoring, cybersecurity. If you're using Elasticsearch, consider not running Elasticsearch. They're also available now in the AWS marketplace if you'd prefer not to go direct and have half of whatever you pay them count towards your EDB commitment. Discover what companies like HubSpot, Klarna, Equifax, Armor Security, and Blackboard already have. To learn more, visit chaossearch.io and tell them I sent you just so you can see them facepalm, yet again.Jesse: Yeah, this is a really big issue. There's so much complexity in this space because Tim, like you said, there's some amount of capitalism here of AWS competing with open-source companies; there's business opportunities to change licensing, which can be a good thing for a company or it could be a terrible thing for a company's user base. There's lots of complexity to this issue. And I mean, in the amount of time that we've been talking, we've only really scratched the surface. I think there's so much more to this space to talk about.Tim: There really is, and there's a lot of history that we really need to cover to really paint an accurate picture. I think back when web hosting first became a thing, and everyone was running LAMP stacks and nobody was saying, “Oh, no, using cPanel is going to kill Apache.” That wasn't a thing because, yeah, it was a for-profit company that was using open-source software to make money and yet Apache still lived, and [unintelligible 00:15:00] still lived; MySQL still made it; PHP was still around. So, to say that utilizing open-source software to provide a service, to provide a paid service, is going to kill the open-source softwares, at best it's misrepresentation and omits a lot of things. So, yeah, there's a lot of stuff we can dig into, a lot of things we can cover.And the topic is broad, and so this is why it's important for us to talk about it, I think, in the context of AWS and the AWS, kind of, ecosystem is that when you see companies with big crocodile tears, saying, “Oh, yeah, AWS is trying to kill open-source,” it's like, “No, they're not trying to kill open-source.” They may be trying to go after your company, but they aren't the same.Jesse: And it feels to me like that is part of the way that the business world works. And I'm not saying that it's a great part of the way the business world works, but how can you differentiate your company in such a way that you still retain your user base if AWS releases a competing product? I'm not thrilled with the fact that AWS is releasing all these products that are competing with open-source companies, but I'm also not going to say that it's not beneficial, in some ways, for AWS customers. So, I see both sides of the coin here and I don't have a clear idea of what the best path forward is.Amy: As much as I hate the market demands it type of argument, a lot of the libraries, and open-source software, and all of these other things that AWS has successfully gone after, they've gone after ones that weren't entirely easy to use in the first place. Things like Kubernetes, and Prometheus, and MongoDB, and Elastic. These are not simple solutions to begin with, so if they didn't do it, there are a lot of other management companies that will help you deal with these very specific products. The only difference is, one of them is AWS.Jesse: [laugh]. One of them is a multibillion-dollar company.Amy: Oh, they've all got money, man.Jesse: [laugh].Amy: I mean, let's be real. At our pay grade, the difference between a multimillion-dollar and a billion-dollar company, I don't think affects you at your level at all.Jesse: No.Amy: I'm not seeing any of that difference. I am not. [laugh].Tim: Yeah, I definitely think if you all want us to dig into more of this—and we could do a lot more—let us know. If there are things you think we're wrong on, or things that you think we need to dig deeper on, yeah, we'd love to do that. Because this is a complex and nuanced topic that does have a lot of information that should be discussed so that folks can have a clear view of what the picture looks like.Jesse: Well, that'll do it for us this week, folks. If you've got questions you'd like us to answer please go to lastweekinaws.com/QA, fill out the form and we'll answer those questions on a future episode of the show.If you've enjoyed this podcast, please go to lastweekinaws.com/review and give it a five-star review on your podcast platform of choice, whereas if you hated this podcast, please go to lastweekinaws.com/review, give it a five-star rating on your podcast platform of choice and tell us your thoughts on this conversation, on AWS versus open-source software versus open-source companies.Announcer: This has been a HumblePod production. Stay humble.
Welcome! We have had a very busy week this week so this is a reply of the show aired the end of February. I'll be back next week. It was also another busy week on the technology front and we are going to delve into what actually caused the energy problems in Texas. There is a new type of malware that is affecting Macs and it is has a different MO. Then we are going to discuss Apple and their ventures into automated electric cars and what we can expect. Why are states having issues making appointments for vaccines? In a word, it is bureaucratic incompetence. Then we have a new type of hack out there. It is called Buy-to-Infect and there is more so be sure to Listen in. For more tech tips, news, and updates, visit - CraigPeterson.com. --- Tech Articles Craig Thinks You Should Read: This Basic Math Shows How Wind Energy Failures Contributed To Texas’s Deadly Power Loss An Insider Explains Why Texans Lost Their Power New malware found on 30,000 Macs has security pros stumped Report: Nissan shot down Apple deal to avoid becoming Foxconn of cars N.Y.’s Vaccine Websites Weren’t Working Apple is already working on developing 6G wireless technology Owner of an app that hijacked millions of devices with one update exposes the buy-to-infect scam Mount Sinai study finds Apple Watch can predict COVID-19 diagnosis up to a week before testing Malware Exploits Security Teams' Greatest Weakness: Poor Relationships With Employees --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] You probably know I've been doing cybersecurity now for 30 years in the online world. Yeah, that long. I'm afraid I have some confessions to make about our relationships here, cybersecurity people, and employees. Hi everybody. Craig Peterson here. I'm so glad to be here. I'm happy you're here as well. There are so many ways to listen. I got pulled into this whole business of cybersecurity quite literally, kicking and screaming. I had been already involved in the development of the internet and internet protocols for a decade before. In fact, one of the contracts that I had was with a major manufacturer of computer systems. What I did there was design for Unix systems a way to check for malware, a way to manage them remotely. Yes indeed, I made one of the first RMM systems, as we call them nowadays. We also tied that RMM system, of course, into Windows and a few other operating systems. Unix was where I was working at the time. I am what they called an OG in the industry. My gosh, my first job with computer networks was back in 75. Believe it or not a long time ago. Back then, of course, it was mainframe to mainframe basically and some of the basic protocols, the RJE, and stuff. I know I've got a lot of older people who are listening who are saying, yeah, I remember that. It brings back memories. In fact, I got a note just this week from a listener who was saying his first computer was a Sinclair. Do you remember those things? Oh my gosh. It brought back so many memories for us older guys. But it was just such a cool little device with the keys and much different than I'd ever seen before. The XZ81. I just looked it up online so I can remember what the model number was. That was made by Timex. If you can believe that too. It's just. Wow. It had a Z 80 CPU, which of course was like an 8080, which was Intel's, big chip at the time, running at 3.25 megahertz. Yes, indeed. Very cool. I love that computer anyways. I digress. The whole industry at the time was non-existent, yeah. You had antivirus software. We started seeing that in the eighties and we had some terrible operating systems that many people were running like Windows, just absolutely horrific. Remember windows three-point 11 and XP and the millennial edition just some of the most terrible software ever. That's what happens when you have interns? A lot of the code, it came out in one of the lawsuits, for one of these versions of Windows. It was a different world and I had to figure out what was going on because I had some servers that were Unix servers. This was the early nineties and I was hosting email for companies and websites and doing some filtering and things with some kind of precursor to SpamAssassin. It was really something. I had some DECservers, Digital Equipment Corporation. Remember those guys and all of a sudden customers started calling me because the email wasn't working. It turned out it was working, but it was extremely slow and I had to figure out why. I telneted to my server. I got on, started poking around the servers. I had a computer room and the first floor of the building that I owned and I was up on the second floor. Off we go looking around trying to figure out what is going on. It was me actually. I said us, but it was really me. Cause I knew the most about this stuff. There were these processes that just continued to fork and I was trying to figure out why is it creating all these new processes. What's going on? What has happened here? Back then, The internet was a much different place. We trusted everybody. We had fun online. We would spam people who broke our almost unwritten rules of the internet about being kind to other people. What spam was, where the whole term comes from is you would send the script from Monty Python spam and eggs, spam and ham spam, spam, spam routine. You just send it to somebody that was breaking these unwritten rules, like trying to sell something on the internet. Absolutely verboten. What a change to today. I saw some of this stuff going on. I was trying to figure out what it was, but, we trusted everybody. So my mail server was Sendmail, at the time. We still maintain some instances of Sendmail for customers that need that. Nowadays. It's usually more something like postfix in the backend. You might have Zimbra or something out front, but postfix in the backend. We allowed anybody on the internet to get on to our mail server and fix some configuration problems. They didn't have full access to everything. Firewalls weren't then what they are today. In fact, one of our engineers just had to run out to a client who did something we told them not to do. They were using the Sonic wall firewall on their network as well as they had our stuff. So we had a really good Cisco firepower firewall sitting there, and then they have this SonicWall so that they're people, remotely could connect to the Sonic wall firewall, because it's good enough. SonicWall says it's compliant. The SonicWall firewall was being used to scan the network and load stuff. Does that sound familiar? Much to our chagrin. So he had to run out and take care of that today. It sounds like we might have to do a rip and replace over there restore from backups. You have no idea what these bad guys might've done. We've seen Chinese into these networks before, Chinese malware. It's been really bad. Boy, am I wandering all over the place? Back to this, we would allow people to get onto our network to fix things. If something was wrong, if we were misconfigured, they could help us and they could get on and do it because Sendmail configuration was not for the faint-hearted. In the days before Google, right? Eventually, we had Archie and Veronica, and Jughead. They did basic searches across FTP servers. That's my kicking and screaming story. I was trying to run a business where we hosted email for businesses, which we still do to this day, and where we had some, back then we didn't have websites. The web didn't come in into play until a couple of years later, but we did host FTP sites for businesses so that they could share files back and forth. That's what I wanted to do. That was my business. Later on, I ended up helping 80% of my clients find the other web hosts after, these $8 Gator hosting things. We just got a call on that this week. Somebody who'd been a client of ours 20 years ago, went with a guy that charges $5 a month for web hosting. They have personally identifiable information on that site if you can believe it. He was complaining because it wasn't working he was getting a C-panel error anytime he went to the site. We said, Hey, listen, this problem is the guy that you're hosting from. We did a little research and we checked the IP address and how many sites we're at that IP address. This guy that was charging them $5 a month had 150 different websites at that one IP address. Now that's not bad. He was hosting all of these 150 at a site, the charges, the eight to $10 a month for web hosting. He had all of these sites on top of a machine that was already split up hundreds of ways. It's just amazing what people do. Man alive. We got rid of 80% of those customers, the ones that wanted cheap, that's fine, get cheap, and see what happens to you. Some of them, we still maintain a good relationship with and so we help them out from time to time, right? What am I going to do? So somebody calls me, I gotta help them. That's precisely what we do now with this malware problem. What's going on here? We talked already about the Great Suspender and how Google has said, Hey, this now has malware in it, so we're removing it from your web browsers. That to me makes a ton of sense. Why not do that? This is another example of what happened with SolarWinds. This is an example of a supply chain infection. What happened with that? Somebody bought Great Suspender from the developer and then added in this basically malware to the Great Suspender. Just it's a terrible thing. Very surprising, but one of the biggest exploits that are being used by the bad guys right now is the security team's poor relationship with other employees within the organization. I promise we'll get to this a little bit more and explain the bottom line here. What's going on and it goes back to this customer that we just had to run out to. Why did they do what we told them not to do? Stick around. We're getting into the battle between cybersecurity senior officers in companies, owners, business owners, and the, even the employees. There has been such a battle going on. I saw two examples this week. Hi, everybody, it's a difficult world out there, but I find some comfort in listening to, of course, news radio. It keeps me up to date on what's going on. It helps me to really understand the world a lot better. I mentioned that one of my guys just had to run out to a client who did something we absolutely told them not to do. They had been using this company that was a break-fix shop, I guess is the way you would put it. They had a business that would respond to problems and they charge by the hour. I think right now their hourly rate is like 160 bucks or something. It is not cheap, but anyhow, That they would sell people equipment and then move on, right? Your problems aren't my problems. Just leave me alone, go away. It's a beautiful model because their employees at this break-fix shop don't have to understand much. They just have to know more than you do as a customer. There's one level of understanding that you have, and for someone to appear to be an expert, all they have to do is have slightly more understanding. That has bothered me so many times listened to the radio and they talk about somebody that's just this great expert, in reality, of course, they are not. But you don't know. That person talking about the expert doesn't know either because they just don't have enough knowledge. Of course, the person that's labeled the expert isn't going to say anything about it. They were doing what most companies do, which is okay. We know we need a firewall, so let's get a firewall. They went out and they talked to this company and they did their Google research because of course, Dr. Google is an expert on everything. Even with those differing opinions, you're going to go with the opinion that you like the best. That's what they did. They bought a Sonic wall firewall from this vendor, which was a break-fix shop. Now that's all well, and good. The sonic wall is not terrible stuff. They've got some amazing stuff as well. The problem is this device has been out of support for more than two years now. Even though they're not as advanced as some of the systems we can install, not that we always use the most advanced systems. It's not a bad, a little thing for a small business. We warned them that because they were using an out-of-date firewall that they could not get fixes for known vulnerabilities. Now that's a big deal too. Most people are not aware of the vulnerabilities that are on their machines. Do you go out every month and check the firmware versions on your firewall? You should be, even if you're a home user. Are you checking to make sure the firewall that the cable company provided you with is up to date, configured correctly? You've changed the password and the admin username, right? No? Most people haven't. He hadn't, right. He didn't know. We told them we did a little research and said here's your problem. That's part of his cyber health assessment. We told them what kind of firewall do you have? What's the version of software on it and we do that. We have a bunch of people that have asked for cyber health assessments. We've got them on a list because we're busy. So we have to schedule these and make them happen. So we said, do not plug that machine in. Of course, what do they do? They plugged it back in again. So now all of a sudden this morning, we get a wake-up call from our monitors that are running they're on their Cisco firepower firewall, where we have their extensive suite of additional software. This isn't just an off-shelf, Cisco firewall. It's telling us that the SonicWall or something through our, via the SonicWall. Is going through all this customer's network. It's actually attacking the Cisco firewall from inside the network. Absolutely amazing. Why does that happen? In this case, the business owner, and it is a very small business. It has about 5 million in revenue per year, I would guess. It's a small business by every stretch. The owner just doesn't want to spend the money he doesn't absolutely have to spend. He's not looking at this saying I could lose all my intellectual property. I could get sued by these people. I could lose my clients who find out that their data was released. Their orders were released. Everything was stolen. He looks at it and says, Oh wow. It's 200 bucks a month. Wait a minute guy, you have how many employees? You're worried about 200 bucks a month. I personally, I don't understand that. Why would you do that? Now, you're in a poor country. Okay. I get it right. That's a lot of money to spend, but not here in the United States. Doesn't make sense. A lot of this is really the reason I brought it up. It's showing how there is a disconnect between business owners, C-level people, and cybersecurity people. Basically, if you have less than 200 employees, you cannot afford to have your own cybersecurity team. It's impossible. It's way too expensive. Then the numbers start to change outsourced cybersecurity, which is what we do. We do this for this customer and. The in-house cybersecurity people, but we all have the same basic problem. The owner has a problem too, right? He has to weigh the costs of cybersecurity against the risks involved, which is what Equifax did. What so many of these big companies do, right? There's this, the norm Equifax said it's going to be way cheaper to just pay out $10 million in fines. When we get fined by the federal government for losing everyone in the country's personal financial information then it is to do this or we're not going to bother. Man, I'd love to see the smoking gun email on that, where they made that final decision, probably doesn't exist. They're smart enough to know that they would get sued and they have been sued because of this. We've got another problem right now because of people working from home. I mentioned, in fact, this week, you should have gotten an email from me on Thursday. That was a little audio thing that I put together. We call these things, audiograms, and it's a kind of a video that'll play. This particular one is about part of this problem. We've talked extensively about that water plant in Florida, that was hacked for lack of a better term. It might've been an insider thing. It might've been someone external, et cetera, et cetera. The reason it happened is that business, the water plant for a town of 15,000 people, which would be in a normal world, a small business. That small government operation was all of a sudden faced with lockdowns. What do we do? They didn't have a plan. They didn't have a business continuity plan, which is so important. I talked about it extensively last week as well. They had no way to manage this. So what did they do? They went out and bought team viewer licenses for everybody in the business. That put, well not the business, in this case, the agency, that put the agency at risk. That is putting our businesses at risk too, in such a big way. That's what the audiogram I emailed out on Thursday explaining this a bit. So stick around. We're going to continue this conversation. Of course, you're listening to Craig Peterson online@craigpeterson.com. We have people working from home. We didn't really plan for this. We're doing it because of the lockdown. Maybe, you found that it's actually better for your business, from whatever angle. What are the risks here of people taking computers home? Hello. Everybody Craig, Peterson here. So glad to be with you today. Glad you're taking a few minutes out of your day as well to listen in. Now I am very concerned about people using computers that they're taking home. I want to make a definition. Maybe there's a better way of saying this, computers that are used at home, home computers should never be used for work. I'm going to explain why. Computers that are at work probably should not be taken home. We saw the example of this, just this last couple of weeks. I was talking about this wonderful plugin that I've been using and recommending people use here for a very long time, called the Great Suspender. We've talked at length really about what happened there with the company being bought and then becoming evil, right? Just buying their way into 2 million people's computers. Sometimes these Chrome extensions that are installed on personal computers get automatically installed and synchronized to your work devices. In fact, that's the default. If you log into Chrome and you're using Google Chrome as your browser and you log into it on your home computer, and when you log into your same account over on your business computer. All of a sudden, now it's syncing. It's syncing things like passwords, which you should not be having Google store for you. You should definitely be using a good password manager and there are a few out there. If you're not familiar with them or don't know which one to use or how to use them. I have a great little special report on passwords and using password managers. I'd be glad to send it to you. Just email me@craigpeterson.com and I'll send that on-off, right? I'm not making a dime off of that. I want to make you safer. I don't want to have happened to you what's happened to millions of Americans, including my best buddy who had his information stolen. I've been after him to use password managers. He never did it. I don't know why. Until his paycheck got stolen. Then he came over and I explained it and set it up with them and really helped him out. Maybe we should do a whole webinar showing you how to use these password managers, how to get them set up because it is a little bit tricky. It's certainly different than you're used to. Many people are using their browser Chrome in this example, to save passwords. When you go to a website, you'll automatically have the password there. Maybe you've got it set up so that it'll automatically log you in with all kinds of cool stuff. But there is a very big problem and that is that there is a huge risk with running these extensions, like the Great Suspender. The Great Suspender was approved by Google. It was in the Google store. You could download it from their app store. Absolutely free. In January of this year in 2021, we had someone out on Twitter, tweet that there was a problem with the security on the Great Suspender. It had been changed. It was being used now to send ads out and other things. That's pretty, pretty bad. The extension wasn't banned until about a month later and you as an end-user had no official notification that this extension was potentially malicious. Apparently, they could, with this malicious software they embedded, not just show you ad, not just insert their own ads to generate revenue onto the webpage as you were visiting, they could also grab files from your machine. That's a very bad thing. Now, presumably, if you're at work, you have a team that's helping you outright. The IT security team, there may be different teams and maybe the same person who also is the office manager, who knows. It does vary. Businesses cannot know what you're doing when you're starting to install those extensions and they are pushing their way onto your office computer because you're using the same Google account in both places. Now, despite the risks, of course, I installed this Great Suspender used it for years and I was pretty happy using it. I know many other people who were in the same boat. Security teams have some great tools. I mentioned my son who's one of our team members got called out to a client. During the break, I was just chatting with him briefly. What had happened is they plugged in this firewall we told them not to plugin. It was apparently hacked from the outside. It had known security vulnerabilities. He had not, this small business owner had not yet paid for maintenance on his little firewall, so he was not getting security updates. In fact, my team member looked at this and found that it had been three years since the firmware on his firewall had been updated. The bad guys got into his network through this secondary firewall, which we told them not to have not to plugin. Our firewall only noticed it because this malware started scanning everything on the network. Of course, it scanned two of our machines, one being the firewall. Remember this isn't a regular firewall that we put in there. This is a firepower firewall with a whole bunch of extra software on top of it. In our data center, we have some huge machines that are sitting there watching what's going on remotely. On our client's networks via that firepower firewall. We started getting all these notices as to what was going on, but this is a great example. We're not updating some of that software. He had a security team and he ignored the security team. We were the security team. We're outsourced cybersecurity that's what we do, but that happens many times. Many business owners and others look at the cybersecurity situation as having many different shades of gray. What should you do? What shouldn't you do? The teams that are working in these businesses, including us. We have to tell them, Hey, don't use that firewall. Do not plug it in. You don't need it. If you plug it in, it's going to make it way easier for some of your people to work from home. This is not set up correctly and you're going to have problems. That's a difficult conversation to have with a business owner. We had it and he ignored it much to his peril. In this case, this one is hard to tell how much data was stolen from his business. The impact from this could last for months, and there could be investigations who knows what's going to end up happening here. That business owner and I, because I spoke to him as well about this whole situation before this particular event happened just about two weeks ago. In fact, that was a reminder cause they had plugged it in again. Six months before that we had told the business owner, you can't plug this thing in, you cannot be using it. How do you do that? How do you let an impacted employee, somebody who's working from home, maybe using their own computer to do work for the business? How can you approach them and tell them, Hey, you cannot use Google Chrome? You cannot save your passwords on your browser. You cannot install extensions. Even if you had a list of extensions today that were bad, that list is going to be out of date tomorrow, which is going to be a very big problem. Individual users do not have the ability to check this. Frankly, most businesses don't either. Again, that's why a business under 200 employees cannot afford to do this yourself. You just can't. This is a specialty. We were talking yesterday with a prospect who had been brought to us by a break-fix shop and trying to get this concept through. We're going to talk a little bit more about that. What should you be doing? How can you pay attention? How can you even be safe in this day and age? Hi everybody. Craig Peterson here. We've been talking about supply chain problems. That's a technical term for it, but the software that we rely on becoming evil, and what can we really do about it? Hello, everybody. You're listening to Craig Peterson. How do you talk to a business owner and help them understand? That's a problem. Isn't it? Look at what happened a few years back with TJX stores. Them as maybe TJ max, that's one of their stores. They have a number of others. Their cybersecurity guys did something I have seen done before. That is, they went to the management of this massive public company and said, Hey, TJX, we need to get this hardware. We need to get this staffing. The hardware course pretty expensive and it sits there and it does much the same stuff. Even back then. Nowhere as good as today. It's exponential, as to how much better it gets every year, but it was good hardware. It really could have stopped the hack that happened and it did. Here's what it did. It noticed the hack was going on. The problem was they were able to say yes to the hardware, the senior management said yes. They got the hardware, but senior management would not get the security technicians that were needed to monitor and run that hardware. They were short-staffed. That's another problem we're seeing. That's why the companies you're dealing with, whether it's Equifax, with who you do not have a direct business relationship with, and yet have all this information about you and sell that. Or maybe it's just some other website. That's why they lose your data. It's a real bad idea. The bad guys are just waiting out there just siphon all of your data. In many cases, when you're talking about a business and a business website, or even your home computer, they're looking to redirect you to malicious websites. What they'll do is for instance, again, the Great Suspenders' an example, that they claim it's been fixed now. With something like an extension or a plugin that you put in your browser, they could rather easily code it up so that you are going to a website that's malicious. It could look like Bank of America's website and you go there and you enter in your information. You put in your username, you put in your password, it asks you a security question. Maybe maybe not, but your username and password. Then it says incorrect. Then your screen refreshes while your screen just refreshed because you were not at the Bank of America, originally. You were at a malicious website and you entered in your username and password. Now the bad guys have your username and password to your banking system, to your login, to your bank accounts. They got that. That's all they needed. They didn't want you to know that this was going on so they just went ahead and redirected you over to the real bank website. Hence, the supposed reload. It's a very big weakness here in how IT and security teams operate because too few security teams really can relate with the CEO and vice versa. I've seen that all of the time with people working for me in cybersecurity, you've got a really good idea of what needs to be done, how it needs to be done when it needs to be done. To you, it's the most important thing in the world, right? You don't want the business to go under, you're going to lose your job, maybe your pension retirement plan is tied to that business. You don't want it to happen, but have you got the trust built up with the senior management? Then how about the other side of this relationship? How about if you're a cybersecurity person? Even if, again, you're not a professional, you're just the person tasked with it in the office or you're the person tasked with it at home. How do you go to the other employees and tell them you can't use your Google Chrome account here in the office? How are you going to enforce it? How are you going to tell your husband or wife, Hey, that's dangerous? I don't want you installing any of these extensions on your computer. One of the really bad things that people do with their browsers is they put on these real fancy little extensions that give all kinds of extra wonderful information. It ends up as a toolbar and it lets you do searches on this site or that site. Maybe it keeps you up to date on the stocks that you have in your portfolio. You're telling hackers what stocks you own, really? It might be legitimate, right. But who knows? That's the problem. Something like that can really mess you up and send you to malicious sites. You know that your spouse is using that or your kids are using that. How do you talk to them? How do you solve those problems? It's a real problem. There are some interesting tools that you can use, as professionals. There's a Slack channel I can send you to, if you're interested, actually, it'll be in the newsletter that comes out on Sunday. At least it should be under one of those articles. It is a problem. Netflix, by the way, is really trying to help you out too. Not only did the Netflix security team provide some feedback for what's called the honest security guide, but it's also made some of its user tools, the tools that you might use at your home to find a movie, et cetera, it might help really to secure you. Git Hub has this. It is called, this is a Netflix skunkworks, the stethoscope app. It's a desktop application created by Netflix that checks security-related settings and makes recommendations for improving the configuration of your computer. It doesn't require central device management or reporting. You can have a look at that. If you are interested, let me know. I can probably point you in the right direction to the stethoscope app. That's what we want to see in this honest security guide. You'll find it online. At honest security is a guide to your devices, security, which in the biz we call endpoint security and it is cool. You can run through all of this list is a big checklist and talking about why honest, and they're saying dishonesty stops you from doing the right thing. That's why in my courses, I spend a lot of time, more time in fact, on the why than the how. I want you to understand honestly, why you should or should not do something. There are so many people who are out there yelling and screaming, jumping up and down. Particularly your antivirus companies. You fake VPN companies who are trying to get you to buy their products that not only do not need in most cases but will actually make your computer less secure. So we have to be careful about all of this stuff. We have to make sure we are talking. We've got to have a trust relationship set up with the owners of our business. Cause you guys, some of you, I know own businesses, some of you work for a business. We've got people listening to this all over the world and every continent I've even seen a listener down in Antarctica. I really can say every continent. It's important that we know how to work with our fellow employees, with our management, with our family members, to help them to know what they need to do. There is no time to wait. We have never seen as many attacks as we're seeing now. We've never seen the government using its resources to attack us more than we have now. We've never seen more billions of dollars stolen per year by the bad guys. There are some basic tenants that you can follow that will make you way more secure. And that's why you're listening. That's why I go through some of these things to help everybody understand. That's also why I go ahead and make sure that I answer your emails. If you have a question, make sure you go ahead and ask. You can just email me at me@craigpeterson.com. If it's something urgent, I have a form on the bottom of my homepage @craigpeterson.com. You can give me a little bit more information. I tend to keep an eye on that a little bit better than my general email, although I do use some amazing email software that helps me to keep track of the real email and get rid of the spam and put things in boxes and stuff craigpeterson.com. It's that simple email me me@craigpeterson.com. If you have questions. I hope that Google is going to continue to improve itself. I love the fact that they found out that this one extension was malicious. For those of you who might've just tuned in, we're talking about something called the Great Suspender something I've used for years, it became malicious, but they need to do more. As people who are concerned about security, we just can't wait for the next incident. Just again, this client of mine, who we've been warning about this for months, he's stopped doing what we told him to do, and then decided well it's just too difficult. That's something we hear a lot from businesses. Oh, it just hampers the work. It hampers it because now we have to get permission from it in order to mount this particular drive or gain access to those files or materials. Yes you do, because we have to stop the internal spread of all of this malware and all of these hackers. It is absolutely worth it. All right, everybody. Thanks again for joining me today. I really hope you've been enjoying this. I have years' worth of podcasts out there and you'll find all of those at craigpeterson.com/podcast or on your favorite podcast platform. If you subscribed under iTunes, you might've noticed, ah, yeah, I just released a whole batch there too. I expressed concerns about owning an Apple watch. I held off for a long time. I want to talk about these devices now, the security concerns, but also the amazing health tools that are built right in. Hey, welcome back. This Apple watch is really fascinating. It has been around now for six generations. There are a number of other watches that have had, or tried, I should say, to compete with Apple. They haven't been very successful. You might've noticed that. I have a friend that bought some watches for his family and to him that monitor all of the basic vitals and record them and send them up to his phone. It's a 20-ish dollar watch. He got it from South Korea probably are parts made in China, but it is an inexpensive watch and it does some of the basics at the other end of the scale. Let's have a look right now. I'm going to go to apple.com online, and we're going to click on watch. Here we go, Oh, my they've got special watches so you can buy their watches. It looks like the new one, the Apple watch series six for starting at 400 bucks or they have two different sizes. . They have a more basic watch called the Apple Watch SE that starts at about $300. You can still get the Apple watch series three. Now, these all can monitor high and low heart rates. They can give you irregular heart rhythm notification, but it's only a-fib atrial fibrillation, I think is the only one they can monitor, but all three of those can monitor that. As I said, my buddy's watches, he got for his family at 20 bucks apiece are able to do most of that as well. These are water-resistant to 50 meters, which is really cool. The series six also has an ECG app. That is very cool. You open the app, you put your finger on the crown of the watch and it gives you an EKG right there on the watch and it feeds it to your phone. On your phone, you can turn it into a PDF. You can share it with your doctor on and on. It's just amazing. It's a three-lead type, I was in emergency medicine, right? A med-tech EMT, EMT-PD can't remember. I had a whole bunch of different certifications back in the day. But it's fantastic for that. It also has a blood oxygen app that monitors your blood oxygen levels. It ties all of this into their new exercise app, which is amazing. That ties into your phone or your iPad. I will go down in the basement onto the treadmill and I'll select your treadmill workout. It has dozens of them. Have you seen this really fancy treadmill? A couple of years ago they got in all kinds of trouble because they advertised it around Christmas time and apparently this woman really wanted a treadmill and she got one and she was all excited. All of these people jumped out of the woodwork. All your you're saying she's fat, et cetera. No, she wanted a treadmill. These are amazing treadmills because they have built into them. These streams and you can join classes, et cetera. With the Apple Watch, my iPad, and a subscription to this iHealth app, which you can get as part of this Apple plus thing you can buy for 30 bucks for the whole family, 30 bucks a month. I don't know how many I have seen probably a hundred different workouts on there. It has different workouts, different types of weightlifting, running, jogging, treadmills, elliptical machines, everything. You can pick your pace. You can pick your instructor, you can pick everything. Then your Apple watch is monitoring your body. As you're working out. So it's telling you how many calories you've burned. What's your heart rate is to help keep your heart rate in the best range for you, depending on what kind of a workout you're doing. It also lets you compete against other people. Does this sound like an ad for the Apple watch? You can compete with other people your age doing the same workout and see where you're at. I was really surprised because typically I am at the front of the pack when it comes to my treadmill workouts. That's really cool as well. Those are some of the basics. There are other things too, that Apple is doing. We've found, right now, that Mount Sinai just came out with an announcement and they said that the Apple watch can predict COVID 19 diagnosis up to a week before testing can detect it. Yes. Isn't that something? Not only can the Apple watch help with certain heart arrhythmias, but it can predict that you have COVID-19 too a week before testing normal testing. Those swabs can find it out. This is from the journal of medical internet research, which is a peered review journal. And they found that wearable hardware and specifically the Apple watch can effectively predict a positive COVID-19 diagnosis up to a week before the current PCR-based nasal swab tests. They called this the warrior watch study. They had a dedicated Apple watch and the iPhone app, and they had some participants from the Mount Sinai staff and it required, of course, these staff members to use the app to turn on the health and data monitoring and collection, and also asked them to fill out a survey every day to provide some feedback about their potential COVID-19 symptoms. As well as other things like stress can obviously make your heart rate, go up your blood pressure, go up, et cetera. Oh. By the way, Apple, supposedly the rumors are, we'll have a BP sensor in the Apple seven that'll be out later this year, most likely. So they had several hundred healthcare workers and the primary biometric signal. I know that the studies authors were watching was heart rate variability. This is fascinating to me because it's something that I learned about fairly recently. Then when I got my Apple watch, I read up more about this, but basically, heart rate variability is what it sounds like. It's your heart rate. Let's say your heart is beating at 60 beats per minute. It is not beating once every 10 seconds. It is not beating once a second. Your heart rate will vary over the course of that minute. If you're healthy. Obviously, a beat every 10 seconds isn't 60 a minute. Let's use that as an example. Somebody who's almost dead and has six beats per minute. The first heartbeat might be at 10 seconds. The second heartbeat might be at 22 seconds because your heart is supposed to vary its rate of contractions based on immediate feedback. It's not just that you're going out in your running and now you've driven up your heart rate and you're doing your cardio and it or you just walked up a flight of stairs or you stood up, which is another test, by the way, what we're talking about here. You might just be sitting there, but your cells have a different need for oxygen or for the blood. The heart slows down slightly or speeds up slightly. This heart rate variability is something built into the Apple watch and into the iPhone app that you attach to the Apple watch. Isn't that useful without an iPhone, frankly? Then you can look at your heart rate variability right there. They said, combining that with the symptoms that people reported, these Mount Sinai staff, that the symptoms that they reported that were associated with COVID-19 including fever, aches, dry cough, gastrointestinal issues, loss of taste and smell corresponded with changes in the heart rate variability. I thought that was just absolutely phenomenal because heart rate variability is considered to be a key indicator of strain on your nervous system. COVID-19 obviously is going to put a strain on the nervous system. Just very neat. It says here that the study was not only able to predict infections up to a week before tests provided confirmed diagnosis but also revealed that participants' heart rate variability patterns normalized fairly quickly after their diagnosis or turning to normal run about one to two weeks following their positive tests. That's from a TechCrunch, that particular quote. I am very excited about this, but I am also on the concerned side. I'm concerned because they are collecting vital data from us. All of the major companies, Google and Microsoft and Apple want to be the company that holds all of your personal medical records. We're going to get back to that when we come back here. What is happening? How is your doctor managing your medical records? I was really shocked to find out how that industry is working. Of course, you're listening to Craig Peterson. Check it out online. Craig peterson.com. Welcome back. What are you doing? Are you asking your doctor how they are handling your medical records? Because I think you probably should based on what I learned just this week. Hi everybody. Craig Peterson here. Thanks for joining me. We were just talking about health. We're talking about the Apple watch and the fact that there's a lot of competitors out there, some of them, a fraction of the cost. If you buy the Apple watch on terms, you're going to pay less in one month's payment on terms to Apple than you would for some of these other watches out there, but Apple watches do have more features. Mine even has a built-in cellular modem. Even if I don't have my phone with me, phone calls come through to my watch and text messages, and I can respond and answer. It's really nice. Medically I am very impressed. It has been good at motivating me to do some exercise, to get up, and about just to do a bunch of things I had never, ever done before. Consider that. It is collecting our data. Apple now has potential access to all of my cardiac data. They've got EKGs that I have run on my watch. They know about my heart rate. They know how often I exercise, and how hard I exercise when I exercise. They know all of this stuff about me. I had a conversation with someone just saying why does that matter? Maybe it's Apple, maybe it's somebody else. Why does it matter? It does matter. Think about an evil genius, right? The thing about somebody that might want to target Americans and might want medical information about Americans. They can gather it in a number of different ways. We're going to talk about medical records here in a little bit. One of the things they could certainly do is grab all of our watch data. Some of these watches, including my Apple watch, have GPS built into them. When you're out running or jogging, you know where you went, you can plan your route and it'll remind you, Hey, turn here, turn there. That's one of the things I love about the Apple Watch when I'm using it with Apple maps out driving, it taps me on the wrist and reminds me, Hey, in 500 feet, you got to turn. If I look at the watch, it'll even show me the turn I need to make coming up in 500 feet. It's really amazing. All of this information is being compiled and hopefully, it's being compiled by a company that we can trust. At this point, we can probably trust Apple. Hopefully, they're not going to be broken into. Now, their margins or profit is high enough that they certainly can afford a security team, one capable of defending them and defending our data. I hope they are. I suspect that they are for the most part. How about some of these others? We know Google, for instance, is in the business of collecting and selling our information, is having all of our medical information. Not just the stuff from our watches, but the stuff from our doctors. Are they to be trusted with that kind of information? Going back to that bad guy, that mad scientist we can, and probably do engineer viruses that are targeted at specific things. In fact, the Russians have been doing it. The Soviets' started it, they came up with a phage. That can attack certain viruses and it acts like a virus it gets in and does this little thing. We've got right now, these COVID-19 vaccines and they act like a virus they're messing with, well effectively, the DNA. In fact, it's the RNA, but it's pretending, Hey, I got a message from the DNA, here it is. What if a bad guy knew that are a certain population in a certain area, and that area was right by this important military base or whatever they came up with something that would target them and they'd have all of the data to do it now. That's obviously an extreme example. A more common example would be that your medical data is there. It's being sold to advertisers and you're going to end up with something. For instance, there's a company, very big company out there and they sell baby products. What they did was they tracked and they bought this information, but they tracked women who were purchasing certain things. Now, they weren't purchasing things that were directly related to having a baby, right? They weren't purchasing diapers or little jumpsuits or whatever it is. They were purchasing things that were not directly related maybe people wouldn't even think they were typically related to having a baby. Yet they were able to figure this out. They got that good with the data. So they thought, Oh, okay let's get wise here. Let's send out a postcard, congratulating them on their pregnancy and offering them a discount on something. Yeah. Not a bad idea, frankly. However, in this case, some of these moms I hadn't told anybody that they were pregnant yet and didn't want to tell anybody that they were pregnant yet. It fell on its face. Didn't it? How about these ambulance-chasing lawyers that are out there? Are they going to want to gain access to this, to your medical records? How about your employer? Your employer wants to know I'm going to train this person. Hopefully, they'll stick with us for a while, but is he going to be a burden on our medical plan? Keyman insurance, health insurance, life insurance. Have access to everything about you. That's what really concerns me about these, all of these devices. Right now, pretty confident that I can give Apple this information and they will keep it pretty safe. But, I said the same thing about the Great Suspender, right? I don't know about the future. Then I found something out this week that was in my mind extremely disturbing. We have a new clinic that we've picked up as a client. They needed to have security. They had a couple of little security issues. They were worried. They knew they were not HIPAA compliant. They approached us because they know that's what we do is cybersecurity and audits and remediation. Fixing the problems. We pick them up. They're a client. We're in there. They had told us in advance that all of their medical record systems were on-line. It was on the web. All they needed was a web browser to run their business. Okay. That could be a problem. It might be okay. The medical records manufacturer might have good security on all of the records. So we may be safe, although in HIPAA unless you have a business process agreement in place with that vendor if that data is lost, it falls back on the doctor's shoulders. Anyhow, what I found out was, first of all, it wasn't completely web-based, which just shocked me. I'm not talking about they have to scan records or they got the x-ray machine or whatever. It really wasn't web-based and secondarily the company they were using for the medical records was a free service. The doctor, that clinic, was not paying for their medical records management software. The way it works is this medical records management company when the doctor prescribes something when the doctor performs a procedure and bills and insurance company, it's all done through this one company and that company takes a chunk of their money. In some cases we found seems to have been inflating the bills that went off to the insurance companies and that, as it turns out is a common practice in the industry. According to the doctors at this clinic, I was shocked, amazed. Something you might want to look at. Ask your doctors where are your records kept and are they secure? Now we had HIPAA. We thought that would secure it, but it doesn't. Stick around. Hey, we got a name now for what happened to the Great Suspender and QR code scanner apps over on the Google stores. One at Google Play, the other one over on the Google Chrome store. It's become that popular. Hey, everybody, I wanted to mention this whole new category of malware really, and they're calling it, right now, Buy to infect. What happens is a bad guy, a malware guy buys a legitimate app and then starts infecting it. We know, obviously, about the one that I've been talking about a lot the Google extension that I used to use all of the time, the Great Suspender. I mentioned this one a few weeks ago, it's called QR code scanner. It's been on the Google play store for a long time, had more than 10 million installs and then all of a sudden it became malicious. This is a little bit of a different angle on it because, with the Great Suspender, the ownership of that software actually transferred to somebody. With QR code scanner, they were working on a deal with a company and this company wanted to verify the Google play account for QR code scanner. This is all according to the owner, the original owner of QR code scanner. They said that what had happened is part of this purchase deal. I let them have a look and gain access to the software's key and password prior to purchase so they could confirm the purchase, which doesn't sound too bad. Apparently, as soon as they got a hold of the software's key and password, forget about the purchase, we're going to start infecting it right away. It ended up getting that app, the QR code scanner app, pulled right from the Google play score store. Of course, now you don't need that quite as much because most of the phone apps when you go to take a picture, the camera apps have built into them, a QR code scanner. I thought that was fascinating what they did. They totally cheated the company. They didn't even bother buying it. So a little word for the wise out there. Got another Apple story cause this is showing how the computer industry is really shifting. We've talked about some of the shortages of chips and the shortages of computer chips are so bad that General Motors has had to shut down two-thirds of its manufacturing lines in at least one plant. Every major automobile manufacturer is having problems making cars because they can't get the chips. Remember nowadays, a car, a truck is essentially just a computer on wheels. Not really actually computer on wheels. It's really dozens of computers all linked together with a network on wheels. Apple has been worried about that, right? Supply chain. That's one of the things you're supposed to worry about as a public company. What are the risks going forward including to my supply chain? Obviously your supply chain matters. You gotta be able to make something you need parts, right? Apple has been upset with Intel for a while. You might remember Apple. When it first came out, was using a Motorola chipset, which was exceptional much better than the Intel chipsets. Of course, that's my opinion, a lot of people agree with me. You had the 68000, 68010, and 20, et cetera. Very good chips. When Apple started getting into the laptop business, that's when the problems started to happen. These Motorola chips gave off a lot of heat and used up a lot of electricity. At the time Apple looked around and said our only real alternative right now is Intel. Intel has a whole line of chips, different speeds, and they have mobile chips. Those mobile chips use much less power than the Motorola chips for the main CPU. They also use less battery. Those two go hand in hand and generate less heat. That's it all goes hand in hand. So they said, we'll start working with Intel. They did. Intel really disappointed them more than once, which is a shame. They disappointed them with the 64-bit migration. AMD, advanced micro devices, beat Intel to the punch. Shockingly Intel started making AMD compatible CPUs right. The 64-bit extensions to the CPU were AMD extensions. They had problems with some of their other chips as well. Mobile chips getting the power usage under control, the heat dissipation problems under control, and they never really lived up to what Apple was hoping for. What everybody in the industry was hoping for. In many ways, Intel has been a huge disappointment, which is really a shame. We'll look at what they did to the industry, with these predictive instructions, the hyper-threading, and stuff. Where bad guys were able to bring a computer to its knees. What does Intel say? Here's a firmware patch you can apply to our CPU, those little CPUs you pay upwards of $2,000 for a piece for one chip. Those CPU's and by the way, it's going to, cut its performance by a minimum of 20%, maybe 50%, that's okay. What are you kidding me? A lot of people were upset with Intel and Apple and Microsoft and everybody released patches that use the new Intel microcode. You might've noticed when this happened a couple of years ago that your computer slowed down. I certainly noticed, actually, it was little more than a year, anyway, I noticed it because I own a data center. That has a lot of Intel chips in it where we're running mostly Unixes, Linux, and BSD, but we're also running Windows. So the only way to work around this bug was to apply the patch and slow everything way, way down. Imagine how Apple and Google felt with their huge data centers. IBM too. IBM has Intel-based data centers, as well as its own chips, and boy talking about phenomenal chips, as far as processing power goes, IBM, man, they are still the leader with the power chips and their Z series. That just wow. Mind-blowing. Most of us are stuck in the Intel world. Apple said we can no longer trust Intel. So what are we going to do? Apple said we've been developing this chip for a long time. Apple took the chip design, they licensed it from this open sourcee type of company that has a number of members. They took this arm architecture and were able to improve it, and keep adding to it, et cetera. They're still part of this Alliance. They started using these in their iPhones. The iPhones have been using these chips the whole time and they started improving them after they released the first iPhones. Intel didn't really get them upset until a little later on, too. They came up with newer ones, faster ones, better ones, right to all of these A10 their bionic chips. They've got AI chips, machine learning chips, all Apple designed. Chips, of course, manufactured by third parties, but that's what Apple is using. Apple has now said we expect all of their Macintosh computers to be based on Apple's CPU within the next two years. There's already some really good ones out there right now that people like a lot. We've been using them with some of our clients that use Apple. Not everybody has had great luck with them, but Apple is not only ditching Intel, that's not the big story here. Apple's got some job listings out there looking to hire engineers. So when we get back, we'll tell you more about what Apple is doing and what frankly, I think the rest of the industry should look at. Guess what? They are. It's been Intel versus the rest of the world. They've been winning for years in many categories, but now they're starting to lose, as major manufacturers are starting to leave Intel behind. But there's more to the story still. Hi, everybody.. Craig Peterson here. Thanks for tuning in. We're glad you're here. In the last segment of the day, I want to point everybody to the website, of course. You can get my newsletter. It comes out every Sunday morning and it highlights one of the articles of the week. It gives you a pointer to my podcast. So you can listen right there. There's just a lot of great information. Plus I'm also doing little training. I'm sending out, hopefully, next week, two little training sessions for everybody to help you understand security a little better, and this applies to business. However, it's not. Strictly business, much of what I talk about is also for home users. So if you want to go along for the ride, come along, we'd be glad to have you. There's a lot to understand and to know that you won't get from anywhere else. It's just amazing. Many other of these radio shows where they are just nothing but fluff and commercials and paid promotions. I'm just shocked at it. It goes against my grain when that sort of thing happens. Absolutely. We were just talking about Apple and how Apple got upset with Intel, but they're not the only ones upset. We also now have seen a lot of manufacturers who have started producing Chromebooks and surface tablets that are based on chip sets other than Intel's. This is going to be a real problem for Intel. Intel has almost always relied, certainly in the later years has relied on Microsoft and people bought Intel because they wanted Windows. That's the way that goes. It's just like in the early days, people bought an Apple too, because they wanted a great little VisiCalc, the spreadsheet program. Now, what we're seeing are operating systems that do not require a single line of Microsoft software. Google Chrome is a great example of it. Linux is another great example and people are loving their Google Chrome laptops, and you can buy these laptops for as little as 200 bucks. Now you get what you pay for and all the way up to a couple of grand and they don't have a line single line of Microsoft code. Yet you can still edit Word documents and Excel documents, et cetera. They do not contain any Intel hardware. What was called, well, they might have a chip here or there, but not the main CPU. What used to be called the Wintel monopoly. In other words, Windows-Intel monopoly is dying. It's dying very quickly. Apple is not helping now. Apple, they've had somewhere between seven and 10% market share in the computer business for quite a while. Personally, I far prefer Apple Macintoshes over anything else out there by far. I use them every day. So that's me. I don't know about you. There's a little bit of a learning curve. Although people who aren't that computer literate find it easier to learn how to use a Mac than to learn how to use Windows, which makes sense. Apple has really done a great job. A bang-up job. With these new chips, it's getting even faster. We are now finding out from a report from Bloomberg who first started these, that Apple has been posting job listings, looking for engineers to work on 6G technology. 6G, right now we're rolling out 5g, which hasn't been a huge win because of the fact that if you want really fast 5g, like the type Verizon provides, you have to have a lot of micro-cell sites everywhere. They have to be absolutely everywhere. Of course, it's just not financially reasonable to put them up in smaller communities. If the Biden administration continues the way they're going with the FCC and the open internet type thing of a-bits-a-bit, then there will be no incentive for any of these carriers to expand their networks because they can't charge more for better service. If you can imagine that. Ajit Pai fought against that for many years, Trump's appointee as chairman to the FCC, but things are changing. The wind has changed down in Washington, so we'll lose some of those jobs and we're not going to get all of the benefits of 5g. If he keeps us up. 6G is coming. What that means is Qualcomm, who is the manufacturer of record for most of the modems that are in our cell phones. Qualcomm has also missed some deadlines. Apple is tired of dependencies on third parties because Qualcomm might have somebody else that buys way more chips. It might be able to sell the same chip to the military of whatever country for a much, much higher price. They can sell it to consumers. Maybe they just change the label on it and call it a mill spec, and often goes right, who knows? What they're doing out there, but Apple doesn't want to do that anymore. They are looking for engineers to define and perform the research for the next generation standards of wireless communications, such as 6G The ads say you will research and design next-generation 6G wireless communication systems for radio access networks with emphasis on the physical Mac L two and L three layers. Fascinating, eh? What do you think? I think a huge deal as Apple continues to ditch, many of its vendors that have not been living up to the standards Apple has set. Apple has moved some of the manufacturing back to the United States. More of the assembly has been moved here. The manufacturing, it's starting to come back again. We'll see the Trump administration really wanted it here. We need it here, not just for jobs, we needed it here for our security. We've talked about that before, too, right? I want to also point out speaking of Apple and manufacturing, China, of course, does most of it for Apple and Foxconn is the company in China that makes almost all of this stuff for Apple. It's huge. Foxconn owns cities. Huge cities. They have high rises where people basically don't see the light of day, these high rise factories. You live there, you eat there, you shop there, you work there. Like the old company store who is it, Tennessee Ernie, right? Owe my soul to the company store. That's what's happening over there. And Foxconn has kept its costs low by bringing people in from the fields, if you will, out there being farmers and paying them extremely low wages. On top of all of that, in some cases they're using slave labor. I found this article very interesting, from Ars Technica's, Timothy B. Lee. He's talking about a potential partnership between Apple and Nissan. Let me remember. I mentioned Apple talking with Kia and Kia is denying it. The financial times reported on Sunday that this potential deal between Apple and Nissan fell apart because Apple wanted Nissan to build Apple cars, they would have the Apple logo on them. They all be branded Apple. It wouldn't say Nissan unless you took something seriously apart you might find it inside. Nissan wanted to keep the Nissan brand on its own vehicles. Bloomberg reported last week that the negotiations with Kia and of course its parent companies Huyndaiin South Korea had ended without a deal. The Financial Times said that Apple has also sounded out BMW as a potential partner because Apple doesn't make cars. So how are they going to do this? Apparently the talks faltered with Apple and Nissan because Nissan had a fear and apparently this is true of Kia too, of becoming quote the Foxconn of the auto industry, unquote, which is a reference to this Chinese well it's Taiwanese technically, but a group that manufacturers are while actually assembles the iPhones. Fascinating. Isn't it fascinating. When you start to dig into this self-driving technology and the numbers behind it, that's where you wonder, why is Apple even trying at this point, Apple's test vehicles only traveled 18,000 miles on California roads. Between 2019 and 2020, or over the course of about a year, late in both years. 18,000 miles in a year.
I know that I have been telling you about this course that I have been making for you -- Guess what it is done and this week, I will be making it available. It has taken a lot of work for both my wife, Karen and me but it is well worth it to get you this information on how you can Improve your Windows security. I walk you through all the basics of tightening up your security on Windows 10 and not only that but why you have to. his week was quite busy for me with meetings and presentations for my business. If you have not yet signed up for my email list do so today and you will be getting a large discount coupon for the course. This will be the only time that we offer this type of discount so be sure you are on my list before we release the course. Craig Welcome! Today we will talk about Intel and its war with Apple and what they did that they believe will give them an advantage but might just backfire big time. Then we will talk about DDoS attacks, BEC attacks, and Ransomware. Then we will discuss how hackers are trying to get into Apple by trying to attack their developer's computers. If you have been breached -- what did you learn you might be surprised. Then what can you do if the Feds buy all your location data from one of their security consultants? How much do you trust your security vendors? All that and even more, so be sure to Listen in. For more tech tips, news, and updates, visit - CraigPeterson.com. --- Tech Articles Craig Thinks You Should Read: Intel hires Justin Long to mock Macs in throwback to 2000s “I’m a Mac” ads ~4,300 publicly reachable servers are posing a new DDoS hazard to the Internet Ransom Payments Have Nearly Tripled Attackers are trying awfully hard to backdoor iOS developers’ Macs What CISOs Can Learn From Big Breaches: Focus on the Root Causes FBI: Business Email Compromise Cost $1.8B in 2020 One company wants to sell the feds location data from every car on Earth Tech Vendors' Lack of Security Transparency Worries Firms --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Hey, I did a webinar this week for the Massachusetts society for healthcare risk management. I thought there were some things that everybody needs to know, not just healthcare providers. Hi everybody. Craig Peterson here. Thanks for joining me today. There is so much to talk about. I have such fun doing it too, which is great. We will be discussing this in some more detail and the ransomware numbers are just scary. I was approached to give this webinar. You probably know if you've listened for the long time that I have done hundreds. If not thousands of webinars over the years. I have been doing them for our friends at the FBI InfraGard program. I did them many times, two, three, four a month for years with them all on cybersecurity. Plus, I do the free webinars for. People who are on my email list. I send out little audio grams every week as well, where I do a deeper dive, three minutes or so into a specific topic. It's really fun. I enjoy doing it. So I get approached all of the time, as I'm sure you can imagine doing these webinars for different organizations. I am always glad to do them. It might take me a little bit of time to schedule it into the schedule. You know how that goes, but I always end up doing them. This particular one was about risk mitigation because that's what these guys do, right? There's this society for healthcare risk management. How do identify the cyber threats? What are they preventing unauthorized access to PHI, which is your patient health information? Now, we all have personally identifiable information that's supposed to be protected and so is our healthcare information. So that's what we talked about, it was really fun to get into some detail, but there are a few things I wanted to bring up here with you guys. We're going to be including them this week. By the way, if you haven't noticed in my emails, I've been mentioning this Improving Windows Security course that is starting this next week. If you responded to one of my emails over the last few months where I said, Hey I'm going to be doing this course on Improving Windows Security. I would have probably responded to you saying, okay great. I'm working on it. We have been for months and because of has been months, what we're going to do for people who have asked for this already in responding to the newsletter that what I am going to do is give you guys coupons for this. So keep an eye on your email box. Everybody else. Okay. You're not going to get quite the deal. Actually, if you sign up today or tomorrow and get that newsletter should be going out a Sunday morning. Just respond and say Improving Windows Security so that you can get the full course, not just the free stuff that we're going to be giving. Man, you're going to love this anyway. It's just Craig peterson.com. If you want to sign up for that. I do these all of the time. One of the things that really stood out to me and I thought I would talk about actually, there's a few things is the security breaches in healthcare, because we all have some form of health care. If it's Obamacare, and guess what? Obama isn't your doctor. He's not seeing you, right? You've got a local doc. Sure. You go in, you talk to your doctor or they examine you. Maybe you have to go to the hospital, outpatient, whatever it might be. There are records of yours that are private, and there are people who want to get their hands on those records. Why is that? First of all this statistic just absolutely blew me away. A research company called black book market research, and surveyed about 3000 security professionals from healthcare provider organizations. 96% of those people who were surveyed believed that the bad guys are outpacing healthcare security, 96% of them. Isn't that just amazing? 56% are relying on medical devices using Microsoft windows seven. Seven hasn't been supported in quite some time. Eight isn't supported 8.1 has some support for it, but nowadays you pretty much have to be on Windows 10. If you want any support that is astounding. When you get right down to it. We also have the problem of medical internet of things, devices, M I O T think about, again, all of the devices a doctor uses. Now they might have an iPad that's relatively safe, but have you noticed there are Bluetooth thermometers now that they might use to check your temperature? Did you notice that even people who are in intensive care might be hooked up to an IV those things are connected via wifi and Bluetooth? The x-ray machines, the cat scans, everything now in the doctor's offices. Practically everything is electronic is hooked up to computers. We're helping a medical office right now doing a bit of a transition on their phone system so that they have integrated with their phone system. Now, automatic text reminders. If someone calls in or the office calls out, all of that is logged in the patient records, screen pops that come up and tell them, Hey okay is calling in and it shows all of the records before they even answer the phone. 56% of healthcare providers are using unsupported operating systems. That's just on their computers. Most organizations don't even know what is inside their machines. Cause you remember almost every machine nowadays has a computer on it. Then on top of it, they're using this 20-year-old antivirus software and insecure systems. They're really not vetting things, failure to access. It's just absolutely crazy. Now the bad guys are able to get in about 86% of the time. That's according to Verizon's 2020 data breach investigations report. That's just crazy. 86% of them are about money. The attackers usually take the easiest route to obtain all this information that they need. 43% of the breaches are due to the cloud. How many of our businesses are saying Oh, I'm going to use the cloud. I'm going to use salesforce.com. This is an example. I'm not trying to pick on salesforce.com. They've had their problems, but so has pretty much everybody else it's. We're gonna use salesforce.com for all of our client records and emails going out to et cetera, et cetera. That's just a word for someone else's computer, the cloud. It is a computer. It is still existing out there. You cannot, whether you're in healthcare or you're a regular business, you cannot just push off the responsibility for your data to a third-party cloud provider. Now in the medical business, they have these business process agreements, BPA partner agreements that say, okay, you Google, I'm going to be paying you extra for this special healthcare version. So they pay extra and they get that special healthcare version. And Google says we will keep your data safe. Oh, okay. That's well and good, but you have to pay for that version. 43% almost half of the breaches were due to people trying to use. What's called the cloud. 27% were attributed to ransomware. It is running rampant and we'll get into some of those stats here in a minute. This is the part that I would think everybody needs to hear and that is your patient health information worth 20 times more than credit cards are worth. Did you hear that? 20 times more, 2000% more than credit cards. So you might ask yourself why does that matter? What's the big deal with my patient information? If they have your credit card, they can use it a few times, hopefully, you'll notice it pretty quickly. You're using something like a credit monitoring service to notice, Hey, wait a minute. What's going on here. If they've got your social security number, they could potentially buy a house or a car in your name. You don't know that they bought a car in your name until the tow truck shows up asking for the car back. Because it's now being foreclosed on, but guess what? You don't have it. It's not yours. You have to spend 300 hours trying and straighten it all out and clear up your name? But when it comes to PHI this patient's health information, probably has your social security number. Remember when you fill out those forms when you go to the doctor's office, criminals can pull off stealing your identity that can go undetected for months, but it's even worse than that, frankly, because if they have a child's information, Oh, so again, we're talking about a birthday to name and address a social security number because you remember the government's forcing us to get social security numbers for all of our babies as they're born. Yeah. So they've got that social security number, which will never be used to track us. Will only ever be used for social security and can not be asked by anyone outside of the federal government and the social security administration. Another promise from the federal government was completely ignored. That child's personal information can now be used for at least 10 years, probably closer to 15 years by a bad guy. It can be sold to illegal aliens who now have a name social security number and maybe a fake birth date because they're really a little bit older than they appear to be on that birth certificate. That's why it's worth 20 times more. It's really something's going on. All right. You are listening to Craig Peterson. We're talking about our health care information. We're going to talk a little bit more about that. We all have healthcare records and they have some of our most personal information. That's what we're talking about today in follow-up to a webinar that I did last week for the healthcare industry. We're going to talk right now a little bit more about your privacy. Hey everybody. Thanks for tuning in, Craig Peterson here. Getting right down to the real hard stats here on our healthcare records, a lot of them have been stolen. We covered that, of course, in the last segment. If you miss that, you can catch that online on your favorite podcasting app. I'm pretty much everywhere, nowadays. It's just crazy to think about because, in reality, we have had millions of records stolen, 300 million healthcare records stolen to be exact since 2015, which is pretty bad. I'm looking at a chart right now that I showed to this healthcare industry group that showing that the hacking event has almost doubled over the last three years, year to year, every year. So in 2018, 164 major hacks, 2019, 312. That's a good double. 2020, 430, which isn't quite a double. So we are seeing a lot of data being stolen. Of course, stolen data means misused data, which is a very big problem. Now, in the healthcare industry, they've got a separate problem. That is these HIPAA rules. Now HIPAA has been in place for quite a while. It's supposed to have been provided portability of our records. Does anybody have any real luck with that? I know there are some I haven't. Portability, I don't even know where my health records have ended up. Frankly, cause my doctor ended up closing up shop and I just have no idea. But it's supposed to be portability and privacy. Well, the most common violations of these HIPAA regulations revolve around professional hackers. Then you've got business associate disclosure. Remember I mentioned that. The cloud is not an excuse for not protecting your data. You cannot hand that off to a third party. There's many more that I go into in the presentation. Of course, I talk about some of the ransomware that's been going around the fines they can get from some of these. Then here's the next thing I wanted to talk with you guys about. And that is the amount of ransomware out there. I'm going to have a little bit of a ransomware offering. Take a look in some training and stuff here. Take a look at your emails. If you get my newsletter, it'll probably, I'm going to try and get this in for tomorrow's newsletter. The one that comes out on Sunday, if you're not a subscriber right now, go to craig peterson.com/subscribe. You'll actually see it on the site @craigpeterson.com. If you scroll around, do a few things on the site, it should pop up automatically for you. I'm going to make a note to myself here about the ransomware stuff. So you guys can hop on and get more information about how to protect yourselves too. Now we're just talking about healthcare and of course, this is every business and every person out there. I talked about this Conti gang. I don't know if you've heard of them. C O N T I. Now, remember what I've said before about ransomware. It used to be that you'd get ransomware. Your computer would now have it's data encrypted, and then it would pop up this big red screen up that said you've got ransomware in order to get to all of your data back because what the ransomware did was encrypt it. You need to go to this website. You need to pay this amount of Bitcoin to this Bitcoin wallet and off it goes, right? That's the idea. According to the FBI, about half of the time, you'll get all your data back half the time. That's even if you pay the ransom. And now, too, that the. The State departments might come after you, and the FBI, if you pay a ransom because now you are supporting terrorist organizations, not just criminal enterprises very big deal. Now the other side of ransomware, and this is what just hit with a few different medical providers here. What I talked about was the Rehobeth McKinney Christian health center services, New Mexico, because now it's much more advanced instead of just getting on your computer, encrypting your files, demanding a ransom to get the decryption key. They even pre-install the decryptor for you. Isn't that handy? Yeah. What they are doing is they get onto a computer and then they start East-West spreading. Now we've seen that for years. I remember one of our clients, a car dealer, and this was five-seven years ago. They got some ransomware. Somebody clicked on something that they shouldn't have, and all of a sudden their machine gets ransomware. The machine, of course, is hooked up to the network and. It is also not just hooked up to the network, it is in fact, mounting drives from their file server. So his machine has access to all of these files. This guy was a manager over there at this car dealership. So he had access to all of the files. Think about that for a minute. What his machine did back then is it said, Oh great. Here's some network drives. It started encrypting the S drive and the H drive and the K drive. All of these different letters for these SMB mounted drives from the file server. We were in there beforehand and we installed our security stuff. When his machine got this brand new strain of ransomware, and of course he didn't want us looking at what was on his machine. So we couldn't install all of the antivirus software because then we would have access to it. We've got another client that's like that too, where the owner of the business doesn't want us installing software to really keep his machine clean. I don't know why people do that. It just, are they just trying to play their cards close to the chest? Is that what they're trying to do? Are they looking at something they shouldn't be looking at work or ever? Why do people do that? If you got hints, let me know. Cause I would love to know me@craigpeterson.com. Why do people do that? Anyhow, his machine got the ransomware. It tried to start spreading to the file server. Now, we had special hardware and software installed. So we saw that spread start. We immediately shut down. It was all automatic. It was just shut down. I shut down his network port, in fact, so his computer can go anywhere. His computer had the ransomware. We were able to just go ahead and restore from backup. The bad guys know that if all they're doing is encrypting your data, then who cares? You restore from backup. Now, hopefully, you're following a three-two-one backup scheme. Most places don't. Hopefully, you're testing it as well. We test every backup that we make for our customers every day. We usually about once a week, will, if it's a server or even a workstation, we will spin up the servers in a virtual environment and make sure that it can boot so that we know we have a good backup. I got to tell you guys, most of the time the backups are not working and it gets to be a real problem. What these guys have figured, including this Conti gang is we're not going to be able to get as much money out of them by just encrypting their discs. We need to do something else. So while they're trying to spread East-West inside, what they're doing is okay, so they got a hold of this manager's computer. They start scanning for other computers and scanning for vulnerabilities scanning for ways it can gain access. Unfortunately, the statistics show us that most of us have file share turned on our windows machines. That's one of the things I talk about in my Improving Windows Security course, what to do, how to do, how to turn that off because that is the second target of ransomware. Once it gets onto your machine. You've got to turn off those file-sharing services. So we'll tell you what Conti and these other guys do once they're there in, and they have found another machine. Maybe it has filesharing services. Maybe it's good old-fashioned vulnerability because nobody patched. Man, I can't believe how fast this computer is. We just did an upgrade on my iMac here in the studio. It is blindingly fast now. But we're talking about. Ransomware and what's the Conti gang and others doing, nowadays. Hello everybody. Craig Peterson here. Thanks for joining us today. Appreciate you spend a little bit of time and I enjoy helping to bring you guys up to speed on what is happening. There's just so much of it. You wouldn't believe what I have to filter out. The Conti gang have been very successful, but their money started to dry up fairly recently when people figured out if they had a decent backup, they could just go ahead and ignore the ransom demand. Instead of paying that ransom, just go ahead and restore from backup. So they had to do something different. What the Conti gang did, as well as pretty much everybody else in the ransomware business, is okay, what we're going to do now is we're going to find all of the other machines we can find on the network. Then we're even going to have real people get onto these computers remotely that they've compromised and have a poke about. See is there patient healthcare information? Are the bank account numbers on this machine? Are there plans on what to do? Where to go? What's the business going to do next week? But particularly stuff they can sell right away. If you take credit cards, you know that the payment card industry is all over you if credit card numbers are stolen. Those are nowhere near as valuable as patient health record information. As I mentioned a little bit earlier, we're talking about 2000% more than 20 times more value to your healthcare records. Now what happens is the Conti gang says Oh looky. We've got patient information here. It has names, addresses, social security numbers. It has birth dates. It has diagnostic information, and then they upload it. We had something like this happened with one of our clients. It wasn't a ransomware attack, ultimately may have been. They came in through an unsecured VPN and that they would not let us shutdown. We told them to shut it down and they didn't. In come the bad guys, they actually were coming up via Mexico in this case. Although I doubt they were located in Mexico. They took that VPN connection, they used it now to get on to the computer and found something interesting. So they started to exfiltrate the data. In other words, Take that data and send it out. That's exactly what the Conti gang and others are doing now. We noticed, wait a minute, this is all automatic. Why is data going out from this host at that speed to this address at this time of day? It wasn't a normal pattern. So our hardware-software that's sitting there in their network automatically shut it down hard. They were able to exfiltrate just a tad bit of data and then it was stopped instantly. That's what they're doing nowadays. So the Conti gang gets your data and then they try and say pay up from an extortion standpoint. Instead of just holding your data ransom, they're extorting you. Saying, if you do not pay us we will release this data. The Conti ransomware gang has its own website out there. It's called a leak site. There are many of them out there. If you go to that site, I'm not going to give you the URL. It's right there. There's their logo. Conti gang has a logo and it says Conti news. It's talking about how you can make your payments to them and what data was released and that this person paid up, but it was too late. We don't have the data anymore, which means it was released and too bad. So sad. I wouldn't want to be you. Here's another ransomware gang. I've talked about with the Massachusetts society for healthcare risk management in this webinar, and that's the Avedon ransomware gang. So again, they had stolen personal information. They had health information and they had not just the ransom side, but the extortion side built into it. This was in relation to an attack on the Capitol medical center in Olympia, Washington. They have leaked some of it they're threatening to leak even more. If Washington Olympia capital medical center doesn't pay up. Now, I went through here with Karen, helped me out with Karen and we got some other stats. First of all, 70% of the time now, ransomware results in data exfiltration. In other words, 70% of the time, your data is stolen prior to the file encryption. Pretty bad. Pretty bad. Things can get particularly harmful because these ransomware attacks are a growing concern. They're disrupting patient care and healthcare, right? Disabling critical systems because they have been even holding ransom some of the diagnostic equipment, MRI machines that were connected to the network. There were running Windows. Who would use Windows in the machine that's healthcare critical? Obviously interrupt revenue flow and they had to now go get involved with real expensive remedies. It really puts him in a very bad spot, very bad. We've had almost double the number of healthcare institutions attacked this year versus last year. I'm not going to go through all of these things here. I explained to them the difference between some of these real sites and fake sites and how you can get access to it. By the way, if you're interested in this, I did record this, I'd be glad to send it out to just let me know, just email me@craigpeterson.com and I can send you some of this healthcare stuff, the slide deck, or whatever you might like. Phishing campaigns, way up. You probably heard about that. I gave some examples of that emailing patient information without encrypting it. Wireless infusion pumps are, of course, compromised because they're running an operating system that hasn't been patched. Usually Windows. Think of that there's Windows in that infusion pump, but it could be a version of Linux. It's not patched. It's crazy. Vital sign equipment. Oh my gosh. We're also seeing that this patient's health information being stolen now is being used to create fake insurance claims. You might've been wondering in a previous segment here, I was talking about how. Much this is worth and it's worth a lot while this is one of the reasons it's worth a lot, your personal, private patient health information. If you have a diagnostic info and that diagnosis has been stolen, and then they can file a health insurance claim. Yeah. You see where I'm going with your information as though you received some treatment or some care for the diagnosis that was in your healthcare records. It's just that simple. The average cost of a data breach right now, by the way, if you are a regular business, it's $158 per record for non-healthcare and it's $408 per record. If you are in healthcare at all. That's a doctor's office. That's not just hospitals, it's anybody. And by the way, mobile breaches are really big 43% of healthcare organizations who reported a mobile breach, said the mobile breach caused long-lasting repercussions. Now, think about this. If you're a patient. How well are your records protected? I can tell you based on what I've seen and talked with healthcare, people have seen statistics they're not protected very well at all. People will start going to jail over this. People in the healthcare industry that is. So just in case, you were thinking that couldn't happen to you. I'm gonna spend a couple of minutes now talking about what happened a long time ago, in February. 2021 with healthcare records. This is amazing. Hi everybody. This is not the healthcare network. No, it is not. I'm looking at these slides that I had put together, of course, based on research that I did, for the Massachusetts society for healthcare risk management. It was an online webinar. I do webinars all the time. I do them for listeners where we talk about something that's hot in the news. You might see me doing various lives. I haven't done one in a little while. Do you think I should be doing Facebook lives or YouTube lives? I know a lot of people have a real problem with Facebook. That's certainly understandable from my standpoint, but do you think it's worth it? Get on and I can answer questions and things. Let me know me@craigpeterson.com. I've done them before. I usually get a handful of people on. I'm not sure how much it's worth or not. They are coming for you when we're talking about the health organization. So as healthcare organizations. So we're focusing on the bigger ones because that's who I was presenting to. I always make these slide decks. This one took me a week to put together right. Karen and I because there's so much research and I know I shouldn't spend that much time on these things, particularly if I don't charge for them, but I've got to do it. I was talking to a friend of mine who's an attorney. He said, do you know what? You would be one of the richest men in America if you did not have morals. Oh my. February 2021, we had Gore medical management out of Griffin, California, with 80,000 people affected. Nevada Orthopedic and spine center. Las Vegas, 50,000 people. UPMC life-changing medicine out of Pittsburgh and only 40,000 people there. Remember, this is February. 2021. Oh, wait. There's more Grand River Medical group out of Dubuque, Iowa, Harvard eye associates out in Laguna Hills, California, Texas spine consultant out of Addison, Texas. UPMC Health plans out of Pittsburgh, PA. Granite wellness centers, Grass Valley California. Granite is Northeast, people. Aetna Hartford, Connecticut. Isn't this something, February 2021. 12 Oaks recovery center, NAVAIR Florida. Pennsylvania Dalton teen challenge in Pennsylvania. Data Logic software, Harlington, Texas. Yeah, it goes on here. The house next door, Deland, Florida. Project Vita health center, el Paso, Texas. Just in February. Lake Charles Memorial health system, Lake Charles Louisiana. UT Southwestern medical center, Dallas, Texas. Hackley community care center out of Michigan. Rainbow Rehab center, Lavonia, Michigan. Jacobson medical hospital care center Elgin, North Dakota. Pitkin County, Colorado. Piedmont health services, North Carolina. Hope healthcare service, Fort Myers. I like Fort Myers. Jacobson Memorial hospital and healthcare in Elgin. You getting you guys getting the gist here and you pick it up what I'm putting down. Jacobson Memorial hospital. This was a data accident involving an employee email account potentially exposing current and former patient data to authorized individuals. You know what, the number one question I had. I got to put that together. Let me just jot this down so I don't forget. Gmail. Doctors. The Number one question I had was how do we stop doctors from using their Gmail accounts? That's the same type of thing that happened on February 23rd, 2021, right here, where they were forwarding email and this happens. We see this all the time. Somehow doctors think, I dunno, they're immune to these things, or it's not going to happen to them. I don't know. An email comes in and it comes into a secure email system. Then the doctor configures it to forward his email that comes into the secure clinic, his doctor's office, whatever it is, forwards it to Gmail. What happens at that point? It's now in Gmail, it may or may not be secure. If you're not paying Gmail for your account, you can be pretty sure it's not terribly secure. There is an encryption standard, an email called TLS and Gmail does not provide TLS services, guaranteed, for free accounts. In fact, I don't think they provide them at all for Gmail accounts other than the paid accounts. This is an absolutely huge problem. The FBI and the Department of Homeland security CISA came out with another warning here about healthcare. This is affecting all of us because this is our personal information. Why are healthcare records so much more valuable? I mentioned earlier a couple of things. One is they usually have a social security number, name, and address, so it can be used now to steal someone's identity. They often have diagnostic information. So that means it can be used to file fraudulent insurance claims. What else can you do with some of this medical data that is stolen? If they have your medical data, it's so much different than your credit card, because credit card you can cancel. In fact, even if you don't cancel, if you notice you get a new credit card, every what is it - three to five years, new credit card here it is. There's a new number, at least a new code on the back, right? CVC code. You look at that and say new card okay, whatever. It's such a pain because you have to go and change it on any website or with anyone that's doing an automatic ordering. But when you get right down to it, What can happen if your credit card numbers are stolen? They can run up your credit card. You can, before you pay it, file a claim and say, Hey, someone stole my credit card number. That is bad. I did not authorize these charges and they will back out the charges for you, right? You haven't put a dime of your own money out there. Now, a debit card. Yeah. They've taken your money and now you got to fight a bit to get it back, but you can get it back from all the major credit card issuers, but you get a new credit card number. What happens if your social security numbers are stolen? Did you know that the social security administration will not issue you a new social security number? Is your number stolen? Did you know that? How about the rest of your information? Most people live in a home for at least 10 years, not longer. That's a lot longer than your credit card number's going to be around so they can now again, continue to file for loans under your name, your address, your birthdate, maybe for the rest of your life. This is our personal information. And as you probably noticed early on, I was talking about how upsetting it is to me that we have a national ID stamped on our forehead effectively. We have a social security number that we now have to use for everything it's called a social security number because it was put in place for this Fake insurance program that the federal government put together because it's not an insurance program. It is not run like an insurance program. They put it together and they called it social security. They gave you a number because they had to keep track of your account. And really it was your account number. Now it's used everywhere. There's proposals out there. Hey, let's come up with a digital ID, a digital identifier. A digital passport, if you will, as though that's going to solve the problem. The problem is we now have our data stolen. It's already out there. It's everywhere. Can you imagine what China might be thinking about doing with it? China has been, it's been verified now. China has stolen the records of pretty much every federal employee, every background check record of every background check that was done for clearance via the FBI. What's going to happen if they decide they really don't like us anymore and they just let loose? What a great way to shut down our economy. Like overnight, by all of a sudden creating millions of fake accounts. Using real identities, our identities. This is just nuts, it is absolutely nuts. We've seen these hacks and we just ran through some of the healthcare hacks that happened in February of 2021 one month. These are the ones we know about. Most of them are in fact, probably not reported at all. Add on top of that, now we have doctors that are working from home that are using what we're calling loosely, telemedicine. They're getting onto platforms that were never designed to keep our data safe is not HIPAA compliant. They are exposing our data even more than ever before. I don't have the answer for this, because they are not, I can guarantee you, they are not pounding down my door to have me come and help them. I could. That's what I do. They're not. In fact, when I reach out to most of them they hardly care at all. Not a big deal, right? Not going to happen to me, can't afford it. Yet they're pushing all of this burden onto us. It is extremely upsetting. Something has to be done. Something has to be done about healthcare. We need to enforce these HIPAA rules and regulations, and people need to go to jail for blatantly ignoring what they've been saying, by signing these forms, blatantly ignoring what they've been saying. They've been doing now for what 20 years? Visit me online. Craig peterson.com. Make sure you get on that newsletter so that you don't miss a thing. I think we beat healthcare to death in the last hour. We're going to be getting into a bunch of new topics here. This whole thing about Intel hiring Justin Long has stuck in my craw too. So we'll start with that. Hi everybody, Craig Peterson here. Of course, it sounds like its a stuck in my craw week, but we got to keep you guys informed and it just really irks me, that so many businesses are trying to do the right thing. They are spending money. They're getting training for their people. They're getting the right kinds of equipment. They might be buying stuff from me or whomever. It really doesn't matter. They're trying to do it right. That costs them. There's no question about it. They are competing against people who don't care. That's what really bothers me. They're competing against people that are barely spent a dime. Maybe they bought a SonicWall firewall 10 years ago, but that's the last time they did anything for security. To me, that is a sin and should be a crime. If you've got a company, like maybe you've got a DOD contractor, and they've spent 200,000, maybe as much as a million dollars if their really quite a bit bigger on just trying to secure their networks and okay they sell to the DOD, but they sell to a lot of other companies as well. How do they compete? How do they compete against somebody that just hung up a shingle and is out there selling a competing product? Nowadays, you can't tell. This is an old one, right? Do you remember the Lycos commercials on the internet? No one can tell you're a dog. That's exactly what this is about. No one can tell going to the website. How good are you? How long have you been around? How much have you spent on cybersecurity? Is it any good? It's just nasty. It is really bad, bad stuff. We are getting attacked so much. Ransomware attacks have tripled in 2020 and remember ransomware isn't just ransomware anymore. Most of the time it's also got extortion built-in. It's just crazy. Make sure you are on my email list. If you're a home user, that's great. There's lots for you to learn. If you're a business that's great, there's lots for you to learn as well, and I'll let you sort it out. But even when I have stuff specifically for business or targeted to business concerns, there's stuff you can learn from it as an individual. I want you to pay attention to it, but you can only do that if you have my newsletter coming to you every week. Of course, the best way to do that is this go to my website, Craig peterson.com. You'll find it all there. I appreciate you guys. I, again, I just can't say it enough. You have been great. I appreciate all of the feedback I get and I answer all of the emails. Again. It might take me a little while it usually takes a few days. But I do answer them and I answer them personally. Most people are really shocked when they get a newsletter, they hit reply. I replied to them. Thinking that I must be some big internet marketer, which I'm not, I'm here for you. I appreciate everybody that signs up for the list. You guys referring to people. It's interesting. Every time I send out my weekly newsletter, I get even more people signing up for the newsletter. So you guys must be forwarding it to your friends. Who is then signing up? I really appreciate that too. Cause I want to get the word out. 99% of what I do, what I say, is absolutely free to anybody who will care to listen. It's there for you. I really do want to help. You might remember these commercials from way back in the two thousand in the double ots, triple ots. Hello, I'm a Mac and I'm a PC. Hey Mac. Did you hear the good news PC choice chat? Sorry, I didn't hear you there. What'd you say, allow me to introduce the top-of-the-line PC? Okay. What are you doing in a pizza box? Go on, rip it in half. And since it's beautiful that he needs an upgrade and I'm having a very difficult time finding pictures of my friend. I couldn't hear you through my virus-proof mask. Bongiorno. Hello. Let's go to the commercial. We are a commercial. Let's go to another commercial, your first class, all the way PC and Danesh. You are banished. I have to chuckle when I hear those. Isn't that great? Those are just excerpts from some of those commercials from years ago. Of course, get a Mac. What Apple was doing at the time performed by John Hodgman. He was the guy that did the PC side and Justin Long, who was the guy that did the Mac side saying I'm a Mac. It's fascinating to me now that Intel has decided to go ahead and hire Justin. Now what's most fascinating about it is that Intel hires Justin. Wait, what are we comparing here? A PC is when you think of it, it's Windows, right? You're not thinking about Intel inside. You're buying a Windows machine. You're not buying a computer because of the chip it has in it, most of the time, right? You might buy this is when I said faster chip or that one has a slower chip. That makes a lot of sense. You're buying a computer so you can run an application. I remember very well back when the Apple two came out, the two-plus and people bought them in droves because of an application. You could get VisiCalc on there, a spreadsheet program. It was the first, it was the best. It was the most popular at the time. Then others came out that were arguably a lot better. But it still sold. VisiCalc still sold and went over to the Windows platform. So Justin is now doing commercials talking about Intel. So he's saying on the Mac, you can't touch the screen, which by the way, you can if you get a touch screen for the Mac, No two ways about it. I have one sitting right in front of me. I use this on my Mac it's a touch screen. I use it for doing presentations. I can highlight things, move things around, touch things, open them up, click on them with my finger right there on this screen. None of those have anything to do with the fact that inside that might be an Intel processor. We've got Intel now out there with I think misleading, but potentially you could argue, that they're misrepresenting Intel. All Intel is doing is providing the main processor maybe some other support chips on there. Maybe it's using Intel memory. I don't know, but in reality, what we should be comparing is our Mac, our Intel-based Mac versus our Intel-based Windows computer. Remember Macs will still run Intel. I just gave it away. Did you catch that? What's really going on here. What's really going on is, Apple is upset with Intel for some very good reasons. Intel has been massively overcharging for its processors for a very long time. Intel processors have never been that great, frankly, but because of what was called the WinTel monopoly. Intel really went along for the ride. They went along with the ride with Microsoft because people bought Windows so they could run Excel or whatever the other applications were, that they wanted to run. So what has Apple done? When Apple came out with the iPhone, it never had an Intel processor in it. The same thing's true now, with all of the new Apple equipment that's coming out. So your I-phones don't use Intel processors, your iPads, don't use Intel processors. I have sitting right in front of me, a Mac mini that has an M1 processor from Apple. And in fact, Apple right now is trying to get rid of Qualcomm as well. It can help increase their profit margins, but these things are not easy to design and implement. It took Apple years to get to the point where they had one that was really quite a good processor. I can buy a Mac mini with an Apple processor in it that is better than a hundred percent faster than a Mac mini with an Intel processor, for less money. The Apple chip costs me less money than the Intel-based processor and it's twice as fast according to Adobe, who just released their performance metrics on illustrator and Photoshop. Intel is getting very nervous because they're seeing their business go down the tubes. Intel has not been able to deliver on lower power processors. It has not been able to deliver on faster processors other than going to multiple cores. It's also having problems with manufacturing, the smaller, thinner, and thinner processors, which help with of course, using less power that makes them faster and they have less heat. Intel is saying, Oh my gosh, we're in trouble here because even Windows runs without Intel processors now. You can get a surface tablet that doesn't have any Intel in it and run windows on it. So they're in trouble there. They're seeing to the market share that's being taken from Microsoft by these Google Chrome tablets. Chromebooks, which are laptops, which are very inexpensive, very fast, very user-friendly, and very secure. Although, Google does spy on you a bit and they don't use Intel. What does Intel do? We're going to hire Justin and make people very confused about what's really going on. Don't worry about those ads, stick with anything you need to use. If you can get out of the space of windows. Get out of this space of Apple. Go with something as simple as you can. Maybe Linux, maybe ChromeOS. Hey, it's 2021, and ransom payments have nearly tripled then targeting many factoring healthcare, construction and the average ransom is now $312,000. Hi everybody Craig Peterson here. We were talking a little bit earlier about ransom and ransomware gangs. We've talked about how it can just totally destroy somebody. If you're a home user and let's say that they get onto your computer and they encrypt all of your photos your grandpa, grandma, your parents. You've got pictures of the kids and grandkids, great-grandkids, whatever it might be on your computer. Now, they're demanding $10,000. If you ever want to see your pictures again. That is a very good reason to have your photos and other documents you care about somewhere else, not on your local computer. I know far too many people who hook up a local hard disc to their computer and then back up to it. They're backing up to a USB drive that just isn't going to cut it. That USB drive is attached to your computer. If your computer gets ransomware on it, it's going to encrypt your USB drive. That's why I advise people if you are going to have to use a USB drive, let's say you've got a database that you have to open, but you don't have to have it open all day long. Put it in an encrypted volume and only mount it up and decrypt it when you're using it. Then go ahead and re-encrypt it when you're done. That's called data at rest. The idea is when you're not using it, nobody has access to it. That's what you should be doing. Remember too that if you still have that disc plugged in, and if that disc is encrypted, they can still encrypt it and hold you ransom. But they're not going to be able to do the extortion because the data they have is encrypted. They have no idea what they have. They may not even grab it because some of this ransomware software is just that smart. Ransomware gangs now that are aiming at businesses are grabbing even more money than they've ever been able to get before. The average amount that's paid, jumped 171% in 2020. There's a new report out from Palo Alto Networks. They provide all kinds of networking equipment. You probably know, I already use Cisco primarily we've used some Palo Alto. We've stuck with Cisco. I like that integrated environment, but Palo Alto is good. Just not great. Palo Alto uses data from ransomware investigations, these data leak sites, as I mentioned earlier, where some of these ransomware gangs post to the data that they have stolen from people. Those are called data leak sites. They looked at some of those things to try and figure out what's going on out there in the industry. They found that these main industries, which are manufacturing and healthcare, construction companies had almost 40% of all ransomware attacks in 2020. It's just amazing because again, the ransomware attacks are being fine-tuned to go after organizations that have data that is very valuable. The highest ransom paid that we know of was $10 million. Isn't that amazing. The highest ransom demand was $30 million. Almost a third of the average demand paid more than $312,000. So it's just crazy. When you start looking into this and these ransomware groups are really getting ahead of the defenders. They are using all kinds of different types of innovation, which is again, why antivirus software does not work. I put that into my presentation. In fact, I had in the presentation here, some slides with John McAfee, I had him for one of them, and then I had a quote from now trying to remember what he was. He was a high-end guy in Symantec which makes Norton, and both of them said this, "their software is just useless" bottom line. It's useless because these ransomware gangs are using different techniques, different styles, they're improving things, pretty dramatically, frankly, and getting these ransoms up higher and higher. By the way, they are still being paid using cryptocurrency and that surged 311% last year. By the end of 2020, ransomware payments began to decline. A lot of that seems to be because the victims don't believe they're going to be able to get their data back, which is correct as I've mentioned before. Be very careful out there. If you are a victim of ransomware, realize guys, you're probably not going to get your data back even if you pay. Also, realize that there is another extortion coming your way in most of these cases. That extortion is to pay up or I'm going to release your data to everybody. Then you're going to have to decide what to do. Cleaning up after ransomware isn't cheap. The average cost of forensic engagement is over $73,000 for enterprises and 40 grand for small and medium businesses. It's pretty bad what they're doing right now. All right next up here. We've got attackers who are going after specific targets. Now I mentioned that just now, but in this case, what they're doing is they're trying to get back doors into iOS developers' Macs. Here's how it works. If you have an iPhone or an iPad that is running an operating system. That's based on a Unix kernel called iOS that's Apple's operating system for those mobile devices. It behaves differently than the desktop operating system. That makes sense, right? Windows trying to shoehorn in the touch screens without really considering all of the implications of that, I think was a huge mistake. If you want to go back many years in Windows eight when they introduced tiles. On my archive, you will find me saying that very thing. However, If you are a developer for iOS, you're not going to be using Windows. You are going to be using a Mac. What the Mac developers use is something called X code. This is a developer tool that Apple makes available to developers who are writing apps for iOS or Mac OS, as well. The bad guys are doing a supply chain attack and they are putting fake libraries that are being used by the developers, into the developer pool. The idea behind that is if they can get this fake little library in there, they can then take control of any machine that's running that library. I don't want to get into this too techie here and have people zone out, but it tells you something here that the bad guys, rather than attacking iOS head-on like they do with Windows. They are trying to get into the developer libraries and get in that way. Now they are, don't get me wrong, they are trying to do this with Windows. It's just usually so easy to use a new zero-day on Windows, as opposed to going into all the trouble to try to get into developers' machines in order to install these back doors. It's also known as a home watering hole attack, and they send this to targeted developers. There's a visual studio project that's available right now with a proof of concept exploit for some of this stuff, but we're aware of it. We're trying to deal with it. Apple is trying to deal with it. Windows eight is happening in that area as well. GitHub has seen a whole lot of problems with this type of injection and the whole industry is working hard to stop it. I think that makes a whole lot of sense. All right. Let's talk about selling the feds, location data from every car on earth. Does that make sense? I don't know. Apple made a change in its podcasts. We'll talk about that as well. Hey, are you somebody who listens to podcasts as well as the radio Apple figured something out to the most other podcasters really figured out some years ago? So we're going to talk about the one-word change. Apple just made it. You're listening to Craig Peterson here on news radio, WGAN AM 560 and FM 98.5. Thanks for joining me today. As we've been talking about some of the great articles out this week that I was going to say the great questions that have plagued humanity, but. I don't think that's quite true. There certainly are questions we all need to have answered and I answer your questions as well. Make sure you go to Craig peterson.com. You can right there. Sign up for my newsletter. You can send me a question if you'd like to right there, or you can just email me M E@craigpeterson.com. I'd be more than glad to answer them. It is a wonderful thing to be able to help you guys out. I appreciate you so much for spending these two hours here with me on your Saturday. Podcasts are something that Apple really kicked into gear. I've been for more than 20 years doing what today we would call podcasts, and that is making available audio from our radio show. Audio from interviews. All kinds of audio for people to listen to. Many other people do. It has become a huge thing. Now there are millions of podcasts out there covering every topic you can think of talking about long tail, just microscopic and lead nailed down different topics. Apple had the iPod. You might even remember that. And I still use an iPod to this very day. I still have my iPod classic and I that's the one I use. So it is how old now? 12, 13, 14 years old. I don't know, pretty old. And I've had to replace pieces in it. But I really liked that user interface. It's pretty easy to use. I have over the years, I've put a lot of different music on there and I've also put podcast. It is an iPod with video, which means that it can play certain videos. It has been a wonderful little device. Because of the iPod and the popularity of people listening to the audio, like my show, Apple was able to really dominate that market. They became known as podcasts because of the Apple iPod. People could carry them around with them. Nowadays we stream, for instance, you can listen to WGAN on tune-in, which is available as an app. It's a website. You can listen any time anywhere. It just couldn't get much easier for any of us. It's fantastic. You can certainly download them into the app. You can download them into the Apple podcast app that's there on your iPhone. On Android with Google play. In fact, you'll find my podcast on all of those platforms, but what is really different about all of this is that now Apple is no longer the leader. It looks like Spotify is about to take over the leadership position in the podcast if they haven't already. I've made sure my podcast was on Spotify. I hadn't had it on there. They had changed the rules. I don't know some time ago might've been last week. I really don't know. But they changed the rule since the last time I looked. It was easy enough to get mine on there. I think they wanted me to pay before. Now I have a podcast that's in the top 10% of all podcasts worldwide, which I think is pretty darn cool, frankly. We're having thousands of people listen every week and that just does my heart good. I stopped doing the podcast for a while and it really hurt me, while it was like a year and a half- two years and I wasn't releasing content. I really lost traction because I had 20 million-plus downloads of the podcast, which I can still say, because that's true, but I've only had about a quarter-million downloads in the last little while still top 10% of all podcasts worldwide. What Apple is trying to do now, is try and help people understand a little better and get rid of fear by changing one word in podcast land. If you go to Apple for instance, if you go to Craigpeterson.com/apple. That's what it is you'll see. It'll take you automatically to the Apple podcast page. Once you're on the Apple podcast page, you'll see that you can listen right there on the page. It might open your podcast app or on your Mac. It might automatically open your music player, they keep changing the names of some of these things and let you subscribe. If you do, I would really appreciate it. The word is "subscribe." That word has been a problem apparently for Apple because most people when they think of subscribing they're thinking they have to pay for something. You see where they're coming from. So a lot of people didn't want to subscribe because they didn't want to pay. Podcasts are free. No one charges you for them. Now, there are some subscription models. Don't get me wrong, but in general, podcasts are free. What Apple has done now is they changed the word, subscribe to follow. Which they think most people will understand. Following someone doesn't cost you anything. That comes from all of the social media platforms that have really changed things up for them. This change to the Apple podcasts app is going to come with the release of iOS 14.5 and. We'll see if it actually makes it in there. It was noticed by PodNews, which is a website that reports on the podcasting industry. They were showing, Hey, look at this beta version of iOS where they're changing it. So that's how we know it's coming. I think it makes sense. Edison research I've quoted them before they're a market analysis company. They found that 47% of people who don't listen to podcasts thought it cost money to subscribe to podcasts. That's true with most of these apps nowadays, you can get it for free, but they also have paid versions. In Tune-In the paid version, lets you pause, live radio, and go back and listen to it later. I used to use that a lot back in the day. You also have different features on these different podcast listening apps. Most people are confused about it. 47% think it costs money to listen. So Edison research vice president or senior VP Tom Webster said the reason for this is because of the one word subscribe. That's a huge problem with nearly half the people surveyed. Won't listen to a podcast because they think they have to pay for it. Now, Spotify, which is edging up, if not surpassing Apple with the number of people who listen to podcasts has already switched. They're using the word follow to describe the feature that adds your favorite podcasts to your playlist. Spotify has also played around with this idea of paid podcast subscriptions, which could be separate from the idea of a paid podcast offering. It's a premium paid music and everything else. So it's I think it's going to be interesting. We'll see. Apple has switched pretty clear to help get rid of some of the confusion on its platform. Have a look for me, Craig Peterson in your favorite podcast app. Sometimes the easiest way to find me is just to go to Craig peterson.com/the name of your favorite podcast app. All right we've got one more segment here before we leave for the day. So don't go anywhere. We've got one company that wants to sell the U.S. Federal government location data from every car on earth. Did you even know that was possible? We're going to talk about what's going on. Hey everybody. Thanks for listening. This is, of course, Craig Peterson. Man, we have a problem coming our way and then get another one. This has to do with our cars. You might have heard, I heard that Massachusetts decided that they would start charging attacks based on how many miles you drove in the Commonwealth, and the reason behind all of this, supposedly, and it probably is, was that we have cars that don't burn any gas, electric cars, and they are using the same roads. They need the same law enforcement people. They need the same bridge repairs as everybody else, but they're not paying any gas tax. So how do we make them pay as they should? Mass it hasn't gotten very far with that yet. There's this port in your car called an ODB port or ODB2. This is a port that was mandated by the Federal Government I think in the late seventies when they started this whole mess up. That port gives them access to the onboard computer. That's there in your car? Hint. ODB, onboard computer. Important there in your car. There's so many three-letter abbreviations that sometimes I kind of mess them up. So Mass was saying, we can just hook up your car now we're hooking it up anyways when we're checking the emissions cause your car squeals on you. It's not like the days back in the eighties where they would stick a sensor up the tailpipe. To see what your emissions were like. They just ask the computer. What are the emissions like? What's the NOx? The CO2 emissions? How fast is he accelerating? That same port has been used to give trap traffic tickets but in different areas. Yeah. OBD port, I just looked it up just to make sure I had the right name for it. And it's been used to give tickets up in Canada and Montreal. There's a report that came in of somebody that was racing up and down one of the main streets in Montreal and the police got there and nobody was racing up and down. But a car by the description was there. So they pulled the car over, they hooked up the OBD reader to the port in the car. The car said, yeah, I have been going at this speed recently. The cops gave the guy ticket just based on that. Our cars had been squealing on us for a long time. Mass wants to use it to say, how many miles has the car driven? Then there's questions about can you charge people mileage, not in your state? Obviously, they are already. If you live in New Hampshire and you happen to drive into Mass one time and you buy gas there, you are paying mass gas tax, which by the way, Charlie Baker apparently wants to double. There are some limits, but I don't know how far they go. There's a lawsuit right now in the Supreme court between New Hampshire and Mass, over Massachusetts charging income tax to New Hampshire residents that never even stepped set foot in the state of Mass. So it's really convoluted. We have over 9,000 different tax jurisdictions here in the United States, and that makes things really crazy. When you think about all these different government agencies that want to put their hands in the Till and want to do stuff. How does that tie into the cars? Our cars are getting smarter and smarter. This port that was put in decades ago was the first step. The car's squeal on ya and the tell information that should be private. Some of the cars now, these better, faster, smarter cars, like the Teslas keep track of everywhere you've gone. Where you're driving? How fast you're driving? The cameras are actually recording all of the activity, everything that they see. There's seven cameras on these cars and all of that stuff is stored and could be pulled out, certainly in a court of law. We're seeing in some jurisdictions that their police want to get their hands on it. There is something going on right now. There's a company out there called Ulysses. They are a surveillance contractor, and they're claiming that they can remotely geo-locate vehicles in nearly every country, except for North Korea and Cuba on a near real-time basis. That's from Vice motherboard. So Ulysses is obtaining vehicle telematics from data that's coming out of these embedded sensors and communication centers that are in our cars and in the roadways. Some of these cars are now sharing data. This is a technology that was pioneered by NASCAR and formula one so that the cars could avoid accidents with each other. So the cars could be much safer for the drivers. That makes sense. The cars all talk to each other on this mesh network. Now we have these companies that have these autonomous features self-driving cars if you will, that are doing much the same thing. They are looking to use mesh communications and some of them already are. By grabbing things from these connected cars, like the engine temperature, your acceleration, where you started your journey, where you're ending the journey, it is a real problem. There are more new cars now being added to cellular networks. The new cell phones. Here's an article from ARS Technica from a couple of years back, it says in particular, this Shanta Sharman Consulting noted that AT&T has been adding a million or more new cars to its network each quarter for the last 11 quarters. While they didn't break out the numbers for other service providers. It also revealed that Verizon is set to make at least $1 billion from the internet of things and telematics and previous research from Gartner suggested that in this year, a few years back, 98% of new cars will be equipped with embedded modems. It's probably close to a hundred percent by now, by the way. Our Teslas and pretty much any other self-driving car is guaranteed to be called home because they use that call home function in order to upload new software for the car in case there's some sort of a problem to upload driving data so that they can figure out why did the driver have to hit the brakes or grab the steering wheel to make it smarter? So our cars are recording all of that data is coming together. Ulysses claims it can currently access more than 15 billion vehicle locations around the world each month and estimate that by 2025, 100% of new cars will be connected and transmitting gigabytes of collectible data. Definitely a concern here. Definitely concern. Keep an eye out fo
This week: Apple’s March hardware event ain’t happening, and may have been nothin but a trap to catch Prosser and his fellow leakers. But don't worry, it looks like a April Hardware event is incoming! Plus: RIP to the beloved HomePod, one of Apple’s best products--what happened!? We discuss! And Justin “I’m a Mac” Long is now Schilling Intel PCs. Lol! You’re not gonna believe this… And Apple brought a LIFE CHANGING feature to the iOS beta--we’ll fill you in! Get 3 episodes of CultCast Off Topic each and every week for just $6! Off Topic is a new weekly variety show hosted by Erfon Elijah and friends, decidated to tech, gaming, culture, and more. Join Cult Support, good friend! This episode supported by Easily create a beautiful website all by yourself, at Squarespace.com/cultcast. Use offer code CultCast at checkout to get 10% off your first purchase of a website or domain. Cult of Mac's watch store is full of beautiful straps that cost way less than Apple's. See the full curated collection at Store.Cultofmac.com CultCloth will keep your iPhone 12, Apple Watch, iPad, glasses and lenses sparkling clean, and for a limited time use code CULTCAST at checkout to score a free CarryCloth with any order at CultCloth.co. Join us in the CultClub! discord.gg/BrKdnSK On the show this week @erfon / @lewiswallace Apple’s rumored March event may have been a ploy to catch leakers The misinformation about Apple’s March April special event may have been an attempt by Cupertino to catch out the people leaking information about the company’s plans. Apple’s rumored March event reportedly will take place in April Apple’s next product launch will take place in April, not March, a soon-to-be-eyebrowless Jon Prosser claimed Wednesday. When the music stops: Apple discontinues full-size HomePod The $299 version of Apple’s HomePod smart speaker has been discontinued. The company is already selling out of its remaining supply. Justin ‘I’m a Mac’ Long now advertises Intel PCs Intel has released a bunch of new ads promoting PCs… starring Justin Long. The new ads riff on the classic “I’m a Mac, I’m a PC” ads by presenting Long in front of a white background, with tinkly music, comparing the finer points of Mac and PC. Except that, this time round, Long comes down firmly on the side of Wintel. Why Apple Watch’s iPhone unlock will change your freakin’ face-mask life iOS 14.5 will be the best update of the pandemic era because it works with your Apple Watch to remove the hassle of unlocking your iPhone while wearing a face mask. You don’t have to type in your passcode every single damn time. The phone just unlocks. Like it’s supposed to.
Welcome! I am sure that most of you know about the problems Texas experienced with its energy infrastructure well there is more bad news for our nations' infrastructure and that comes from a vulnerability in the programmable logic controllers that many of these large infrastructure providers use to control the flow of product. (i.e., water, electricity, natural gas, etc.). Also this week Google Chromebooks outsold Apple but that is not the whole story. We also dug into processors and the importance of them and how it affects what you do daily. Then we discuss Clubhouse and why it may not be the best platform to get on and there is more so be sure to Listen in. For more tech tips, news, and updates, visit - CraigPeterson.com. --- Tech Articles Craig Thinks You Should Read: Embracing a Zero Trust Security Model Turns out Most Manufacturing, Water Supply, and Power Companies Use Controllers with a Security Severity Score of 10 out of 10 Chromebooks outsold Macs worldwide in 2020, cutting into Windows market share Clubhouse is the New Up-and-Comer but Security and Privacy Lag Behind Its Explosive Growth New York sues to shut down 'fraudulent' Coinseed crypto platform Former SolarWinds CEO blames intern for 'solarwinds123' password leak WhatsApp will basically stop working if you don't accept the new privacy policy TikTok breaching users’ rights “on a massive scale”, says European Consumer Group --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Apple just got passed by Google's Chromebook. We'll tell you more about that. Clubhouse the app everybody seems to want, and it's invite-only. Sound familiar? That's happened before has got some serious privacy problems. Hi everybody. Craig Peterson here. Thanks for joining me today. There are a lot of things to talk about and I'm going to start with this article from ARS Technica, talking about programmable logic controllers. Now I can see you sitting there saying, what are you talking about, Craig? Who cares? Here's, what's going on. You heard about the solar winds hack? It's been something we've talked about pretty much every week here for the last Oh a month or so since it really happened. And we found out some more stuff about it this week, by the way, we know who the group is that actually did the hack very professional group. This means, of course, nation-state, but. They were going after different types of companies, that help the different types of companies, as well as government organizations. In other words, they were targeting MSPs managed services providers. And unfortunately, most of them failed because it's rare, very rare to find an MSP that actually takes care of security. And I'm not going to blame them. I'm not going to blame you for using one of these MSPs that got compromised. Because ultimately, security is a long tail thing. It is an industry in and of itself. It's hard to keep up. It's hard to keep moving forward. But I brought this up because I wanted to tie it into something we also talked about a bit for the last two weeks, and that is that water plant in Florida. This water plant in Florida had the amount of lye added to water, turned up 100 fold. Not 100%, a hundred times more lye in the water and somebody noticed and all well and good. Who did it? We don't really know, but here's the problem I want to talk about today. And that is the SCADAs systems, these PLCs, in other words, The computers that are controlling the valves in these various businesses and government agencies, the water plants, the electric plants, et cetera. You had valves. Those were these tubes. Remember that, and then transistors for a little while. Anyhow. This is something that's a very real problem because Rockwell automation you've heard of Rockwell before. I am sure of that because Rockwell has been a government contractor forever. They've done a whole lot of stuff in the military space and they do a ton also in the civilian space. Rockwell makes hardware that's used to control equipment in factories, a lot of equipment in a lot of factories, as well as all of these other places out there. And it is what's called generically a "programmable logic controller." They're selling them under this logix brand. You'll see them everywhere. They control everything you can think of out there. Some of them are very small. There might be a, like a toaster that you'd have on the countertop for instance, or something as big as one of those little pizza ovens you can put on the counter, but then they can be a whole lot bigger than that. But they help control equipment. And. Oh, the manufacturing and the processes on assembly lines and other manufacturing environments. You might remember what happened in Iran, where they had these PLCs, programmable logic controllers, that were part of this whole SCADAs system. It's all together. And in Iran, they were using them to control centrifuges and those centrifuges were being used to refine nuclear material eventually to make nuclear bombs. At least that's what we said. That's what the UN said, et cetera, et cetera. And then it makes sense, right? They have to refine the yellowcake. So that's what they were doing. And what did we do? Apparently, we got together with this country called Israel. It's over there in that same neck of the woods. And with them, we came up with some software to break into the computers at the Iran facility. Now, these computers were what we call air-gapped. They were not directly connected to the internet. So how did we hack it? We hacked the old-fashioned way. No, we didn't use a little honey bait. What happened with rep Swalwellout in California, who I don't understand how he's still sitting on the number one top secret committee in Congress, even though he spent years with this Chinese spy who obviously would have been feeding all of this information that he got back to China. I don't understand Nancy Pelosi. Sometimes this is just crazy. What's going on in Congress? It wasn't that? Okay. It wasn't a honey trap. It was a honey trap. I guess what they did is they developed this piece of malware, knew that they had to get it on to the machines that controlled the manufacturing process there in the plant that did the refining in order to make the nuclear bombs. How can you get it in if it's air-gapped, how can you get it in if those machines are not connected to the internet? But it doesn't matter if you break into the firewall because they're not behind the firewall. They're not on a network that is accessible from the outside. However, they were networked and they have to be networked inside the building so that you can have one computer that's monitoring the spin rates of all of these different centrifuges and just kind of keeping tabs on everything. So they went ahead and they put this little virus onto a thumb drive. And then, in fact, they made dozens of these thumb drives. They found out where the engineers who worked at the plant went for coffee, where they went for lunch and they scattered these around. And then a coffee spot at the lunch spot. And so now all of this stuff is scattered around these little thumb drives people, pick them up, Oh, a free thumb drive and they take them into the office. And this particular piece of malware was specifically crafted for this programmable logic controller. So if you plugged it into your computer as an accounting puter computer, it would say, Oh, wait a minute this is an accounting computer. I don't care. But these guys brought it back into their manufacturing facility and it did work there and it took over control of the machine that controlled all of these centrifuges. And fuges, it keeps saying fuses, centrifuges and it spun them out of control. And while it was spinning them out of control, it was showing a perfectly Greenlight status to the people who were trying to monitor it. They resist, it was a stroke of brilliant, but that is the type of system that we're concerned about. That's what we're talking about right now. These kinds of logic controllers that are used all over the place you can use them for almost anything you used on ships. They're used in government facilities. They're used everywhere. There was a vulnerability found and it was a, "I can't believe you did this" vulnerability. Now with solar winds, we found out it was a, I can't believe you did this vulnerability because apparently, solar winds had a password of solar winds one, two, three. Who wouldn't guess that perfectly good password? And man, we see these types of passwords all of the time. That's why I use a password manager. That's why you generate passwords or you come up with key phrases. Three or four words strung together with maybe a digit or something else in the middle somewhere and some upper lowercase characters. Right? That's how you generate a password. It's not supposed to be solar winds one, two, three. So that's problem. Number one, that's a big problem. This particular vulnerability has a severity score of 10 out of 10. Why? Why is this the worst level it could possibly be? Number one, it requires a very low skill level to be able to exploit it. Now that's interesting. Why is that? It turns out that these program, programmable logic controllers have a hard-coded key built into them. In other words, whoever programmed these things, and I'm looking at this list, there are a lot of them. Logix is the name of the company, the name of the product, and you'll see Logix in their names. And it is a whole bunch of compact Logix control, Logix drive, Logix a guard, Logix, guard on me. Now that wasn't supposed to provide cybersecurity support. All of those, okay. Then they have a hard-coded password. What that means is built right into the software is a back door with a password that can not be changed. Now, even if you bought one of those cheap firewalls from the big box retail store, you are going to be safer. Because at least it lets you change the password and you should be changing the password on your firewall. And in some cases, it also lets you change the username and you should change the username as well. But no. These Rockwell devices have a hard-coded password and Rockwell apparently is not going to issue a patch that directly addresses the problems that come from having a hard, coded key. So instead of that, they're saying, Oh, use these mitigation techniques. Isn't that what Iran did, isn't that? Why they had themselves? Nice little air gap network that was still breached? Oh, man. Oh, man. So it's a problem. It's a very big problem and they're just not paying much attention to it. Hey, stick around. We're going to talk about Chromebooks versus Mac and Windows right here. It looks like the Wintel monopoly continues to die on the vine because of what Apple's been doing, what Google has been doing. In fact, Google is really stepping up their game here, getting rid of Intel. Hi everybody. Craig Peterson here. Thanks for joining me. We know that Intel's been around for a long time. You probably remember Intel used to brag about it. There were ads where Intel would kick in a couple of bucks if all they'd said was Intel inside. In fact, they are still doing it on machines. You buy a machine it'll probably have a little sticker if it has an Intel processor saying Intel inside. Intel had a problem, they made components that people didn't buy. Well, they bought them, but they bought them as part of something else. They did not buy an Intel processor for the fact it's an Intel processor. Makes sense. Some of them did. I certainly looked at them. I bought AMD and some others instead,. Some of the power PC stuff from IBM, just absolutely incredible, as well as others. I have done a whole lot over the years when it comes to processors, you've heard already I helped develop operating systems and implement them and the internet protocol. I've got a lot of experience with processors, no doubt about it. A lot of machine coding and assembly work over the years. I wrote C, which is a programming language used largely for a high-speed stuff like operating systems. I did a lot of that. I look at this processor from Intel as a massive failure. Marketing-wise. In the industry, it's been really great, but when I get into it from the prospect, or from the side of being an architect, of operating systems, and an architect of user interfaces. I cannot believe Intel. It's just been terrible. Part of the problem with the Intel processors and their instruction sets. The way they do the memory access and the way they do all of their IO to other devices has to do with their legacy code. They've tried to remain compatible with all kinds of older processors over the years. I can understand that I can see why they might want to do that. They're afraid that people might leave them. They started out as a memory company and through. I was going to say no fault of their own, but no luck of their own or anything else. I don't know. Another company came to them and said, Hey, can you make a cheap processor? Remember IBM looking for a cheap processor to put into this PC right. A personal computer that they didn't think would sell very many, certainly wouldn't be a great business thing. They went and said, okay what are the cheap processors we can get and put into here? Intel, 8080. That's what we'll do. All of a sudden is born the XT and the PC XT and the PC AT came. Some of these others over the years on the 8286 and the other chipsets. Anyhow, I'm getting awfully geeky on ya. Started really falling behind. One of the ways they fell behind was in 64-bit design. In fact, Intel is AMD compatible. Now, if you can believe that. Talk about falling behind. I don't think it's the engineers, there's some brilliant people there. It's entirely business decisions that drove them to the point they're at. They continued to increase the price of the processors. They were getting a little faster, but they still had the corner on the market because people bought Wintel they bought Windows. If they're going to get Windows, they're going to get Intel. Make sense. There were some others over the years that competed including AMD, which is Intel-compatible for the most part. They really managed to keep people out of the marketplace so they could jack-up the cost. The price structure, just keep jacking up, jacking up, jacking up. Many companies got fed up with it, including some companies that had the ability to do something about it. One of those companies is Apple. I mentioned in my newsletter last week, I had an article talking about how Apple is now apparently about to make 6G chips. 6G at the next generation of wireless and Apple's getting rid of Qualcomm and gonna make in themselves. A company like Apple, when they want a million parts, they want them to arrive. They want them to be there on the day they ask for them and they want them to do what they asked for. Qualcomm has fallen down on that. They have not been able to meet Apple's demand. Intel has fallen flat on that. They have not been able to meet some of Apple's demands that have to do with the amount of energy they use the temperature they give off of course cause they want them on mobile devices. What did Apple do a decade ago? They said fine, forget about it. We're going to not use your Intel processors in our iPhone. They started using some other processors, some arm processors. Apple joined this community like an open-source manufacturing alliance that came up with a chip design that they could use as a basis. Apple took that and ran with it. Today it has run so far with it that Apple has an amazing chip. Now you can see these amazing chips in your newest I-phones and your newest iPad. That's what they have in them these new Apple processors, but Apple also now has their new M series processors, which are effectively the same things they've been using in the iPhone, iPad, but beefed up in order to handle the load you'd expect to have on a laptop or a desktop with a Mac mini. I'm just so impressed with these. I was playing with both of those. One of our clients wanted them. We had them ordered and shipped to our place. We put them on benches and we loaded them up and got them all running. We played with them a little bit just to see what they were like. Very impressive machines. They don't have Intel processors. Apple has switched processors a few times over the years, it went from the Intel or the Motorola over to the power PC then to the Intel, and now to its own chip design. It looks like completely new chipsets for the iPhone 13 hopefully, maybe the 14, hopefully, when that comes out. That'll probably be later this year. By the way, the 13 is just going to be an incremental update to the iPhone 12. They're saying is probably going to be like an iPhone 12S, really. Processors. Apple doesn't need to pay the Intel tax on these processors out there. I'm going to look right now, purchase price, Intel, a laptop CPU, just to get an idea. I'm on there right now and I see coming right up, here's an Intel core i9 $400. Just for the CPU and that's from B&H photo and B&H has a lot of this sort of thing. Most of these Intel CPUs that are on laptops cost over $400. They're branded as core this, that, or the other things. The real expense of one, just start getting into the Xeons. Those Xeon processors can be just through the roof. Here's one here right now an Intel Xeon platinum, 8180 $11,000 while actually, it's 10,995. If Apple can make its own processor, do you think they can do it for less than 400 bucks? Of course, they can, and that's going to save them a lot of money in making some of these devices. We're going to get into those devices, like the laptops. What do you need in a laptop? Why would you go with Windows, maybe one of these other operating systems, including Mac iOS? We'll talk about that. That's going to lead us into the conversation about Chrome. Why is Chrome OS becoming so popular? Why has it surpassed now market share of Apple and where did that market share come from? People have been buying PCs, but what's going on? Stick around, you're listening to Craig Peterson and you can find me online. Craig peterson.com. We're talking about chips. Yeah we're getting maybe slightly technical, but chips matter nowadays in a way that they haven't before and yet they matter even less. I'm going to explain that. Hello everybody. Craig Peterson here. I just said something that might've sounded confusing. Cause I said, CPU's matter more than ever. Yet they matter less than ever. Here's why. If you're looking at an Apple computer, you are looking at either an Intel processor, at least for the next couple of years or the Apple processor. If you're looking at a Windows machine for a little while Microsoft was really on a bit of a kick, trying to get Windows running on multiple platforms. In fact, it actually did. There were some amazing things they were able to do, but really if you're getting Windows, you are going to be on an Intel platform. How about your phone? Do you have a clue as to what kind of processors in your phone? Now, you guys are the best and brightest. So yeah, you, you might, okay. You might know the exact model number and CPU clock rate and everything else about your phone, but the vast majority of people have no idea and you don't need to know. You don't need to know because it is now like a utility. You don't really know how that electron is delivered to your house. Where that came from? How that was produced? You just turn on that light switch and hope it works, right? Unlike when there's big wind storms and your power goes out, that's what you're hoping for. That's what's happening now, you buy a phone, you don't care if there's Intel inside. The same thing's true with tablets. You buy a tablet, if it's an Apple tablet guaranteed it doesn't have an Intel CPU. If you buy a Surface tablet, you can get them with Intel or without Intel. A lot of times you can tell just based on the price of the tablet now. As we move forward, we're starting to see more and more devices powered by arm chips and others. You see the idea behind Unix, which is this operating system that's underneath all of them. Unix lives underneath MacOS. Unix lives underneath Android. It lives underneath pretty much every cell phone and every device programmable device that exists today has Unix underlayment, which is the main operating system. It's fantastic. The whole goal behind that when it was designed by At&T was to make it so that this one operating system could run on anything and it did. Universities adopted it because it would run on anything and universities were getting equipment donated to them from everybody. That was anything, right? This mini-computer, that mainframe, all of these pieces of equipment got donated. They standardized on this Unix platform and the whole thing worked out quite well. Linux is a type of Unix for those who are wondering. The whole idea behind it is that the processor doesn't really matter because there's a version of Unix that will run on really pretty much any processor that's made today or has been made for the last 40, 50 years. Now, when you start getting into the useful computers that you and I use every day. What's underneath it? If you run a Mac, I don't think you really care. If you're on a Windows computer, I don't think you really care. What you care about is can I do that task at hand? Can I go ahead and open word, document editor. Even then you don't even care if it's Word for the most part. Word, you're going to get around it a little bit easier, but if you are over on a Mac, you could use pages. It doesn't have to be word and it doesn't have to be Windows and it doesn't have to have Intel inside. I am not giving stock advice, but I can tell you, I would not be out there buying Intel right about now. Hopefully, they got some other stuff going on. I know they're looking at some new chip designs that they can provide to people that make it pretty darn simple. Now there is another big player we haven't talked about yet and that is Google. Google's got Android, which is underneath again, a Unix operating system. It has also on top of that, this big Java virtual machine, which has been the source of many headaches, a lot of chagrin here for developers. The beauty of it is again, Java was designed so that you can write your program once and run it on anything. You see where I'm going. We're getting to the point where the competition is going to be crazy. When it comes to the devices we use to get online or the devices that we are using for work, and it's going to get cheaper and cheaper. I'm not talking about the cloud. The cloud is not cheaper. In most cases, the cloud can present all kinds of additional problems. We just got an email from a listener Danny today. In fact, he bought one of the little packages that we'd put together for the listeners. About 18 months ago of a special, it was a little Cisco firewall and Wi-Fi switch with security built into them, something you can't buy off the shelf. It had the firepower basic stuff in it. Anyhow. So Danny was asking because he uses G suite. How does he do a three, two, one backup? You can't with Google's G Suite. With office three 65 or Microsoft three 65, in both cases, they have lost their client's data. So Danny was asking, so what do I do? How do I do a three, two, one backup, like you advise we do? Basically what we said is you've got to download all of your data from those cloud services, back them up properly at that point, and do it all in a format so it can be restored. So if it has to go back to the cloud, it can. It keeps your data safe. All of that stuff is, again, just it's everywhere. It's cheap. There are pros and cons to different ways of doing it. Dan is not there thinking I'm using G suite or I'm using Microsoft three 65. What processors behind it, right? You don't care. Google has said here's what we're going to do. We make a phone now, the Google smartphone isn't well adopted. It's more of an example of here's a way you can implement the Android operating system. It's a proof of concept for them. It's not a bad phone. They've tied in with some other carriers in order to provide cell phone service. They are coming out with a system on a chip. You used to have this big motherboard and if you go way back, I have a very big motherboard with all kinds of discrete components. Nowadays, all of that gets squeezed into one chip and Google has decided that they are going to make their own chip. They call it the white chapel. That's the name of the whole program. It was reportedly made using Samsung's nine millimeter process technology. In other words, it's going to be fast. It's going to be power efficient, and initially, they are going to be putting it into their smartphones. That's not a bad idea. In their pixel smartphone sometime late this year. We haven't quite made it yet to Chromebooks, but I promise we'll get to that in just a couple of minutes. I wanted to make sure everybody had a decent understanding so that you can make the right decision for yourself and your business when it comes to what kind of computing to use. Stick around. So what kind of computer should you get? What's gonna work for you? Should you worry about the chip that's inside of it? What do you do? It just gets so confusing sometimes. That's what we're going to get into finally right now. Hi everybody. Craig Peterson here. Thanks for joining me today. Now, there are options when you are looking at a computer and I know some people don't even have a regular computer anymore, so let's start there. Really quickly many people are just using their iPad and that's what the goal was behind the iPad. I think that's what Steve Jobs had in mind. Apple always wanted it to be a replacement for your computer. It is not as flexible as a computer is by any stretch. Frankly, it's gotten a lot better, especially the iPad pro because of the faster CPU and it has a few more capabilities. It's a good little unit. That's what I use by the way is the iPad pro. If you are just going online and you're doing a little browsing, maybe editing a few documents, getting on a zoom call or a WebEx call, whatever it might be, doing all kinds of the regular stuff that iPad's going to work for you. If you have an iPhone, you can link your iPad to the iPhone. If someone calls you on FaceTime, you can actually answer, take the call on your iPad. If someone calls you on with a regular phone number, if someone does that anymore you can take that as well, right there on your iPad. iPads are inherently very safe. They have done a great job in trying to keep things pretty tight from the cybersecurity standpoint on the iPad. If you need to use Windows applications, then that's where the surface tablet might come in for you. I know some people who like their surface tablets and I know people who really don't like their surface tablets. Personally, I don't think I would buy one. There's not a huge win, but again, some people like them. They're more portable than some laptops. Now, you can get laptops in the Windows world that are as small and lightweight as an Apple laptop. Now, which would I get the Apple laptop versus a Windows? I would absolutely without a doubt, no question get the Apple. The main reason for that is that it's cheaper. Yes. I said it was cheaper. It's cheaper because that Apple laptop is designed using high-quality components and is manufactured using high-quality stuff versus that PC. You might find a laptop PC laptop for maybe 350 bucks, and you look at the Apple laptops and they start at just under a thousand dollars. They're small the Apple ones and they are very functional and they will last. If you get the same component in your windows laptop, the same quality, the same speed, the same buses, IO, everything else, same display. You are going to pay more in the Windows world than you would on a Mac. If all you can afford or all you want is something inexpensive then I've got an option and it isn't Windows. Okay. Unless you have to have Windows, if there's a specific program you have to use that only runs on Windows while you're stuck aren't you. There is another option out there and it is called a Chromebook. It has been doing very well. 2020 was the first year that these Chromebooks outsold Apple Macintoshes. Now, that's a big deal because Apple's always been a kind of a minor player, seven to 10% of the marketplace. To see Chromebooks actually beat Apple is impressive. Now, part of the reason they're beating the Apple is what I just explained to you. They are inexpensive. Many kids are at home, right? They're going to school from home virtually and the schools need them to have a computer. What do they say? Get a Chromebook. Here's a $300 Chromebook. Go ahead and get this for your kid or here's $300 and or $300 Chromebook. In some cases, the school just buys it for the kid. Great for that. Now, remember it's Google, you're storing most of your documents up in Google's cloud. Depends on how you feel about Google and having Google with full access to all of your information. I have a big concern with Google having access to my kids' information, but that's a wholly different story out there. No question about that. Chrome is an operating system again, that is based on Unix. It's actually Linux, which is again, a version. It is something that you just won't see. The odds of you directly interacting with the operating system just keeps going down and down. Now, Windows, you still got a muck around sometimes you got to get into the registry editor. You got to do weird-ass stuff. With your Chromebook or with your Mac, you're not going to have to do that. It's not an antiquated design. It is a very modern design. Very easy to use. Now, I started the segment out by saying that CPUs matter more than ever, and yet they matter the least they've ever mattered. Here's why I said that the manufacturers now are able to choose the CPU they want to use. Unless, of course it's a Windows target, but for anything else for Chromebooks, they can use any CPU from any manufacturer. They might have to do some porting and do some work involved in that, but it's moderately minor. You can't say the same thing for Windows. Windows is locked into a couple of different architectures and you can bet Microsoft is pretty busy trying to make it so that it will run across even more CPU architectures. It matters more to the manufacturers and matters more to you what CPU they're using, because it keeps costs under control. It gives you longer battery life. It lets them put a smaller battery in and still have longer battery life. Lots of good things. It doesn't matter at all anymore because you only care about the web browser. You only care about the text editor, right? What is it that you care about? It isn't, what's underneath all of this. Chromebooks, you can find for 150 bucks at a big box retail store and you get what you're paying for. That hardware is not going to be stellar that's for sure. But it's going to work and is going to do a decent job for you. If you don't have any money, really, but you can afford to crack 150 bucks, look at a Chromebook. Chromebooks go all the way up into the $2,000 range. Those higher-end ones have more local storage. They're faster. There's a bunch of different benefits to them. Now, you've got the options. Apple is going to almost certainly stay with its own chipsets. It lets them keep control over the entire investment. Now, you might say that's bad. I don't want to get locked into Apple. Well is not really going to matter that much, but you are going to get locked into Apple. The reason it's not such a bad deal is looking at the marketplace, Apple has a few dozen different designs. They have to maintain the operating system for all of their software, their device drivers, everything has to work across a few different, a few dozen models. Think about it. You've got how far back your iPhones', I know they still put out some patches for iPhone fives and sixes, they might have even older ones. So there you go. Then they had the larger versions of some of the iPhones and they had the ASCE versions. Look at that. Compare that to the Android space. Where you have hundreds of manufacturers using Android and building smartphones with it. Thousands of different models of phones each with their own device drivers and all kinds of little things. Some of these manufacturers will go ahead and grab whatever's in the parts bin today and throw that in. Okay. This is true too, not just to the smartphone manufacturers, but if some of these PC manufacturers. Dell has been known to do this. Where it's okay, we're making a laptop today. Okay, we promise them this CPU, but this USB controller that we normally put in, we don't have it right now. I'm going to put this other one in there. It gets very confusing when you're trying to repair these things each one of those USB controllers has a different driver for Windows. So Apple, the part of the beauty of this is they only have to worry about the security and reliability of just a few dozen different designs versus Google having to worry about again, thousands and thousands of them. That's why also with Android you do not get the patches when they come out. If they come out, it can take an easy six months for a patch that's issued by Google to show up available for your phone. It typically takes Apple a matter of a week or so. It's just there. There's no comparison. That means your cybersecurity is going to be better when you can get patches. If you have an Android phone, that's more than two years old, forget about it. You're not going to get patches. If you really are insistent, like some people I know in fact, Danny were just talking about it. He really likes his Android. Don't first of all, always buy the top model. It should probably be as Samsung. It should be never any more than two years old. You got to trade it in every one to two years so that you're pretty sure you're going to be getting security updates in a timely fashion. There you go. That's the explanation of it. I love my Microsoft stuff for specific Microsoft apps. I really love my Mac for all the graphics and everything. It just works. It doesn't crash. The applications all just work. I use my iPad for some just general basic stuff, and Chromebooks are probably the way to go for most home users. As we just talked about for schools as well. Hey, visit me online, CraigPeterson.com. You'll find all kinds of great information there. Craig peterson.com, Look for my podcasts. I guess this is a little bit of good news. If you're a home user, not a business or some other organization, like a state or County or city office, but we've got some breach numbers that have just come out for 2020. We're going to talk about right now. Hi, everybody. Thanks for joining me. Of course, you can always go to my website. Yeah. Pick up all of the podcasts in case you missed something today or another week, you'll find them right there@craigpeterson.com. You can also sign up for my email list and we're going to be doing a couple of different things here. I think in the near future, we're going to be sending out some reports that we made as part of the security summer thing I did a couple of years ago, and each one of these reports and there's 30 something of them. Some of them are like five to seven pages long, but it's a checklist of all the security things you should be worrying about. Now, if you are a home user, you'll find a lot of these to be interesting. But if you're a business person, you work in an office, you help to run an office. You own a business. You need to make sure you get all of them. So make sure you are signed up Craig peterson.com and we'll be glad to get those out too. Plus we're also going to start something new every week. I usually have six to eight, sometimes as many as 10 articles in the week. I spend hours going through finding what I think are the most important things that interest me as well, but that I think will interest you guys. I put them in an email, it is it's not very long, but it's just a few sentences from each one of the stories and I have a link to the story as well, right there. I'm going to start sending that out as well to everybody cause some people want my actual show notes. We're going to have the newsletter once a week. Then we're also planning on having a little video training as well. So it might just be straight, like straight audio. That's part of a video, but it'll be training on a specific security task or problem that's out there. Then the course improving windows security. It's been taking us a long time. Blame it, mostly on me. Karen's also busy with babysitting grandkids at least a couple of days a week, and I'm trying to run a company as well. So it's, forgive us, but it is taking some time, but you're going to love this. I think it's turning out really well. I am about halfway done with the final edits. So I'm recording them. We go back and forth. They ended up recording them twice so that we get all of the points I wanted to cover into them. Karen's come up with a whole bunch of great screenshots and other pictures to go in with it so it's not one of these death by PowerPoint things. And we've got 21 different talks, if you will, on locking down windows and I go into the why's as well as the hows. I think that's really important, because if you don't understand why you're doing something. You're much less likely to do it. I picked that up from Mr. Tony Robbins, none other, the Anthony Robbins man. It's been over 20 years. Karen and I went to an event he had down in Boston and this was one of his firewalk or events. We actually got to walk on hot coals it was the weirdest thing ever. Karen was totally freaking out and I was just, wow, this is going to be weird, but we both did it. It was phenomenal. Cause it of gave you an idea of, even if you have this mental block that you can't do something you probably can. We actually did and nobody's feet were burned or anything. It was real coals. It was really hot. They were really red. It was really something that at the very end they had grass, a little square . Grass, maybe two, three feet by three feet and they had a hose running onto it. So you'd walk over it all. Then you'd just walk in on the grass and the idea there being if you had any hot coals stuck to your foot. You probably didn't want those just to stay on your foot. You'd probably want those, they get put out and taken off, so that's where that did. Anyhow. One of the things I learned from Tony was you need to have a strong reason why. We see this all of the time, Stephen Covey, if you read his stuff, you know it as well, you got to know why you're doing something. When it comes to computers and technology and security, you need to understand the why. Because it isn't just a rote thing. There are so many variations on what to do, but if you understand the why you're doing it, then I think it opens up a whole new world. You can explain it to your friends. You can help them understand it because finally you will understand it. You'll be more motivated to do the things that you should be doing because you know why you're doing them, what it involves, what it's going to solve for you. This should be a really great course. And I spent some time in it going through the whys, give you some examples of problems people have had and what that solves. It's available hopefully here within a couple of weeks, man. I thought I'd be done by the end of January and here it's looking like it'll be the end of February. But be that as it may, keep your eyes out. If you've already emailed me to let me know, you're interested. That's great. I've got you on a list. I'll have to try and send out an email this week or sometime soon to let you guys know it that we've got it ready for you? We will have it already for you, hopefully with the next couple of weeks. So that's that I'm told the different way of doing things that's me. I like explaining things I've been told I'm good at it. So let's I think a good thing too. I started out the segment by talking about this probably good news for end users. Because in 2020 breaches were down by 19% while the impact of those breaches fell by nearly two-thirds when we're measuring it by the number of people affected. Now, of course, if a company is breached and an organization is breached, it's counted as one. One person, if you will affect, obviously it can affect hundreds of thousands, millions of people, depending on what happens like a breach of Equifax. Are you counting that as one or you counting that as 300 million? Because that's how many records were stolen? I'm not sure it doesn't say it doesn't go into that much detail, but because the number of data breaches went down and the number of individuals affected by the data breach plummets. It's telling us something, then that is okay. That these hackers have moved away from collecting massive amounts of information and are targeting user credentials as a way to get into corporate networks to install ransomware. We've got even more news out this week about the solar winds hack. We talked about this before, and this is a company that makes software that's supposed to help manage networks, which means it's supposed to help make those networks safer. No, as it turns out, they weren't making it safer and it looks like maybe four years bad guys were in these networks. We're being managed by solar winds, not with software, right? It's not as though solar winds was managing the network is solar winds sold software services so that you could manage your own networks or in many of these cases, they were actually managing networks of third-party businesses. I do work as well for high valued in value individuals, people who have a high profile that needs to keep all of their data safe and they are constantly being gone after. They're trying to hack them all the time and the way they're trying to do it. And I talked about this really the first hour today is by this password stuffing thing. So they're trying to get in and they were successful and now it looks like it wasn't just Russia. Apparently, China knew about this hack potential knew about this bug and was using it. And apparently, it also was not. Just solar wind software. Now they're blaming some of this stuff on Microsoft office. If you have an office three 65 subscriptions, apparently they were using that to get in. So the bad guys are getting very selective. They want to go against companies and organizations like government agencies that have information there's really going to help them out. That is absolutely phenomenal. So these are stats from the identity theft resource center. And I was thumbing through as I was talking here. So it's saying that more than 300 million individuals were affected by data breaches in 2020, which means they must be counting the people whose. Information was stolen, not just the people that were hacked but it is a huge drop of 66% over 2019. And the number of reported data breaches dropped to about 1100, which is about. 20% less than 2019. So it's good. It's bad. I think the mass data collection thing is over with now. They're not as interested in it, but they are very interested in strategic attacks as opposed to just these blankets. Let's grab as much data as we can because they want to get it into these government networks, which now we've, we know they've gotten into. And then you've got this double extortion thing going on with the ransomware, where again, the going after businesses and people who they know can pay. So that's good news for the rest of us, right? The home users. It's not good news so much for some of my clients, that's what we take care of. That's why we get paid the big bucks. Now how that works. Downright stick around. When we get back, we're going to be talking more about the news this week in particular, of course, security, Facebook, and their Supreme court. Stick around. The United States has a Supreme court. Our States each have their own Supreme courts. In fact, there's probably Supreme courts all over the world. But did you know that Facebook now has something that people are calling a Supreme court? This is interesting. Craig Peterson here. Thanks for joining me. People have been complaining about Facebook and what they've been doing for years. One of the things people have really been complaining about lately is how Facebook has been censoring people, particularly according to them anyways, conservatives. I've certainly seen evidence of that. No question don't get me wrong, but there's also left-wingers who are complaining about being censored. Facebook decided it needed to have its kind of its own version of the Supreme court. You see what happened? Bins are you have a post on Facebook that is questioned. And usually what has to happen is somebody reports it to Facebook as being off-color or whatever it is, the reporting it as. And if two or three people report it, then it goes to the moderators. That same thing is true for some of the artificial intelligence. Some of it's reviewed by moderators as well. Here's your problem. Particularly when it comes to conservatives because you post something conservative on Facebook. And if you are noticed by some of these liberal hacks that are watching Facebook accounts, they will gang up on you. And they use these bots to pretend that there is an incredible rage that there are hundreds of people who are very upset by what you just had on Facebook. When in reality, no, one's upset and they're just trying to shut you down. And there might only be two or three people who actually know about it, but they'll use these kinds of artificial intelligence, bots to flood Facebook with complaints. And they're doing that on Twitter. The left is doing it all over the place. So what happens next? The big challenge for Facebook is there are 2.7 billion users. Can you even wrap your head around a number like that? That is just massive. So they've got 2.7 billion users, and now, obviously, not everybody's on every day. But some percentage of them. And I've seen it's in the hundreds of millions of posts every day on Facebook and they log in and look around. Facebook only has 15,000 moderators. So for 2.7 billion people, 15,000 moderators just isn't a lot. And the other problem is that the moderators are suing Facebook. And they came up. This was about a year ago. With a $52 million settlement with moderators and the moderators are saying, Hey, first of all, we're crazy overworked. And then secondarily, we've got PTSD. Post-traumatic stress disorder. And they're saying that they have this because of the stuff that they've had to see, they alleged that reviewing violent and graphic images, sometimes stuff. My gosh, I might've gotten mentioned here on the air, but they had to view these. For Facebook. And they said, this just led us to PTSD. I can see that particularly since they have to have so many every day. So many of these different posts that they have to look at. And they are clocked and they are third-party contractors. They're just, all this stuff adds up. Doesn't it? Moderators who worked in California, Arizona, Texas, and Florida from 2015 until last year, every moderator will receive a minimum of a thousand dollars as well as additional funds if they are diagnosed with PTSD or related conditions. So they're saying there's about 11,000 moderators that were eligible for this compensation. But this is a very big deal. It's difficult. How do you deal with that? They've got now 15,000 moderators who are reviewing the posts of these 2.7 billion users. There is a little bit of an escalation procedure, although it's a very difficult and because there are so many people who are. Complaining and trying to take care of everything. It is a very tough situation, really for everybody involved. So they've decided what Facebook needs Facebook's decided this themselves is they've got to moderate themselves a little bit better, and the way they are going to do all of this moderation is they're going to have this kind of Supreme court that supervises. All of the moderation going on within Facebook. So they call him the new to an oversight board and. Obviously with just one board, without very many people on it, it is only going to be able to handle a small number of cases. So they have been paying attention to some of the cases. And they're trying to set precedents that will be followed by the moderators and millions of other cases. It's basically the same thing that the U S Supreme court does, where they review cases that come up from the federal district court. They can have cases that are coming up from individual States as well. And then they set standards and, without going into all of the detail of disputes between district courts, et cetera, we'll see what happens in Facebook, but lower courts are treating these us Supreme court. Rulings and dicta as binding precedents for everything in the future. So it's not easy to do in our courts. We're certainly not great at it. And there are a lot of complex procedures. And even if you're talking about moderation where you bring a moderator in. And there are some standards for that in disputes between businesses where you'll pull in a neutral third party. And they'll just usually split things down the middle. But those are going to be difficult for Facebook to put in how they reviewed five decisions. These are pretty substantive. Sixth case apparently became moot after the user deleted the post. We have an uprising and Miramar right now. You might've seen it on TV. If you're paying attention. I know a couple of channels have been talking about it. But this is an interesting problem because the military has overthrown the potentially properly democratically elected government. What do you do if there is massive cheating going on in the election? We faced that question here ourselves. In Miramar, they went ahead and the military took over and imprisoned the president. There was a post talking about that and talking about Muslims in France and China. Another one about Azerbaijanis. I don't know if you've seen what happened with Armenia and Azerbaijan and lots of history going back there with the Soviets and they created this whole problem because they didn't like the Armenians, but anyways, of all of these five, they disagreed with the lower moderators opinions and they overturned them. I think it's really good. I looked at these cases and I was shocked. I think they're doing the right thing here. Isn't that weird? Hey, you're listening to Craig Peterson. Visit me online Craig peterson.com. Hey, did you know, there is a war, if you will, between Facebook and Apple? It is getting nasty. What's going on over there. That's what we're going to talk about right now. Your privacy, Facebook, Apple, and Android. Craig Peterson here. Thanks for joining me. My golly. You know what I think about Facebook when it comes to privacy, right? Facebook and Google. I think Facebook is worse than Google, frankly. They just don't respect your privacy. They will go ahead and look at anything that they can get their hands on. We'll at that point, just go ahead and pull it together and sell it to anybody that's willing to pay. I am not fond of that. And I think you can probably guess why, and I doubt your fond of that at as well. You're not fond of that either. Apple did something. If that has really upset. Facebook and Zuckerberg have been making a lot of noise about this, but Apple announced plans about a week ago to finally roll out a change that they were putting into place in iOS 14, which is the operating system for the iPhones and iPads that Apple has. They had announced that they were going to add it the late last year. And there was huge pushback from Facebook and a few others as well. What's going on here? Bottom line is that Apple is trying to force. Apps to be transparent. What privacy do you have? What data are they taking? And in the case of iOS, as well as Android and windows, and Macs, there has been the ability for certain applications to be able to look at other apps that are on the device. And by doing that, it can get data from it. They can figure out who you are. They can give a unique fingerprint based on what apps you have and what versions they are. They're pretty clever about what they've been doing in order to harvest your information. Now you might have noticed if you go in. To the app store that there's been actually a big change already. This is the Apple app store. If you go in there and you pull up an app, any app, so let's pull up Facebook and then in the app store, and then you click, obviously on Facebook, you scroll down the app store page about Facebook. And partway down, it already has privacy information. You want to click on more info project early if it's Facebook because it doesn't fit on that homepage for the Facebook app. And it will tell you everything. Everything that Facebook wants access to. Now, some of it's self-reported by the app developers. Some of it is the stuff that happened. Figure it out either electronically or by getting people involved. I would like to think that when it comes to something as big as Facebook, they really are going that extra mile. And making sure that yes, indeed, this information is valid, it is what it is. They may not, and I'm not quite sure, but look at all of the stuff Facebook is gaining access to with you. So that was a bit of a hit people were pretty excited. Oh, wow. This is great. And although Google doesn't do what we're talking about here quite yet, I'm sure they will be not in the way that Apple is doing it, but because remember Google makes money off of you and your information, Facebook makes money off of you and your information. So if you want privacy, you cannot use Google products like Android or. Chrome. And if you want privacy, you can't use Facebook. So it's as simple as that. Of course, the big question, and we talked about this earlier in the show is how much privacy can you expect? How much do you want? What's legitimate, right? All of those types of questions. So what Apple's doing now is they said that in early spring of 2021, they are going to release this new version of iOS. And here's what happens. They've added something and this is according to a white paper and Q and a that Apple sent out. They added something called app tracking transparency, and this is going to require apps to get the user's permission before tracking their data across apps or websites owned by other companies. Under settings users will be able to see which apps have requested permission to track so they can make changes. As they see fit. You might have noticed that already under settings as you can look at the microphone settings, it'll tell you. Okay. Here's the apps that I have asked about the microphone and you can turn them off. Here's the apps that have asked about the camera. You can turn them off. So they're adding more functionality. They also, in the FAQ, they said that app developers will not be able to require users to allow tracking in order for those users to gain access to the full capabilities of the app. Now, you know how I've talked before extensively about how, if it's free your, the product. So what Apple is doing is they're saying, Hey guys if the user says, no, you can't try it. Track me across apps. No, you can't get it. This privacy information, which Apple's letting you do, they cannot Labatt automize. The app is what it comes right down to. So it was in September last year that they first said they were going to do that. Then they delayed the implementation of this tracking policy. So the businesses and app developers could get more time to figure this out. One of the things that I think is fascinating here is what Facebook's doing with fighting back. Oh, and by the way, Apple has not just gotten complaints from Facebook. There are other marketers and tech companies that frankly it makes Apple more vulnerable to some of these antitrust investigations that have been. Started really against some of these big tech companies. Although, I don't really expect much to happen under the current administration in Washington because frankly, big companies love big regulations. Because they can afford to comply with them, but startup little companies who are competitors of theirs cannot afford the lawyers for the paperwork and everything out. I look at the CMMC, we do a lot of work for the DOD, department of defense contractors, where we secure their networks. We secure their computers, we secure everything. We put it all together. And we also, for some of them there's guys, there's a 50, $50,000 upcharge for this. And that's because we're cheap. Believe it or not, it is a lot higher for other companies to do it, but we do all of the paperwork, putting together all of the policies, all of the procedures, what they have and. Auditing everything for them. And we're talking about a case and a half of paper thinking of the big cases of paper, right? 500 sheets and the ream and how many reams in a box? 10 20. I'm not even sure, but literally cases. And we. Printed it up, we wrote it all up, printed it all up, delivered it to a client just a few weeks ago. And it was a huge box of three-inch ring binders. It was all in and they didn't all fit in there. They're the big guys in the department of defense probably love this because they pay a million bucks to the people, the generate the paperwork for them internally. And they know the little guys can't afford to have full-time paper pushers. And so that's why, even though we're talking about months worth of work, why we charge 50 grand, which is a heck of a lot cheaper, believe it or not. And it's a huge discount for us. So I don't expect that the fed you're going to come up with a solution. That's truly going to help the little guy here, but Apple's announcement praised by privacy advocate nonprofits as well. And Facebook apparently has been buying full-page newspaper ads claiming it's going to hurt small businesses in a way it will cause it can make advertising. Just a little bit harder. And apparently, also Facebook has decided to rewrite its apps. So no longer even requests to access, cross-app access to your personal information. We're going to wrap up, talk a little bit about Comcast data cap, and some of these SolarWinds hack victims that didn't use SolarWinds, and ransomware payoffs have surged, even though the number of people affected has gone down. Make sure you get on my email list so that you get all of the important news. You're going to get some of this little training I'm doing and the courses that we've developed. The only way to do that is to go to Craig Peterson.com/subscribe. That's how you get on those lists and I'm not sitting there and pounding you or anything else, but I want to keep you informed. So there you go. We're probably going to increase our volume from one email a week to three so that we can provide you with a little bit more training. I want to keep these down to something that just takes you a few minutes to go through, but could save you millions of your business and tens of thousands, your retirement, if you are a home user. So make sure you are on that list. Craigpeterson.com/subscribe. Comcast. I know many of us have Comcast, I certainly do, is imposing data caps on many people in many parts of the country. That includes people to the South here, Massachusetts residents. What do you think they're doing down there? The state lawmakers have proposed a ban on data caps, a ban on new fees, and a ban on price increases for home internet services. The idea from their standpoint is we have a lot of people who are working at home because of a lockdown. What are they supposed to be doing? I'll take my daughter, one of my daughters, as an example, she's working at home. She used to work in a call center she'd go to every day. Now she's working at home. Are they paying a wage differential for her? Are they paying for the electric bill? They're not even paying for the phone bill or the phone. She has to provide her own phone. She takes inbound calls for a call center. Can you believe that? It's just amazing what's happened. The company is saving just a ton of money because people don't have to go into work. You can bet they're going to dispose of some of this space that they've been. What's happening here, we are using more bandwidth than we've ever used because more people are at home and it isn't all business related many are watching Netflix or you've got Netflix on in the background while you're working on stuff. It's just so common to do that. What data caps are doing is they say you can only use so much data a month. Then there's usually a penalty of some sort. In Comcast's case, they said for the first quarter of 2021, I believe is what they had come up with. We'll just warn you that you go over your data cap then they'll charge extra. I have a friend who has Comcast and he said, I think it took him like three days before he went over the data cap. That's not long. It's because they're streaming TV. They've got kids working from home. Then you've got meetings that they're going to, that are now streaming. So I can see this, but from Comcast side, they now have to handle more data than they've ever had to handle before. Because we are using it, like for my daughter, she actually has a cell phone, but all of the calls are routed over the internet. Cause her cell phone hooks up to the wifi in the house and the calls come in and go out via that wifi. It goes through the internet, it goes to her phone carrier's network. Then it goes to the call centers network. So there you go. What does that need? That needs to make sure there's no jitter. You don't want voice packets to be dropped because then it sounds terrible. It's very obvious when audio is dropped. I don't know if you've noticed if you're streaming something from one of these online streaming video services, but sometimes. It will hiccup a little bit, but have you noticed that with the smaller hiccups, the audio is fine and the problem is in the video. Now they do that for a couple of reasons, obviously video uses more bandwidth than audio uses, but the other reason is people tend to get more annoyed by audio fallout and audio problems. Comcast is saying, Hey guys, look at what we have to do with our networks. We have to expand them. We have to increase them. Now I've got to bring up again the Biden administration because of what they're planning on doing with this fairness doctrine on the internet. What they're planning on doing is saying, Hey, Comcast, just because this person uses five terabytes of data a month, you should not be charging them more than grandma that uses 10 gigabytes a month. Thousands of times more bandwidth requirements, you're not allowed to bill them differently. Cause a bit is a bit which is absolutely insane. I don't know how they can justify this sort of thing. So what's going to happen is you get companies like Comcast or other internet providers who are going to say. We are not going to invest any money into expanding our capacity because we can't charge for it. Doesn't that make sense to you? It makes perfect sense to me. By getting the FCC involved, it's just going to be crazy. Ajit Pi resigned when President Trump was leaving, he used to be the chairman. He actually had a head on his shoulders, but these new people President Biden put in there, it's insanity what they're trying to do with our networks. It's going to make it much worse. Comcast is putting data caps in. You hit the data cap it, they're just going to slow you way down. That happens too, with a lot of our cell phones, our cell phone carriers, if you use more data than they've allotted to you, they'll drop you back. So most people have 4g. Yeah. Okay. Your phone's 5g, but really guess what? You're not getting 5g. It's very rare unless you are on the T-Mobile slash Sprint plan. T-Mobile more specifically because nobody else has the coverage that T-Mobile has for 5g. So you're using 4g LTE, you hit your data cap. They're going to drop you back to 3g, which is really slow comparing the two together, all the three of them, frankly, but it's very slow compared to a 4g LTE. In mass, by the way, I should mention Verizon files and RCN. Do not impose the data caps. It's just our friends at Comcast that are doing that Vargas and Rogers. They let a group of 71 different Massachusetts lawmakers urged Comcast to halt the enforcement. By the way, the data cap is 1.2 terabytes per month, which is actually quite a bit of data. You'd have to spend a lot of time streaming TV. The cap does hurt low-income people is no question about it. If you are being forced to work from home because of the lockdown, the government's forcing you to work from home. They put their fingers in anything, and that just never seems to work out anyhow. We'll see what happens down in mass with Comcast and these guys.
požadavky - co nejnižší hmotnost, nezávislost na napájecím napětí Typy - Laptop (na klín) - m < 5kg, A3, velikost běžného kufříku, notebook, m < 3 kg, A4, palmtop - do dlaně, m < 1 kg, A5 HISTORIE - IBM PC Portable (1983), velký a těžký zdroj - neuplatnil se, větší popularita po 1985 - LCD displej 640 x 200, obrazovka zabudovaná do základní jednotky počítače (u stolních pc skříň) PCMCIA (Personal Memory Card International Association) - podpora Hot Plug / Swapping a Plug & Play - nástupcem Express Card - 3 typy - Type I - tloušťka 3,3 mm - paměti EEPROM (Electrically Erasable Programmable Read-Only Memory), ROM/OTP (One Time Programmable), RAM, Type II, Type III - hot swapping pevného disku, Card Bus - pozdější 32 bitová verze PCMCIA - disponuje funkcí bus mastering - umožňuje zařízení na kartě přístup přímo do paměti POWER MANAGEMENT - nastavení v BIOSu - vypnutí do pohotovostního režimu (stand-by, sleep mode, režim spánku) - vypne se pevný disk a obrazovka, hibernace - stav paměti, procesoru atp - odloží se na HDD/SSD - po dalším zapnutí se automaticky obnoví, nastavení dalšího rozbíhání HDD (rozbíhání energeticky náročné), monochromatický režim, možnost vypnutí napájení periferií, když jsou nevyužité, nízkonapěťový procesor AKUMULÁTORY - požadavky kapacita/objem a hmotnost, x samovybíjení, x paměťový efekt, dlouhá životnost Typy: NiCd, NiMH, Li-Ion, Li-Po LAPTOP (notebook) - Sloty - rozšíření pomocí dokovací stanice (docking station), sběrnice PCI standard/express, Procesor - nízké napětí, Klávesnice - Fn, polohovací zařízení - miniaturní trackball se dvěma tlačítky, touchpad, Zobrazovací jednotka - 1/2 - 1/3 ceny, dříve 16 - 256 odstínů šedi, dnes 256 - 65 000 barev, pasivní displeje - záleží na úhlu pohledu x aktivní (TFT) displeje - vyšší světelnost, spotřeba, cena, nižší únava očí PDA - PPC Palmtop PC HPC - Handheld PC, Palm OS, přístup ke kontaktům, slovníkům, databázím, tabulkám, emailům ..., nahrazeny tablety, smartphony TABLET - 60. léta - Dynamo, přelom století Microsoft Tablet PC - neúspěch - cena, problém s použitelností 2010 iPad - forma slate -virtuální ne integrovaná fyzická klávesnice 2011 -(Microsoft) TABLET PC - desktopové operační systémy - Windows (procesory Intel x86 - odtud Wintel), Linux Ubuntu, řízen stylusem (vyšší přesnost) x POST PC - Samsung Galaxy Tab, Apple iPad - warm boot times Hardware pro rozpoznávání dotyku: Odprová (Rezistivní) obrazovka - pasivní, 2 tenké vodivé vrstvy - stlačení => pár napěťových děličů - změna el. Proudu - posláno řadiči Kapacitní dotyková obrazovka - panel potažen transparentním vodičem (ITO - slitina oxidu inditého a cíničitého) - dotyk prstu => vznik elektrostatického pole - to je měřitelné jako změna kapacitního odporu, vyžaduje vodivý materiál
Good morning everybody! I was on WGAN this morning with Matt Gagnon. I went into a little detail about what a Zero Trust Security Model is and how it differs from a traditional network design and why you should be considering this type of system. Then we discussed the future of computing and why Chromebooks are so popular. Here we go with Matt. And more tech tips, news, and updates visit - CraigPeterson.com. --- Automated Machine Generated Transcript: Craig Peterson: [00:00:00] Morning, Craig Peterson here. Hey, if you've ever wondered about Chromebooks and if you should get one, talked with Matt about that. Matt Gagnon, of course, I'm on every Wednesday morning with him. Also zero trust. Why is the national security agency pushing a whole new way of thinking? When we're talking about our computers. So here we go. Matt Gagnon: [00:00:26] Seven 36 WGAN morning news on a Wednesday morning. That means it's time to talk to Craig Peterson, our tech guru. You hear him on this very station on Saturdays at one o'clock to hear more depth of detail about these very stories we'll be talking to him about right now. Craig, how are you this morning, sir? Craig Peterson: [00:00:41] Hey, I am doing really quite well. I'm looking forward to spring. It's been actually a nice winter. Matt Gagnon: [00:00:48] What are you doing, man? You're tomorrow, there's going to be some sort of blizzard because you just said that you are now tempting fate. I already had to walk outside yesterday. I got gas in my car. Sadly, I had to, I had no choice. The wind hurt my face. Okay. That happened yesterday, Craig Peterson: [00:01:03] We were outside pouring diesel into our generator because there was no power and it was really cold. Matt Gagnon: [00:01:10] It really was. It was frozen. Terrible. I was actually reminded of my old college days. March in from the perimeter parking lot and the wind and the cold just beating me to death on my way in. It was not good yesterday. Craig Peterson: [00:01:24] I keep reminding people where that comes from. It comes from Russia. They blow it over the North pole in order to destroy our economy. Matt Gagnon: [00:01:31] Yes, they do. And there's so many things that those Russians do, those pesky Russians. Craig Peterson: [00:01:34] Canada gets caught in the cross hairs. It's just not fair to them, Matt Gagnon: [00:01:38] You might say, Craig, that I have zero trust in Russia. See where I'm going with this one. Could you tell me what a zero-trust security model is and why it perhaps should be something that people embrace? Craig Peterson: [00:01:50] This is a concept that's relatively new, at least to most people. The whole idea behind it is we have. To assume in this day and age that our systems have already been compromised. Not just that they might get compromised, but they have. So when we're setting up networks for businesses, we look at things in a much different way. It's no longer about the perimeter. Trying to keep people out. The NSA, the national security agency, used to call it no such agency. The NSA has come out with a warning to be bold and also a description of what to do. The idea is you've got things inside your network. You've got a printer, that's connected to the network. You've got laptops, desktops, a server. None of them should be able to talk to anything else on the network that it doesn't absolutely need to talk to. It's like the lowest privilege type thing. So for instance what I do on my office network is the printers are on a completely different network that is firewalled from the servers, which are firewalled from the desktop which are firewalled from the laptops. The printers can not get to anything else on the network unless first someone's trying to send them a print job. It's just an example of it. You don't want the laptops to be able to scan. We have a customer who just this week, he has a little SonicWall firewall and SonicWall's are okay, but he hasn't been updating it for three years. It hasn't been supported in years either. That little SonicWall firewall was then used to get into his network and start spreading. It got around the firewall because he was using it for a VPN controller. Then it started crawling all the way through this network and playing all kinds of havoc, internally. Again. If that firewall couldn't have gotten to a machine and then that machine starts probing everything else, it couldn't have spread. In other words, the zero-trust only allows machines to talk to each other that absolutely need to talk to each other and only using the protocols that they're supposed to. I've seen many times, which is the sales guy is tinkering around and is getting into the accounting data. Why are you doing that? They should not be allowed to, so that's the bottom line. This is a real big deal. We've got to start building our networks with the assumption that they have already been compromised. How are we going to control it? If it's compromised? Matt Gagnon: [00:04:34] Craig Peterson tech guru joins us at this time on Wednesdays going over to the world of technology. Another interesting story that I saw here this morning, Craig, was that Chromebooks apparently outsold Macs worldwide in 2020. That's something that surprised me a little bit here. I didn't realize that the market penetration, if you will, of the Chromebook, was that deep, but apparently, it is. What does this mean for the industry? Craig Peterson: [00:04:54] Yeah, it's interesting because you're talking about it surpassing the Mac and it sounds like maybe Chromebooks are leaning into Apple. In fact, these things are very lightweight computers. They're typically a tablet, maybe a laptop and they're running an operating system that comes from our friends at Google called Chrome OS. It is really designed for being online, although you can store files locally. Where it's been eating into is people that have been running Windows for years. Those Windows machines have been getting more and more expensive. Intel is just not keeping up with everything, particularly from the price standpoint. Putting a chip into Chromebook that is a non-Intel chip. It is way cheaper than Intel, we're talking to 10th or less of the price allows them to make these devices very inexpensive. You can go to a big-box retailer. You can get a little Chromebook device for 150 bucks at the low end. Now you've got a computer that can go online, get edit word documents, or spreadsheets, whatever you might want to do. Can talk to the grandkids or get on a business call, all right there from the Chromebook. It is hurting the Wintel monopoly, which is the Windows-Intel, a monopoly, if you will, that has been around for so long. It's a direction that Apple is following the Apple's computers will all be using non-Intel chips within the next two years, all of them. They already have computers out with these new chipsets. That's the bottom line, they really have gained some significant market share. People love them. I've got also mentioned here, not just regular people security researchers love the Chromebooks. They are very secure, but remember, we're talking about Google, their business is selling your information. They're not going to sell your files, but they're going to keep track of you. The other big driver of the Chromebook sales is schools because now we have so many kids at home going to school, the school says, Hey, you got to buy a $300 Chromebook for your kid for school. That's much easier to swallow than a thousand-dollar Mac or a $700 Windows laptop. --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553
Welcome, Craig Peterson here. This morning I was on with Chris Ryan on NH Today. He wanted to discuss what is the best technology to buy. We got into some details of the benefits and drawbacks of each. Here we go with Chris. These and more tech tips, news, and updates visit. - CraigPeterson.com --- Automated Machine Generated Transcript: Craig Peterson: [00:00:00] Hey, have you thought about whether you should get one of these Chromebooks, maybe Android tied into it, or a Mac or a Windows, computer laptop, or surface tablet or otherwise. That's exactly what I talked with Chris Ryan about this morning. So here we go with Chris. A little bit of insight on computers and the whole market behind it. Chris Ryan: [00:00:23] I am Chris Ryan. Appreciate you joining us for the show. Craig Peterson joins us right now in the program. He hosts tech talk on Newsradio 610 and 96.7. Craig Peterson: [00:00:32] Hey, good morning. Doing well. Chris Ryan: [00:00:34] Good. Thanks for joining us for the show. I want to talk to you today about decision-making in regards to what tech to use. Whether it's a cell phone, whether it's a Chromebook versus a Mac and this off of a story from geek wire.com, which indicates that Chromebooks outsold macs worldwide in 2020. So in your view, why did that take place? How do you go about if you're a consumer differentiating using a Chromebook versus using a Mac versus using another type of tablet? Craig Peterson: [00:01:09] Apple is moved to their own chips now really indicates what's going on in the marketplace. Many years ago, there were just a few different chips that were competing manufacturers. Motorola was winning this game. IBM had their chips for the mainframes. Then along came this little startup, known as Microsoft and helped Apple out. In fact, in the very beginning and moved on from there to really focus in on one hardware platform and that's the Intel platform. For years it was known as Wintel monopoly, meaning Windows and Intel. Those two were in lock step, went hand in hand. The default for people to buy was always Windows because that's what they knew. That's what they might've used at work. Although it might be a different version. So they just go ahead and use it at home. Now we have options. Intel has been falling by the wayside for years. Even 64 bit chips, Intel lost the whole lead on that. AMD advanced micro devices beat them. So when we're looking at it, as a consumer, now we have more choices. We can decide that we want a simpler machine, a more secure machine and get something like a Chrome or web based tablet. This is an operating system that is designed for mobile devices. We can get a chromo S based laptop, a desktop. There's even rumors that there's some more phones in the work. The Chrome OS will even run android and it's way cheaper because you don't have to use that expensive Intel chip, which is part of the reason Apple has decided to ditch Intel as well. Now we're going to the real benefit of Unix machines. Unix has been around since the early seventies. It's what I've used in data centers and all big businesses use in data centers. The real benefit to Unix, Chris, is it will run on anything. So now you can go out for $150, buy a half decent little tablet or laptop using Chrome OSwhich of course is coming from Google. Have that thing updated for you all the time, just automatically. It has all of the features on it you probably want, you can go online, obviously, you can edit document and it is cheap. Although, you can get more expensive ones. It's secure. Chrome OS is what many security researchers use. As you mentioned for the first time ever Chromebooks out sold Macs. That's a little misleading because it's not eating into Apple's market share. It's eating into Microsoft market share and along with that, of course, Intel. Chris Ryan: [00:04:05] I want to ask you about. Where Google kind of caught up to to Mac. Most individuals purchased what the optimal item was the Apple phone. It was the different Apple products. That was pretty much seen as being the market's view of things. Now, it seems that there's been a change and a lot of that has to do with, as you referenced, Google's technology and products and the alignment with Android and other types of phones. So at what point did Google get to the stage where they were on par with Mac, in your view, or perhaps surpassing it? Craig Peterson: [00:04:38] There's really two different things here. The on-par right now, as far as sales go is in the Chrome OS side. When we're talking about phones it's a different thing. These smartphones smart devices. There are many more mobile, sometimes more android based smartphones out there, then there are I iPhones. The main reason for that has to do with price. Google made the operating system, the Android operating system, available effectively for free for any developer that wanted to use it Chris Ryan: [00:05:13] The public perception is that the iPhone was the thing and kind of still is. Has that changed at all? Or is the technology with obviously the Chrome OS different? Has the technology with Google caught up to where Apple is in the view of the public, and in actuality, Craig Peterson: [00:05:28] In the view of the public, it's hard to. Say a lot of people you start using Windows, you say, you start using Android, you stick with it, et cetera. That's a little hard to tell, but I can tell you what Google thinks, obviously, Google's beta right now for the Android operating system is trying to copy more and more features from Apple's iOS, which is their operating system for their smartphones. Google thinks that Apple is still the market leader. They are still playing catch up. They are nowhere near, orders of magnitude, nowhere near Apple, when it comes to security. Android is far behind, still. Justin McIssac: [00:06:06] When it comes to actual Chromebooks versus Macbooks. Do you think a lot of this on the sales side, Craig, is driven by schools? For my school system in Rochester, if they're looking at $300 Chromebooks versus a $1,700 Macbook for their students, no contest. Craig Peterson: [00:06:19] Yeah, and that's absolutely true, Justin. The cost is something that a lot of people consider and it's a legitimate consideration. In the case of, should I get a cheap Windows machine or should I get a cheap Chromebook? The Chromebook is a much better option for most people. When you're talking about schools who have widely adopted the whole Chromebook and Chrome OS operating system. Schools, it's just a huge win. It's so much less expensive. It's much easier to tell Justin to buy a $300 Chromebook that the $1,800 Mac. Where the Mac comes in useful, let's run through those three platforms really quickly. The Mac comes in useful when you want something secure, easy to use that can run bigger applications. If you have an app, like you're trying to do video editing, maybe more photo editing, you might want to use a Mac. Windows is great, if the app that you need to use only runs on Windows. Or you only know Windows and you just don't want to bother learning an even simpler operating system. Then Chrome OOS is wonderful when you need primarily to go online. You're going to use a web browser. You need some simple applications. Maybe you want to edit some Word documents or Excel from time to time, nothing terribly fancy. That's where Chrome OS comes in. That's why it's been such a hit in schools, too. Chris Ryan: [00:07:44] Well, Craig has always I appreciate you joining us for the show and we shall chat again soon. Craig Peterson: [00:07:48] All right. Take care, Chris. Chris Ryan: [00:07:49] All right. That is Craig Peterson joining us here on New Hampshire today. You can hear him on Saturday and Sunday on news radio 610 and 96.7 with tech talk. Always good to talk with him about what's taking place in the tech marketplace. --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553
Welcome! It was also another busy week on the technology front and we are going to delve into what actually caused the energy problems in Texas. There is a new type of malware that is affecting Macs and it is has a different MO. Then we are going to discuss Apple and their ventures into automated electric cars and what we can expect. Why are states having issues making appointments for vaccines? In a word, it is bureaucratic incompetence. Then we have a new type of hack out there. It is called Buy-to-Infect and there is more so be sure to Listen in. For more tech tips, news, and updates, visit - CraigPeterson.com. --- Tech Articles Craig Thinks You Should Read: This Basic Math Shows How Wind Energy Failures Contributed To Texas’s Deadly Power Loss An Insider Explains Why Texans Lost Their Power New malware found on 30,000 Macs has security pros stumped Report: Nissan shot down Apple deal to avoid becoming Foxconn of cars N.Y.’s Vaccine Websites Weren’t Working Apple is already working on developing 6G wireless technology Owner of an app that hijacked millions of devices with one update exposes the buy-to-infect scam Mount Sinai study finds Apple Watch can predict COVID-19 diagnosis up to a week before testing Malware Exploits Security Teams' Greatest Weakness: Poor Relationships With Employees --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] You probably know I've been doing cybersecurity now for 30 years in the online world. Yeah, that long. I'm afraid I have some confessions to make about our relationships here, cybersecurity people, and employees. Hi everybody. Craig Peterson here. I'm so glad to be here. I'm happy your here as well. There are so many ways to listen. I got pulled into this whole business of cybersecurity quite literally, kicking and screaming. I had been already involved in the development of the internet and internet protocols for a decade before. In fact, one of the contracts that I had was with a major manufacturer of computer systems. What I did there was design for Unix systems a way to check for malware, a way to manage them remotely. Yes indeed, I made one of the first RMM systems, as we call them nowadays. We also tied that RMM system, of course, into Windows and a few other operating systems. Unix was where I was working at the time. I am what they called an OG in the industry. My gosh, my first job with computer networks was back in 75. Believe it or not a long time ago. Back then, of course, it was mainframe to mainframe basically and some of the basic protocols, the RJE, and stuff. I know I've got a lot of older people who are listening who are saying, yeah, I remember that. It brings back memories. In fact, I got a note just this week from a listener who was saying his first computer was a Sinclair. Do you remember those things? Oh my gosh. It brought back so many memories for us older guys. But it was just such a cool little device with the keys and much different than I'd ever seen before. The XZ81. I just looked it up online so I can remember what the model number was. That was made by Timex. If you can believe that too. It's just. Wow. It had a Z 80 CPU, which of course was like an 8080, which was Intel's, big chip at the time, running at 3.25 megahertz. Yes, indeed. Very cool. I love that computer anyways. I digress. The whole industry at the time was non-existent, yeah. You had antivirus software. We started seeing that in the eighties and we had some terrible operating systems that many people were running like Windows, just absolutely horrific. Remember windows three-point 11 and XP and the millennial edition just some of the most terrible software ever. That's what happens when you have interns? A lot of the code, it came out in one of the lawsuits, for one of these versions of Windows. It was a different world and I had to figure out what was going on because I had some servers that were Unix servers. This was the early nineties and I was hosting email for companies and websites and doing some filtering and things with some kind of precursor to SpamAssassin. It was really something. I had some DECservers, Digital Equipment Corporation. Remember those guys and all of a sudden customers started calling me because the email wasn't working. It turned out it was working, but it was extremely slow and I had to figure out why. I telneted to my server. I got on, started poking around the servers. I had a computer room and the first floor of the building that I owned and I was up on the second floor. Off we go looking around trying to figure out what is going on. It was me actually. I said us, but it was really me. Cause I knew the most about this stuff. There were these processes that just continued to fork and I was trying to figure out why is it creating all these new processes. What's going on? What has happened here? Back then, The internet was a much different place. We trusted everybody. We had fun online. We would spam people who broke our almost unwritten rules of the internet about being kind to other people. What spam was, where the whole term comes from is you would send the script from Monty Python spam and eggs, spam and ham spam, spam, spam routine. You just send it to somebody that was breaking these unwritten rules, like trying to sell something on the internet. Absolutely verboten. What a change to today. I saw some of this stuff going on. I was trying to figure out what it was, but, we trusted everybody. So my mail server was Sendmail, at the time. We still maintain some instances of Sendmail for customers that need that. Nowadays. It's usually more something like postfix in the backend. You might have Zimbra or something out front, but postfix in the backend. We allowed anybody on the internet to get on to our mail server and fix some configuration problems. They didn't have full access to everything. Firewalls weren't then what they are today. In fact, one of our engineers just had to run out to a client who did something we told them not to do. They were using the Sonic wall firewall on their network as well as they had our stuff. So we had a really good Cisco firepower firewall sitting there, and then they have this SonicWall so that they're people, remotely could connect to the Sonic wall firewall, because it's good enough. SonicWall says it's compliant. The SonicWall firewall was being used to scan the network and load stuff. Does that sound familiar? Much to our chagrin. So he had to run out and take care of that today. It sounds like we might have to do a rip and replace over there restore from backups. You have no idea what these bad guys might've done. We've seen Chinese into these networks before, Chinese malware. It's been really bad. Boy, am I wandering all over the place? Back to this, we would allow people to get onto our network to fix things. If something was wrong, if we were misconfigured, they could help us and they could get on and do it because Sendmail configuration was not for the faint-hearted. In the days before Google, right? Eventually, we had Archie and Veronica, and Jughead. They did basic searches across FTP servers. That's my kicking and screaming story. I was trying to run a business where we hosted email for businesses, which we still do to this day, and where we had some, back then we didn't have websites. The web didn't come in into play until a couple of years later, but we did host FTP sites for businesses so that they could share files back and forth. That's what I wanted to do. That was my business. Later on, I ended up helping 80% of my clients find the other web hosts after, these $8 Gator hosting things. We just got a call on that this week. Somebody who'd been a client of ours 20 years ago, went with a guy that charges $5 a month for web hosting. They have personally identifiable information on that site if you can believe it. He was complaining because it wasn't working he was getting a C-panel error anytime he went to the site. We said, Hey, listen, this problem is the guy that you're hosting from. We did a little research and we checked the IP address and how many sites we're at that IP address. This guy that was charging them $5 a month had 150 different websites at that one IP address. Now that's not bad. He was hosting all of these 150 at a site, the charges, the eight to $10 a month for web hosting. He had all of these sites on top of a machine that was already split up hundreds of ways. It's just amazing what people do. Man alive. We got rid of 80% of those customers, the ones that wanted cheap, that's fine, get cheap, and see what happens to you. Some of them, we still maintain a good relationship with and so we help them out from time to time, right? What am I going to do? So somebody calls me, I gotta help them. That's precisely what we do now with this malware problem. What's going on here? We talked already about the Great Suspender and how Google has said, Hey, this now has malware in it, so we're removing it from your web browsers. That to me makes a ton of sense. Why not do that? This is another example of what happened with SolarWinds. This is an example of a supply chain infection. What happened with that? Somebody bought Great Suspender from the developer and then added in this basically malware to the Great Suspender. Just it's a terrible thing. Very surprising, but one of the biggest exploits that are being used by the bad guys right now is the security team's poor relationship with other employees within the organization. I promise we'll get to this a little bit more and explain the bottom line here. What's going on and it goes back to this customer that we just had to run out to. Why did they do what we told them not to do? Stick around. We're getting into the battle between cybersecurity senior officers in companies, owners, business owners, and the, even the employees. There has been such a battle going on. I saw two examples this week. Hi, everybody, it's a difficult world out there, but I find some comfort in listening to, of course, news radio. It keeps me up to date on what's going on. It helps me to really understand the world a lot better. I mentioned that one of my guys just had to run out to a client who did something we absolutely told them not to do. They had been using this company that was a break-fix shop, I guess is the way you would put it. They had a business that would respond to problems and they charge by the hour. I think right now their hourly rate is like 160 bucks or something. It is not cheap, but anyhow, That they would sell people equipment and then move on, right? Your problems aren't my problems. Just leave me alone, go away. It's a beautiful model because their employees at this break-fix shop don't have to understand much. They just have to know more than you do as a customer. There's one level of understanding that you have, and for someone to appear to be an expert, all they have to do is have slightly more understanding. That has bothered me so many times listened to the radio and they talk about somebody that's just this great expert, in reality, of course, they are not. But you don't know. That person talking about the expert doesn't know either because they just don't have enough knowledge. Of course, the person that's labeled the expert isn't going to say anything about it. They were doing what most companies do, which is okay. We know we need a firewall, so let's get a firewall. They went out and they talked to this company and they did their Google research because of course, Dr. Google is an expert on everything. Even with those differing opinions, you're going to go with the opinion that you like the best. That's what they did. They bought a Sonic wall firewall from this vendor, which was a break-fix shop. Now that's all well, and good. The sonic wall is not terrible stuff. They've got some amazing stuff as well. The problem is this device has been out of support for more than two years now. Even though they're not as advanced as some of the systems we can install, not that we always use the most advanced systems. It's not a bad, a little thing for a small business. We warned them that because they were using an out-of-date firewall that they could not get fixes for known vulnerabilities. Now that's a big deal too. Most people are not aware of the vulnerabilities that are on their machines. Do you go out every month and check the firmware versions on your firewall? You should be, even if you're a home user. Are you checking to make sure the firewall that the cable company provided you with is up to date, configured correctly? You've changed the password and the admin username, right? No? Most people haven't. He hadn't, right. He didn't know. We told them we did a little research and said here's your problem. That's part of his cyber health assessment. We told them what kind of firewall do you have? What's the version of software on it and we do that. We have a bunch of people that have asked for cyber health assessments. We've got them on a list because we're busy. So we have to schedule these and make them happen. So we said, do not plug that machine in. Of course, what do they do? They plugged it back in again. So now all of a sudden this morning, we get a wake-up call from our monitors that are running they're on their Cisco firepower firewall, where we have their extensive suite of additional software. This isn't just an off-shelf, Cisco firewall. It's telling us that the SonicWall or something through our, via the SonicWall. Is going through all this customer's network. It's actually attacking the Cisco firewall from inside the network. Absolutely amazing. Why does that happen? In this case, the business owner, and it is a very small business. It has about 5 million in revenue per year, I would guess. It's a small business by every stretch. The owner just doesn't want to spend the money he doesn't absolutely have to spend. He's not looking at this saying I could lose all my intellectual property. I could get sued by these people. I could lose my clients who find out that their data was released. Their orders were released. Everything was stolen. He looks at it and says, Oh wow. It's 200 bucks a month. Wait a minute guy, you have how many employees? You're worried about 200 bucks a month. I personally, I don't understand that. Why would you do that? Now, you're in a poor country. Okay. I get it right. That's a lot of money to spend, but not here in the United States. Doesn't make sense. A lot of this is really the reason I brought it up. It's showing how there is a disconnect between business owners, C-level people, and cybersecurity people. Basically, if you have less than 200 employees, you cannot afford to have your own cybersecurity team. It's impossible. It's way too expensive. Then the numbers start to change outsourced cybersecurity, which is what we do. We do this for this customer and. The in-house cybersecurity people, but we all have the same basic problem. The owner has a problem too, right? He has to weigh the costs of cybersecurity against the risks involved, which is what Equifax did. What so many of these big companies do, right? There's this, the norm Equifax said it's going to be way cheaper to just pay out $10 million in fines. When we get fined by the federal government for losing everyone in the country's personal financial information then it is to do this or we're not going to bother. Man, I'd love to see the smoking gun email on that, where they made that final decision, probably doesn't exist. They're smart enough to know that they would get sued and they have been sued because of this. We've got another problem right now because of people working from home. I mentioned, in fact, this week, you should have gotten an email from me on Thursday. That was a little audio thing that I put together. We call these things, audiograms, and it's a kind of a video that'll play. This particular one is about part of this problem. We've talked extensively about that water plant in Florida, that was hacked for lack of a better term. It might've been an insider thing. It might've been someone external, et cetera, et cetera. The reason it happened is that business, the water plant for a town of 15,000 people, which would be in a normal world, a small business. That small government operation was all of a sudden faced with lockdowns. What do we do? They didn't have a plan. They didn't have a business continuity plan, which is so important. I talked about it extensively last week as well. They had no way to manage this. So what did they do? They went out and bought team viewer licenses for everybody in the business. That put, well not the business, in this case, the agency, that put the agency at risk. That is putting our businesses at risk too, in such a big way. That's what the audiogram I emailed out on Thursday explaining this a bit. So stick around. We're going to continue this conversation. Of course, you're listening to Craig Peterson online@craigpeterson.com. We have people working from home. We didn't really plan for this. We're doing it because of the lockdown. Maybe, you found that it's actually better for your business, from whatever angle. What are the risks here of people taking computers home? Hello. Everybody Craig, Peterson here. So glad to be with you today. Glad you're taking a few minutes out of your day as well to listen in. Now I am very concerned about people using computers that they're taking home. I want to make a definition. Maybe there's a better way of saying this, computers that are used at home, home computers should never be used for work. I'm going to explain why. Computers that are at work probably should not be taken home. We saw the example of this, just this last couple of weeks. I was talking about this wonderful plugin that I've been using and recommending people use here for a very long time, called the Great Suspender. We've talked at length really about what happened there with the company being bought and then becoming evil, right? Just buying their way into 2 million people's computers. Sometimes these Chrome extensions that are installed on personal computers get automatically installed and synchronized to your work devices. In fact, that's the default. If you log into Chrome and you're using Google Chrome as your browser and you log into it on your home computer, and when you log into your same account over on your business computer. All of a sudden, now it's syncing. It's syncing things like passwords, which you should not be having Google store for you. You should definitely be using a good password manager and there are a few out there. If you're not familiar with them or don't know which one to use or how to use them. I have a great little special report on passwords and using password managers. I'd be glad to send it to you. Just email me@craigpeterson.com and I'll send that on-off, right? I'm not making a dime off of that. I want to make you safer. I don't want to have happened to you what's happened to millions of Americans, including my best buddy who had his information stolen. I've been after him to use password managers. He never did it. I don't know why. Until his paycheck got stolen. Then he came over and I explained it and set it up with them and really helped him out. Maybe we should do a whole webinar showing you how to use these password managers, how to get them set up because it is a little bit tricky. It's certainly different than you're used to. Many people are using their browser Chrome in this example, to save passwords. When you go to a website, you'll automatically have the password there. Maybe you've got it set up so that it'll automatically log you in with all kinds of cool stuff. But there is a very big problem and that is that there is a huge risk with running these extensions, like the Great Suspender. The Great Suspender was approved by Google. It was in the Google store. You could download it from their app store. Absolutely free. In January of this year in 2021, we had someone out on Twitter, tweet that there was a problem with the security on the Great Suspender. It had been changed. It was being used now to send ads out and other things. That's pretty, pretty bad. The extension wasn't banned until about a month later and you as an end-user had no official notification that this extension was potentially malicious. Apparently, they could, with this malicious software they embedded, not just show you ad, not just insert their own ads to generate revenue onto the webpage as you were visiting, they could also grab files from your machine. That's a very bad thing. Now, presumably, if you're at work, you have a team that's helping you outright. The IT security team, there may be different teams and maybe the same person who also is the office manager, who knows. It does vary. Businesses cannot know what you're doing when you're starting to install those extensions and they are pushing their way onto your office computer because you're using the same Google account in both places. Now, despite the risks, of course, I installed this Great Suspender used it for years and I was pretty happy using it. I know many other people who were in the same boat. Security teams have some great tools. I mentioned my son who's one of our team members got called out to a client. During the break, I was just chatting with him briefly. What had happened is they plugged in this firewall we told them not to plugin. It was apparently hacked from the outside. It had known security vulnerabilities. He had not, this small business owner had not yet paid for maintenance on his little firewall, so he was not getting security updates. In fact, my team member looked at this and found that it had been three years since the firmware on his firewall had been updated. The bad guys got into his network through this secondary firewall, which we told them not to have not to plugin. Our firewall only noticed it because this malware started scanning everything on the network. Of course, it scanned two of our machines, one being the firewall. Remember this isn't a regular firewall that we put in there. This is a firepower firewall with a whole bunch of extra software on top of it. In our data center, we have some huge machines that are sitting there watching what's going on remotely. On our client's networks via that firepower firewall. We started getting all these notices as to what was going on, but this is a great example. We're not updating some of that software. He had a security team and he ignored the security team. We were the security team. We're outsourced cybersecurity that's what we do, but that happens many times. Many business owners and others look at the cybersecurity situation as having many different shades of gray. What should you do? What shouldn't you do? The teams that are working in these businesses, including us. We have to tell them, Hey, don't use that firewall. Do not plug it in. You don't need it. If you plug it in, it's going to make it way easier for some of your people to work from home. This is not set up correctly and you're going to have problems. That's a difficult conversation to have with a business owner. We had it and he ignored it much to his peril. In this case, this one is hard to tell how much data was stolen from his business. The impact from this could last for months, and there could be investigations who knows what's going to end up happening here. That business owner and I, because I spoke to him as well about this whole situation before this particular event happened just about two weeks ago. In fact, that was a reminder cause they had plugged it in again. Six months before that we had told the business owner, you can't plug this thing in, you cannot be using it. How do you do that? How do you let an impacted employee, somebody who's working from home, maybe using their own computer to do work for the business? How can you approach them and tell them, Hey, you cannot use Google Chrome? You cannot save your passwords on your browser. You cannot install extensions. Even if you had a list of extensions today that were bad, that list is going to be out of date tomorrow, which is going to be a very big problem. Individual users do not have the ability to check this. Frankly, most businesses don't either. Again, that's why a business under 200 employees cannot afford to do this yourself. You just can't. This is a specialty. We were talking yesterday with a prospect who had been brought to us by a break-fix shop and trying to get this concept through. We're going to talk a little bit more about that. What should you be doing? How can you pay attention? How can you even be safe in this day and age? Hi everybody. Craig Peterson here. We've been talking about supply chain problems. That's a technical term for it, but the software that we rely on becoming evil, and what can we really do about it? Hello, everybody. You're listening to Craig Peterson. How do you talk to a business owner and help them understand? That's a problem. Isn't it? Look at what happened a few years back with TJX stores. Them as maybe TJ max, that's one of their stores. They have a number of others. Their cybersecurity guys did something I have seen done before. That is, they went to the management of this massive public company and said, Hey, TJX, we need to get this hardware. We need to get this staffing. The hardware course pretty expensive and it sits there and it does much the same stuff. Even back then. Nowhere as good as today. It's exponential, as to how much better it gets every year, but it was good hardware. It really could have stopped the hack that happened and it did. Here's what it did. It noticed the hack was going on. The problem was they were able to say yes to the hardware, the senior management said yes. They got the hardware, but senior management would not get the security technicians that were needed to monitor and run that hardware. They were short-staffed. That's another problem we're seeing. That's why the companies you're dealing with, whether it's Equifax, with who you do not have a direct business relationship with, and yet have all this information about you and sell that. Or maybe it's just some other website. That's why they lose your data. It's a real bad idea. The bad guys are just waiting out there just siphon all of your data. In many cases, when you're talking about a business and a business website, or even your home computer, they're looking to redirect you to malicious websites. What they'll do is for instance, again, the Great Suspenders' an example, that they claim it's been fixed now. With something like an extension or a plugin that you put in your browser, they could rather easily code it up so that you are going to a website that's malicious. It could look like Bank of America's website and you go there and you enter in your information. You put in your username, you put in your password, it asks you a security question. Maybe maybe not, but your username and password. Then it says incorrect. Then your screen refreshes while your screen just refreshed because you were not at the Bank of America, originally. You were at a malicious website and you entered in your username and password. Now the bad guys have your username and password to your banking system, to your login, to your bank accounts. They got that. That's all they needed. They didn't want you to know that this was going on so they just went ahead and redirected you over to the real bank website. Hence, the supposed reload. It's a very big weakness here in how IT and security teams operate because too few security teams really can relate with the CEO and vice versa. I've seen that all of the time with people working for me in cybersecurity, you've got a really good idea of what needs to be done, how it needs to be done when it needs to be done. To you, it's the most important thing in the world, right? You don't want the business to go under, you're going to lose your job, maybe your pension retirement plan is tied to that business. You don't want it to happen, but have you got the trust built up with the senior management? Then how about the other side of this relationship? How about if you're a cybersecurity person? Even if, again, you're not a professional, you're just the person tasked with it in the office or you're the person tasked with it at home. How do you go to the other employees and tell them you can't use your Google Chrome account here in the office? How are you going to enforce it? How are you going to tell your husband or wife, Hey, that's dangerous? I don't want you installing any of these extensions on your computer. One of the really bad things that people do with their browsers is they put on these real fancy little extensions that give all kinds of extra wonderful information. It ends up as a toolbar and it lets you do searches on this site or that site. Maybe it keeps you up to date on the stocks that you have in your portfolio. You're telling hackers what stocks you own, really? It might be legitimate, right. But who knows? That's the problem. Something like that can really mess you up and send you to malicious sites. You know that your spouse is using that or your kids are using that. How do you talk to them? How do you solve those problems? It's a real problem. There are some interesting tools that you can use, as professionals. There's a Slack channel I can send you to, if you're interested, actually, it'll be in the newsletter that comes out on Sunday. At least it should be under one of those articles. It is a problem. Netflix, by the way, is really trying to help you out too. Not only did the Netflix security team provide some feedback for what's called the honest security guide, but it's also made some of its user tools, the tools that you might use at your home to find a movie, et cetera, it might help really to secure you. Git Hub has this. It is called, this is a Netflix skunkworks, the stethoscope app. It's a desktop application created by Netflix that checks security-related settings and makes recommendations for improving the configuration of your computer. It doesn't require central device management or reporting. You can have a look at that. If you are interested, let me know. I can probably point you in the right direction to the stethoscope app. That's what we want to see in this honest security guide. You'll find it online. At honest security is a guide to your devices, security, which in the biz we call endpoint security and it is cool. You can run through all of this list is a big checklist and talking about why honest, and they're saying dishonesty stops you from doing the right thing. That's why in my courses, I spend a lot of time, more time in fact, on the why than the how. I want you to understand honestly, why you should or should not do something. There are so many people who are out there yelling and screaming, jumping up and down. Particularly your antivirus companies. You fake VPN companies who are trying to get you to buy their products that not only do not need in most cases but will actually make your computer less secure. So we have to be careful about all of this stuff. We have to make sure we are talking. We've got to have a trust relationship set up with the owners of our business. Cause you guys, some of you, I know own businesses, some of you work for a business. We've got people listening to this all over the world and every continent I've even seen a listener down in Antarctica. I really can say every continent. It's important that we know how to work with our fellow employees, with our management, with our family members, to help them to know what they need to do. There is no time to wait. We have never seen as many attacks as we're seeing now. We've never seen the government using its resources to attack us more than we have now. We've never seen more billions of dollars stolen per year by the bad guys. There are some basic tenants that you can follow that will make you way more secure. And that's why you're listening. That's why I go through some of these things to help everybody understand. That's also why I go ahead and make sure that I answer your emails. If you have a question, make sure you go ahead and ask. You can just email me at me@craigpeterson.com. If it's something urgent, I have a form on the bottom of my homepage @craigpeterson.com. You can give me a little bit more information. I tend to keep an eye on that a little bit better than my general email, although I do use some amazing email software that helps me to keep track of the real email and get rid of the spam and put things in boxes and stuff craigpeterson.com. It's that simple email me me@craigpeterson.com. If you have questions. I hope that Google is going to continue to improve itself. I love the fact that they found out that this one extension was malicious. For those of you who might've just tuned in, we're talking about something called the Great Suspender something I've used for years, it became malicious, but they need to do more. As people who are concerned about security, we just can't wait for the next incident. Just again, this client of mine, who we've been warning about this for months, he's stopped doing what we told him to do, and then decided well it's just too difficult. That's something we hear a lot from businesses. Oh, it just hampers the work. It hampers it because now we have to get permission from it in order to mount this particular drive or gain access to those files or materials. Yes you do, because we have to stop the internal spread of all of this malware and all of these hackers. It is absolutely worth it. All right, everybody. Thanks again for joining me today. I really hope you've been enjoying this. I have years' worth of podcasts out there and you'll find all of those at craigpeterson.com/podcast or on your favorite podcast platform. If you subscribed under iTunes, you might've noticed, ah, yeah, I just released a whole batch there too. I expressed concerns about owning an Apple watch. I held off for a long time. I want to talk about these devices now, the security concerns, but also the amazing health tools that are built right in. Hey, welcome back. This Apple watch is really fascinating. It has been around now for six generations. There are a number of other watches that have had, or tried, I should say, to compete with Apple. They haven't been very successful. You might've noticed that. I have a friend that bought some watches for his family and to him that monitor all of the basic vitals and record them and send them up to his phone. It's a 20-ish dollar watch. He got it from South Korea probably are parts made in China, but it is an inexpensive watch and it does some of the basics at the other end of the scale. Let's have a look right now. I'm going to go to apple.com online, and we're going to click on watch. Here we go, Oh, my they've got special watches so you can buy their watches. It looks like the new one, the Apple watch series six for starting at 400 bucks or they have two different sizes. . They have a more basic watch called the Apple Watch SE that starts at about $300. You can still get the Apple watch series three. Now, these all can monitor high and low heart rates. They can give you irregular heart rhythm notification, but it's only a-fib atrial fibrillation, I think is the only one they can monitor, but all three of those can monitor that. As I said, my buddy's watches, he got for his family at 20 bucks apiece are able to do most of that as well. These are water-resistant to 50 meters, which is really cool. The series six also has an ECG app. That is very cool. You open the app, you put your finger on the crown of the watch and it gives you an EKG right there on the watch and it feeds it to your phone. On your phone, you can turn it into a PDF. You can share it with your doctor on and on. It's just amazing. It's a three-lead type, I was in emergency medicine, right? A med-tech EMT, EMT-PD can't remember. I had a whole bunch of different certifications back in the day. But it's fantastic for that. It also has a blood oxygen app that monitors your blood oxygen levels. It ties all of this into their new exercise app, which is amazing. That ties into your phone or your iPad. I will go down in the basement onto the treadmill and I'll select your treadmill workout. It has dozens of them. Have you seen this really fancy treadmill? A couple of years ago they got in all kinds of trouble because they advertised it around Christmas time and apparently this woman really wanted a treadmill and she got one and she was all excited. All of these people jumped out of the woodwork. All your you're saying she's fat, et cetera. No, she wanted a treadmill. These are amazing treadmills because they have built into them. These streams and you can join classes, et cetera. With the Apple Watch, my iPad, and a subscription to this iHealth app, which you can get as part of this Apple plus thing you can buy for 30 bucks for the whole family, 30 bucks a month. I don't know how many I have seen probably a hundred different workouts on there. It has different workouts, different types of weightlifting, running, jogging, treadmills, elliptical machines, everything. You can pick your pace. You can pick your instructor, you can pick everything. Then your Apple watch is monitoring your body. As you're working out. So it's telling you how many calories you've burned. What's your heart rate is to help keep your heart rate in the best range for you, depending on what kind of a workout you're doing. It also lets you compete against other people. Does this sound like an ad for the Apple watch? You can compete with other people your age doing the same workout and see where you're at. I was really surprised because typically I am at the front of the pack when it comes to my treadmill workouts. That's really cool as well. Those are some of the basics. There are other things too, that Apple is doing. We've found, right now, that Mount Sinai just came out with an announcement and they said that the Apple watch can predict COVID 19 diagnosis up to a week before testing can detect it. Yes. Isn't that something? Not only can the Apple watch help with certain heart arrhythmias, but it can predict that you have COVID-19 too a week before testing normal testing. Those swabs can find it out. This is from the journal of medical internet research, which is a peered review journal. And they found that wearable hardware and specifically the Apple watch can effectively predict a positive COVID-19 diagnosis up to a week before the current PCR-based nasal swab tests. They called this the warrior watch study. They had a dedicated Apple watch and the iPhone app, and they had some participants from the Mount Sinai staff and it required, of course, these staff members to use the app to turn on the health and data monitoring and collection, and also asked them to fill out a survey every day to provide some feedback about their potential COVID-19 symptoms. As well as other things like stress can obviously make your heart rate, go up your blood pressure, go up, et cetera. Oh. By the way, Apple, supposedly the rumors are, we'll have a BP sensor in the Apple seven that'll be out later this year, most likely. So they had several hundred healthcare workers and the primary biometric signal. I know that the studies authors were watching was heart rate variability. This is fascinating to me because it's something that I learned about fairly recently. Then when I got my Apple watch, I read up more about this, but basically, heart rate variability is what it sounds like. It's your heart rate. Let's say your heart is beating at 60 beats per minute. It is not beating once every 10 seconds. It is not beating once a second. Your heart rate will vary over the course of that minute. If you're healthy. Obviously, a beat every 10 seconds isn't 60 a minute. Let's use that as an example. Somebody who's almost dead and has six beats per minute. The first heartbeat might be at 10 seconds. The second heartbeat might be at 22 seconds because your heart is supposed to vary its rate of contractions based on immediate feedback. It's not just that you're going out in your running and now you've driven up your heart rate and you're doing your cardio and it or you just walked up a flight of stairs or you stood up, which is another test, by the way, what we're talking about here. You might just be sitting there, but your cells have a different need for oxygen or for the blood. The heart slows down slightly or speeds up slightly. This heart rate variability is something built into the Apple watch and into the iPhone app that you attach to the Apple watch. Isn't that useful without an iPhone, frankly? Then you can look at your heart rate variability right there. They said, combining that with the symptoms that people reported, these Mount Sinai staff, that the symptoms that they reported that were associated with COVID-19 including fever, aches, dry cough, gastrointestinal issues, loss of taste and smell corresponded with changes in the heart rate variability. I thought that was just absolutely phenomenal because heart rate variability is considered to be a key indicator of strain on your nervous system. COVID-19 obviously is going to put a strain on the nervous system. Just very neat. It says here that the study was not only able to predict infections up to a week before tests provided confirmed diagnosis but also revealed that participants' heart rate variability patterns normalized fairly quickly after their diagnosis or turning to normal run about one to two weeks following their positive tests. That's from a TechCrunch, that particular quote. I am very excited about this, but I am also on the concerned side. I'm concerned because they are collecting vital data from us. All of the major companies, Google and Microsoft and Apple want to be the company that holds all of your personal medical records. We're going to get back to that when we come back here. What is happening? How is your doctor managing your medical records? I was really shocked to find out how that industry is working. Of course, you're listening to Craig Peterson. Check it out online. Craig peterson.com. Welcome back. What are you doing? Are you asking your doctor how they are handling your medical records? Because I think you probably should based on what I learned just this week. Hi everybody. Craig Peterson here. Thanks for joining me. We were just talking about health. We're talking about the Apple watch and the fact that there's a lot of competitors out there, some of them, a fraction of the cost. If you buy the Apple watch on terms, you're going to pay less in one month's payment on terms to Apple than you would for some of these other watches out there, but Apple watches do have more features. Mine even has a built-in cellular modem. Even if I don't have my phone with me, phone calls come through to my watch and text messages, and I can respond and answer. It's really nice. Medically I am very impressed. It has been good at motivating me to do some exercise, to get up, and about just to do a bunch of things I had never, ever done before. Consider that. It is collecting our data. Apple now has potential access to all of my cardiac data. They've got EKGs that I have run on my watch. They know about my heart rate. They know how often I exercise, and how hard I exercise when I exercise. They know all of this stuff about me. I had a conversation with someone just saying why does that matter? Maybe it's Apple, maybe it's somebody else. Why does it matter? It does matter. Think about an evil genius, right? The thing about somebody that might want to target Americans and might want medical information about Americans. They can gather it in a number of different ways. We're going to talk about medical records here in a little bit. One of the things they could certainly do is grab all of our watch data. Some of these watches, including my Apple watch, have GPS built into them. When you're out running or jogging, you know where you went, you can plan your route and it'll remind you, Hey, turn here, turn there. That's one of the things I love about the Apple Watch when I'm using it with Apple maps out driving, it taps me on the wrist and reminds me, Hey, in 500 feet, you got to turn. If I look at the watch, it'll even show me the turn I need to make coming up in 500 feet. It's really amazing. All of this information is being compiled and hopefully, it's being compiled by a company that we can trust. At this point, we can probably trust Apple. Hopefully, they're not going to be broken into. Now, their margins or profit is high enough that they certainly can afford a security team, one capable of defending them and defending our data. I hope they are. I suspect that they are for the most part. How about some of these others? We know Google, for instance, is in the business of collecting and selling our information, is having all of our medical information. Not just the stuff from our watches, but the stuff from our doctors. Are they to be trusted with that kind of information? Going back to that bad guy, that mad scientist we can, and probably do engineer viruses that are targeted at specific things. In fact, the Russians have been doing it. The Soviets' started it, they came up with a phage. That can attack certain viruses and it acts like a virus it gets in and does this little thing. We've got right now, these COVID-19 vaccines and they act like a virus they're messing with, well effectively, the DNA. In fact, it's the RNA, but it's pretending, Hey, I got a message from the DNA, here it is. What if a bad guy knew that are a certain population in a certain area, and that area was right by this important military base or whatever they came up with something that would target them and they'd have all of the data to do it now. That's obviously an extreme example. A more common example would be that your medical data is there. It's being sold to advertisers and you're going to end up with something. For instance, there's a company, very big company out there and they sell baby products. What they did was they tracked and they bought this information, but they tracked women who were purchasing certain things. Now, they weren't purchasing things that were directly related to having a baby, right? They weren't purchasing diapers or little jumpsuits or whatever it is. They were purchasing things that were not directly related maybe people wouldn't even think they were typically related to having a baby. Yet they were able to figure this out. They got that good with the data. So they thought, Oh, okay let's get wise here. Let's send out a postcard, congratulating them on their pregnancy and offering them a discount on something. Yeah. Not a bad idea, frankly. However, in this case, some of these moms I hadn't told anybody that they were pregnant yet and didn't want to tell anybody that they were pregnant yet. It fell on its face. Didn't it? How about these ambulance-chasing lawyers that are out there? Are they going to want to gain access to this, to your medical records? How about your employer? Your employer wants to know I'm going to train this person. Hopefully, they'll stick with us for a while, but is he going to be a burden on our medical plan? Keyman insurance, health insurance, life insurance. Have access to everything about you. That's what really concerns me about these, all of these devices. Right now, pretty confident that I can give Apple this information and they will keep it pretty safe. But, I said the same thing about the Great Suspender, right? I don't know about the future. Then I found something out this week that was in my mind extremely disturbing. We have a new clinic that we've picked up as a client. They needed to have security. They had a couple of little security issues. They were worried. They knew they were not HIPAA compliant. They approached us because they know that's what we do is cybersecurity and audits and remediation. Fixing the problems. We pick them up. They're a client. We're in there. They had told us in advance that all of their medical record systems were on-line. It was on the web. All they needed was a web browser to run their business. Okay. That could be a problem. It might be okay. The medical records manufacturer might have good security on all of the records. So we may be safe, although in HIPAA unless you have a business process agreement in place with that vendor if that data is lost, it falls back on the doctor's shoulders. Anyhow, what I found out was, first of all, it wasn't completely web-based, which just shocked me. I'm not talking about they have to scan records or they got the x-ray machine or whatever. It really wasn't web-based and secondarily the company they were using for the medical records was a free service. The doctor, that clinic, was not paying for their medical records management software. The way it works is this medical records management company when the doctor prescribes something when the doctor performs a procedure and bills and insurance company, it's all done through this one company and that company takes a chunk of their money. In some cases we found seems to have been inflating the bills that went off to the insurance companies and that, as it turns out is a common practice in the industry. According to the doctors at this clinic, I was shocked, amazed. Something you might want to look at. Ask your doctors where are your records kept and are they secure? Now we had HIPAA. We thought that would secure it, but it doesn't. Stick around. Hey, we got a name now for what happened to the Great Suspender and QR code scanner apps over on the Google stores. One at Google Play, the other one over on the Google Chrome store. It's become that popular. Hey, everybody, I wanted to mention this whole new category of malware really, and they're calling it, right now, Buy to infect. What happens is a bad guy, a malware guy buys a legitimate app and then starts infecting it. We know, obviously, about the one that I've been talking about a lot the Google extension that I used to use all of the time, the Great Suspender. I mentioned this one a few weeks ago, it's called QR code scanner. It's been on the Google play store for a long time, had more than 10 million installs and then all of a sudden it became malicious. This is a little bit of a different angle on it because, with the Great Suspender, the ownership of that software actually transferred to somebody. With QR code scanner, they were working on a deal with a company and this company wanted to verify the Google play account for QR code scanner. This is all according to the owner, the original owner of QR code scanner. They said that what had happened is part of this purchase deal. I let them have a look and gain access to the software's key and password prior to purchase so they could confirm the purchase, which doesn't sound too bad. Apparently, as soon as they got a hold of the software's key and password, forget about the purchase, we're going to start infecting it right away. It ended up getting that app, the QR code scanner app, pulled right from the Google play score store. Of course, now you don't need that quite as much because most of the phone apps when you go to take a picture, the camera apps have built into them, a QR code scanner. I thought that was fascinating what they did. They totally cheated the company. They didn't even bother buying it. So a little word for the wise out there. Got another Apple story cause this is showing how the computer industry is really shifting. We've talked about some of the shortages of chips and the shortages of computer chips are so bad that General Motors has had to shut down two-thirds of its manufacturing lines in at least one plant. Every major automobile manufacturer is having problems making cars because they can't get the chips. Remember nowadays, a car, a truck is essentially just a computer on wheels. Not really actually computer on wheels. It's really dozens of computers all linked together with a network on wheels. Apple has been worried about that, right? Supply chain. That's one of the things you're supposed to worry about as a public company. What are the risks going forward including to my supply chain? Obviously your supply chain matters. You gotta be able to make something you need parts, right? Apple has been upset with Intel for a while. You might remember Apple. When it first came out, was using a Motorola chipset, which was exceptional much better than the Intel chipsets. Of course, that's my opinion, a lot of people agree with me. You had the 68000, 68010, and 20, et cetera. Very good chips. When Apple started getting into the laptop business, that's when the problems started to happen. These Motorola chips gave off a lot of heat and used up a lot of electricity. At the time Apple looked around and said our only real alternative right now is Intel. Intel has a whole line of chips, different speeds, and they have mobile chips. Those mobile chips use much less power than the Motorola chips for the main CPU. They also use less battery. Those two go hand in hand and generate less heat. That's it all goes hand in hand. So they said, we'll start working with Intel. They did. Intel really disappointed them more than once, which is a shame. They disappointed them with the 64-bit migration. AMD, advanced micro devices, beat Intel to the punch. Shockingly Intel started making AMD compatible CPUs right. The 64-bit extensions to the CPU were AMD extensions. They had problems with some of their other chips as well. Mobile chips getting the power usage under control, the heat dissipation problems under control, and they never really lived up to what Apple was hoping for. What everybody in the industry was hoping for. In many ways, Intel has been a huge disappointment, which is really a shame. We'll look at what they did to the industry, with these predictive instructions, the hyper-threading, and stuff. Where bad guys were able to bring a computer to its knees. What does Intel say? Here's a firmware patch you can apply to our CPU, those little CPUs you pay upwards of $2,000 for a piece for one chip. Those CPU's and by the way, it's going to, cut its performance by a minimum of 20%, maybe 50%, that's okay. What are you kidding me? A lot of people were upset with Intel and Apple and Microsoft and everybody released patches that use the new Intel microcode. You might've noticed when this happened a couple of years ago that your computer slowed down. I certainly noticed, actually, it was little more than a year, anyway, I noticed it because I own a data center. That has a lot of Intel chips in it where we're running mostly Unixes, Linux, and BSD, but we're also running Windows. So the only way to work around this bug was to apply the patch and slow everything way, way down. Imagine how Apple and Google felt with their huge data centers. IBM too. IBM has Intel-based data centers, as well as its own chips, and boy talking about phenomenal chips, as far as processing power goes, IBM, man, they are still the leader with the power chips and their Z series. That just wow. Mind-blowing. Most of us are stuck in the Intel world. Apple said we can no longer trust Intel. So what are we going to do? Apple said we've been developing this chip for a long time. Apple took the chip design, they licensed it from this open sourcee type of company that has a number of members. They took this arm architecture and were able to improve it, and keep adding to it, et cetera. They're still part of this Alliance. They started using these in their iPhones. The iPhones have been using these chips the whole time and they started improving them after they released the first iPhones. Intel didn't really get them upset until a little later on, too. They came up with newer ones, faster ones, better ones, right to all of these A10 their bionic chips. They've got AI chips, machine learning chips, all Apple designed. Chips, of course, manufactured by third parties, but that's what Apple is using. Apple has now said we expect all of their Macintosh computers to be based on Apple's CPU within the next two years. There's already some really good ones out there right now that people like a lot. We've been using them with some of our clients that use Apple. Not everybody has had great luck with them, but Apple is not only ditching Intel, that's not the big story here. Apple's got some job listings out there looking to hire engineers. So when we get back, we'll tell you more about what Apple is doing and what frankly, I think the rest of the industry should look at. Guess what? They are. It's been Intel versus the rest of the world. They've been winning for years in many categories, but now they're starting to lose, as major manufacturers are starting to leave Intel behind. But there's more to the story still. Hi, everybody.. Craig Peterson here. Thanks for tuning in. We're glad you're here. In the last segment of the day, I want to point everybody to the website, of course. You can get my newsletter. It comes out every Sunday morning and it highlights one of the articles of the week. It gives you a pointer to my podcast. So you can listen right there. There's just a lot of great information. Plus I'm also doing little training. I'm sending out, hopefully, next week, two little training sessions for everybody to help you understand security a little better, and this applies to business. However, it's not. Strictly business, much of what I talk about is also for home users. So if you want to go along for the ride, come along, we'd be glad to have you. There's a lot to understand and to know that you won't get from anywhere else. It's just amazing. Many other of these radio shows where they are just nothing but fluff and commercials and paid promotions. I'm just shocked at it. It goes against my grain when that sort of thing happens. Absolutely. We were just talking about Apple and how Apple got upset with Intel, but they're not the only ones upset. We also now have seen a lot of manufacturers who have started producing Chromebooks and surface tablets that are based on chip sets other than Intel's. This is going to be a real problem for Intel. Intel has almost always relied, certainly in the later years has relied on Microsoft and people bought Intel because they wanted Windows. That's the way that goes. It's just like in the early days, people bought an Apple too, because they wanted a great little VisiCalc, the spreadsheet program. Now, what we're seeing are operating systems that do not require a single line of Microsoft software. Google Chrome is a great example of it. Linux is another great example and people are loving their Google Chrome laptops, and you can buy these laptops for as little as 200 bucks. Now you get what you pay for and all the way up to a couple of grand and they don't have a line single line of Microsoft code. Yet you can still edit Word documents and Excel documents, et cetera. They do not contain any Intel hardware. What was called, well, they might have a chip here or there, but not the main CPU. What used to be called the Wintel monopoly. In other words, Windows-Intel monopoly is dying. It's dying very quickly. Apple is not helping now. Apple, they've had somewhere between seven and 10% market share in the computer business for quite a while. Personally, I far prefer Apple Macintoshes over anything else out there by far. I use them every day. So that's me. I don't know about you. There's a little bit of a learning curve. Although people who aren't that computer literate find it easier to learn how to use a Mac than to learn how to use Windows, which makes sense. Apple has really done a great job. A bang-up job. With these new chips, it's getting even faster. We are now finding out from a report from Bloomberg who first started these, that Apple has been posting job listings, looking for engineers to work on 6G technology. 6G, right now we're rolling out 5g, which hasn't been a huge win because of the fact that if you want really fast 5g, like the type Verizon provides, you have to have a lot of micro-cell sites everywhere. They have to be absolutely everywhere. Of course, it's just not financially reasonable to put them up in smaller communities. If the Biden administration continues the way they're going with the FCC and the open internet type thing of a-bits-a-bit, then there will be no incentive for any of these carriers to expand their networks because they can't charge more for better service. If you can imagine that. Ajit Pai fought against that for many years, Trump's appointee as chairman to the FCC, but things are changing. The wind has changed down in Washington, so we'll lose some of those jobs and we're not going to get all of the benefits of 5g. If he keeps us up. 6G is coming. What that means is Qualcomm, who is the manufacturer of record for most of the modems that are in our cell phones. Qualcomm has also missed some deadlines. Apple is tired of dependencies on third parties because Qualcomm might have somebody else that buys way more chips. It might be able to sell the same chip to the military of whatever country for a much, much higher price. They can sell it to consumers. Maybe they just change the label on it and call it a mill spec, and often goes right, who knows? What they're doing out there, but Apple doesn't want to do that anymore. They are looking for engineers to define and perform the research for the next generation standards of wireless communications, such as 6G The ads say you will research and design next-generation 6G wireless communication systems for radio access networks with emphasis on the physical Mac L two and L three layers. Fascinating, eh? What do you think? I think a huge deal as Apple continues to ditch, many of its vendors that have not been living up to the standards Apple has set. Apple has moved some of the manufacturing back to the United States. More of the assembly has been moved here. The manufacturing, it's starting to come back again. We'll see the Trump administration really wanted it here. We need it here, not just for jobs, we needed it here for our security. We've talked about that before, too, right? I want to also point out speaking of Apple and manufacturing, China, of course, does most of it for Apple and Foxconn is the company in China that makes almost all of this stuff for Apple. It's huge. Foxconn owns cities. Huge cities. They have high rises where people basically don't see the light of day, these high rise factories. You live there, you eat there, you shop there, you work there. Like the old company store who is it, Tennessee Ernie, right? Owe my soul to the company store. That's what's happening over there. And Foxconn has kept its costs low by bringing people in from the fields, if you will, out there being farmers and paying them extremely low wages. On top of all of that, in some cases they're using slave labor. I found this article very interesting, from Ars Technica's, Timothy B. Lee. He's talking about a potential partnership between Apple and Nissan. Let me remember. I mentioned Apple talking with Kia and Kia is denying it. The financial times reported on Sunday that this potential deal between Apple and Nissan fell apart because Apple wanted Nissan to build Apple cars, they would have the Apple logo on them. They all be branded Apple. It wouldn't say Nissan unless you took something seriously apart you might find it inside. Nissan wanted to keep the Nissan brand on its own vehicles. Bloomberg reported last week that the negotiations with Kia and of course its parent companies Huyndaiin South Korea had ended without a deal. The Financial Times said that Apple has also sounded out BMW as a potential partner because Apple doesn't make cars. So how are they going to do this? Apparently the talks faltered with Apple and Nissan because Nissan had a fear and apparently this is true of Kia too, of becoming quote the Foxconn of the auto industry, unquote, which is a reference to this Chinese well it's Taiwanese technically, but a group that manufacturers are while actually assembles the iPhones. Fascinating. Isn't it fascinating. When you start to dig into this self-driving technology and the numbers behind it, that's where you wonder, why is Apple even trying at this point, Apple's test vehicles only traveled 18,000 miles on California roads. Between 2019 and 2020, or over the course of about a year, late in both years. 18,000 miles in a year. Heck, I've done that before with my own car. Waymo, which is Google's self-driving project put on more than well, about 6
In 2018 verdween niet alleen de WK-hoop van de Belgen in een vingerknip, maar ook de coolheid van Snapchat. Nu kennen ze bij Snap wel iets van zaken die vliegensvlug verdwijnen, maar dit was andere koek. Toen ontdekten ze dat je niet per se cool hoeft te zijn om vrienden te hebben, maar je die ook gewoon kan kopen. Hadden ze dat maar eerder geweten bij Intel. Ooit koning, keizer, admiraal, nu gaan ze langs met de zilveren schaal. Dat hadden ze 25 jaar geleden niet kunnen voorspellen! Welkom in Computer Club, een podcast door Frederik 'Freddy' De Bosschere & Thomas 'Smollie' Smolders. Met dank aan Sebastiaan Van den Branden & Toon De Pauw voor de technische hulp. Wekelijks bespreken we de actualiteit op vlak van technologie en gaan we op zoek naar interessante feiten en innovaties. Af en toe nodigen we zelfs een gast uit. Er zijn ook jingles. Shownotes: http://computerclub.online/afleveringen/130-snapchat-wintel Merchandise: http://computerclub.shop
The 16:9 PODCAST IS SPONSORED BY SCREENFEED – DIGITAL SIGNAGE CONTENT When I got into digital signage 20+ years ago, and for many years after that, PCs dominated the media player side of the business. The big questions were around whether to use Windows or Linux, and products were differentiated on things like size and ruggedization. That's changed in the last few years, with more and more digital signage networks going in that used low-cost embedded players in smart displays, or worked off special purpose media players or adapted set-top boxes. That's shifted the ground for Seneca, an upstate New York specialty computer company that's been in the game for decades. Seneca is part of the Denver-based AV/IT distribution giant Arrow. There's no doubt fewer digital signage networks now run on PCs, particularly when there's only simple messaging like menu boards. But demands have also changed, and a lot of networks that are based around messaging are driven by real-time data and analytics that need serious computing at the edge. Kevin Cosbey has also been in the industry for a bunch of years, and the last several have been with Seneca, where he leads business development in the digital signage sector. We had a great chat about where PCs fit right now in the industry, and we get into how and why Seneca has put resources into developing supporting software that makes commissioning PCs way easier, and gives partners new and better remote management tools. Subscribe to this podcast: iTunes * Google Play * RSS TRANSCRIPT So Mr. Cosbey, we've known each other for a very long time, but for those people who don't know Seneca and to a larger extent, Arrow, can you say what that's all about and what you guys do? Kevin Cosbey: Yeah, absolutely. Thanks, Dave. Thanks for taking some time out of your day today. I really appreciate the opportunity. So Seneca has been a 30 plus year organization that has its roots in traditional technology distribution, and over the course of those 30 years, six years ago, Arrow Electronics actually acquired us, and since then we've been part of the Arrow family as it worked. Ultimately, for those that are familiar with Arrow, a lot of people might just have the normal idea that Arrow's a big IT distribution company, but we fall under the services group. So our focus still is around services as it relates to digital signage services, as it's around technology to build a real solution and not just focus on speeds and feeds of hardware. So Arrow is a big massive company but the nice thing is: Seneca still runs through our veins. And the company's based in Syracuse still, right? Kevin Cosbey: Yep. The majority of our engineering group is in Syracuse, support’s in Syracuse, and we've got a light manufacturing facility still in Syracuse and a large manufacturing facility in Phoenix. Okay, and Arrow's based in Denver, right? Kevin Cosbey: You got it. So when I look at the Seneca website, I see that you guys are into broadcast surveillance and digital signage being the key solution you talk about. What percentage roughly, I don't need the exact number of the work that Seneca does is around signage? Kevin Cosbey: It's about 50%. Oh, okay, so that's a big part of your business. Kevin Cosbey: Yep, absolutely. And how has that shifted through the years? Kevin Cosbey: When we first started getting into, what I like to consider niche computing, we were really that digital signage OEM focused company. And then through the years, through those 10 or so years we've really focused and dialed into niche computing, that created the new division of the security group. And they've been growing through the years as well. So we used to be like a hundred percent ish, on the niche computing focus in digital signage and over the years, security and surveillance has grown substantially. Okay. And with signage itself, I've been doing this for 20 plus years now, and when I got into it and for the first many years, it was all about what kind of PC to use and that's what people used and the debates were around do I use Windows or do I use Linux? And the PCs are being marketed and sold as much on form factor and processing power as really anything else, and a lot has changed since then. And I'm curious how it is with the business in that, you know you talked about a niche, how do you make the argument now of using a PC versus using a system on chip smart display versus using a set top box or an HDMI stick, whatever it may be. Who's still using PCs, and am I wrong in thinking it's a niche and It's used more than I think? Kevin Cosbey: Great question. Glad you asked it. So it's a lot to unpack with that question cause you know, similar to you, I've been in space for 15 years. I've seen a lot of interesting changes in the industry as a whole, way back when everything was PC, and it's not to say we were just thinking the industry is going to stay running Intel based platforms forever. We saw that higher performance chip sets are coming out from different chip set manufacturers and here we are today with a variety of capable chipsets that can produce and run 1080p or 4k content on a display. There's a lot of differences in our industry however, where not everyone just needs to have a 1080p fullscreen content running 365 days a year. There's more to it, there's more stuff that's happening at the edge today than there was 10 years ago and that's what we're keeping up with. Now, I do want to back up a little bit though and say the PC used to be pretty much the media player way back, and now we're seeing ourselves and I use this analogy a lot. I don't mean it that we were the best out there, but we were like the iPhone. We were the first to market as a media player. And then you started to see Android phones and you started to see all these other bits and pieces. Now, the nice thing is all of these other bits and pieces that are getting added to the marketplace, they validate our industry as a whole. So when we have SOC out there that is grabbing market share and when we have other purpose built devices that are grabbing market share, it's increasing our entire industry value. So yeah, we don't have a hundred percent of the pie anymore, but as that pie expands, we continue to have significant market share and that's really what we're after. We're not going after some folks that may consider SOC to be perfect for what they need and ironically, actually many instances where SOC is running, we're actually the primary media player and SOC is used as the redundancy, which I love that partnership. That's a really good useful way to have technology ensuring redundancy in high impact environments and really important environments. Yeah, I've heard that in a few cases for kind of mission-critical displays like Airport displays and so on where the smart side of the display is the fail over but the big video wall or whatever is handled by a much beefier industrial grade box. Kevin Cosbey: Yup. And then just another aspect of your space, despite the entrance of other folks in the industry that are producing media player type solutions or media streaming devices, year over year we've had consistent growth. There's a lot of massive enterprise networks out there that will usually only consider using a Wintel based platform and that's just based on the way their corporate structure works, the way their staff works, the way their entire organization functions on a global perspective. And in a lot of those cases, when you have an IT team with a bunch of Dr. Nos who only say no, we only use a PC or whatever, are they not also quite often saying, and we only use Lenovo, or we only use this brand name or that brand name, there are our kind of base contractor vendor for PCs? Kevin Cosbey: Great question. And historically, prior to Seneca being part of that Arrow family, we used to just have the Seneca stuff, and now that we're part of the Arrow family, we are an HP OEM, Lenovo OEM, Dell OEM. So we can still wrap all of the goodness of Seneca, which is, building systems specifically for an enterprise level opportunity and adding all of the functionality to that device. So when someone hits that power button, it runs the exact experience they want it to run. So reducing that setup time significantly at the end user destination. Yeah. Let's talk about that. I've been out to the Seneca facility in Syracuse a couple of times when I used to live much closer than I do now and that was one of the big things is when you're buying your PCs, your media players, whatever you want to call them servers. It's not like buying something off the shelf at a Best Buy or at a big box from a computer manufacturer. It's commercial or industrial grade. There's a lot more going on. Can you lay out what you guys do that would differentiate it from a manufacturer that's not going out to thousands of units a day? Kevin Cosbey: Absolutely. So you've just hit on one major key point is that we're not producing thousands of devices and then figuring out how to sell it. We have two major channels, two major go to market strategies. One is our OEM space and we are an OEM equipment manufacturer, or contract manufacturer for a lot of software companies out there that want absolutely nothing to do with hardware. So we bear that burden on their behalf. We grab their IP, their brand, their software, and we build it into our systems, our reference design systems, and we manage logistics. We manage just in time inventory so they can focus on software. We focus on hardware and that end user/end customer gets a device, a purpose-built device that is branded as that experience now. I was just going to say, I remember several years ago when Intel came up with its Nuc which was a nice little tiny box, but it looked very much like a consumer grade plastic box that would be perfectly fine on a credenza in a home or something like that. But then Seneca came out with its own version of the Nuc and it was the same reference design, but it was industrial grade. It was fabulous. It was made for business use, it was ruggedized to actually work out in the field for more than a week or something. Is that kind of how you guys approach this, in that ”we do computing, but this is thought through in terms of what the use cases are”? Kevin Cosbey: That's exactly right. You sold it better than I could have Dave. But yeah, that's exactly right. We've become, over the few decades that we focused on niche computing, experts at taking off the shelf technology and designing it in a very purpose-built manner. So yes, Intel is a great partner of ours. We use a lot of their technology in a lot of our stuff, but we've recognized that Intel is for mass consumption on a lot of their platforms and digital signage isn't really looking for just a mass consumption solution. They're looking for something that's a little bit taken a step further and thermal design is important. Power supply embedded in the system is important. Output is important from an HDMI perspective or display port, whatever that case is. And that's the stuff we take from the Intel board itself and we'll grab USB hatters off of it to increase the IO on our chassis. We'll do all these creative things to take what exists from a global consumption perspective and take it to that next level to ensure it's perfect for what the industry needs, not just that customer/ The rise of things like audience measurement technologies, computer vision, that sort of thing and demand for more computing at the edge of a network, at the device that may be pushing content to the screen but that device is also being asked to do computer vision tasks of some kind and so on, has that helped the sales effort as well, in terms of you can maybe do that with a smart display or maybe possibly, probably not with a set top box kind of device, but you can buy a small form factor, industrial grade PC that you can tool up with on i5 or an i7 or whatever and it can do multiple things off of the same unit? Kevin Cosbey: Spot on again, Dave, you're crushing it out there on the hardware side. Exactly. To your point, we're starting to see and have really for the past few years that there's a shift from our perspective where not everything has to be computed in the cloud and a lot of stuff needs to happen at the edge, and as that edge becomes more in demand from a computing perspective, from a headroom perspective and future-proofing perspective, that's where we're starting to see folks that used to be on an i3 actually start looking at an i5 and i7, and of course you've got Moore's law, right? Where the computing capabilities at the edge just become more powerful as the years in technologies increase. So even some folks that we were able to get away with, if they're doing 4k at the edge and running some other computer, maybe they used to be on an i5 and now five years later, we're actually seeing that to keep up with that same demand an i3 is going to be appropriate. So it's both ends of the spectrum. And then as you get into the larger stuff where it's like a Time square video wall, that's our hardware throughout the partner, Diversified. And that was built specifically with really crazy computers in mind and crazy videos in mind. And that's very, purpose-built high compute power is required for that type of solution. Yeah. You guys have servers that drive any number of very large seriously large pixel displays, right? Kevin Cosbey: Yeah, like the Orlando airport that is like a mile or so of continuous displays that is using our hardware for hardware synchronization and hardware synchronization, again, getting that compute down to the edge instead of constantly relying on the cloud, you're not going to experience latency. You're not going to experience any major issues at the edge. It is as full-proof as it can possibly get. And at the edge, the demand, and really the rise of dynamic signage, this idea that what you're gonna see is based on what other business systems are telling you is that sort of decisioning that maybe you could do it in the cloud, but really it needs to be at the edge at the individual devices too, to work best? Kevin Cosbey: Yeah, and just having that latency no longer a concern, so if you're doing drive through type menu boarding solution, and you want to do as much analytics as you possibly can to design content around certain environmental information, it's best to keep that computing at the edge, because there will be no latency going up to the cloud computing and then coming back down to the device. So having those decisions made at the edge is far more powerful than having to send everything up to the cloud. The same reason that, a Tesla car, the amount of computing that is done inside of the car is substantially more than probably people think. So you guys have started marketing something called Maestro, can you tell me what that is and where that came from? Kevin Cosbey: Yeah, absolutely. So we recognized that out of our OEM group, a lot of the OEM folks have started to sell to a broader group of people, the channel. And over the years we started seeing that, all right, now we have these five-six media players, and we've got these 28 software partners, and I'm not going to do the competition here, but it comes up with a ridiculous amount of combinations of hardware to software. And now we've got to have all of our partners telling us, “Hey, Kevin, I really want to have an HDN with a BroadSign app”. Okay, now we've got to put in that information and then we build to order and send that out. Instead of having all of these different SKUs and part numbers in a very complex and convoluted way, we grabbed all of our software partners. So that's Broadsign, Navori, SignageLive, Appspace, Ping HD, Acquire Digital, and then on the analytics side, we've got Ad Mobilize, Visibility and we've bundled them into a single platform called Maestro. And that comes on all of our media players as a simple, easy to use out of box software tool. So it just helps people automatically optimize the operating system for a digital signage environment. The next step is you just click on BroadSign, for example, if that's your CMS, it auto installs all of the BroadSign programs that are required to run on that system. It changes anything that BroadSign needs to the operating system. So everything is taken care of. And then of course, if you want to add Ad Mobilize to that platform, you click on add, Ad Mobilize, it installs it, and now you have a very simple point and click setup process and a BroadSign and Ad Mobilize player right out of the box. And what led to that? Kevin Cosbey: It really was just mostly confusion. We had a database of all of these part numbers, all of this stuff, and we realized we need to get everything together in an effort to be more aggressive in our channel space. So we've got a lot of really good channel customers, but we need to make their install process as easy as we could possibly make it, reducing their time at the install. So we've partnered up with the same folks that they're partnered up with to make their lives as easy as we could possibly make it. So one of the features and benefits, I'm just looking at the webpage here is you talk about saving hundreds of keystrokes. How is that? Just because of all the monkey business to get multiple systems working? Kevin Cosbey: Yeah. So you've got Microsoft Windows, which is a wonderful operating system. I can't say anything negative about it. But ultimately it's built for mass consumption. So again, how do we take something that's built for the entire world to use from an operating system level and make it perfect for signage? Usually when somebody gets a media player that's running on a Windows environment, they've got to go through and they've got to do certain things to the operating system. They've got to do this to the graphics card, through the drivers. They've got to do this and X, Y, and Z. Well, instead of having the installer do those things to suppress errors, so you're not going to have errors on that top layer of content, which I'm sure we've all seen out, out in the wild. This Maestro platform that the minute you boot it up, when it goes into the operating system, it auto goes through all of this stuff so that technician doesn't have to do anything. And then it goes through a reboot when it pops up that second time, then you're installing BroadSign. Broad sign has certain things that need to be done, certain hooks into the operating system that need to be done with a mouse and keyboard. We've just done it by just clicking BroadSign and installing it goes through that whole process. So we've scripted the whole process. So yeah, maybe a hundred clicks isn't the same for installing Ping HD or it's only 50 clicks for BroadSign, but it hovers around a hundred clicks that we've actually gone through the setup and jotted down how many clicks we're saving folks on average. So in essence it's removing what can be a giant pain in the ass? Kevin Cosbey: That's it, yeah. We'll change that to the marketing slogan. (Laughter) There's something to be said sometimes for plain language. What's been the response from your ecosystem? Kevin Cosbey: Really happy. It's been this thing in my head for a while and there's risk involved when you're doing it. Paradigm shift within the organization and our engineering group got behind it, all of these folks got behind it into this. How do we make the channel so much easier? And we've gotten incredible feedback from our partners that we didn't think we were going to get. And it's just been like, I don’t know, heartwarming a bit that we're hearing such good feedback, like “You guys have thought of everything.” Wow. All right. That's pretty cool. That's good to hear. It's been really good. And was that all done in house or did you have to find a third party to do some of this stuff? Because you're mostly gear guys and not software guys. Kevin Cosbey: We’re mostly speeds and feeds dudes, but ultimately we've got pretty good software engineering prowess when it comes to an operating system level stuff. We've been building operating systems because we build hardware. We've been doing it for decades. Now, if someone said, “Hey, Kevin, can you build me a CMS?” No, that's not our game. That's not our software expertise, but absolutely OS level stuff, that's our area of expertise. Before I hit the start button here, we were also talking about something that was introduced earlier and you said it's going to spin up a lot more in 2021 called X-Connect? Kevin Cosbey: Yeah, that's right. We've had a platform called X-Connect in our security and surveillance group for about five years, so it's been developed as a very mature platform and it allows people to, from a simple dashboard, see all of their network, video recorders, right in the security and surveillance group. And it would allow them to see all their IP cameras. So from one dashboard, they can see everything and they can manage those devices. Of course, that bright light went off in our group saying, “Hey, guys we see a pretty big need for this in the digital signage world.” That the difference is now that instead of it residing on a massive beefy high performance server, we needed to figure out how we take all of that incredible goodness in seeing what's going on in the server environment and bring it down to an itty bitty little media player that is sometimes running a little Intel Celeron chips up, and of course we can't impact content. Content is the number one thing that has to be running on these devices and if we have any impact on that, then we're just going against the grain. So it took the engineering group quite a while, but they were able to successfully deploy this X-Connect platform, which allows monitoring and management and the management is the big key function here. Anybody can send out a monitoring platform to see green lights and red lights. But if you want to actually reduce your truck rolls, you've gotta be able to remotely manage these devices. So what this system allows us to do is it sends out remote commands down to devices. Of course, simple reboot commands, that's all table stakes, but now we're at a level where I'll use an example, we've got a customer where they were complaining that out in the wild, it was in a retail environment for whatever reason, people were somehow bumping into the power button and it would somehow get that graceful reboot going well. We went to the engineering group and with the customer working with us, they were like, “can't we just get rid of the power button?” Yeah, technically we could. So through the X-Connect platform, thousands of devices out in the field didn't require a truck roll and remotely, we disabled the power button on the system. So now technically the only way to reboot it is remotely through our system, which our partner and managed service provider is providing all those services. So a really cool application. Yeah. I get a sense, through the years, when it comes to truck rolls, there are times when something catastrophic has happened and you absolutely need a technician there, but there's one hell of a lot of truck rolls that are just about a cable that's come loose or power button turned off or something, right? Kevin Cosbey: Yeah, absolutely. I was just on a call before chatting with you, Dave, where one of the big topics of that discussion was it's the unknowns that are going to kill a network and truck rolls are the big unknown. So if we can mitigate that and bring it down to a manageable level where it can be understood almost as how many truck rolls do you think are going to happen for a network. And then on the back end, a managed service provider or an integrator or whoever it is on the X-Connect platform can resolve stuff remotely and allows organizations to scale their network a lot faster than they otherwise would. So with your CMS partners, a lot of those guys, like the Novari's and so on, they have device management of some kind that's built into their software front end. Is what you bring with X-Connect supplementary or is there an API, does it replace what they have, how does all that work? Kevin Cosbey: Yeah, it's intended to be the single pane of glass for an organization, and it does have an open API framework. The nice thing about the X-Connect platform is if organizations need to ingest other information, then we can ingest that information into X-Connect. So for example, Novari, they've got a great platform that can see a lot of what's going on in the device. But because we're the hardware manufacturer, we can just see more of the technology layer of the technology stack. So in addition to what's going on with Novari, we can potentially ingest information from an IP camera, we can ingest information through HDMI CEC, we can ingest information through an SOC platform like magic info. So the idea here is that X-Connect has the capability of becoming that single pane of glass, to manage and monitor, not just the immediate player, but the entire stack. This is a little bit like what BrightSign is doing in terms of they've got boxes and then they've got a device management platform as well that kind of removes the need for the CMS provider or the solutions provider to develop their own thing. Is it a bit like that? Kevin Cosbey: I mean in the rudimentary sense of monitoring and managing, yes. In the higher level, more in depth perspective, our design and I'm no expert on the BrightSign platform, but our design is not very proprietary in that it is an open API framework and we can add on a host of other devices, if you want to add on perhaps a Lenovo device, no problem. HP devices, no issue, Dell devices, all good. So it's a little bit more open and you can manage an entire network of stuff and not just to the Seneca media player. So we're looking to go after, how do we help manage the entire infrastructure? Not just one piece of the puzzle. And it doesn't have to be x86 based? Kevin Cosbey: Written out, x86 based for basically monitoring the device itself, but then the device itself becomes its own gateway and it allows to see other stuff on that same network. Which is why you could see a Samsung smart display for instance. I'm curious, are you seeing other kinds of companies that are digital signage pure play companies or really even AV integrators or like that, just different kinds of organizations. I'm thinking like access control companies and other ones that in the past year have seen the need to be able to push information to larger screens. Are you starting to see non-traditional players come at you? Kevin Cosbey: Honestly on the PC side of the house, not really, no. We're seeing a little bit more where our traditional competition from 10 years ago is not consistently our competition as much as new entrants have become a competition. By new entrants, you mean like the smart display and set top boxes and so on? Kevin Cosbey: Yeah, exactly. But from a traditional x86 based system Wintel based platforms and this is just a gut reaction based on the industry, Seneca has focused so heavily in the digital signage space that I believe we've become strong leaders in the PC based digital signage media play world. Yeah, certainly there's three or four other companies that are selling into the same ecosystem, but in their case, it usually seems to be, “and we also do digital signage or this is among the things that we do” versus you guys, you're saying it's 50% of your business and you've got full-time people who that's all they do. Kevin Cosbey: Yeah. We've got an engineering group that's what they've been doing for 10 plus years. All right. So what might we see from Seneca/Arrow in the context of signage in the next 12 months? Kevin Cosbey: I'd say you're going to see a lot of us, virtually of course, this year we're really excited about the Maestro platform and the X-Connect platform. It puts us into a very serious solution offering for digital signage, just as we've been talking through this and you just mentioned a lot of folks have historically provided a small PC and we've done that for years. But now we're taking that next level. We always took that next level from a hardware side to making it a little bit more purpose-built and now we're starting to really dissect the whole process. So we're dissecting what our channel folks are doing, what are integrators doing, what do managed service providers do, what is the digital out of home space doing and how do we solve some of those industry problems? With technology and then of course, we've got a big Arrow behind us that we're happy to be a part of. So we offer Arrow Credit and financing to support really massive projects or projects that are just $10,000. We've gotten very creative in grabbing some of those Arrow pieces that historically we didn't have the capability of offering because of size. Yeah. I assume that if you had a very happy moment where you had an end user come to you and say “really interested in this, but here's the deal I need 40,000 units by the start of June” Old Seneca would probably say no versus now, you could actually say and I don't know if you could do that kind of number, but you could do a big number without people having a heart attack. Kevin Cosbey: Yeah. I'll still fall out of my chair, but I'll get back in the chair pretty quickly, whereas before I'd be left on the ground. But you'd be lying on the ground with a smile on your face. Kevin Cosbey: Yeah and the other cool thing with Arrow capital too, is we've partnered with our software partners. So we support the project with that end customer. So if it's, I don't know, Staples that wants to do a 2000 unit deployment, we will support the entire financial burden of that project and then let's say a software company, X is working it with us. Arrow capital will pay that software company for those three years of contracted services on day one. So now we've got a solution that allows our partnerships to be a little bit more financially stable as well. All right. Kevin, thank you for spending some time with me. I really appreciate it. Kevin Cosbey: Thank you, Dave. Happy new year and really looking forward to seeing you and everybody in the industry one day, maybe this year. Yeah, one day. I think it might not be until the fall, but fingers crossed. Kevin Cosbey: Fingers crossed, yeah. All right. Stay safe. Kevin Cosbey: Thanks Dave. You do the same.
From VOBS: Happy Holidays And GOOD BYE 2020! 2020 was a fascinating year! The VO biz certainly saw great things for some and not for others. One thing is for sure EVERYONE now needs a home VO studio. (We’ve only been warning you for the last 10 years!!) In this week's info jam-packed, Voice Over Body Shop TECH-TALK #47, Dan and George look at VO tech predictions for 2021! For example.. Mac sales will increase as WinTel falls. Next version of Windows will be in the cloud,Virtualization of mics gets cheaper, competition for the Sphere L22.Virtual Remote engineered VO sessions? Plus we give detailed answers to your submitted questions on: Proper input levels. (No one seems to understand that one) Proper care and feeding of our precious microphones. Source Connect and the new M1 Macs. Acoustical treatment in a larger room. And much more! Not much is going on this week, so catch it on all on Facebook @https://www.facebook.com/voiceoverbodyshop/ our homepage, VOBS.TV, and our podcast for those of you who love to listen on the go! VOBS can’t be here without YOU and our other great supporters: Voiceoveressentials.com, VOHeroes.com Sourceelements.com, VoiceOverXtra.com, VOICEACTORWEBSITES.com and JMC Demos jmcvoiceover.com/demo-production
Welcome! This week I am spending a bit of time discussing Bitcoin and other crypto-currency and their tie to Ransomware and a couple of things the Feds are doing from the IRS to DOJ. Then we go into the Gig Economy and thru the ramifications of CA Prop 22 and More so listen in. For more tech tips, news, and updates, visit - CraigPeterson.com. --- Tech Articles Craig Thinks You Should Read: The feds just seized Silk Road’s $1 billion Stash of bitcoin Uber and Lyft in driving seat to remake US labor laws The One Critical Element to Hardening Your Employees' Mobile Security Ransom Payment No Guarantee Against Doxxing Connected cars must be open to third parties, say Massachusetts voters Tracking Down the Web Trackers Apple develops an alternative to Google search San Diego’s spying streetlights stuck switched “on,” despite a directive Paying ransomware demands could land you in hot water with the feds Windows 10 machines running on ARM will be able to emulate x64 apps soon 'It Won't Happen to Me': Employee Apathy Prevails Despite Greater Cybersecurity Awareness Rise in Remote MacOS Workers Driving Cybersecurity 'Rethink' A Guide to the NIST Cybersecurity Framework --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] The silk road is back in the news as a billion dollars was just taken from their account. We're going to talk about mobile security, ransom payments, and doxing. And of course, a whole lot more as you listen right now. Hi, everybody, of course, Craig Peterson here. Thanks for spending a little time with me today. We have a bunch to get to. I think one of the most interesting articles, what kind of start with this week because this is a very big deal. We're talking about something called cryptocurrency, and I'm going to go into that a little bit. So for those of you who already know, just maybe there's something you'll learn from this little part of the discussion and then we'll get into Bitcoin more specifically. Then the secret service, what they have been doing to track down some of these illegal operators and also how this is really affecting ransomware. Those two, by the way, are just tied tightly together, Bitcoin and ransomware. So I'll explain why that is as well. Cryptocurrency has been around for quite a while now. There's a concept behind cryptocurrency and it's the most important concept of all, frankly, when it comes to cryptocurrency and that is you have to use advanced to mathematics in order to prove that you have found a Bitcoin. Time was you'd go out and go gold mining. Heck people are still doing it today. all over New England. It isn't just the Yukon or Alaska or Australia, et cetera. They're doing it right here. And they have proof that they found something that's very hard to find because they have a little piece of gold or maybe a nugget or maybe something that's like a huge nugget man. I saw a picture of one out of Australia that was absolutely incredible. Takes a few people to carry this thing. That is proof, isn't it? You can take that to the bank, ultimately. You sell it to a gold dealer who gives you cash. That you can then take to a bank. Then the bank account information is used to prove that you can buy something. You give someone a credit card, it runs a little check. Hey, are we going to let this guy buy it? Or a debit card? Hey, does he have enough money in the bank? So along with that pathway, you have something that is real. That's hard and that's the gold that was mined out of the ground. Then it very quickly becomes something that's frankly, unreal. Time was our currency was backed by gold and then it was backed by silver. Now it's backed by the full faith and credit of the United States government. not quite the same thing, is it? So we're dealing with money that isn't all that real, the United States agreed to not manipulate its currency. We became what's called the petrodollar. All petroleum products, particularly crude oil are sold on international exchanges using the US dollar. China is trying to change that. Russia's tried to change that. They're actually both going to change it by using a cryptocurrency. At least that's their plan. The idea behind cryptocurrency is that your money, isn't real either, right? You sure you've got a piece of paper, but it's not backed by anything other than the acceptance of it by somebody else. If you walk into Starbucks and you drop down a quarter for your coffee. Yeah, I know it's not a quarter used to be a dime. I remember it was a dime for a cup of coffee, not at Starbucks, but you dropped down your money. Okay. Your $10 bill for a cup of coffee at Starbucks, they'll take it because they know they can take that $10 and they can use it to pay an employee and that employee will accept it and then they can use that to buy whatever it is that they need. It's how it works. With Bitcoin, they're saying what's the difference? You have a Bitcoin. It's not real. Ultimately represents something that is real, but how is there a difference between accepting a Bitcoin and accepting a $5 bill? What is the difference between those two or that $10 bill that you put down at Starbucks? In both cases, we're talking about something that represents the ability to trade. That's really what it boils down to. Our currencies represent the ability to trade. Remember way back when, before I was born that a standard wage was considered a dollar a day. So people would be making money at a rate of a dollar a day. I remember that song, old country song. I sold my soul to the company's store and they made enough money just basically yet buy in to pay the company for the room and board and everything else they had. Interesting times, not fun, that's for sure for many people caught up in it. When you dig down behind Bitcoin, once you ultimately find at the root, was a computer that spent a lot of time and money to solve this massive mathematical equation. That's the basics of how that works. That's what Bitcoin mining is. Right now, it costs more to mine a Bitcoin. In most areas, then it costs for the electricity to run it and the hardware to buy it. There are computers that are purpose made. Just to create these Bitcoins, just to find them just to mine them. If you're sitting at home thinking, wow, I should get into a cryptocurrency and I'll just go ahead and mine it on my computer, that's really fun. It's a fun thing to think about. But in reality, you are not going to be able to justify it. You'd be better off to go and buy some gold or another precious metal. So that's how cryptocurrency has, how Bitcoin, that's how all of these really begin is just with the computer, trying to solve an incredibly complex math problem that can take weeks or months for it to solve. For those of you that want to dig a little bit more, basically, it's using prime numbers. You might remember messing with those in school. I remember, I wrote a program to determine prime numbers a long time ago. 45 plus years ago, I guess it was, and it was fun because I learned a lot about prime numbers back then. But we're dealing with multi-thousand digit numbers in some of these cases, just huge numbers, far too hard for you or I to deal with and that's why I take so incredibly long. Now we know how the value was started and that was with somebody running a computer finding that Bitcoin and putting it on the market. Now, normally when you're looking at market and market volatility, markets are supply and demand based except for government interference. We certainly have a lot of that in the United States. We do not have a completely free market system, not even close. The free market says I had to dig this hole and in order to dig that hole, I had to have a big backhoe. Before that, I had to have a bucket or maybe some other heavy equipment to move all of the earth out of the way, the bulldozers, et cetera. Then I had to run that through some sort of a wash plant and all of these things cost me money. So basically it costs me whatever it might be, a hundred bucks, in order to find this piece of gold, and then that hundred bucks now that it costs him to do it is the basis for the value of that piece of gold. Obviously, I'm not using real numbers, but just simple numbers to give you an idea of how cryptocurrency works. So it's a hundred bucks for me to get that piece of gold out of the ground. Then that piece of gold is taken and goes to some form of a distributor. So I'm going to sell that piece of gold to somebody that's going to melt it down. They're going to assay it and say, yeah, this is a hundred percent pure gold, and then they'll sell it to someone and then they'll sell it to someone and then they'll sell it to a jeweler who then takes it and makes jewelry. Every time along there they're adding stuff onto it. But the basic value of gold is based on how hard it is to get and how many people want to get their hands on it. The law of supply and demand. You've seen that over the years, it's been true forever. Really? That's how human trade works. Capitalism, in reality, is just the ability of strangers to trade with each other is just an incredible concept. What we're talking about here with the cryptocurrency is much the same thing. The value of cryptocurrency goes up and down a lot. Right now, one Bitcoin is worth about 15,000, almost $16,000 per bitcoin. We'll talk about that. What is Bitcoin? How can I even buy it? Pizza for the silly things were 16 grand, right? It's like taking a bar of gold to buy a pizza. How do you do that? How do you deal with that? So we'll get into that, and then we'll get into how the tie between cryptocurrencies, particularly Bitcoin, and the criminal underground. That tie is extremely tight and what that means to you. It is tied directly into the value of Bitcoin. Right now the basis is it costs me 16 grand to mine, a Bitcoin. Therefore that's where I'm going to sell it for, of course, there are profit and everything else that you put into that $16,000 number. We've got a lot more to get to today. We're going to talk about this billion dollars, which is, that's a real piece of money here that the feds just seized. Right now talking about Bitcoin. What's the value of it? How is it tied into criminal enterprises and what's going on with the FBI seizure this week? Bitcoin's value has been going up and down. I just pulled up during the break, a chart showing me the value of Bitcoin over the last 12 months. It has been just crazy. going back years it was worth a dollar. I think the Bitcoin purchase was for a pizza, which is really interesting when you get right down to it. The guy says, Oh yeah, what the heck, take some Bitcoin for it. Okay. here we go. May 22nd, 2010 Lasso Lowe made the first real-world transaction by buying two pizzas in Jacksonville, Florida for 10,000 Bitcoin. 10,000 Bitcoin. So let me do a little bit of math here. Let me pull it up here. Today's price is about $15,750,000. So he bought it. Two pizzas for the value today, Bitcoin of $157 million. That's actually pretty simple math, $157 million. Okay, that was 10 years ago. The first Bitcoin purchase. So it has gone up pretty dramatically in price. I think the highest price for one Bitcoin was $17,900. It was almost $18,000 and then it's dropped down. It has gone up and it has gone down quite a bit over the years. It seems to have had a few really hard drop-offs when it hit about 14,000. Right now it is above that. So I'm not giving investment advice here, right? That's not what I do. We're talking about the technology that's behind some of this stuff, but one Bitcoin then. Is too much for a pizza, right? So he paid 10,000 Bitcoin for his first pizza. That's really cool, but, ah, today where it's another word, the Bitcoin was worth just a fraction of a cent each back then. Today you can't buy a pizza for one Bitcoin. So Bitcoin was designed to be chopped up so you can purchase and you can sell them at a fraction of a Bitcoin. That's how these transactions are happening. Now there's a lot of technology we won't get into that's behind all of this and how the transactions work and having a wallet, a Bitcoin wallet, and how the encryption works and how all of these logs work. The audits, basically the journals that are kept as accountants and how a majority of these have to vote and say that particular transaction was worthwhile. The fact that every Bitcoin transaction is not only stored but is stored on thousands of computers worldwide. Okay. There's a whole lot to that, but let's get into the practical side. If you are a bad guy. If you are a thief. If you're into extortion. If you're doing any of those things, how do you do it without the government noticing? In reality, it's impossible when you get right down to it. Nothing is completely anonymous and nothing ever will be most likely, completely anonymous. But they still do it anyway, because, in reality, they, the FBI or the secret service or whoever's investigating has to be interested enough in you and what you're doing in order to track you down. If they are interested enough, they will track you down. It really is that simple. Enter a convicted criminal by the name of Ross Ulbricht Ross was running something online, a website called the silk road. It was what's known as the dark web. If you've listened to the show long enough, the history of the dark web and that it was founded by the US government. In fact, the dark web is still maintained by the government. I'm pretty sure it's still the Navy that actually keeps the dark web online. The thinking was we have the dark web. It's difficult for people to track us here on the dark web and if we use something like Bitcoin, one of these cryptocurrencies for payment, then we are really going to be a lot safer. Then they added one more thing to the mix called a tumbler. And the idea with the tumbler is that if I'm buying something from you using Bitcoin, my wallet shows that I transferred the Bitcoin to you. All of these verification mechanisms that are in place around the world also know about our little transaction, everybody knows. The secrecy is based on the concept of a Swiss bank account. When with that Swiss bank account, you have a number and obviously you have a name, but it is kept rather anonymous. The same, thing's true with your wallet. You have a number, it's a big number to a hexadecimal number. It is a number that you can use and you can trade with. You've got a problem because, ultimately, someone looking at these logs who knows who you are or who I am or wants to figure out who either one of us is probably can. And once they know that they can now verify that you indeed are the person who made that purchase. So these tumblers will take that transaction instead of me transferring Bitcoin directly to you, the Bitcoin gets transferred to another wallet. Then from that wallet to another wallet and from that wallet to another wallet and from that wallet to a number of another wallet. Now is much more difficult to trace it because I did not have a transaction directly with you. Who is in the middle? That's where things start getting really difficult. But as Russ Ulbricht found out, it is not untraceable. He is behind bars with two life sentences plus 40 years. What they were doing on the silk road is buying and selling pretty much anything you can think of. You could get any hard drug that you wanted there, you could get fake IDs, anything, really, anything, even services that you might want to buy. There are thousands of dealers on the silk road. Over a hundred thousand buyers, according to the civil complaint that was filed on Thursday this week. Last week, actually, the document said that silk road generated a revenue of over 9.5 million Bitcoins and collected commissions from these sales of more than 600,000 Bitcoin. Absolutely amazing. Now you might wonder, okay. Maybe I can buy a pizza with Bitcoin or something elicit with Bitcoin, but how can I use it in the normal world while there are places that will allow you to convert Bitcoin into real dollars and vice versa? In fact, many businesses have bought Bitcoin for one reason and one reason in particular. That reason is insurance. They have bought Bitcoin in case they get ransomware. They just want it to sit in there, to use to pay ransoms. We'll talk more about that. We're turning into the Bitcoin hour, I guess today. we are talking a lot about it right now because it's one of the top questions I get asked. The IRS is saying that they may put a question on your tax return next year, about cryptocurrency specifically Bitcoin. So what's that all about? And by the way, the IRS had a hand in this conviction too. Your listening to Craig Peterson. We just mentioned, gentlemen, I don't know if he's a gentleman, by the name of Ross Ulbricht and he is behind bars for life. He was buying and selling on the. A website called the silk road. In fact, he was the guy running it, according to his conviction and two life terms, plus 40 years seems like a long time. In other words, he's not getting out. The internal revenue service had gotten involved with this as well because you are supposed to pay taxes on any money you earn. That is a very big deal when you're talking about potentially many millions of dollars. So let's figure this out. I'm going to say, some 9.5 million. So 9 million, 500,000. There we go, Bitcoin. What do we want to say? Let's say the average value of that Bitcoins over time, there was about $5,000 apiece. Okay. So let's see times 5,000, Oh wow. That's a big number. It comes back to 47 billion. There you go. $500 million dollars. Almost $50 billion. That's just really rough back of the envelope math. We have no idea. So that's a lot of money to be running through a website. Then the commission that he made on all of those sales is said to have been more than 600,000 Bitcoin. So again, 600,000 times let's say an average price of $5,000 per Bitcoin. So that's saying he probably made about $3 billion gross anyways, on these collected commissions. That is amazing. The IRS criminal investigation arm worked with the FBI to investigate what was happening here as well as, by the way, the secret service. I got a briefing on this from the secret service and these numbers are just staggering, but here's the problem. The guy was sentenced a few years ago. 2015 he was prosecuted successfully. where did all of his money go? His money was sitting there in Bitcoin, in an unencrypted wallet, because part of the idea behind your Bitcoin wallet is there are passcodes and nobody can get at that your wallet information unless they have the passcode. So they might know what your wallet number is, which they did. The secret service and the IRS knew his wallet number, but how can they get at that Bitcoin and the money it represents? They did. This is like something really from one of these, TV shows that I don't watch right there. What is it? NCU? The crime investigator unit CIU or whatever it is on TV. I can't watch those because there's so much stuff they get wrong technically, and I just start screaming at the TV. It's one of those things. What they found is that the wallet hadn't been used in five years. They found that just last week, people who've been watching his Bitcoin wallet number, found that they were about 70,000 Bitcoins transferred from the wallet. So people knew something was going on. Then we ended up having a confirmation. The feds had admitted that it was them. They had gone ahead and they had a hacker get into it. So here's a quote straight from the feds. That was an ARS Technica this week, according to the investigation, individual X was able to hack into silk road and gain unauthorized and illegal access and thereby steal the illicit cryptocurrency from silk road and move it into wallets and individual X controlled. According to the investigation, Ulbricht became aware of individual X's online identity and threatened individual X for the return of the cryptocurrency to Ulbricht. So Ulbricht had his cryptocurrency stolen, which by the way, is if you are dealing with Bitcoin, that is very common, not that it's stolen. It does get stolen and it's not uncommon. It's very common for the bad guys to try and hack into your Bitcoin wallet. That's part of the reason they install key loggers so they can see what the password is to your wallet. So apparently that unknown hacker did not return or spend the Bitcoin, but on Tuesday they signed consent and agreement to forfeiture with the US attorney's office in San Francisco and agreed to turn over the funds to the government. Very complex here. There are a lot of links that the Silkroad founder took to really obfuscate the transfer of the funds. There's tons of forensic expertise that was involved and they eventually unraveled the true origins of Bitcoin. It is absolutely amazing. Earlier this year they used a third-party Bitcoin attribution company to analyze the transactions that had gone through the silk road. They zeroed in on 54 trends and actions, the transferred 70,000 Bitcoins to two specific wallets. I said earlier, by the way, that it was hex, it isn't hex. It's mixed upper lower case. characters as well as numbers. And, so it's a base. What is it? 26, 40, 60 something. The Bitcoin is valued at about $354,000 at the time. I don't know about you. I find this stuff absolutely fascinating. There's a lot of details on how it was all done and they got the money back. So with a cryptocurrency, you're not completely anonymous. As the founder of the silk road finds out. You end up with criminal organizations trying to use it all the time. Just having and using Bitcoin can raise a red flag that you might be part of a criminal organization. So you got to watch that okay. In addition to that, The IRS is looking to find what it is you have made with your Bitcoin transactions because almost certainly those are taxable transactions. If you've made money off of Bitcoin. Now you'd have to talk to your accountant about writing off money that you lost when you sold Bitcoin after it had dropped. I do not own any Bitcoin. I don't. I played with this years ago and I created a wallet. I started doing some mining, trying to just get to know this, so I'm familiar with this. I've done it. I haven't played with it for a long time. If you have made money on Bitcoin and you sold those Bitcoin, or even if you transferred Bitcoin and the profits as Bitcoin, you all money to the IRS. Now the feds have their hands on almost a billion dollars worth of Bitcoin, just from this one guy. that's it for Bitcoin for today. We're going to talk about Uber and Lyft and how they're in the driver's seat right now to maybe remake labor laws in about two or three dozen States almost right away. Are you, or maybe somebody driving for Uber or Lyft, or maybe you've been thinking about it? There are a lot of problems nationwide when it comes to employee status. We're going to talk about the gig economy right now. Hey, thanks for joining me, everybody. You are listening to Craig Peterson. Hey, Uber and Lyft are two companies that I'm sure you've heard of. If you heard about the general category here, it's called the gig economy. The gig economy is where you have people doing small things for you or your business. That's a gig. So during this election season, for instance, I turned somebody on to a site called Fiverr, F I V E R R.com, which is a great site. I've used it many times. I turned them on saying that because they wanted a cartoon drawn there is no better place than to go to Fiverr. Find somebody who has a style you like, and then hire them. It used to be five bucks apiece, nowadays not so much, it could be 20, it could be a hundred, but it is inexpensive. When you hire somebody to do that as a contractor, there are rules and regulations to determine. If you are an employee versus an independent contractor, there are a lot of rules on all of this, including filing 1099s. But can you decide whether or not they are a contractor? So let's look at the rules here. I'm on the IRS website right now and they have some basic categories. So number one, behavioral control, workers, and employee, when the business has the right to direct and control the work performed by the worker. Even if that right is not exercised. Then they give some reasons for behavioral control, like the types of instructions given, when and where to work, the tools to use the degree of instruction. I think the big one is training to work on how to do the job, because frankly, even if you're hiring somebody to do something for you, that takes an hour. You have control over their behavior. But how about an Uber driver or Lyft driver? Are you telling them where to go? Duh, of course, you are. are you telling them, Hey, don't take that road because the Westside highway so busy this time of day, of course, you are? It looks like they might be employees but under behavioral control. Next step financial control. Does the business have a right to direct or control the financial and business aspects of the worker's job, such as significant investment in the equipment they're using unreimbursed expenses, independent contractors, and more likely to incur unreimbursed expenses than employees? there you go. Okay. So no that Uber Lyft driver, that person making the cartoon, I don't have any financial control over their equipment. Relationship. How do the worker and the business perceive their interaction with each other in written contracts? Or describe the relationship? Even if the worker has a contract that says they are a contractor does not mean that they aren't a contractor. By the way, if you're not withholding the taxes and paying them as an employee, and then they don't pay their taxes and the IRS comes coming after somebody they're coming after you as well for all of those that you did not pay taxes on. Then it goes into the consequences of misclassifying an employee goes on. So there are people who could maybe they're an employee, maybe their contractor, but with Uber and Lyft, California decided to put it on the ballot because both Uber and Lyft were saying, we're pulling out of California. California has a state income tax and they want to collect that income tax. Plus California, we're saying, Oh, we care about the drivers. Maybe they do. Maybe they don't. I'm a little jaded on that.I might say because I had a couple of companies out in California, way back in the day. So the California voters had it on the ballot just here. What a week ago? A little more than a week ago, maybe two almost now isn't it. They decided to let Uber and other gig economy companies continue to treat the workers as independent contractors. That is a very big deal. Because now what's happened because of this overwhelming approval of proposition 22, these companies are now exempt from a new employment law that was passed last year in California. So what goes out the window here the well minimum rate of pay, healthcare provisions, et cetera. And by the way, They still can get this minimum pay and healthcare provisions. Okay. They can still get it. It's still mandated out there, but it's absolutely just phenomenal. Apparently, the law that was passed last year was started because these gig people can really cut the cost of something and other people just weren't liking it. Frankly, gig companies also outspent the opposition by a ratio of $10 to $1, which is amazing. 10 to one on. Trying to get this proposition to pass. So it's a very big deal. And what it means is in California, these gig workers are independent contractors, but there's a couple of dozen states that are looking at this, including to our South, or maybe the state you're listening in. If you're listening down in mass right now, but South of where I am. In Massachusetts, the state attorney general has sued Uber and Lyft over worker classification. And this, of course, is going to have nothing to do with what happened in California right now. There are other States who are looking into this right now and you'll be just totally surprised. They're all left-wing States. I'm sure. I hope you were sitting down, New York, Oregon, Washington state, New Jersey, and Illinois. Okay. so we'll see what happens here. The companies have tried to make a good with the unions. Unions, pretty upset about this, good articles. So you might want to look it up online. Now I want to, before this hour is up, talk about ransom payments. I have mentioned before on the show that the department of justice now looks at people and businesses, paying ransomware as supporting terrorist operations. Did you realize that it's like sending money off to Osama Bin Laden, back in the day? Because if you do pay a ransom, the odds are very good that it is going to a terrorist organization. Oh, okay. It could be Iran. Are they terrorists? No, but they do support terrorism, according to the state department. Is Russia terrorist. no, but are they attacking us? Is this okay? Is there an attack of the United States, a terrorist attack? This is bringing up all kinds of really interesting points. One of them is based on arrests that were made about three weeks ago where some hackers were arrested on charges of terrorism. It is affecting insurance as well. I've mentioned before that we can pass on to our clients a million dollars worth of insurance underwritten by Lloyd's of London. Very big deal. But when you dig into all of these different types of insurance policies, we're finding that insurance companies are not paying out on cyber insurance claims, they'll go in and they'll say, you were supposed to do this, that, and the other thing. You didn't do it, so we're not paying. We've seen some massive lawsuits that have been brought by very big, very powerful companies that did not go anywhere, because again they were not following best practices in the industry. So this is now another arrow in the quiver, the insurance companies to say. Wait a minute, you arrested hackers who were trying to put ransomware on machines and did in many cases and charged a ransom. You charge them with terrorism. Therefore, the federal government has acknowledged that hacking is a form of terrorism. Isn't that kind of a big deal now. So it's an act of terrorism. Therefore we don't have to payout. It's just if your home gets bombed during a war, You don't get compensation from the insurance company, and ransomware victims now that pay these bad guys to keep the bad guys from releasing data that they stole from these ransomware victims are finding out that data that was stolen is being released anyways. So here's, what's going on. You get ransomware on your machine. Time was everything's encrypted and you get this nice big red and warning label and you pay your ransom. They give you a key and you have a 50% chance that they are in fact, going to get your data back for you. Nowadays, it has changed in a big way where they will gain control of your computer. They will poke around on your computer. Often an actual person poking around on your computer. They will see if it looks interesting. If it does, they will spread laterally within your company. We call that East-West spread and they'll find documents that are of interest and they will download them from your network, all without your knowledge and once they have them, they'll decide what they're going to charge you as a ransom. So many of these companies, the bad guys. Yeah. They have companies, will ransom your machines by encrypting everything, and the same pay the ransom, get your documents back. Then what'll happen is they will come back to you, maybe under the guise of a different, bad guy, hacker group. They'll come back to you and say, if you don't pay this other ransom, we're going to release all your documents, and you're going to lose your business. Yeah, how's that for change? So paying a ransom is no guarantee against them releasing your files. Hey, we've been talking about how computers are everywhere. What can we expect from our computerized cars? What can we expect from computers? Intel has had a monopoly with Microsoft called the Wintel monopoly. So if you missed part of today's show. Make sure you double-check and also make sure you are on my newsletter list. I'm surprised here how every week I get questions from people and it's great. That's it. I love to help. I was asked when I was about 19 to read this little book and to also to fill out a form that said what I wanted on my headstone. That's it heady question to ask somebody at 19 years of age, but I said that this was pretty short and sweet. I said, "he helped others." Just those three words, because that's what I always wanted to do. That's what I always enjoyed doing. You can probably tell that's why I'm doing what I'm doing right now is to help people stop the bad guys and to make their lives a little bit better in the process, right? That's the whole goal. That's the hope anyway. If you need a little help, all you have to do is reach out. Be glad to help you out. Just email me M E at Craig Peterson dot com. Or if you're on my email list, you'll get all of my weekly articles, everything I talked about here on the show, as well as my during the week little emails that I send out with videos that I've been doing. I've been putting more together. Didn't get any out this week I had planned to, but I probably will get them out next week. I was able to make a couple of this week and we'll queue them up for the coming week, but you'll get all of that. So just go to. Craig peterson.com/subscribe. You'll find everything there. As part of all of that of course, you will also be getting information about the training that I do. I do all kinds of free pieces of training and webinars, and I've got all kinds of reports. One of the most popular ones lately has been my self-audit kit. It's a little tool kit that you can use to audit, your business and see if you are compliant. It's just a PDF that you can take from the email that I send you. If you ask for it, all you have to do is ask for an audit kit, put that in the subject line, and email me@craigpeterson.com and we'll get you going. So I've had a few people who have this week said, Hey, can you help me out? What do I do? I help them out and It turns out when I'm helping them out, they're not even on my email list. So I'll start there. If you're wondering where to start, how to get up to speed a little bit, right? You don't have to know all of this stuff like the back of your hand, but you do have to have the basic understanding. Just go online. And a signup Craig peterson.com/subscribe would love to have you there. Even when we get into ice station zebra weather here coming up in not so long, unfortunately, in the Northeast. When you're thinking about your computer and what to buy. There are a lot of choices. Of course, the big ones nowadays are a little different than they were just a few years ago. Or a couple of years ago, you used to say, am I going to get a Windows computer, or am I going to get a Mac now? I think there's a third choice that's really useful for most people, depends on what you're doing. If what you do is some web browsing, some email, and also might do a couple of things with some video and pictures and organizing you really should look at the third option. Which is a tablet of some sort and that is your iPad. Of course, the number one in the market, these things last a long time. They retain their value. So their higher introductory price isn't really a bad thing. And they're also not that much more expensive when you get right down to it and consider the resale value of them. So have a look at the tablet, but that's really one of the three major choices also today when you're deciding that you might not be aware of it, but you are also deciding what kind of processor you're going to be using. There is a lot of work that's been done going on arm processors. What they are called A R M. I started working with this class of processor, also known as RISC, which is reduced instruction set processors, many years ago, back in the nineties. I think it was when I first started working with RISC machines. But the big difference here is that these are not Intel chips that are in the iPads that are in or our iPhones, they aren't Intel or AMD processors that are in your Android phones or Android tablet. They're all using something that's called ARM architecture. This used to be called advanced RISC machine acorn risk machine. They've been around a while, but ARM is a different type of processor entirely than Intel. the basic Intel design is to try and get as much done with one instruction as possible. So for instance, if you and I decided to meet up for Dunkin donuts, I might say, okay, so we're going to go to the Duncan's on Elm Street, but the one that's South of the main street, and I'll meet you there at about 11 o'clock. And then I gave you some of the directions on how to get to the town, et cetera. And so we meet at dunks and to have a good old time. That would be a RISC architecture, which has reduced instructions. So you can tell it, okay, you get to take a right turn here, take a left turn there. In the computing world, it would be, you have to add this and divide that and then add these and divide those and subtract this. Now to compare my little dunk story. What you end up doing with an Intel processor or what's called a CISC processor, which is a complex instruction set, is we've already been to dunks before that dunks in fact, so all I have to say is I'll meet you at dunks. Usual time. There's nothing else I have to say. So behind all of that is the process of getting into your car, driving down to dunks the right town, the right street, the right dunks, and maybe even ordering. So in a CISC processor, it would try and do all of those things with one instruction. The idea is, let's make it simple for the programmer. So all of the programmers have to do, if the programmer wants to multiply too, double-precision floating-point numbers, the programmer that if he's just dealing with machine-level only has to have one instruction. Now those instructions take up multiple cycles. We can. Get into all the details, but I think I've already got some people glazing over. But these new ARM processors are designed to be blindingly fast is what matters. We can teach a processor how to add, and if we spend our time figuring out how to get that processor to add faster. We end up with ultimately faster chip and that's the theory behind risk or reduced instruction set computers, and it has taken off like wildfire. So you have things like the iPad pro now with an arm chip that's in there designed by Apple. Now they took the basic license with the basic ARM architecture and they've advanced it quite a bit. In fact, but that Ipad processor now is faster than most laptop processors made by Intel or AMD. That is an impressive feat. So when we're looking a little bit forward, we're no longer looking at machines that are just running an Intel instruction set. We're not just going to see, in other words, the Intel and AMD inside stickers on the outside of the computer. Windows 10 machines running on ARM processors are out already. Apple has announced arm based laptops that will be available very soon. In fact, there is a scheduled press conference. I think it's next week by Apple, the 15th. Give or take. Don't hold me to that one, but they're going to have a, probably an announcement of the iPhone 12 and maybe some delivery dates for these new ARM-based laptops. So these laptops are expected to last all day. Really all day. 12 hours worth of working with them, using them. They're expected to be just as fast or faster in some cases as the Intel chips are. So ARM is where things are going. We already have the Microsoft updated surface pro X. That was just announced about two weeks ago, which is ARM-based. We've gotten macs now coming out their ARM base. In fact, I think they're going to have two of them before the end of the year. Both Apple and Microsoft are providing support for x86 apps. So what that means is the programs that you have bought that are designed to run on an Intel architecture will run on these ARM chips. Now, as a rule, it's only the 64-bit processes that are going to work. The 32-bit processes, if you haven't upgraded your software to 64 bits yet you're gonna have to upgrade it before you can do the ARM migration. We're going to see less expensive computers. Arm chips are much cheaper as a whole than Intel. Intel chips are insanely high priced. They are also going to be way more battery efficient. So if you're looking for a new computer. Visual studio code has been updated optimized for windows 10 on ARM. We're going to see more and more of the applications coming out. And it won't be long, a couple of years now, you will have a hard time finding some of the Intel-based software that's out there. "it won't happen to me." That's our next topic. We've got companies who are investing a lot of money to upgrade the technology, to develop security processes, boost it. Staff yet studies are showing that they're overlooking the biggest piece of the puzzle. What is the problem? Employee apathy has been a problem for many businesses for a very long time. Nowadays, employee apathy is causing problems on the cybersecurity front. As we've talked about so many times, cybersecurity is absolutely critical. For any business or businesses are being attacked sometimes hundreds of times, a minute, a second, even believe it or not. Some of these websites come under attack and if we're not paying close attention, we're in trouble. So a lot of companies have decided while they need to boost their it staff. They've got to get some spending in on some of the hardware that's going to make the life. Better. And I am cheering them on. I think both of those are great ideas, but the bottom line problem is there are million-plus open cyber security IT jobs. So as a business, odds are excellent that you won't be able to find the type of person that you need. Isn't that a shame? But I've got some good news for you here. You can upgrade the technology that's going to help. But if you upgrade the technology, make sure you're moving towards, what's called a single pane of glass. You don't want a whole bunch of point solutions. You want something that monitors everything. Pulls all of that knowledge together uses some machine learning and some artificial intelligence and from all of that automatically shuts down attacks, whether they're internal or external, that's what you're looking for. There are some vendors that have various things out there. If you sell to the federal government within three years, you're going to have to meet these new requirements, the CMMC requirements, level three, four, level five, which are substantial. You cannot do it yourself, you have to bring in a cybersecurity expert. Who's going to work with your team and help you develop a plan. I think that's really great, really important, but here's where the good news comes in. You spent an astronomical amount of money to upgrade this technology and get all of these processes in place and you brought in this consultant, who's going to help you out. You boosted your IT staff. But studies are starting to indicate that a lot of these businesses are overlooking the biggest piece of the puzzle, which is their employees. Most of these successful attacks nowadays are better than 60%, it depends on how you're scoring this, but most of the attacks these days come in through your employees. That means that you clicked on a link. One of your employees clicked on a link. If you are a home user, it's exactly the same thing. The bad guys are getting you because you did something that you should not have done. Just go have a look online. If you haven't already make sure you go to have I been poned.com. Poned is spelled PWNED Have a look at it there online and try and see if your email address and passwords that you've been using have already been compromised. Have already been stolen. I bet they have, almost everybody has. Do you know what to do about that? This is part of the audit kit that I'll send to you. If you ask for that. Kind of goes through this and a whole lot of other stuff. But checking to see if your data has been stolen, because now is they use that to trick people. So they know that you go to a particular website that you use a particular email address or password. They might've been able to get into one of these social networks and figure out who your friends are. They go and take that information. Now a computer can do this. They just mine it from a website like LinkedIn, find out who the managers in the company are. And then they send off some emails that look very convincing, and those convincing emails get them to click. That could be the end of it. Because you are going somewhere, you shouldn't go and they're going to trick you into doing something. Knowledge really is the best weapon when it comes to cybersecurity. A lot of companies have started raising awareness among employees. I have some training that we can provide as well. That is very good. It's all video training and it's all tracked. We buy these licenses in big bundles. If you are a small company contact me and I'll see if I can't just sneak you into one of these bundles. Just email me @craigpeterson.com in the subject line, put something like training, bundle, or something. You need to find training for your employees and their training programs need to explain the risk of phishing scams. Those they're the big ones. That's how most of the ransomware it gets into businesses is phishing scams. That's how ransomware gets down to your computers. You also need to have simulations that clarify the steps you need to take when faced with a suspicious email. Again, if you want, I can point you to a free site that Google has on some phishing training and it's really quite good. It walks you through and shows you what the emails might look like and if you want to click or not. But there's a lot of different types of training programs. You've got to make sure that everybody inside your organization or in your, family is educated about cybersecurity. What do you do when you get an email that you suspect might be a phishing email? They need to know that this needs to be forwarded to IT, or perhaps they just tell IT, Hey, it's in my mailbox, if IT has access to their mailbox, so IT can look at it and verify it. You need to have really good email filters, not the type that comes by default with a Microsoft Windows 365 subscription, but something that flags all of this looks for phishing scams, and blocks them. There's been a ton of studies now that are showing that there is a greater awareness of cybersecurity dangers, but the bottom-line problem is that employees are still showing a lax attitude when it comes to practicing even the most basic of cybersecurity prevention methods. TrendMicro, who is a cybersecurity company. We tend to not use their stuff because it's just not as good. But TrendMicro is reporting that despite 72% of employees claim to have gained better cybersecurity awareness during the pandemic 56% still admitted to using a non-work application on a company device. Now that can be extremely dangerous. 66% admitted uploading corporate data to that application. This includes by the way, things like using just regular versions of Dropbox. Do you share files from the office and home? Dropbox does have versions that are all that have all kinds of compliance considerations that do give you security. But by default, the stuff a home user does not get the security you need. They're doing all of this even knowing that their behavior represents a security risk. And I think it boils right down to, it's not going to happen to me. Just apathy and denial. So same thing I've seen, being a security guy for the last 30 years, I've seen over and over, apathy and denial. Don't let it happen to them. By the way, about 50% believe that they could be hacked no matter what protective measures are taken. 43% took the polar opposite. They didn't take the threat seriously at all. 43% didn't believe they could be hacked. We're going to talk about Mac OS is driving cybersecurity rethink. By the way to follow up on that last segment. So Millennials and Generation Z are terrible with security. They keep reusing passwords. They accept connections with strangers. Most of the time. If that's not believable, I don't know what it is. They've grown up in this world of share everything with everyone. What does it matter? Don't worry about it. Yeah. I guess that's the way it goes. Right? Kids these days. Which generation hasn't said that in the past? We were just talking about millennials, generation Z, and the whole, it won't happen to me, employee apathy and we've got to stop that. Even within ourselves, right? We're all employees in some way or another. What does that mean? It means we've got to pay attention. We've' got to pay a lot of attention and that isn't just true in the windows world. Remember we've got to pay attention to our network. You should be upgrading the firmware on your switches, definitely upgrading the software and firmware in your firewalls and in your routers, et cetera. Keep that all up to date. Even as a home user, you've got a switch or more than one. You've got a router. You've got a firewall in many cases that equipment is provided by your ISP internet service provider. If you've got a Comcast line or a FairPoint, whatever, it might be coming into your home, they're providing you with some of that equipment and you know what their top priority is not your security. I know. Shocker. Their top priority is something else. I don't know, but it sure isn't security. What I advise most people to do is basically remove their equipment or have them turn off what's called network address translation. Turn off the firewall and put your own firewall in place. I was on the phone with a lady that had been listening to me for years, and I was helping her out. In fact, we were doing a little security audit because she ran a small business there in her home. I think she was an accountant if I remember right. She had her computer hooked up directly to the internet. She kind of misunderstood what I was saying. I want to make clear what I'm saying here. People should still have a firewall. You still need a router, but you're almost always better off getting a semi-professional piece of hardware. The prosumer side, if you will, something like the Cisco GO hardware and put that in place instead of having the equipment that your ISP is giving you. We've got to keep all of this stuff up to date. Many of us think that Macs are invulnerable, Apple Macintoshes, or Apple iOS devices, like our iPhones and iPads. In many ways they are. They have not been hit as hard as the Windows devices out there. One of the main reasons is they're not as popular. That's what so many people that use Windows say you don't get hit because you're just not as popular. There is some truth to that. However, the main reason is that they are designed from the beginning with security in mind, unlike Windows, that security was an absolute afterthought for the whole thing Don't tell me that it's because of age. Okay. I can hear it right now. People say, well, Mac is much, much newer than Microsoft Windows. Microsoft didn't have to deal with all of this way back when. How I respond to that is, yeah. Microsoft didn't have to deal with it way back when because it wasn't connected to a network and your viruses were coming in via floppy desk. Right? They really were. In fact, the first one came in by researchers. The operating system that Apple uses is much, much, much older than windows and goes back to the late 1960s, early 1970s. So you can't give me that, it is just that they didn't care. They didn't care to consider security at all. Which is something that's still one of my soapbox subjects, if you will. Security matters. When we are talking about your Macs, you still have to consider security on a Mac. It's a little different on a Mac. You're probably want to turn on some things. Like the windows comes with the firewall turned on however it has all of its services wide open. They're all available for anybody to attach to. That's why we have our windows hardening course that goes through, what do you turn off? How do you turn it off? What should you have in the windows firewall? Now the Mac side, all of these services turned off by default, which is way more secure. If they're not there to attack, they're not going to be compromised. Right. They can't even be attacked the first place. So I like that strategy, but you might want to turn on your firewall on your Mac anyways. There are some really neat little features and functions in it. But the amount of malware that's attacking Apple Macintoshes, nowadays, is twice as much as it used to be. We've got these work from home people. We've got IT professionals within the companies, just scrambling to make it so that these people who are working from home can keep working from home. It's likely a permanent thing. It's going to be happening for a long time. But these incidents of malware on the Mac is pretty limited in reality. The malware on a Mac is unlikely to be any sort of ransomware or software that particularly steals things like your Excel files or your Word docs on a Mac, I should say it is much more likely to be outerwear. It's much more likely to be. Adware or some other unwanted programs and that's, what's rising pretty fast on Macs. Mac-based companies are being concerned here about cyber security issues. They are paying more attention to them. They're windows based counterparts have had to deal with a lot of this stuff for a long time because they were targets. So we've got to divide the Mac really into two pieces, just like any other computer. You've got the operating system with its control over things like the network, et cetera. Then you have the programs or applications, right? That is running on that device. So you want to keep both of them secure. The applications that are running on your device, Apple's done a much, much better job of sandboxing them. Making them so that they're less dangerous. The latest release, in fact, Catalina had a lot of security stuff built into that. Microsoft and Windows 10 added a lot more security. So that's all really, really good. Now, if you have to maintain a network of Macs, we like IBM software. They have some great software for managing Macs, but if you want something that's inexpensive and very usable to configure Macs and control the software on them. Have look at JAMF, J A M F. They just had their user's conference this last weekend. They were talking about how the landscape has changed over on the Mac side. All right. We've got one more segment left today and I'm going to talk about these cybersecurity frameworks. What should you be using? If you are a business or a home user, what are those checkboxes that you absolutely have to have to use? You might've heard about cybersecurity frameworks? Well, the one that's most in use right now is the NIST cybersecurity framework that helps guide you through the process of securing your business or even securing your home. That's our topic. It's a great time to be out on the road and kind of checking in. We've got security threats that have been growing quite literally. Exponentially. They are really making a lot of money by extorting it from us, stealing it from us. It's nothing but frustration to us. It's never been more important to put together an effective cybersecurity risk management policy. That's true if you're a home user and you've got yourself and your spouse and a kid or two in the home. Have a policy and put it together. That's where NIST comes in handy. NIST is the National Institute of standards and technology they've been around a long time. They've been involved in cryptography. These are the guys and gals that give us accurate clocks. In fact, we run two clocks here that we have for our clients, which are hyper-accurate. It's crazy it down to the millionth of a second. It's just amazing. That's who NIST is. They've put all these standards together for a very, very long time, but just before March, this year, It was reported that about 46 percent of businesses had suffered cyber attacks in 2019. That was up 10% from the year before. Of course, we've all been worried about the Wuhan virus, people getting COVID-19, it is a problem. The biggest part of the problem is everybody's worried about it. Nobody wants to go to work. They don't want to go out to a restaurant. They don't want to do any of these things. You as a business owner are worried about how do you keep your business doors open? How do you provide services to the customers you have when your employees won't come in or cooperate or were paid more to stay at home than they would be to come back to work. I get it right. I know I'm in the same boat. Well, because of that we just have not been paying attention to some of the things we should be doing. One of the main ways that business people can measure their preparedness and their progress in managing cyber security-related risks, is to use the cybersecurity framework that is developed by NIST. It is a great framework. It provides you with different levels. The higher-end, the framework that is used by military contractors. Nowadays, we've been helping businesses conform to what's called NIST 800-171 and 800-53 High, which are both important and cybersecurity standards. So if you really, really, really need to be secure, are those are the ones you're going to be going with. Right now, no matter how much security you need I really would recommend you checking it out. I can send you information on the NIST framework. I have a little flow chart. I can send you to help to figure out what part of the framework should you be complying with. It also helps you figure out if you by law need to be complying with parts of the framework. It will really help you. It's well thought out. It's going to make you way more efficient as you try and put together and execute your cyber risk management policy. Remember cyber risk, isn't just for the software that you're running, or the systems you're running. It's the people, it includes some physical security as well. Now President Trump has been very concerned about it. I'm sure you've heard about it in the news. As he's talked about problems with TicTok and with Huawei and some of these other manufacturers out there. Huawei is a huge problem. Just absolutely huge. One of these days I can give you the backstory on that, but how they completely destroyed one of the world leaders in telecommunications technology by stealing everything they had. Yeah. It's a very sad story company you may have heard of, founded over a hundred years ago. They're non-regulatory but they do publish guides that are used in regulations. So have a look at them, keep an eye on them. They have to help federal agencies as well. Meet the requirements is something called the federal information security management act called FISMA and that relates to the protection of government information and assets. So if you are a contractor to the federal government, pretty much any agency, you have physical requirements. So think about that. Who do you sell things to? When you're also dealing with the federal government they look at everything that you're doing and say, are you making something special for us? If you are, there are more and higher standards that you have to meet as well. It just goes on and on, but this framework was created by NIST ratified by Congress in 2014. It's used by over 30% of businesses in the US and will probably be used by 50% of businesses in the US this year. So if you're not using them you might want to have a look at them. It's big companies like JP Morgan, Chase, Microsoft, Boeing, and Intel who meet a much higher standard than most businesses need to meet. For a lot of businesses all you need to meet is what's called the CMMC one standard. You'll find that at NIST as well. And there are much higher levels than that up to level five, which is just, wow. All of the stuff that you have to keep secured looks like military level or better, frankly security. There are other overseas companies that are using it too, by the way in England, in Japan, Canada, many of them. I'm looking at the framework right now. The basic framework is to identify, protect, detect, respond, and recover. Those are the main parts of it. That's you have to do as a business in order to stay in business in this day and age, they get into it in a lot more detail. They also have different tiers for different tiers that you can get involved in. Then subcategories. I have all of this framework as part of our audit kit that I'll send out to anybody that asks for it that's a listener. All you have to do is send an email to me, M E @craigpeterson.com, and then the subject line, just say audit kit and I'll get back to you. I'll email that off to it's a big PDF. You can also go to NIST in the online world and find what they have for you. Just go to NIST, N I S T.gov, The National Institute of Standards and Technology, and you'll see right there, cybersecurity framework, it's got all of the stuff there. You can learn more here if you want. If you're new to the framework they've got online learning. They are really working hard to try and secure businesses and other organizations here in the U S and as I said used worldwide. It's hyper, hyper important. It's the same framework that we rely on in order to protect our information and protect our customer's information. So NIST, N I S T.gov, check it out. If you missed it today, you're going to want to check out the podcast. Now you can find the podcast on any of your favorite podcasting platforms. It is such a different world. Isn't it? We started out today talking about our cars. Our cars now are basically big mechanical devices ever so complex with computers, controlling them. But the cars of tomorrow that are being built by Tesla and other companies, those cars are absolutely amazing as well, but they're frankly, more computer than they are mechanical car. So what should we expect from these cars? I'm talking about longevity here. We expect a quarter-million miles from our cars today. Some of these electric vehicles may go half a million or even a million miles in the future. When they do that, can we expect that? Our computers get operating system updates and upgrades, for what five years give or take? If you have an Android phone, you're lucky if you get two years' worth of updates. Don't use Android, people. It's just not secure. How about our cars? How long should we expect updates for the firmware in our cars? So that's what we talked about first, today. Ring has a new security camera that is absolutely cool. It's called the always home cam. I talked about it earlier. It is a drone that flies around inside your house and ties into other Ring equipment. I think it's absolutely phenomenal and it's not quite out yet, but I'll let you know more about that. If you get ransomware and you pay the ransom, the feds are saying now that you are supporting terrorist organizations. You might want to be careful because they are starting to knock on doors, and there's jail time behind some of these things. So watch it when it comes ransomware and a whole lot more as well. So make sure you visit me online. Go to Craig peterson.com/subscribe. It's very important that you do that and do that now. So you'll get my weekly newsletter. I've got some special gifts, including security, reboot stuff that I'll send to you right away. Craig peterson.com/subscribe. --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553
Craig discusses the new firmware architecture being used in the newer computers and laptops and why this architecture is preferred. For more tech tips, news, and updates, visit - CraigPeterson.com --- Right To Repair Or A Fight For Survival? Ring’s latest security camera is a drone that flies around inside your house Malware Attacks Declined But Became More Evasive in Q2 Elon Musk reveals plans to slash electric battery costs, build $25,000 Tesla Paying ransomware demands could land you in hot water with the feds Windows 10 machines running on ARM will be able to emulate x64 apps soon 'It Won't Happen to Me': Employee Apathy Prevails Despite Greater Cybersecurity Awareness Rise in Remote MacOS Workers Driving Cybersecurity 'Rethink' A Guide to the NIST Cybersecurity Framework --- Automated Machine-Generated Transcript: Hey, we've been talking about how computers are everywhere. What can we expect from our computerized cars? What can we expect from computers? Intel has had a monopoly with Microsoft called the Wintel monopoly. Hi everybody. You're listening to Craig Peterson. So if you missed part of today's show. Make sure you double-check and also make sure you are on my newsletter list. I'm surprised here how every week I get questions from people and it's great. That's it. I love to help. I was asked when I was about 19 to read this little book and to also to fill out a form that said what I wanted on my headstone. That's it heady question to ask somebody at 19 years of age, but I said that this was pretty short and sweet. I said, "he helped others." Just those three words, because that's what I always wanted to do. That's what I always enjoyed doing. You can probably tell that's why I'm doing what I'm doing right now is to help people stop the bad guys and to make their lives a little bit better in the process, right? That's the whole goal. That's the hope anyway. If you need a little help, all you have to do is reach out. Be glad to help you out. Just email me M E at Craig Peterson dot com. Or if you're on my email list, you'll get all of my weekly articles, everything I talked about here on the show, as well as my during the week little emails that I send out with videos that I've been doing. I've been putting more together. Didn't get any out this week I had planned to, but I probably will get them out next week. I was able to make a couple of this week and we'll queue them up for the coming week, but you'll get all of that. So just go to. Craig peterson.com/subscribe. You'll find everything there. As part of all of that of course, you will also be getting information about the training that I do. I do all kinds of free training and webinars, and I've got all kinds of reports. One of the most popular ones lately has been my self-audit kit. It's a little tool kit that you can use to audit it, your business and see if you are compliant. It's just a PDF that you can take from the email that I send you. If you ask for it, all you have to do is ask for an audit kit, put that in the subject line, and email me@craigpeterson.com and we'll get you going. So I've had a few people who have this week said, Hey, can you help me out? What do I do? I help them out. It turns out when I'm helping them out, they're not even on my email list. So I'll start there. If you're wondering where to start, how to get up to speed a little bit, right? You don't have to know all of this stuff like the back of your hand, but you do have to have the basic understanding. Just go online. And a sign-up Craig peterson.com/subscribe would love to have you there. Even when we get into the ice station zebra weather here coming up in not so long, unfortunately, in the Northeast. When you're thinking about your computer and what to buy. There are a lot of choices. Of course, the big ones nowadays are a little different than they were just a few years ago. Or a couple of years ago, you used to say, am I going to get a Windows computer, or am I going to get a Mac now? I think there's a third choice that's really useful for most people, depends on what you're doing. If what you do is some web browsing, some email, and also might do a couple of things with some video and pictures and organizing you really should look at the third option. Which is a tablet of some sort and that is your iPad. Of course, the number one in the market, these things last a long time. They retain their value. So their higher introductory price isn't really a bad thing. And they're also not that much more expensive when you get right down to it and consider the resale value of them. So have a look at the tablet, but that's really one of the three major choices also today when you're deciding that you might not be aware of it, but you are also deciding what kind of processor you're going to be using. There is a lot of work that's been done going on arm processors. What they are called A R M. I started working with this class of processor, also known as RISC, which is reduced instruction set processors, many years ago, back in the nineties. I think it was when I first started working with RISC machines. But the big difference here is that these are not Intel chips that are in the iPads that are in or our iPhones, they aren't Intel or AMD processors that are in your Android phones or Android tablet. They're all using something that's called ARM architecture. This used to be called advanced risc machine acorn risk machine. They've been around a while, but ARM is a different type of processor entirely then Intel. the basic Intel design is to try and get as much done with one instruction as possible. So for instance, if you and I decided to meet up at a Dunkin donuts, I might say, okay, so we're going to go to the Duncan's on Elm Street, but the one that's South of Main Street, and I'll meet you there at about 11 o'clock. And then I gave you some of the directions on how to get to the town, et cetera. And so we meet at dunks and to have a good old time. That would be a RISC architecture, which has reduced instructions. So you can tell it, okay, you get to take a right turn here, take a left turn there. In the computing world, it would be, you have to add this and divide that and then add these and divide those and subtract this. Now to compare my little dunk story. What you end up doing with an Intel processor or what's called a CISC processor, which is a complex instruction set, is we've already been to dunks before that dunks in fact, so all I have to say is I'll meet you at dunks. Usual time. There's nothing else I have to say. So behind all of that is the process of getting into your car, driving down to dunks the right town, the right street, the right dunks, and maybe even ordering. So in a CISC processor, it would try and do all of those things with one instruction. The idea is, let's make it simple for the programmer. So all of the programmers have to do if the programmer wants to multiply two double-precision floating-point numbers, the programmer that if he's just dealing with machine-level only has to have one instruction. Now those instructions take up multiple cycles. We can. Get into all the details, but I think I've already got some people glazing over. But these new ARM processors are designed to be blindingly fast is what matters. We can teach a processor how to add, and if we spend our time figuring out how to get that processor to add faster. We end up with ultimately faster chip and that's the theory behind risk or reduced instruction set computers, and it has taken off like wildfire. So you have things like the iPad pro now with an arm chip that's in there designed by Apple. Now they took the basic license with the basic ARM architecture and they've advanced it quite a bit. In fact, but that Ipad processor now is faster than most laptop processors made by Intel or AMD. That is an impressive feat. So when we're looking a little bit forward, we're no longer looking at machines that are just running an Intel instruction set. We're not just going to see, in other words, the Intel and AMD inside stickers on the outside of the computer. Windows 10 machines running on ARM processors are out already. Apple has announced arm based laptops that will be available very soon. In fact, there is a scheduled press conference. I think it's next week by Apple, the 15th. Give or take. Don't hold me to that one, but they're going to have a, probably an announcement of the iPhone 12 and maybe some delivery dates for these new ARM-based laptops. So these laptops are expected to last all day. Really all day. 12 hours worth of working with them, using them. They're expected to be just as fast or faster in some cases as the Intel chips are. So ARM is where things are going. We already have the Microsoft updated surface pro X. That was just announced about two weeks ago, which is ARM-based. We've gotten macs now coming out with their ARM-based versions. In fact, I think they're going to have two of them before the end of the year. Both Apple and Microsoft are providing support for x86 apps. So what that means is the programs that you have bought that are designed to run on an Intel architecture will run on these ARM chips. Now, as a rule, it's only the 64-bit processes that are going to work. The 32-bit processes, if you haven't upgraded your software to 64 bits yet you're gonna have to upgrade it before you can do the ARM migration. We're going to see less expensive computers. Arm chips are much cheaper as a whole than Intel. Intel chips are insanely high priced. They are also going to be way more battery efficient. So if you're looking for a new computer. Visual studio code has been updated optimized for windows 10 on ARM. We're going to see more and more of the applications coming out. And it won't be long, a couple of years now, you will have a hard time finding some of the Intel-based software that's out there. Hey, you're listening to Craig Peterson. Stick around. Cause we'll be right back and "it won't happen to me." That's our next topic. --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553
Microsoft releases a CU for Windows 10 version 20H2. Right. It's "done."Meanwhile, let's check in on 2004. New and fixed bug list updatedNew Dev Channel (Fast Ring) build has fixes, sound setting tweaksThe Passing of Wintel? Jean-Louis Gassée makes one big mistake in his push for ARM on the desktop.Related: ARM pricing is going upIt turns out most Surface PCs are still blocked from getting Windows 10 version 2004Semi-related: Thanks to COVID stay-at-home orders, PC sales grew 7.1 percent in Q2Microsoft announces 3 million features for four different versions of OutlookMicrosoft is retiring OneDrive FetchMicrosoft and Citrix expand their partnership. But what's really new here?Here comes Microsoft Consulting (and some layoffs)Microsoft spins off creepy chatbotMicrosoft talks up Xbox Series X storage tech Tip of the week: A workaround for OneDrive Fetch. A lot of people are outraged by Microsoft killing OneDrive Fetch. But it's not that big a deal if you know about another OneDrive feature.App pick of the week: Stardock Curtains. It's like Windowblinds on steroids, for Windows 10. Plus: Don't forget, Halo 3 is out on PC! And: Microsoft Launcher v6 is a big upgradeEnterprise pick of the week: Microsoft Inspire is next week. Microsoft's annual partner show is next week. There's usually some decent tech news unveiled at Inspire, along with strategy updates. It starts Tuesday with partner program announcements. Nadella, Smith, Julia White, Jared Spataro, and other product folks are speaking Wed. The keynotes seem to be open to anyone to stream: https://partner.microsoft.com/en-US/inspire/Codename pick of the week: Portmeirion. Project Portmeirion aims to explore hardware-software co-design for security in the Azure general-purpose compute stack. (thanks, Walking Cat). It's part of Microsoft's confidential computing push. And Portmeirion is a village in Wales, for those wondering.Beer pick of the week: The Bruery The Brite: Hibiscus Lime. A fun pink sour that's only 75 cals. It's a sour blonde ale that almost doesn't taste like a beer at all. It's from the excellent folks at The Bruery Terreux in Anaheim: https://www.thebruery.com/beer/brite-hibiscus-lime Hosts: Leo Laporte, Mary Jo Foley, and Paul Thurrott Download or subscribe to this show at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com Check out Mary Jo's blog at AllAboutMicrosoft.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: LastPass.com/twit GetRoman.com/WINDOWS
Microsoft releases a CU for Windows 10 version 20H2. Right. It's "done."Meanwhile, let's check in on 2004. New and fixed bug list updatedNew Dev Channel (Fast Ring) build has fixes, sound setting tweaksThe Passing of Wintel? Jean-Louis Gassée makes one big mistake in his push for ARM on the desktop.Related: ARM pricing is going upIt turns out most Surface PCs are still blocked from getting Windows 10 version 2004Semi-related: Thanks to COVID stay-at-home orders, PC sales grew 7.1 percent in Q2Microsoft announces 3 million features for four different versions of OutlookMicrosoft is retiring OneDrive FetchMicrosoft and Citrix expand their partnership. But what's really new here?Here comes Microsoft Consulting (and some layoffs)Microsoft spins off creepy chatbotMicrosoft talks up Xbox Series X storage tech Tip of the week: A workaround for OneDrive Fetch. A lot of people are outraged by Microsoft killing OneDrive Fetch. But it's not that big a deal if you know about another OneDrive feature.App pick of the week: Stardock Curtains. It's like Windowblinds on steroids, for Windows 10. Plus: Don't forget, Halo 3 is out on PC! And: Microsoft Launcher v6 is a big upgradeEnterprise pick of the week: Microsoft Inspire is next week. Microsoft's annual partner show is next week. There's usually some decent tech news unveiled at Inspire, along with strategy updates. It starts Tuesday with partner program announcements. Nadella, Smith, Julia White, Jared Spataro, and other product folks are speaking Wed. The keynotes seem to be open to anyone to stream: https://partner.microsoft.com/en-US/inspire/Codename pick of the week: Portmeirion. Project Portmeirion aims to explore hardware-software co-design for security in the Azure general-purpose compute stack. (thanks, Walking Cat). It's part of Microsoft's confidential computing push. And Portmeirion is a village in Wales, for those wondering.Beer pick of the week: The Bruery The Brite: Hibiscus Lime. A fun pink sour that's only 75 cals. It's a sour blonde ale that almost doesn't taste like a beer at all. It's from the excellent folks at The Bruery Terreux in Anaheim: https://www.thebruery.com/beer/brite-hibiscus-lime Hosts: Leo Laporte, Mary Jo Foley, and Paul Thurrott Download or subscribe to this show at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com Check out Mary Jo's blog at AllAboutMicrosoft.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: LastPass.com/twit GetRoman.com/WINDOWS
Microsoft releases a CU for Windows 10 version 20H2. Right. It's "done."Meanwhile, let's check in on 2004. New and fixed bug list updatedNew Dev Channel (Fast Ring) build has fixes, sound setting tweaksThe Passing of Wintel? Jean-Louis Gassée makes one big mistake in his push for ARM on the desktop.Related: ARM pricing is going upIt turns out most Surface PCs are still blocked from getting Windows 10 version 2004Semi-related: Thanks to COVID stay-at-home orders, PC sales grew 7.1 percent in Q2Microsoft announces 3 million features for four different versions of OutlookMicrosoft is retiring OneDrive FetchMicrosoft and Citrix expand their partnership. But what's really new here?Here comes Microsoft Consulting (and some layoffs)Microsoft spins off creepy chatbotMicrosoft talks up Xbox Series X storage tech Tip of the week: A workaround for OneDrive Fetch. A lot of people are outraged by Microsoft killing OneDrive Fetch. But it's not that big a deal if you know about another OneDrive feature.App pick of the week: Stardock Curtains. It's like Windowblinds on steroids, for Windows 10. Plus: Don't forget, Halo 3 is out on PC! And: Microsoft Launcher v6 is a big upgradeEnterprise pick of the week: Microsoft Inspire is next week. Microsoft's annual partner show is next week. There's usually some decent tech news unveiled at Inspire, along with strategy updates. It starts Tuesday with partner program announcements. Nadella, Smith, Julia White, Jared Spataro, and other product folks are speaking Wed. The keynotes seem to be open to anyone to stream: https://partner.microsoft.com/en-US/inspire/Codename pick of the week: Portmeirion. Project Portmeirion aims to explore hardware-software co-design for security in the Azure general-purpose compute stack. (thanks, Walking Cat). It's part of Microsoft's confidential computing push. And Portmeirion is a village in Wales, for those wondering.Beer pick of the week: The Bruery The Brite: Hibiscus Lime. A fun pink sour that's only 75 cals. It's a sour blonde ale that almost doesn't taste like a beer at all. It's from the excellent folks at The Bruery Terreux in Anaheim: https://www.thebruery.com/beer/brite-hibiscus-lime Hosts: Leo Laporte, Mary Jo Foley, and Paul Thurrott Download or subscribe to this show at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com Check out Mary Jo's blog at AllAboutMicrosoft.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: LastPass.com/twit GetRoman.com/WINDOWS
Microsoft releases a CU for Windows 10 version 20H2. Right. It's "done."Meanwhile, let's check in on 2004. New and fixed bug list updatedNew Dev Channel (Fast Ring) build has fixes, sound setting tweaksThe Passing of Wintel? Jean-Louis Gassée makes one big mistake in his push for ARM on the desktop.Related: ARM pricing is going upIt turns out most Surface PCs are still blocked from getting Windows 10 version 2004Semi-related: Thanks to COVID stay-at-home orders, PC sales grew 7.1 percent in Q2Microsoft announces 3 million features for four different versions of OutlookMicrosoft is retiring OneDrive FetchMicrosoft and Citrix expand their partnership. But what's really new here?Here comes Microsoft Consulting (and some layoffs)Microsoft spins off creepy chatbotMicrosoft talks up Xbox Series X storage tech Tip of the week: A workaround for OneDrive Fetch. A lot of people are outraged by Microsoft killing OneDrive Fetch. But it's not that big a deal if you know about another OneDrive feature.App pick of the week: Stardock Curtains. It's like Windowblinds on steroids, for Windows 10. Plus: Don't forget, Halo 3 is out on PC! And: Microsoft Launcher v6 is a big upgradeEnterprise pick of the week: Microsoft Inspire is next week. Microsoft's annual partner show is next week. There's usually some decent tech news unveiled at Inspire, along with strategy updates. It starts Tuesday with partner program announcements. Nadella, Smith, Julia White, Jared Spataro, and other product folks are speaking Wed. The keynotes seem to be open to anyone to stream: https://partner.microsoft.com/en-US/inspire/Codename pick of the week: Portmeirion. Project Portmeirion aims to explore hardware-software co-design for security in the Azure general-purpose compute stack. (thanks, Walking Cat). It's part of Microsoft's confidential computing push. And Portmeirion is a village in Wales, for those wondering.Beer pick of the week: The Bruery The Brite: Hibiscus Lime. A fun pink sour that's only 75 cals. It's a sour blonde ale that almost doesn't taste like a beer at all. It's from the excellent folks at The Bruery Terreux in Anaheim: https://www.thebruery.com/beer/brite-hibiscus-lime Hosts: Leo Laporte, Mary Jo Foley, and Paul Thurrott Download or subscribe to this show at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com Check out Mary Jo's blog at AllAboutMicrosoft.com The Windows Weekly theme music is courtesy of Carl Franklin. Sponsors: LastPass.com/twit GetRoman.com/WINDOWS
Podcast: Play in new window | Download28:45 – A discussion about feline creatures liking me despite having never owned one… turned into a rant about desktop software quality, remembering Wintel and desktop Java, running OpenZFS on FreeBSD and NetBSD with cgd, BSD on an iBook back in the day, being burned by btrfs, BSDCan comments about home labs now being production, and wandering outside in beautifully-mild winter weather.Recorded in Sydney, Australia. Licence for this track: Creative Commons Attribution 3.0. Attribution: Ruben Schade.Released June 2020 on The Overnightscape Underground, an Internet talk radio channel focusing on a freeform monologue style, with diverse and fascinating hosts; this one notwithstanding.Subscribe with iTunes, Pocket Casts, Overcast or add this feed to your podcast client.This post originally appeared on Rubenerd.
Today we're going to look at an operating system from the 80s and 90s called OS/2. OS/2 was a bright shining light for a bit. IBM had a task force that wanted to build a personal computer. They'd been watching the hobbyists for some time and felt they could take off the shelf parts and build a PC. So they did.. But they needed an operating system. They reached out to Microsoft in 1980, who'd been successful with the Altair and so seemed a safe choice. By then, IBM had the IBM Entry Systems Division based out of their Boca Raton, Florida offices. The open architecture allowed them to ship fast. And it afforded them the chance to ship a computer with, check this out, options for an operating system. Wild idea, right? The options initially provided were CP/M and PC DOS, which was MS-DOS ported to the IBM open architecture. CP/M sold for $240 and PC DOS sold for $40. PC DOS had come from Microsoft's acquisition of 86-DOS from Seattle Computer Products. The PC shipped in 1981, lightning fast for an IBM product. At the time Apple, Atari, Commodore, and were in control of the personal computer market. IBM had dominated the mainframe market for decades and once the personal computer market reached $100 million dollars in sales, it was time to go get some of that. And so the IBM PC would come to be an astounding success and make it not uncommon to see PCs on people's desks at work or even at home. And being that most people didn't know a difference, PC DOS would ship on most. By 1985 it was clear that Microsoft had entered and subsequently dominated the PC market. And it was clear that due to the open architecture that other vendors were starting to compete. And after 5 years of working together on PC DOS and 3 versions later, Microsoft and IBM signed a Joint Development Agreement and got to work on the next operating system. One they thought would change everything and set IBM PCs up to dominate the market for decades to come. Over that time, they'd noticed some gaps in DOS. One of the most substantial is that after the projects and files got too big, they became unwieldy. They wanted an object oriented operating system. Another is protected mode. The 286 chips from Intel had protected mode dating back to 1982 and IBM engineers felt they needed to harness that in order to get multi-tasking safely and harness virtual memory to provide better support for all these crazy new windowing things they'd learned with their GUI overlay to DOS called TOPview. So after the Joint Development agreement was signed , IBM let Ed Iacobucci lead the charge on their side and Microsoft had learned a lot from their attempts at a windowing operating system. The two organizations borrowed ideas from all the literature and Unix and of course the Mac. And really built a much better operating system than anything available at the time. Microsoft had been releasing Windows the whole time. Windows 1 came in 1985 and Windows 2 came in 1987, the same year OS/2 1.0 was released. In fact, one of the most dominant PC models to ever ship, the PS/2 computer, would ship that year as well. The initial release didn't have a GUI. That wouldn't come until version 1.1 nearly a year later in 1988. SNA shipped to interface with IBM mainframes in that release as well. And TCP/IP and Ethernet would come in version 1.2 in 1989. During this time, Microsoft steadily introduced new options in Windows and claimed both publicly and privately in meetings with IBM that OS/2 was the OS of the future and Windows would some day go away. They would release an extended edition that included a built-in database. Based on protected mode developers didn't have to call the BIOS any more and could just use provided APIs. You could switch the foreground application using control-escape. In Windows that would become Alt-Tab. 1.2 brought the hpfs file system, bringing longer file names, a journaled file system to protect against data loss during crashes, and extended attributes, similar to how those worked on the Mac. But many of the features would ship in a version of Windows that would be released just a few months before. Like that GUI. Microsoft's presentation manager came in Windows 2.1 just a few months before OS/2 1.1. Microsoft had an independent sales team. Every manufacturer that bundled Windows meant there were more drivers for Windows so a wider variety of hardware could be used. Microsoft realized that DOS was old and building on top of DOS was going to some day be a big, big problem. They started something similar to what we'd call a fork today of OS/2. And in 1988 they lured Dave Cutler from Digital who had been the architect of the VMS operating system. And that moment began the march towards a new operating system called NT, which borrowed much of the best from VMS, Microsoft Windows, and OS/2 - and had little baggage. Microsoft was supposed to make version 3 of OS/2 but NT OS/2 3.0 would become just Windows NT when Microsoft stopped developing on OS/2. It took 12 years, because um, they had a loooooot of customers after the wild success of first Windows 3 and then Windows 95, but eventually Cutler's NT would replace all other operating systems in the family with the release of Windows 2000. But by 1990 when Microsoft released Windows 3 they sold millions of copies. Due to great OEM agreements they were on a lot of computers that people bought. The Joint Development Agreement would finally end. IBM had enough of what they assumed meant getting snowed by Microsoft. It took a couple of years for Microsoft to recover. In 1992, the war was on. Microsoft released Windows 3.1 and it was clear that they were moving ideas and people between the OS/2 and Windows teams. I mean, the operating systems actually looked a lot alike. TCP/IP finally shipped in Windows in 1992, 3 years after the companies had co-developed the feature for OS/2. But both would go 32 bit in 1992. OS /2 version 2.0 would also ship, bringing a lot of features. And both took off the blinders thinking about what the future would hold. Microsoft with Windows 95 and NT on parallel development tracks and IBM launched multiple projects to find a replacement operating system. They tried an internal project, Workstation OS, which fizzled. IBM did the unthinkable for Workplace OS. They entered into an alliance with Apple, taking on a number of Apple developers who formed what would be known as the Pink team. The Pinks moved into separate quarters and formed a new company called Taligent with Apple and IBM backing. Taligent planned to bring a new operating system to market in the mid-1990s. They would laser focus on PowerPC chips thus abandoning what was fast becoming the WinTel world. They did show Workspace OS at Comdex one year, but by then Bill Gates was all to swing by the booth knowing he'd won the battle. But they never shipped. By the mid-90s, Taligent would be rolled into IBM and focus on Java projects. Raw research that came out of the project is pretty pervasive today though. Those was an example of a forward looking project, though - and OS/2 continued to be developed with OS/2 Warp (or 3) getting released in 1994. It included IBM Works, which came with a word processor that wasn't Microsoft Word, a spreadsheet that wasn't Microsoft Excel, and a database that wasn't Microsoft Access. Works wouldn't last past 1996. After all, Microsoft had Charles Simony by then. He'd invented the GUI word processor at Xerox PARC and was light years ahead of the Warp options. And the Office Suite in general was gaining adoption fast. Warp was faster than previous releases, had way more options, and even browser support for early Internet adopters. But by then Windows 95 had taken the market by storm and OS/2 would see a rapidly declining customer base. After spending nearly a billion dollars a year on OS development, IBM would begin downsizing once the battle with Microsoft was lost. Over 1,300 people. And as the number of people dropped, defects with the code grew and the adoption dropped even faster. OS/2 would end in 2001. By then it was clear that IBM had lost the exploding PC market and that Windows was the dominant operating system in use. IBM's control of the PC had slowly eroded and while they eeked out a little more profit from the PC, they would ultimately sell the division that built and marketed computers to Lenovo in 2005. Lenovo would then enjoy the number one spot in the market for a long time. The blue ocean had resulted in lower margins though, and IBM had taken a different, more services-oriented direction. OS/2 would live on. IBM discontinued support in 2006. It should have probably gone fully open source in 2005. It had already been renamed and rebranded as eComStation first by an IBM Business Partner called Serenity. It would go opensource(ish) and openoffice.org would be included in version two in 2010. Betas of 2.2 have been floating around since 2013 but as with many other open source compilations of projects, it seems to have mostly fizzled out. Ed Iacobucci would go on to found or co-found other companies, including Citrix, which flourishes to this day. So what really happened here. It would be easy, but an over-simplification to say that Microsoft just kinda' took the operating system. IBM had a vision of an operating system that, similar to the Mac OS, would work with a given set of hardware. Microsoft, being an independent software developer with no hardware, would obviously have a different vision, wanting an operating system that could work with any hardware - you know, the original open architecture that allowed early IBM PCs to flourish. IBM had a big business suit and tie corporate culture. Microsoft did not. IBM employed a lot of computer scientists. Microsoft employed a lot of hackers. IBM had a large bureaucracy, Microsoft could build an operating system like NT mostly based on hiring a single brilliant person and rapidly building an elite team around them. IBM was a matrixed organization. I've been told you aren't an enterprise unless you're fully matrixed. Microsoft didn't care about all that. They just wanted the marketshare. When Microsoft abandoned OS/2, IBM could have taken the entire PC market from them. But I think Microsoft knew that the IBM bureaucracy couldn't react quickly enough at an extremely pivotal time. Things were moving so fast. And some of the first real buying tornados just had to be reacted to at lightning speeds. These days we have literature and those going through such things can bring in advisors or board members to help them. Like the roles Marc Andreeson plays with Airbnb and others. But this was uncharted territory and due to some good, shrewd and maybe sometimes downright bastardly decisions, Microsoft ended up leap-frogging everyone by moving fast, sometimes incurring technical debt that would take years to pay down, and grabbing the market at just the right time. I've heard this story oversimplified in one word: subterfuge. But that's not entirely fair. When he was hired in 1993, Louis Gerstner pivoted IBM from a hardware and software giant into a leaner services organization. One that still thrives today. A lot of PC companies came and went. And the PC business infused IBM with the capital to allow the company to shoot from $29 billion in revenues to $168 billion just 9 years later. From the top down, IBM was ready to leave red oceans and focus on markets with fewer competitors. Microsoft was hiring the talent. Picking up many of the top engineers from the advent of interactive computing. And they learned from the failures of the Xeroxes and Digital Equipments and IBMs of the world and decided to do things a little differently. When I think of a few Microsoft engineers that just wanted to build a better DOS sitting in front of a 60 page refinement of how a feature should look, I think maybe I'd have a hard time trying to play that game as well. I'm all for relentless prioritization. And user testing features and being deliberate about what you build. But when you see a limited window, I'm OK acting as well. That's the real lesson here. When the day needs seizing, good leaders will find a way to blow up the establishment and release the team to go out and build something special. And so yah, Microsoft took the operating system market once dominated by CP/M and with IBM's help, established themselves as the dominant player. And then took it from IBM. But maybe they did what they had to do… Just like IBM did what they had to do, which was move on to more fertile hunting grounds for their best in the world sales teams. So tomorrow, think of bureaucracies you've created or had created to constrain you. And think of where they are making the world better vs where they are just giving some controlling jackrabbit a feeling of power. And then go change the world. Because that is what you were put on this planet to do. Thank you so much for listening in to this episode of the history of computing podcast. We are so lucky to have you.
We're often asked about the Business Impact Analysis (BIA) process, a part of the Business Continuity lifecycle, and how that should be structured within an organization. Over the next two episodes, we'll take a look at the BIA, starting with the traditional business impact analysis process, followed by a look next week at the trend towards not doing the BIA at all. In this episode of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser and Senior Consultant Jennifer Otremba talk through the traditional business impact analysis process. Topics discussed include how to structure the BIA process, how to use the results, connections to the ISO 22301 and 22317 standards, and some of our lessons learned from conducting the BIA at multiple clients over the years. //static.leadpages.net/leadboxes/current/embed.js Episode Transcript Bryan Strawser: We're going to put on our business continuity and disaster recovery hat today and talk about, I think a two-part podcast is what we're talking about here. We're going to start by talking about the traditional idea of the business impact analysis. What is the BIA, Jen? Jen Otremba: That's a good question. The BIA, or the Business Impact Analysis, to me it's sort of just a process to help determine critical functions within a company and what the relationship is with each other, in Jen's words. Bryan Strawser: That's a good plain English description of the BIA. Jen Otremba: In Jen words, not the ISO definition, the Jen definition. Bryan Strawser: ISO says in the 22301 standard that the business impact analysis is a formal end document and evaluation process for determining continuity and recovery priorities, objectives and targets. Jen Otremba: Yeah, what I said. Bryan Strawser: It goes on to say that this is really about understanding the organization and its context and the needs and expectations of interested parties in order to be able to select business continuity strategies, implement business continuity solutions and write business continuity plans using this data. Jen Otremba: Yes. Bryan Strawser: I like your simple explanation. Jen Otremba: We've had to describe this to organizations- Bryan Strawser: Many people. Jen Otremba: ... recently quite a bit, right? Bryan Strawser: Yeah. Jen Otremba: Because there is a lot of confusion as to what exactly do I need, how do I get there, and then what do I do with the information once I have it? Bryan Strawser: In the traditional world of doing the BIA, the way that I would say business continuity has been done for many, many years, there's kind of a multi-part process here that you're starting with a risk assessment to understand the risks and threats to an organization. Through that conversation you determine through some mechanism the criticality of functions because companies have teams. Those teams perform functions or processes, depending on what term you want to use, and those processes are either critical or not. Companies define what is and not critical. For example, in the world that I grew up in with BC a function that needed to be recovered within 30 days was a critical function, everything else wasn't. We have lots of definitions as to how you get there. We would typically do a survey or some type of mechanism in a tool like Archer or Fusion or LDRPS or something that allows us to capture enough detail to understand whether or not this process is critical or not. Jen Otremba: Yes. If you're not a huge organization it doesn't need to be an expensive tool. It can be as simple as, like you said, a survey to determine what's critical and why it's critical. The company can set the definition of what makes it critical, what time line makes it critical. Like you said, you remember doing 30 days when you grew up doing this. It's to determine your criticality, right? Bryan Strawser: Right. Jen Otremba: It could be two weeks depending on what it is. Bryan Strawser: That's right, or it could be a week. Jen Otremba: Longer. Bryan Strawser: It could be longer. The company sets this. You just need to define it, like, "Critical function to us means X." Once you define that, then you conduct the business impact analysis on that team or function or division or department, whatever the organizational layer is that you're going after. What do we do in that BIA process? What are seeking to understand? Jen Otremba: Again, Jen's definition here, which is not always the book answer, but essentially you're asking yourself a series of questions. In this business unit you're ultimately determining what makes it critical, and what upstream, downstream units may also be required to keep his function going. Bryan Strawser: Right, is it dependent upon something, and is something dependent upon it? Jen Otremba: Sometimes it's based in a dollar figure, "Without this after a certain amount of time it's going to cost the company 50 million dollars," or something like that. It also will outline how many people you need to make this function work. How many facilities you need to make this function work. It sort of starts to outline all that you need to keep this critical function going. That's Jen's words. How's that? Bryan Strawser: Yeah, I think you're on the right track. We should point this out, some companies or tools will separate the idea of what information goes in the plan and what information boes in the BIA. Often some of the things you describe like facilities and dependencies might just be in the plan as opposed to being in the BIA. In our mind it doesn't really matter. You capture it in the place that makes the most sense for the processes that you're using. What we're really seeking here to understand is what is the impact of a disruption or outage to the function? What are the things that can make that outage happen? A lot of this for us is what's the financial or regulatory or legal or reputational impact of being offline for an hour, two hours, four hours, eight hours, 12 hours, 24, a week, you set the timelines onto what you want to measure. That's really what you're going after, is what is the impact if this function is disrupted. Often you're also looking at what are the things that can cause that disruption where you're mostly looking around loss of facility, loss of the team, loss of technology, loss of third party or vendor services, and what does that mean for the impact to that organization? Out of all of that you get to, "Hey, here's my ..." You can call it a recovery time objective, an RTO, you can call it a maximum allowable outage, an MAO. I don't really care what you call it, but you're aiming towards some metric that you're going to use consistently across the organization to understand what that impact looks like and how quickly do you need to recover this thing, this particular process. Jen Otremba: Once you get through that process with all the critical functions it's kind of like a mind-blowing all of this information comes together. Sometimes you're identifying things you didn't realize existed, but everyone else knew, but maybe a certain team didn't know. That certain team didn't know that all of these other teams counted on them within 24 hours or two hours or four hours or whatever that looks like. Bryan Strawser: Right. We often hear when talking about technology teams and you get into like a Wintel engineering team in a company that uses actor directory for everything, and usually you hear one of two answers. You hear the person that's not cognizant of the real world which is, "Yeah, I just manage actor directory, and if it goes down no big deal," which I heard recently. Or, you get the more mature answer we heard from a head of systems engineering recently, which was, "Yeah, so I've got two functions here that if they go down we are in a world of trouble, starting with actor directory. If that's down we've got problems." The second was Ping Fed. If that goes down we've got problems all because it's tied to authentication, and, literally, if you can't get into your computer, you can't bet into an app, you can't get into the internet. All these dependencies tied to that, which are all obvious to this individual, but not obviously to the business team who is like, "What's Ping?" Jen Otremba: I can work from home. Bryan Strawser: "I can work from home," and so you're like, "You can't because Ping's down." And they look at you and go, "What's Ping?" This is great information that you get in the BIA process, or you pick up as a part of being involved in dealing with technology incidents. My experience is normally the business won't know about this until you highlight it through a BIA and business continuity planning process. Jen Otremba: It certainly is a tool that you can then use to education your leadership. Bryan Strawser: Right. Jen Otremba: Whether that be we need to put more time or energy or money into making sure this function works because here is what the impact is on the rest of the company. "Oh, we stop making money if we don't have X, Y and Z," often times helps sell that picture. Bryan Strawser: Which is why it's important to capture financial impact. If this function is offline, that function being offline can cost us money in that I need to spend because it's offline, or I can't do something that generates money, and, therefore, I'm going to lose money during this outage. I know the world I came from, POS authentication for credit card transactions and processing of check payments, it's a big issue at point of sale because if our point of sale gateways and systems were down we couldn't process, or we at least couldn't authenticate. We did have some ways to process manually and then deal with it later when the systems came back up. I remember a Black Friday one year Visa went down at the retailer that we worked at for a brief period of time, and, man, people were freaking, even though we knew within a minute or two what had happened, and had it back up within a couple. Jen Otremba: But a couple of minutes in that scenario can really cost. Bryan Strawser: It felt like a long time. My boss was in the room breathing down my neck. Jen Otremba: It's also a reputational concern. Let's say you have a company that uses that same type of system, but you have a vendor that provides that service to you, and that vendor has an issue. Customers don't care if it's the vendor. They're there trying to buy from you, not the vendor. It's also reputational concern. Bryan Strawser: The BIA also helps you answer the question, particularly in a larger organization where you have multiple facilities and you're probably in multiple cities, but it helps you answer the question when you get the phone call that, "Hey, Building four is down. We have a power outage, and it's not going to be restored for 48 hours, and the generator's not working, and we have no generator fuel." What's the impact of that? Your BIA can help you answer that question because you can go into your tool or your spread sheet or your records and say, "Well, here are the 10 organizations based in the building, and here's the revenue loss and here's the impact to reputation and here's the community impact." Whatever your criteria are that you're capturing in the BIA you'll have it because you've one this work and captured that data. Jen Otremba: Absolutely. The other thing, actually, you can kind of point out with all of this, I was just thinking as you were talking, is the functions that are not as critical. You may have originally thought that they were the most critical functions, but, actually, it's this function over here that's what's keeping the company going. It helps to identify that as well, so where to put the time and energy and money. Bryan Strawser: Right, and how do you tier the recovery? Jen Otremba: Exactly. Bryan Strawser: Let's go to our building four example, that building four is down, but I'm going to get back into building four in 48 hours, but only on the first floor. Who do I want to go take the spots on the first floor? Is it the team that's already there, or am I going to prioritize differently based upon the BIA telling me, "Hey, these eight guys and women that are up on the eighth floor, these are the ones that are most important to get back up first." Not to mention that, but what are their strategies, like, can they work remotely and all things that you're capturing in their plan. Jen Otremba: Right. Bryan Strawser: Sorry, edit out that dead space there. Let's talk about how to conduct the BIA. This really changes depending upon whether or not you have a tool, if you have software to be able to do this for you with you. Manually you can do this. We've done the BIAs often with an Excel spreadsheet that kind of outlines the questions that we want to ask. We create drop downs with information about the client's facilities and technology platforms and position titles and things that you should be able to get an advance. That simplifies your data entry. It makes sure it's consistent, which is very helpful for later analysis and use. Or, you can do this in a tool like Archer, Fusion, LDRPS or one of many different platforms that are out there. Jen Otremba: Yeah, it would make life easier if you had that available to you. Bryan Strawser: It makes it much easier. Jen Otremba: Because you can pull reports and things like that from those tools, which makes it really easy to be able to really outline the things that you're trying to outline here. Bryan Strawser: Our typical process is to train the leaders and people from their team that will be doing the BIA, providing them the template or access to the tool, letting them complete the data entry, and doing some followup calls or making available some conference calls or an onsite support where they can come and talk with you as they're working through the process. Jen Otremba: So they understand the questions that are being asked. Bryan Strawser: Right, and we often get questions about interpreting some of the questions and what have you. Then give them a date for the data to be returned, and then we look and normalize the data. We review that back with them, and then you're done in terms of the initial step with the BIA. After that you want to kind of level-set this with really their peers on the same operational team and then with the leaders of the organization to really say, "Hey, okay, the 80 things that your company does, 40 of them are critical. These 40 are ranked in the following ways in terms of how they get recovered and why. Like, why does that have to be recovered within an hour? Well, here's the reasons why that we captured in the BIA." "Oh, okay." Or, "Well we argued this with the business, but the business disagreed, so we've left it as is." Then the seniors they can go, "Well, that's crap because they need to be recovered after these four or five other functions," and you can realign this based upon executive priorities. Jen Otremba: Right. The executive, then, buy-off at that point. The executives can review all the data that you present to them. Then at some point decisions will need to be made, like you said, ranking what will be recovered first, what functions. Then lastly I think would be the information sharing, right? Bryan Strawser: Mm-hmm (affirmative). Jen Otremba: Once you have all the information you've made decisions, you have plans as far as how to move forward and who to create the plans for, you do the information sharing. Bryan Strawser: That's our view on the traditional BIA. We'll link and the show notes. We have a couple of blog posts describing why to do BIAs and what does a BIA look like and what is the BIA. I think we have a few other resources on the site, so we'll link those in the show notes for you to take a look at. Then in next week's episode we're going to take a counter view here. I think we're going to call this episode "To BIA or not to BIA. That is the question". A little play off of Shakespeare, but the question we're going to ask is, should you do the BIA? There's a growing belief that perhaps the BIA is not the most effective way to build a BC program and there are some alternate paths to consider. We'll explore those on next week's episode. Thanks for listening.
Welcome to the History of Computing Podcast, where we explore the history of information technology. Because by understanding the past, we're able to be prepared for the innovations of the future! Todays episode is on Digital Equipment Corporation, or DEC. DEC was based in Maynard Massachusetts and a major player in the computer industry from the 1950s through the 1990s. They made computers, software, and things that hooked into computers. My first real computer was a DEC Alpha. And it would be over a decade before I used 64-bit technology again. DEC was started in 1957 by Ken Olsen, Stan Olsen, and Harlan Anderson of the MIT Lincoln Laboratory using a $70,000 loan because they could sell smaller machines than the big mainframes to users where output and realtime operation were more important than performance. Technology was changing so fast and there were so few standards for computers that investors avoided them. So they decided to first ship modules, or transistors that could be put on circuit boards and then ship systems. They were given funds and spent the next few years building a module business to fund a computer business. IBM was always focused on big customers. In the 1960s, this gave little DEC the chance to hit the smaller customers with their PDP-8, the first successful mini-computer, at the time setting customers back around $18,500. The “Straight-8” as it was known was designed by Edson de Castro and was about the size of a refrigerator, weighing in at 250 pounds. This was the first time a company could get a computer for less than $20k and DEC sold over 300,000 of them! The next year came the 8/s. No, that's not an iPhone model. It only set customers back $10k. Just imagine the sales team shows up at your company talking about the discrete transistors, the transistor-transistor logic, or TTL. And it wouldn't bankrupt you like that IBM. The sales pitch writes itself. Sign me up! What really sold these though, was the value engineering. They were simpler. Sure, programming was a little harder, and more code. Sure, sometimes that caused the code to overflow the memory. But at the cost savings, you could hire another programmer! The rise of the compiler kinda' made that a negligible issue anyway. The CPU had only four 12-bit registers. But it could run programs using the FORTRAN compiler anruntime, or DECs FOCAL interpreter. Or later you could use PAL-III Assembly, BASIC, or DIBOL. DEC also did a good job of energizing their user base. The Digital Equipment Corporation User Society was created in 1961 by Edward Fredkin and was subsidized by DEC. Here users could trade source code and documentation, with two DECUS US symposia per year - and there people would actually trade code and later tapes. It would later merge with HP and other groups during the merger era and is alive today as the Connect User Group Community, with over 70,000 members! It is still independent today. The User Society was an important aspect of the rise of DEC and of the development of technology and software for mini computers. The feeling of togetherness through mutual support helped keep the costs of vendor support down while also making people feel like they weren't alone in the world. It's also important as part of the history of free software, something we'll talk about in more depth in a later episode. The PDP continued to gain in popularity until 1977, when the VAX came along. The VAX brought with it the virtual address extension for which it derives its name. This was really the advent of on-demand paged virtual memory, although that had been initially adopted by Prime Computer without the same level of commercial success. This was a true 32-bit CISC, or Complex Instruction Set Computer. It ran Digital's VAX/VMS which would later be called OpenVMS; although some would run BSD on it, which maintained VAX support until 2016. This thing set standards in 1970s computing. You know Millions of instructions per second (MIPS) - the VAX was the benchmark. The performance was on par with the IBM System/360. The team at DEC was iterating through chips at a fast rate. Over the next 20 years, they got so good that Soviet engineers bought them just to try and reverse engineer the chips. In fact it got to the point that “when you care enough to steal the very best” was etched into microprocessor die. DEC sold another 400,000 of the VAX. They must have felt on top of the world when they took the #2 computer company spot! DEC was the first computer company with a website, launching dec.com in 85. The DEC Western Research Library started to build a RISC chip called Titan in 1982, meant to run Unix. Alan Kotok and Dave Orbits started designing a 64-bit chip to run VMS (maybe to run Spacewar faster). Two other chips, HR-32 and CASCADE were being designed in 1984. And Prism began in 1985. With all of these independent development efforts, turf wars stifled the ability to execute. By 1988, DEC canceled the projects. By then Sun had SPARC, and were nipping at the heels. Something else was happening. DEC made mini-computers. Those were smaller than mainframes. But microcomputers showed up in the 1980s with he first IBM PC shipping in 1981. But by the early 90s they too were 32-bit. DEC was under the gun to bring the world into 64-bit. The DEC Alpha started at about the same time (if not in the same meeting as the termination of the Prism project. It would not be released in 1992 and while it was a great advancement in computing, it came into a red ocean where there were vendors competing to set the standard of the computers used at every level of the industry. The old chips could have been used to build microcomputers and at a time when IBM was coming into the business market for desktop computers and starting to own it, DEC stayed true to the microcomputer business. Meanwhile Sun was growing, open architectures were becoming standard (if not standardized), and IBM was still a formidable beast in the larger markets. The hubris. Yes, DEC had some of the best tech in the market. But they'd gotten away from value engineering the solutions customers wanted. Sales slumped through the 1990s. Linus Torvalds wrote Linux on a DEC Alpha in the mid-late 90s. Alpha chips would work with Windows and other operating systems but were very expensive. X86 chips from Intel were quickly starting to own the market (creating the term Wintel). Suddenly DEC wasn't an industry leader. When you've been through those demoralizing times at a company, it's hard to get out of a rut. Talent leaves. Great minds in computing like Radia Perlman. She invented Spanning Tree Protocol. Did I mention that DEC played a key role in making ethernet viable. They also invented clustering. More brain drain - Jim Grey (he probably invented half the database terms you use), Leslie Lamport (who wrote LaTex), Alan Eustace (who would go on to become the Senior VP of Engineering and then Senior VP of Knowledge at Google), Ike Nassi (chief scientist at SAP), Jim Keller (who designed Apple's A4/A5), and many, many others. Fingers point in every direction. Leadership comes and goes. By 2002 it was clear that a change was needed. DEC was acquired by Compaq in the largest merger in the computer industry at the time, in part to get the overseas markets that DEC was well entrenched in. Compaq started to cave from too many mergers that couldn't be wrangled into an actual vision. So they later merged with HP in 2002, continuing to make PDP, VAX, and Alpha servers. The compiler division was sold to Intel, and DEC goes down as a footnote in history. Innovative ideas are critical to a company surviving after the buying tornadoes. Strong leaders must reign in territorialism, turf wars and infighting in favor of actually shipping products. And those should be products customers want. Maybe even products you value engineered to meet them where they're at as DEC did in their early days.
CMU's Andy Malt and Chris Cooke review key events in music and the music business from the last seven days, including Ticketmaster's plan to kill a class action lawsuit by employing a ts+cs technicality, the World Independent Network's latest report on indie label market share, and the very slight possibility of the Spice Girls headlining Glastonbury. Setlist is sponsored by 7digital.
Join the Acquired Limited Partner program! https://kimberlite.fm/acquired/ (works best on mobile) Ben & David cover the proposed largest tech M&A deal of all time, and in the process dive into the evolving dynamics of the industry that started everything in Silicon Valley—silicon. Just when VCs thought innovation was dead in semiconductors, a new wave of startups and large companies are redrawing the lines of competition in an industry dominated for a half-century by the “Wintel” duopoly of Intel and Microsoft. Topics Covered Include: Innovation and disruption in the semiconductor industry over the past two years Intel’s acquisition of Nervana Graphcore and other ML-focused semiconductor startups CDMA and the telephone network effect Qualcomm’s early cell phone handsets Vertical integration + commoditization in smartphone chipsets The Carve Out: Ben: The de-watering of Niagara Falls David: Big Daddy’s Antiques Bonus: The Mystery Show Sponsor: Thanks to Perkins Coie, Counsel to Great Companies, for sponsoring this podcast. You can get in touch with Nick Ferrer, who you heard at the beginning of this podcast, here.
CMU’s Andy Malt and Chris Cooke review key events in music and the music business from the last week, including Eminem's legal win against New Zealand's ruling political party, the World Independent Network's latest stats on indie label market share and why they matter, plus Kid Rock's departure from the political arena (which he was never in). Setlist is sponsored by 7digital. Section times: Intro - 00:00 Eminem - 08:02 WINTEL - 18:18 In brief - 27:59 Kid Rock - 31:53 Outro - 36:25
For decades, two companies worked side by side to build the very foundation of personal computing. Microsoft built the operating system—Windows—and Intel built the chips. But Wintel is no more. Sure, Windows will continue to run on Intel chips. But Wintel as a mighty alliance has died. It's been fading for years, and this week Microsoft snuffed out the last of it.
Sobre o episódio Este é o episódio 44 do Retrocomputaria e, com um convidado que não é conhecido no prédio dele, retomamos onde parou o episódio 41 e falamos do fim do IBM PC e sua substituição pelo atual Wintel. Nesta parte do episódio A era dos processadores com nome em vez de número; “causos” … Continue lendo Episódio 44 – IBM PC: o fim – Parte C →
Sobre o episódio Este é o episódio 44 do Retrocomputaria e, com um convidado que não é conhecido no prédio dele, retomamos onde parou o episódio 41 e falamos do fim do IBM PC e sua substituição pelo atual Wintel. Nesta parte do episódio Falamos do que o PS/2 deixou de duradouro para a indústria, … Continue lendo Episódio 44 – IBM PC: o fim – Parte B →
Sobre o episódio Este é o episódio 44 do Retrocomputaria e, com um convidado que não é conhecido no prédio dele, retomamos onde parou o episódio 41 e falamos do fim do IBM PC e sua substituição pelo atual Wintel. Nesta parte do episódio Falamos do IBM PS/2, do seu sistema operacional preferencial (o OS/2 … Continue lendo Episódio 44 – IBM PC: o fim – Parte A →