NC_2025_01_03

This episode covers CES prep, Bart's shift to PowerShell, reviews the Anchor Work M650 mic, and compares Ray-Ban Meta glasses with Apple Vision Pro, concluding with key cybersecurity updates in Bart's Security Bits.

2024, Allison Sheridan
NosillaCast Apple Podcast

Automatic Shownotes

Chapters

0:00 
NC_2025_01_03
0:31 
PBS Tidbit 11: A PowerShell Teaser
1:53 
AnkerWork m650 Lavaliere Mic — Sierra & Bodie
3:03 
Sierra LeDuc on Anker m650 lavaliere
5:51 
Bodie Grimm on Anker m650 lavalier
24:52 
Pat Dengler Sings the Virtues of Ray-Ban Meta Smart Glasses
51:15 
Support the Show
51:55 
Security Bits — 3 January 2025

Long Summary

In this episode, I share the highlights from my recent recording of NoSilicast, episode number 1026, released on January 3rd, 2025. As Steve and I prepare to attend CES for the latest tech insights, we maintain our commitment to deliver a fresh episode, even without a live show this week.

This week’s Programming by Stealth segment features Bart’s candid admission about his shift in preferences from Bash scripting to the newer PowerShell. I was intrigued by his confession that despite his teaching efforts on Bash, his interests have pivoted to this modern, open-source command-line shell by Microsoft, which is cross-platform and equipped with a robust feature set. Bart provides us with an overview of PowerShell and reveals that our engagement in this topic could lead to deep-dive episodes if there's enough interest. His call to action invites our listeners to share their thoughts in our Slack community at podfee.com/slack.

Following this tech discussion, we dive into a product review segment featuring Sierra LeDuc, who discusses the Anchor Work M650 lavalier microphone gifted to her by her father, Bodhi Grimm. Sierra candidly talks about her previous neglect for audio quality in her video productions until she experienced the benefits of this intuitive mic system. The simplicity of this device is highlighted in her review, showcasing its plug-and-play nature and ease of use, which resonated with her preference for minimal learning curves. Bodhi joined us for a more technical walkthrough of the microphone, detailing its functionality, applications, and comparative performance. His insights reinforce the superiority of the M650 for various environments, including his work in high-noise settings like fire stations.

As an additional feature, expert Pat Nengler returns to share her firsthand experiences with the Ray-Ban Meta glasses. Pat provides an engaging comparison between these smart glasses and the Apple Vision Pro, emphasizing the Meta glasses' functionality for recording video from a first-person perspective. Her enthusiasm encompasses their audio capabilities for phone calls and podcast listening, all while seamlessly operating as everyday sunglasses. She elaborates on the practicality of their use in various scenarios, including live demonstrations and as a tool for education.

Finally, we wrap the episode with Security Bits, where Bart provides a roundup of the latest cybersecurity developments, including updates about carrier hacks, privacy rulings related to the NSO Group, and new regulations in the healthcare sector following significant data breaches. The segment emphasizes the importance of vigilance with software and plugin usage, reinforcing the crucial role users play in maintaining their digital security.

This episode is packed with tech exploration, practical advice, and thorough product reviews aimed at empowering listeners with the latest knowledge and insights to enhance their tech experiences. For all the detailed notes and resources featured, be sure to check out our show notes at podfeed.com.

Brief Summary

In this episode, I recap NoSilicast 1026, where Steve and I prepare for CES while delivering fresh content. Bart shares his transition from Bash scripting to PowerShell, inviting listener feedback for potential deep dives. We review the Anchor Work M650 lavalier microphone with insights from Sierra LeDuc and Bodhi Grimm on its ease of use and performance. Expert Pat Nengler discusses the Ray-Ban Meta glasses, comparing them to the Apple Vision Pro. The episode wraps up with Bart's Security Bits, covering key cybersecurity updates and emphasizing user vigilance.

Tags

NoSilicast 1026
CES
Bash scripting
PowerShell
listener feedback
Anchor Work M650
lavalier microphone
Ray-Ban Meta glasses
Apple Vision Pro
cybersecurity updates

Transcript

[0:00]
NC_2025_01_03
[0:00]Hi, this is Alison Sheridan of the NoSilicast podcast, hosted at podfeed.com, a technology geek podcast with an ever so slight Apple bias. Today is Friday, January 3rd, 2025, and this is show number 1026. Well, you'll notice I'm recording on Friday, which means there is no live show this coming Sunday because Steve and I are off to CES to get you all that tech goodness, all kinds of fun interviews coming up soon. But in the meantime, of course, we are not going to miss an episode.
[0:31]
PBS Tidbit 11: A PowerShell Teaser
[0:31]In this week's Programming by Stealth, Bart confesses that as soon as he finished teaching us all about writing scripts in Bash, he never wrote a single another script in that shell. You'll be shocked to hear that he fell in love with a shell written by the folks at Microsoft. Now, before you judge him too harshly, this is an open source project. It's on GitHub. It's cross-platform for Linux, Windows, and Mac. It's called PowerShell.
[0:56]Now, he always gives me a heads up on his progress with the notes, and this week his update said, I've written 125% of the notes for programming by stealth. As it turns out, I think he'd written nearly 200% of the necessary notes for a one-week show, so this week's introduction to PowerShell will be in two halves. We publish part one, or part A if you will, of PBS Tidbit 11, a PowerShell teaser, and I suspect there might be even more coming after this. In this episode, he asks people to let him know, is this something that people would be excited about doing deep dives into and actually learning how to use, or will they be happy with just kind of this overview of the two episodes we're about to publish. And he tells you to make your voice heard over in our Slack at podfee.com slash Slack. Of course, you can find Bart's fabulous tutorial show notes for this episode and all of the other episodes at pbs.bartificer.net, along with the audio recording. And of course, you can find programming by stealth in your podcatcher of choice.
[1:53]
AnkerWork m650 Lavaliere Mic — Sierra & Bodie
[1:56]Next up, you're going to hear two voices. The first voice you'll hear is Sierra LeDuc. She is the daughter of Bodie Grimm. She's going to tell you all about a lavalier microphone her father bought for her. Now, she essentially sets up the problem to be solved and explains how this mic met those needs for her. Then, you'll hear Bodhi and me go through the product in detail explaining how this microphone works. I didn't understand before we started how capable it is, so I'm really glad Bodhi took the time to talk me through it. One of the most important things to know about this recording, especially the one from Sierra is that she did not record it using the microphone that she's talking about. That was unfortunate. But when Bodhi and I talk, we go through and he actually switches from his big boy mic to this lavalier mic, and it's really a remarkable tool. So I think you'll get a big kick out of it. By the way, you can find Bodhi on the Kilowatt podcast, all about electric vehicles and renewable energy, and also on the show he co-hosts with Rob Dunwood called Beyond the Post, where they record the world of digital creation. Look for them both in your podcatcher of choice, or of course you can follow links in the show notes.
[3:03]
Sierra LeDuc on Anker m650 lavaliere
[3:03]Hello, my name is Sierra LeDuc, and I am a video person, but I'm a very scrappy video person. All right, I mostly make videos with my phone. I honestly, for the last 10 years that I've been making videos, I've completely disregarded audio quality. I've just looked the other way.
[3:26]And honestly, I should be ashamed of that because now I see how important good audio quality is. And really what changed that for me was when my dad Bodhi got me the Anchor Work M650 wireless lav mics. He got that for me for Christmas exactly a year ago, maybe two years ago. I don't know. It completely changed... My life? Was that dramatic to say? Not sponsored.
[4:01]I'm just a rando giving a tech review slash gift recommendation. I really have no motive to be promoting this product. But what I love about it, about these mics, is it's very much just plug and play. It's dummy proof. Because honestly, I have no patience for learning audio equipment. And the fact that I could just plug this into my phone and clip this mic on really seamlessly it has a magnetic effect so you can just like pop it on your shirt or you could clip it onto your collar and it just works within seconds without really much of a learning curve um I like that it's just so easy and the product is so nice to to deal with, you know, it's just like, it fits well in the case that charging it is really straightforward. And also like, it's the kind of cord that I think it's a USB three cord. Oh gosh, don't quote me on that. But it's the kind of cord that it's like easy to find. Say you misplaced the one that came with your anchor work, like you can find another cord pretty easily. And for me, that is a huge part of a tech product being great. Because I can never keep track of cords. So, yeah, if you're looking for, I would say, like, a mid-budget lavalier mic system, it's, like, 200 bucks.
[5:30]Definitely, you should get this for any, like, scrappy video maker in your life. It will change their lives. So, if you want to change someone's life, consider getting this gift for your loved one. I hope that was good enough. Sorry, Allison, if it wasn't.
[5:51]
Bodie Grimm on Anker m650 lavalier
[5:51]Well, thank you so much for that, Sierra. Now, as everybody heard her explain, her father is Bodhi, as in Bodhi Grimm, the host of the Killawatt podcast. Bodhi bought her the microphone, and he's here to give us perhaps a little bit more technical perspective than what she gave us. Hi, Bodhi, how are you doing? I'm good. How are you? All right, I'm doing good. Well, behind the scenes, the first thing you guys need to know is she did not record that on that microphone. However, we are going to get, hopefully, if this works, is we're going to get a live demo from Bodhi of that microphone, and it really is astonishing. So let's back all the way up. What's the name of the microphone setup? And start describing it for us, if you would, Bodhi. Okay, this is the AnchorWork M650, M like Mary 650.
[6:34]It is a set of lavalier mics that allows you to record we'll just say it allows you to record interviews really well we'll get into some of the other stuff a little bit later where i think some of the limitations are but it does a really good job with interviews let me interrupt real quick a lavalier mic just means a portable wireless mic that you hook to somebody so that they don't have to be holding a microphone is that a good enough description of what a lavalier is, Yeah, they're also called lapel mics, you know, they are used in broadcasting, the ones that are used in broadcasting are usually really discreet and small, whereas the M650 labs are a little bit bigger, but they also have a lot more technology built in. Usually the folks that are on TV have a little pack that's usually behind them or in a pocket or something like that, that has all the actual technology. Yes, I've worn those ones with the pack before. or luckily it was not on film, I don't think, when it actually pulled my pants down partway while I was on stage at Macworld, and Kelly Goumont ran up on stage and fixed my pants for me while I was trying to do my presentation, so that was fun.
[7:41]You didn't need to hear that. So I'm used to these lavalier mics as being little, tiny, itty-bitty things that you clip to your lapel, and hopefully somebody who knows what they're doing puts it on there so that your hair or a zipper or a beard doesn't scratch against it. People who don't know how to use them do all of those things. I'm looking at you right now and you're wearing this and it looks like it's almost the size of maybe a silver dollar. It's pretty big. It's a disc. It is. And it's pretty big. Okay. Yep. Yep. Absolutely. It's pretty though. It's gold. And we'll get into this, but you can change the colors if you want. Ooh. Okay. So let's start with what comes in the box. So this is audio only, but I'm going to show this to Allison. So this is a charging case. It's got USB-C on the back. And when you open it up, you'll see inside that you have a lavalier mic and a receiver. And then you have these little adapters that you can connect to the receiver that will allow you to connect to a lightning port or a USB-C port. Okay, so looking at the inside of that case, I could see that there's kind of a proprietary connector on the back of each of the lavalier disks, I'm going to call them. And that's what connects them in there that charges them. And then is that part of the same mechanism where you add that USB? Is it a USB-C adapter that you've got there?
[8:57]Yeah, so it's both, there's one for lightning, one for USB-C. And I'll just pull out the receiver here and I'll show it to you. Great for audio again. I'll be describing play by play. The size of this block that you have in your hand is the receiver. This is going to hook to the phone for Sierra, but you're going to demonstrate that it's actually, you can plug it into a Mac, right, with the USB-C adapter. Yeah, so you can plug it into a Mac, a Windows. I just bought one for my little brother who has a Windows machine. It works fine with his. I use mine with Logic. Anything you can do with a normal, everyday microphone, you can do with these. Okay, so this block in his hand looks like it's maybe, what, two by one inches and maybe half an inch thick? How thick is that?
[9:41]It might be three quarters of an inch thick. It's pretty thick. Okay, so I see a headphone jack on the side, and I see another USB-C connector on the side of it. And you've attached this USB-C adapter as, again, another proprietary connector. It's kind of a bayonet mount sort of thing, it looked like. You twisted it to go in and then it connects USB-C. On the bottom, you connect it in and you do a quarter turn and it's on there. It's solid. Okay, good. Now, don't lose that. That's proprietary, right? She talked about a USB-C cable, but it looks like this is a very specific connector. Yes, I believe she said USB-3, but we'll call it USB-C. Okay. So, you can also see on the back of this, there's a little alligator clip. So, if you wanted to clip directly to your belt or something, because you can actually record to this receiver directly. Oh, without plugging it into a phone or a computer. Right. You don't have to plug it into the phone or the computer. And we'll get to that in a second. That's just a little bit of a preview of what's to come. Okay. We'll start off with the receiver. You can see, Allison, as I'm talking, that there's a little audio meter there. And you can kind of monitor it and see if it's peaking or not. Yeah. So I'm looking at a little, like a VU meter, I'd call it. It's a little green meter that's going up and down because the mic is plugged in right now, right? Or it's active, I should say.
[10:59]It is active. So when you open up the case, it automatically pairs the mics to the receiver. There's nothing special that you have to do. As soon as you open, it is connected and ready to go. That's really cool. And I'll give you an example. If I just open this right now. It's a bright color display. Oh, we just opened it and now there's two of the meters going so you can see both microphones. Didn't even take it out. Wow. You said that's a touchscreen on the receiver? Yeah, so it's a touchscreen. If you swipe down from the top, you have some noise reduction options and some soundtracks. So you can do mono or stereo. So it'll record one in the left channel, one in the right channel if you're using two of these.
[11:37]Nice. You also have safe mode. So it'll do a backup recording in safe mode and it will take it down six decibels. So just in case somebody peaks or you're in a really loud environment and you don't want to blow out your audio. Wow. And then there's the aux mode where if you wanted to connect it to your camera, you can make it a little hot or it's high or low. So you can kind of adjust the volume in that way. It's not super, like it's not surgical. It's either high or low.
[12:08]Okay. I see what you mean about a lot going on in this thing. Yeah. So here you can mute it. If you swipe from the bottom up, you can mute and then you have an option to record. Do you know how much storage it has inside it? Don't have any idea. All of the reviews say that this is where it's stored, where the files are stored. If you're recording directly to it, I think they're restored on the lavalier mics themselves. And the reason why is when you plug this into your computer, first of all, you have to put everything back in this charging station, plug it with the USB-C into your computer. And then it comes up as two different M650 instances for drives. And one has the left channel and the other one has the right channel. So I think that they're actually using the microphones to store the audio on. And people just think that it's this that they're using. Because otherwise, I don't know why it would be two. Yeah. Are you saying each microphone has two files on it? Yeah. So like if you and I were recording and I set it to stereo and we're recording and when I'm all done, it would have your bit on one instance and it would have my bit on another as if it were two separate drives.
[13:18]I think I'm understanding. So you're saying when you put it back in the case, now you've got both microphones and the receiver all plugged into that, and then you plug this whole case into your computer? Right. Okay, and so it's doing magic inside, and you bring it out. It says on Amazon's website, Ford, it says, super long projects, store up to seven hours of uncompressed audio, no hard drive required.
[13:41]I haven't used seven hours, but I have used quite a bit as backup. Wow, this is pretty amazing. Are we at the point where we can risk seeing what happens to the recording if you switch microphones? Can I show you the microphone real quick? Yes. Oh, we didn't look at the microphones. Yeah. So on the microphone, it's pretty simple. You have this little like audio. It's got an audio input jack? Audio input jack. For headphones. No, this is for a windsock. So you just plug that in there. And this part right here is your microphone, this little shiny part, metal part. Okay, he's got, yeah, a little shiny metal part, maybe a three quarters of an inch long. But then you've got a, so that's not a headphone jack. It's not an electronic thing. It's for just putting a sock over it to hold on to it. You just put the windsock, you push the windsock down. And I mean, I've never tried plugging headphones into it. So, I mean, who knows? I might be wrong, but that's where you put the audio windsock. Again, the windsock comes with it too? Yep, absolutely. And then right here, you can see where it's blue. If you click on this, it turns red on the button on the side.
[14:47]And now it's red, it's muted. Okay. So you can either mute it from the receiver or you can mute it from the... That's kind of nice if you have to sneeze or something when you're on stage. Or when you're interviewing. Yeah. And the other thing is, is it does a really good job of instantly updating the receiver as soon as you hit the button. So it's really a nice little kit. And then you can see there's a little alligator clip here, so you can connect it to your lapel or whatever, or it's got a very strong magnet, so the alligator clip comes off. Oh, I like that. And then you can get a good audio sound of that. It just clicks, and it connects, and it stays there. Okay, so that's nice. I like the magnet idea versus the clip, because a lot of times the people, they're ready to put the clip on, and they're expecting a man's shirt with a lapel coming down the center, and a lot of times women's shirts don't have that. So being able to do it with a magnet would be great.
[15:41]All right. It's dead useful. So I'm going to plug everything in. All right. So this is going to be, there's possibly going to be a break in the recording, but if you can remember what Bodie's voice sounded like a second ago, he's going to come back and he'll be, talk a little bit on the first mic. Are you still on the Heil? Yes. I muted myself. I am on the Heil now. Yeah. Okay. So now I'm going to switch over. It's a $400 microphone and he's going to switch to the $200, well, $100 for half of them, the lavalier mic. Okay. Did that switch go okay? It definitely did switch. Yeah. Talk a little bit more for us.
[16:21]So I'll tell you about a couple of things that I really like about this microphone. And I'll tell you a couple of things that I really don't. We talked about the safe mode. I really like that, being able to have that backup of the six decibels less just in case the sound gets too loud unexpectedly and causes some sort of distortion problem. I love that you can record in the left channel or the right channel. I'm not a big fan of the noise reduction feature. I feel like it makes your voice sound very compressed. And you can do it low or high, and neither one of them works for me. I have plugins that I can use to kind of help with that noise reduction, so I do not use the noise reduction feature.
[17:06]And what kind of environments have you used it in where you would need noise reduction? So at the fire station, we're creating a little video for a project that the chief wants to do.
[17:17]And let's just say the people in the front office are not quiet. They are very loud. Let's also say that you're in a fire station. So what happens is calls go out. You have obnoxious firefighters yelling outside the windows or outside the doors, you know, that kind of thing. So I've used it in that environment. I'm going to take this to CES with me. So I haven't had an opportunity to use it in, you know, that dull roar that you have at a conference, but I'm looking forward to it.
[17:46]That should be really interesting to see how well that works. You're going to get real good about saying, Hey, can I stick my hand inside your shirt and put this on? We're going to let them do it for themselves. I'm going to let them do that for themselves. I don't want to get kicked out on my first day, but I will say that one of the things that Sierra bought was like a little microphone that you put the m650 lav mic into i might be buying one of those so it looks like it's your standard everyday reporter microphone so i might use that and just let them hold it so they don't have to attach it to their clothing or whatever okay i i do i can tell you that doing live interviews with people who maybe haven't done a lot of live interviews is a real interesting thing in a lot of ways like i've got a mic with mic flag and it's uh you know portable it's got not no wires, should I say, to Steve's camcorder. And I'll put the mic in their face at the right distance, and they'll back up. And so I'll be chasing them around the booth trying to get them in. So a lot of times I have to tell them, you have to stay still. Even if I put this in your face, you have to stay still. Or they'll grab the mic and want to do it themselves, but then hold it in the wrong place. And so it's always a challenge. Yeah, absolutely.
[18:55]Okay, so I had Bodie move it up right to below the edge of his collar because the audio level was low, but it wasn't poor quality. It was just much lower than what we'd been listening to on the other microphone, that's all. So I don't know, it sounds pretty good right there. If you have a really deep voice, and it does matter, or a really quiet voice where you put it, but if you have a really deep voice, this just sounds muddled. So I guess the best way is you just have to play with it and kind of monitor before you start recording, which kind of gets us into the next part if you want to talk about that. Yeah, this is the part where maybe things aren't all rosy. Yeah, so I have found that if you're trying to monitor, like if you have it connected, like I have it connected to my MacBook, if I'm trying to monitor through my AirPods Pro, I get a lot of popping and a lot of audio issues that aren't actually there on the file, but they are there when you're trying to monitor or even sometimes when you're trying to edit. I don't have a good explanation as to why because the file is perfectly fine. Are you sure that's not the AirPods themselves? Because I've heard of problems like that with monitoring. Right now, you're monitoring using Studio Monitor headphones that you have plugged into your Mac, and you said you're not hearing any kind of problems with it. Yeah, and those absolutely could be the problem because I went out and bought a cheap set of wired headphones, and I don't get that popping, but like I said, I get a little delay and I hear myself back, so it's not a real-time...
[20:19]Even with wired headphones into, what device are you on? Are you on the Mac or on a phone? This is on the Mac, but I put the headphones directly into the receiver itself.
[20:30]Oh, there shouldn't be any delay there. That doesn't make any sense. You would think that now I've had these for maybe a month and a half. So I will fully own up to, I don't know everything about these and there's probably better ways for me to be doing this, but those are just some problems that I've found. And then if you have a collared shirt or somebody has a collared shirt or like you're wearing a hoodie and you mentioned that hair beard, the little strings on your hoodie, that, that causes a lot of problems, but the collared shirt will sometimes it won't pick up the, the audio that it needs to pick up so some of the interviews that we were doing because we have polo shirts that we were originally at the at the department so somebody was wearing a collared shirt about every i don't know 10 to 15 seconds a word would drop out and it didn't matter if it was a female speaking or male speaking um didn't matter seemed to matter where we put it is if that collar was there and just for whatever reason would drop out uh the audio huh yeah that's interesting i hope that doesn't happen at CES? Yeah, a lot of collared shirts at CES. That's why the microphone that I was talking about the microphone. Mic idea, yeah. Maybe you could do one or two and then listen if you get a chance to go someplace quiet and have a listen and then go back out and try different strategies because I got to tell you, we've had a lot of lessons learned on what works and what does not. And luckily, there's lots and lots of radio interference too, so that really helps.
[21:52]Yeah, I used my Hollyland lavalier mics the last time I went to CES and that worked okay. Hollyland was not the easiest connect at least the ones i have weren't the easiest to connect and it was always uh oh excuse me give me two or three minutes while i'm trying to set this up and it wasn't a great experience for the people i was interviewing but one of the things i was thinking also with the microphone is i could put one lav on their shirt and then i can give them the microphone and at least if if the audio drops out from somewhere i can at least pick it up from the other place. So an automatic backup, that's not a bad idea. Kinda. I wish I would have done a shotgun mic with some of the interviews we did at the fire station because it would have definitely helped because I had to edit around some of those things. Right, right. Oh, that sounds like a mess. Well, it's fun to play with this stuff, though, right? Oh, yeah, absolutely. I bought one for Sierra. I bought one for my little brother. I bought one for myself.
[22:47]You can buy one for me. Do you want one? When it goes back down to $89, I'll get you one. Not a $200. We're friends, but... Oh, wow. They dropped down to $89 at one point, huh? Yeah. So, I paid $200 for Sierra's. I paid $200 for mine, and my little brother on And Thanksgiving Day got his and it was, I got him for him for 89 bucks. Wow. You know, that ruins it for everybody now because nobody's going to buy them that's listening for $205. They're going to wait and go, nope, I got to wait until it's 89. That's the only price I'll accept, right? It seems like every couple of weeks you can find at that price. If, and I will say it comes in black and it comes in white, right? If it says, if it shows up $200 for the black ones, click on the white ones because you might be able to get them for $89. Actually, the white ones are now $220,000 and the black ones are $205,000. Yeah. Pick the cheaper color. Yeah, pick the cheaper color for sure. They don't have a purple one. Well, this is really cool, Bodie. And again, the audio you've been listening to ever since he said he was switching microphones, this is the Ankerwerk M650 from, well, Anker's owned by Amazon, right? Are they?
[23:54]Yeah, aren't they? I don't, I have no idea. Oh, did I make that up? Boy, I should have checked that. Does Amazon own Anchor? I thought they did. No, Amazon does not own Anchor. Don't listen to me. Anchorworks.com is where you should go to find the Anchorwork M650. Yes, and I will also say that there is some software you can download that I did not download. So some of these problems might go away if you install their software. I just don't feel the need to do that, so I didn't. Well, very cool. This is fun. Thank you for coming on and explaining it. I do thank Sierra for her user perspective of how she's using these. And I still think it's funny that she didn't do the recording on the M650s. Yeah, yeah. She's a funny kid. I don't know where she got that. Probably from your wife. All right. Thanks a lot for coming on the show, buddy. Thanks, Allison. Awesome.
[24:52]
Pat Dengler Sings the Virtues of Ray-Ban Meta Smart Glasses
[24:52]Back with us this week is Pat Nengler, certified Apple consultant and one of our dearest friends. Welcome back to the show, Pat. Hi. I feel like we were just on the show together the other day when we were talking about your neighbor and that near miss on the scam, but we've got something perhaps a bit more joyful to talk about this time, right? Yes, for sure. Well, now you own Apple Vision Pro, so you've got the best and coolest VR AR system in the world. And we discussed that at length, but that's not what we're going to talk about. You are a big fan of it, but you're here to talk about another, can I call it a VR system that you're a fan of for completely different reasons. What are we going to talk about today? So we're going to talk about the Ray-Ban Meta Glasses, which are nothing like the Apple Vision Pro. They're very much two different devices, even though they may overlap ever so slightly in a tiny little function, but we're talking two different things. Spatial computing versus sunglasses.
[25:52]Sunglasses with superpowers, though. Exactly, yes. Okay, so that's a better way to describe it. Let's talk for just a second. How long have you had the Meta Ray-Ban's? Just about a year. Okay. I hear you talk about them all the time. We are in constant communication about this because there's so many cool things. But let's see if we can start at the beginning. What was the feature that made you want to buy them in the first place, other than that you really love trying out new tech? I like recording video. And part of it is mostly from my point of view. So I played with a few different devices, like 360 cameras, so I get an interesting picture or the action cameras that can attach to me, for example. And what I really liked is there's a camera built in to these sunglasses so that I can record something while I'm using both of my hands and doing something in front of me. And then I can use that to share with others later. Okay. So you use it like when you're showing somebody how to use a product, maybe doing a product demo kind of thing? Yeah.
[26:57]Connecting a printer to a network or connecting a device to a computer, things like that, or just plain old navigating around the computer. Sometimes it's more apparent with what I'm doing between the mouse and the keyboard and the computer screen than if I just recorded my screen. You've also used it with me to show me cool things you've built with your 3D printer. Right. And it's a lot easier that sometimes describing something or just sending a photo doesn't show it. You made this cool little box to store something. I forget what it was. And you were compartments you made for inside. It was like a little bento box. That was a really cool way to see it. Right. And it was so simple for me to just put the glasses on, hit record, and now I had both hands free and I can show you exactly what I'm talking about. Very cool. So maybe if you wanted to teach someone to solder, you could use it, right? Yes, exactly. I really like it for fun things. I'm a big Disney fan, so I go to the parks a lot. And if I'm riding a ride, oftentimes they don't want you holding a camera or holding a device. So I just turn the recording on for the glasses and boom, now I have my ride point of view. And it's a good memory for me and fun to share. You recently stalked my family.
[28:16]Lindsay, the daughter, and her kids and her extended family. And it was really fun because you were able to show me videos of my grandkids running around in line and how happy and excited they were. So, it's definitely an interesting method. Now, let's talk about the video quality because video is a big deal for you. So, what's that like? Okay, so the video resolution is 1376 by 1824, 30 frames per second for those people who like to have the numbers. That's an odd numbers. The glasses themselves, they were developed in conjunction between Ray-Ban and Facebook Meta. So they're going to be poised for sharing to social media. So I think that's what they're looking for in terms of too great a quality of a video, because then that's a large file size, which is harder to deal with and store and all of that kind of stuff. I just did the math. That's actually four by three. So it's not an odd issue. It's basically what a normal photo would look like. Okay. Yeah.
[29:16]So, you know, it lets you play with it a little bit if you want to reformat things, and it just makes it easy to share. And the photo resolution is, what did we say? You said 3024 by 4032, which again is 4 by 3, but that's very high resolution. Yeah. I was really surprised you brought this to my granddaughter's birthday party, I think it was. Yeah, that was right after I first got them. Yeah, and you took a picture of me that like, I kept the photo because it was a really good photo. They might be overly vivid for some people's taste, but I liked it. I look thin in it. So that was good.
[29:53]Perfect. Yeah. So, you know, the quality is really nice. I mean, for somebody who's, you know, shooting with a Nikon and, you know, in a long lens, this doesn't compare. But if you were alternatively shooting with your phone, I think it's great for social media and for saving pictures. Yeah. And again, always from your perspective, right? Right, right. It's hard to take selfies, though. I guess you take them off and point them at yourself.
[30:21]Or stand in front of a mirror or something. Sometimes that's kind of fun, too. There you go. How long can you record video?
[30:28]So you can set it for different maximum lengths, but the maximum you can set it to is three minutes. So you can have it automatically turn off after, I think there's four different times shorter than three minutes. Like three minutes, one minute, 30 seconds, 15 seconds, something like that. That was after an update. When I first got the glasses, the maximum you could record was one minute. Oh, wow. So now three minutes is actually quite a long time. Yeah, most people really don't want to watch that much time. Right, right. Exactly. I'm jumping around in my outline that I worked up from which you told me. How do you take a photo? How do you take a video? So there's two ways. They look like regular Ray-Ban Wayfair glasses that we've known since, I don't know, whenever they came out, 50s, 60s. And if you reach up with your right hand to the top right hand arm ear or whatever they call that stem stem yeah i feel like there's another another term anyway there's a button at the very top a physical button and you can tap that button once and that'll take a photo, or you can press and hold it for about a second and then that initiates a video and if you press it again, then that will end the video. And you get different audio feedback based on whether you're taking a photo or a video. Alternatively, you could use your voice and you could say, hey, Meta.
[31:55]Take a photo or take a video. So you mentioned voice and that actually brings up a whole nother thing that these glasses do. They have built in speakers, right? Right. And microphone. Right. So what's the sound like on those? I have heard from people on phone conversations with me that it's actually quite good. I find that I listen to, I go on walks and I take those glasses and I listen to podcasts. It leaves my ears uncovered so I can hear, you know, the noises around me, but the audio is quite good. Unless I'm in a very, very noisy area, you know, then it doesn't get too crazy loud, you know, but usually I can have it at about 50% volume and hear quite nicely walking in a relatively quiet neighborhood. Pat and I talk when we're on our walks often and she talks on her Ray-Bans and it's been great. I mean, I think we had a fussy problem with it one time, but I'd say 90% of the time they sounded great, which is about as good as any ratio of good to bad audio has ever been, right? Yeah, and they connect very easily and quickly. As soon as I open the glasses and put them on my face, it recognizes that they're on somebody, and then it automatically connects to my Bluetooth, you know, now that I've added it the very first time. It's very responsive.
[33:10]Now, I suspect that has something to do with the case because the case looks like a Ray-Ban case, but it's got a little proprietary magnetic connector there, I think, at the nose. There are contacts right under the nose bridge on the glasses and corresponding contacts inside the case that they kind of gently snap into place because the case will be able to charge it about two to three times for full charge. So battery in the case. Yes. Charge the case back up, essentially like any other pair of headphones.
[33:41]Correct. Yeah, they connect via USB-C to, you know, any charger. The case does. The case does, yes. The glasses connect to the case in order to charge. You don't charge them directly. Right. So I think it's probably when you pull them out of the case that they start connecting, and by the time they're on your face, I wouldn't suspect they'd be able to know they were on your face. If I, say, take them off and lay them on the counter, then they generally recognize, just like the Apple AirPods, they recognize that they're not being worn and they will go to sleep. So my audio will not automatically connect to the glasses if they're sitting on my counter away from me. I've never thought about why that happens. I have the Beats Fit Pro and they do the same thing. Is it a gyroscope in there maybe telling it, oh, these aren't moving? No idea. They do have an on-off switch on the inside of the left arm or stem or whatever. We'll figure out what the name is. So you can turn them off completely, and then they just become dumb sunglasses. Okay, that's really interesting. I like the way it charges and that it does look like such a nice case, essentially like if you've got a pair of Ray-Bans. Now, when you invoke video or you're taking a photo, is there any indication to other people that you're doing this?
[34:59]Yes. So there's two indicators. on the inside of the glasses to the right-hand side. If I'm taking a video, for example, I have a blinking white light that tells me that I'm recording video. So it's in your eyes as you're wearing them. You can see? Yeah, just off to the side. It's on the frame of the lens. Okay, so you know if you've invoked it correctly. Correct, yes. Okay. And so if I take a video or photo, there is a light on the outside that's facing others that I can't see. And if it's a photo, it's just going to flash once. If it's a video, it will stay on continuously. That indicates, at least for most people, if you know what it is, it indicates that it's recording. At least it's something unusual.
[35:45]Yeah. Well, what I have noticed is that most people don't know what these glasses are doing, so they can't really tell that they're being recorded per se. Okay. But I will say that if you cover up that indicator, it will not record. It won't take a photo and it won't record video and it will let you know that the LED indicator is being blocked and that you need to unblock it in order to be able to record. So there's a little bit of a privacy protection for other people around you. At least a politeness factor, right? Yeah, exactly. I think there's no assumption of privacy when you're in public. Right, but still people like to know. You know, I don't pick my nose in front of you near as often when I see you with your glasses, your Ray-Ban's on and the light's on, you know? Exactly. Yes. Now, if you take a photo or a video using the Ray-Bans, is the media stored on the glasses themselves?
[36:35]Yes, they're stored on the glasses until such time that you open the MetaView app on your phone. it recognizes instantly that there is a number of files that are ready to be imported, whether they're photos or videos. You hit import, and then you get a prompt to connect to the Ray-Ban Wi-Fi. You're connecting directly to the glasses, so you tap that join. As soon as you do that, it transfers, and it shows you the progress. You know, it's 5 of 10, 6 of 10, you know, as you go along. A video obviously takes longer to move. And as soon as it's done, then it disconnects. So now you're not connected directly anymore. So you're just kind of jumping on a little ad hoc network, does its business, and then disconnects. So it doesn't sound like it's fiddly even.
[37:23]No, it's been really, really rock solid for me. Oh, that's nice. Do you have any sense of how long it takes to transfer, say, a three-minute video? A couple minutes? I would guess maybe, not even a couple minutes, maybe one minute to transfer a three-minute video. Nice. If that. Yeah, it's relatively quick. Another motivation to do a good job of doing short little clips and not irritate everybody. I definitely, and they do recommend that you leave the app open while it's doing the transfer. But I have had occasion where there's suddenly a picture that I want to take. And as soon as I hit the button to take it, it stops the transfer, but it will reconnect immediately and continue the transfer when it's done with that. Oh, that's sweet. That's really nice. Yeah, it's really nice. There's so many things that make me happy about these glasses. They're glitchy-less.
[38:20]Anti-fiddly. So there's been a couple of unusual, or I don't know if we want to call them surprise features, but things that I wouldn't have thought of. I mean, the fact that they're really good headphones and microphone for doing calls and listening to podcasts, that was a big feature that I didn't think they would do. But you did something interesting with me when you went to Disneyland the most recent time. Well, the most recent time you talked to me while you were at Disneyland. Yeah, there you go.
[38:44]You can do live streaming. So you have two choices. You can use WhatsApp or you can use Facebook Messenger. Both apps are owned by Meta. And through that, you can make a phone call and then share my video. So as I'm walking through Disneyland, you were seeing what I was seeing, essentially. And we tested it with both, as I recall, and it was super easy. Basically, it was like invoking a FaceTime call, except with one of those services. And all of a sudden, I was seeing your first person view. Now, I did notice as you were walking into Disneyland, it was kind of blocky, which makes sense because it was a lot of movement. but you got on an escalator and I said, look at that girl's backpack and you held your head still and all of a sudden it got crystal clear. So you're asking a lot of this wireless medium. If you're swinging your head all over the place, it's not going to be the best resolution because it's got a lot of work to do. Right. And, you know, cell coverage and Disneyland are, you know, they're always a toss up. Sure. Sure. Just like, just like everything, right? Yes. Any other voice commands? There are a ton of voice commands. So it has Facebook's version of AI built into it. So since a little while, you've been able to invoke meta and ask things like, what am I seeing? Or what does this label say?
[39:59]Or, you know, any number of things. And it will come back, like if I'm holding up a teddy bear, it might come back with the response saying, you know, you're holding a stuffed animal or something to that effect. It was pretty basic, but now they've kind of taken it to the next level and you can get it to read labels and tell you about instructions on cooking things, which comes to my next step is they have partnered with Be My Eyes, which is a free service. Correct me if I'm saying anything wrong here. Free volunteer service. A volunteer service, right? So that I could call up a volunteer, and if I were sight impaired, and ask, for example, what is the expiration date on this carton of milk?
[40:49]Which is something that somebody who has difficulty in some way reading wouldn't be able to see necessarily. The volunteer can come on, they connect to the glasses, and they can see what that person sees, and they can direct them to move to the right or move to the left if they need to get something into view a little bit better. Be My Eyes has been around for a while, and I've talked about it a few times on the show to remind people. It's exactly what Pat said. I think the example I heard was, where are my cufflinks? You're trying to get dressed, and you've set them down somewhere, but you can't see. It's really hard to find cufflinks in a room. That's a difficult thing. But if you can invoke this and somebody will just go, oh yeah, they're over on the bed. No to your left, your left. There you go. Okay, thanks. Bye. We also had someone on to talk about Aira.
[41:32]Chris Cook came on to talk about Aira, which is a paid for service that's through a different kind of glasses that are actually based on Google Glass. And that one's a professional thing, but you pay a significant amount of money per month. Be My Eyes is, like she said, it's free to users because it's all volunteer-based. You know, it might change your quality of the kind of answer you get, but this integration on a pair of glasses, oh, we didn't actually talk about the pricing compared to more expensive things. How much are the MetaRaybans? So they run between $299 and $379, depending upon the option that you pick. Okay. So there's different features, like if you want to have transition lenses or polarized lenses, much like buying Ray-Bans and regular Ray-Ban sunglasses in the stores, you know, you have a few different options and the price will increase depending on which ones you choose. Just like buying any sunglasses, any glasses, right? Do you want to polarize? Do you want to transition? Can you get, oh, I can never remember the name of it, what it's called, bifocals, but they're called progressives. Yeah, so you can put in prescription lenses. The company Ray-Ban is owned by a larger company called Exotica. Exotica also owns LensCrafters. You get your prescription through LensCrafters, but it's all done in the same purchase.
[42:56]The model that I bought are the regular Ray-Ban Wayfarers. And that shape of lens has been around for so long that there are a lot of other companies that will make lenses for it. And you can, they're not difficult really to pop out and pop in a different lens. The lens is not attached to any of the electronics or mechanics of the Ray-Ban Metas. So any lens can do. You ended up buying two pair, right? You got one for sunglasses and one for indoors? My original pair I bought as Transitions. And I've never used Transitions before. And I don't think this is a part of the Ray-Ban Metas in particular, But for me, the transitions didn't transition enough. So not dark enough outside, not bright enough inside?
[43:41]Correct. Yeah. There's another company that a lot of people have raved about and I will rave about them as well. They're called Lensology and they're based in the UK and it was a very quick turnaround. They work specifically with the Ray-Ban Metas, you know, or they advertise for the Ray-Ban Metas, among other things. And you can choose various finishes. You want high gloss if you want different colors for your lenses. Also, they were using a more advanced version of transitions technology, which I believe now Ray-Ban has started to use that more advanced. In other words, it transitions faster and darker. So I put those lenses in on the first pair. But I still found that there were a lot of times when I really wanted more of a sunglass. So I basically bought a second pair with polarized, dark, regular sunglass lenses. And I'm still really happy that I did. I, a lot of times, carry them both with me, and I use them equally. I don't think that the Meta Ray-Bans are that much more. I'm just thinking of a classic pair of Ray-Bans costs like $180 for Wayfarers. So you're not paying that much more for all of this capability that you wouldn't have otherwise. Right. And as we talked about earlier, there's been a lot of updates that have given significantly more function to these glasses than I had a year ago when I bought them.
[45:07]And nothing else I needed to pay for. This was all part of, you know, what they're doing with the glasses. Yeah, another thing you said they came out with recently was live translation? Yeah. How does that work? So, it's nutty. It listens to someone speaking in another language. And I believe the languages are English, French, German, and Spanish at this point. I think it's just the four languages. And you choose which language you're translating to of those four and which one you're listening to. And it will give you an audio translation in the speakers. But at the same time in the app, it will give you a transcription of their words in their original language and the translation of what they're saying. So you can save it and refer to it. You can also show it to the person if they're speaking to you and you're trying, you know, let's say you're traveling in Spain and you're trying to understand what somebody's telling you. It's easy to see what it's telling you, and then you can confirm that person can look at it and see if it understood them correctly. Wow. How long is the delay from when I say, ¿Cómo está? Like half a second. I tested it by listening to a Spanish-dubbed version of a Friends episode, and there was hardly any delay. I mean, it was noticeable, but it was pretty quickly.
[46:35]Is it hard to listen in one language and then in your native language at the same time, or do you get used to it? I think for short bits, it's fine. I probably wouldn't listen to a movie that way.
[46:46]Right, but if you needed directions or something like that, that would be definitely good. Oh, yeah. And that, again, just came recently, right, as an added bonus for what you paid for originally with this. Correct. Yeah, it's been in the last couple weeks. So I haven't really used it much out in the wild, but I definitely look forward to trying it out. You hope to go into a Mexican restaurant and find somebody who doesn't speak English, right? Eavesdrop on a conversation.
[47:11]Ooh, there you go. Now, Pat is so enamored with these things. I think it's frustrating that I have not yet bought them because she keeps telling me, hey, guess what? There's a pop-up store in downtown LA and you should go get them. Tell them about the pop-up stores. I assume they happen other places, but you went to one in LA? Yeah, so they have one. It was on Melrose in Hollywood or West Hollywood. And it was a really beautiful store. It had a theme of the low rider culture from Los Angeles, but they use that basically to be able to take the glasses and take pictures of artwork and toy car models and stuff like that. And what they did is you walk in and they'll set you up with a phone. And I don't know if it's an iPhone or an Android, but it was a phone that was already paired to a pair of glasses. And you could take both and walk around the store and take pictures and take videos. They had a room that was all covered in mirrors and, you know, so you could play around in there and really like, you know, take them for a test drive. Really experience it. Yeah, it was a great store. And then they would also, if you buy them there, you could order prescriptions if you wanted to because they had a optometrist.
[48:23]Probably. Yes, on staff. I don't know that they would actually do any measurements, but they may have been there to guide you if you had your own prescription with you. If you bought a pair of lenses or glasses and you already had them, you could bring your case and they would laser etch a couple of select designs or your name or your social media handle on the case itself, which I did, which was kind of fun. That's fun. Yeah. It was a great experience. Now, I've seen online, they were set to close today, December 31st, but I was interviewed at the end by one of their staff. They had a long questionnaire to fill out that you don't have to do. And one of that was it's clear that they were investigating whether this was a kind of store that they wanted to keep going or maybe open in other locations. locations. Whether it was just a one-shot or did this actually make you want to buy another pair or to buy a pair, would you think it would help somebody want to buy a pair in the first place? Yeah, exactly. Because, you know, they're available in a number of places. They're not hard to find. Sunglasses, stores have them and Best Buy carries them. And I'm sure, you know, RayBan.com, obviously, and Meta.com, you can buy them online. The nice thing about the store is because these glasses, they come in not only the wayfarer shape, but in two other shapes. One is called Skylar, and I forget what the other one was called.
[49:48]They're slightly different shapes of glasses, and the Ray-Bans come in two different sizes, a medium and a large. I got the medium, which I would call the sort of standard Ray-Ban size, but you can get them slightly larger if you wanted to. The nice thing about the store is you could try all of them on, and they come in different colored plastic. You know, the lens themselves came in different colors.
[50:13]Or whether they were glossy black or matte black. It was nice because you could really get hands-on. And they also had different tinting of the glasses themselves. So it depends, you know, what your sort of flavor is or what your style is. You definitely had some flexibility. Oh, yeah. I'm just looking at the colors. There's seven different colors of frames and lens combinations. That's really cool, Pat. I know you've told me about, I keep thinking I'll buy them, but I have to think about the prescription and then I get paralyzed and I don't do it. But this is really, really fun. And I appreciate you coming on and explaining that this is not anything like what we think about other kinds of VR or AR glasses, and yet provides a whole bunch of fun. Oh, yeah. I'm surprised, honestly, about how happy I am with them. Very good. Well, if people wanted to contact you, they could email you at? Pat at danglerconsulting.com. And that's all E's, D-E-N-G-L-E-R, consulting.com. All right, Pat, this was fun. Yay. Until we come up with yet another excuse to have you on the show. Thanks for having me.
[51:15]
Support the Show
[51:19]Kenneth Kleinman has a habit of donating to support the podcast, and he uses PayPal. He did it yet again this week, but his timing was really fun. I was buying something online, and the only way I could purchase it was through PayPal. I logged into PayPal, I hit the buy button, and within literally minutes, Kenneth had donated nearly the exact same amount through PayPal. As are all of his donations, it was very generous. I thank him for helping pay the bills for the Podfeet podcast empire. If you'd like to help out like Kenneth, simply go to podfeet.com slash PayPal
[51:55]
Security Bits — 3 January 2025
[51:50]and choose an amount that shows your appreciation for the value you get here. Music.
[51:56]Music.
[52:04]Well, it's that time of the week again. It's time for Security Bits with Bart Bouchard. Happy New Year, Bart. Happy New Year, Alison, and all the listeners. Let's hope for a prosperous and undefrauded New Year. Yeah, wouldn't it be great if this segment never had to occur again? Yeah. Wah, wah. Yeah, I was going to say. And it's the 3rd of January. Hello, here we are.
[52:30]It's not too bad, though. But yeah, we have some follow-ups to kick off, which, yeah, I'm not sure they're all good news, but they're not all bad news. So the last big story of 2024 was the huge hack of the many Western telecommunications companies. We learned about it via the US government, and they've been a bit low on detail. But we know that there were eight US carriers and over 20 in total. And now we know there were nine US carriers because they discovered another compromised carrier. But the cleanup is progressing. AT&T and Verizon say that they were one of, there are two of the eight and they have now evicted the attackers from their networks. Oh. For now anyway. That's good. It is good. But, you know, two down, seven to go. Unless the others have done it and are keeping quiet. But either way, there we are. And Meta have succeeded in getting a pretty important legal victory against the NSO Group, the grey-hat Israeli company behind Pegasus, the infamous spyware.
[53:44]So Apple had been suing the NSO Group, and Meta had been suing the NSO Group, and Apple decided that they didn't want to do Discovery because then Apple would have to reveal secrets, and they decided they didn't want to. But Metta had no such qualms Metta continued on and they've scored a pretty important victory the judge in the pre-trial phase ruled that there's no point in a trial to determine the guilt of the NSO group they are guilty that has now already been found and the only thing to worry about at trial is how much they owe Metta, what the penalty will be really oh good And the judge is extremely scathing. It's in judge speak, so no swearing. But for judge speak, it's pretty scathing because the NSO group basically didn't engage with Discovery and all that kind of stuff. Pretty good telling off. Yeah.
[54:42]Meanwhile, the FTC in the United States, again, that's the Federal Trade Commission, have wrapped up their investigation of a data breach we definitely talked about because it was really being used eight years ago. The breach of Starwood Hotels by what we believe to be Chinese state agencies. And that was particularly scary because it included passport numbers. So it was a way for the Chinese government to keep an eye on who was meeting with who. And obviously they have reasons to want to know that. Anyway, all this time later, we have a conclusion. 20 years worth of court supervised changes are being imposed on Starwood and their parent company, Marriott. They are being forced to implement a comprehensive information security program. And the six bullet points explaining what sounds like the bloody basics to me, but I guess that means they weren't. And they're going to be, they have, what is it, six months to get it off the ground and then 20 years of supervision.
[55:55]So, substantial. That is ridiculous. Ridiculous. I've never heard of anything like that. Oh, no, it happens quite a bit, actually. 20 years? Yeah, it's always at least 10. It's always at least 10. Maybe I haven't been paying attention. I remember our company got into trouble for some ethics violation. And for like a decade, we had mandatory ethics training every single year. And I was really proud of our company. At the end of the 10 years, they said, you know what? We think this is valuable. We're going to keep doing it. Oh, good. I like that. Right? Yeah, yeah. My dad ended up working for the leftovers of Enron. They had a lot of ethics training. A lot of ethics training. That's pretty much all they did, right? Yeah, that was interesting. Anyway. Okay, action alerts. Really only one thing here. If you haven't been paying attention in 2022 and 2023 and 2024, or any time before then when I've been saying if you have a router and it isn't patched, especially if it can't be, you can't have it on the internet. Just to prove the point, yet another news story about malware using botnets, exploiting dealing routers that aren't patched to spread themselves. Stop it already. It's not just yourself you're harming.
[57:18]God, that story just never gets old. You know what? We will never be done doing this because that story will still be there, right? Unfortunately, yeah.
[57:28]Worthy warnings then. We have one new thing I would like the listeners to be aware of. It is a revival of an attack that had lost its luster. There was a time, I think it's about a decade ago, it's at least seven or eight years ago, where a fancy new attack was clickjacking. Attackers discovered you could have fun with CSS and iframes. So imagine you would like to do a sign-in as to someone with Facebook or whatever. You would trick them into going to your website, which was completely innocent and had nothing to do with Facebook. And then you'd load the Facebook login page in the background as an iframe and make it transparent. And then put a button that you do trick the user into clicking onto your evil malicious web page. And the transparent page is in front of the button you're asking them to click on. And so they think they're clicking a silly button that says click here to see such and such a whatever celebrity without clothes on or whatever they're using as their lure and you've actually clicked the login with facebook button or whatever so that was click jacking and the browser companies fixed that so you can't have clicks go to hidden stuff and there's new.
[58:43]Http headers to say this web page cannot be put in an iframe and that just nips the whole thing in the bud, so login pages for major sites can't be framed. If you put them in a frame, the browser won't load them. Problem solved. Oh, that's awesome. It is awesome, but unfortunately it's back here because someone, some clever baddie, I'm always impressed by their cleverness, have discovered that you can abuse human slowness, to revive clickjacking using double click gestures.
[59:18]So the computer has no trouble doing something between the first and the second clicks of a double click. But the human, A, isn't all that slow between them. And B, once you've started double clicking, you're not stopping no matter what happens. So they literally flash the thing they want you to click on under your mouse between the first of the two double clicks and the second. It's brilliant. Yeah, I know. So at the moment, there's no defenses. I'm sure it's just a matter of time. But double-clicking on the internet is not normal, right? There's no normal day-to-day web interaction that requires you to double-click inside a web page. That's not normal. So this involves social engineering to trick you into a... You have to go to a malicious web page, and then they say, double-click here for some made-up reason. If any website asks you to double-click on anything, sod off. Oh, I never thought about that, that you never need to double-click. Yeah, it's not a normal part of our web browsing, right? Everything is a click. Huh.
[1:00:27]Just never would have occurred to me that that isn't a thing. Yeah, only when I read the article that it occurred to me. And so what they're doing at the moment is pretending it's part of a CAPTCHA. Prove you're human by double-clicking on this button. And then they're click-checking that way. So there we are.
[1:00:46]Notable news then um i was stretching a bit to find stories but i think the three i have here are worthy of our attention so the first thing is that there's been a background noise in the last two weeks since we last recorded about a bunch of plugins being taken over for chrome, and initially it looked like a few unconnected stories and then soon people started talking and it became, oh no, this is one story. So there has been, starting about the 4th of December, a concerted phishing campaign targeting developers of real plugins. So not fly-by-night plugins, but genuine plugins. And they're using the contact information from the Google Store to send very well-crafted phishing emails to the actual developers. And the phishing page they're sending them to uses some fairly cutting edge phishing techniques to trick these people into granting API access to their app to the baddies. And then the baddies use the API access to push a malicious version of the plugin into the store.
[1:01:58]So pretty convoluted, but it's unfortunately being successful? Being successful because they're going after real plugins. So not fake plugins that are made to look like a real plugin, actual genuine real plugins with hundreds of thousands of users. 35 plugins have been discovered to have been affected. They've obviously been locked down since being discovered. And I guess this has been dented. But it does kind of underline that the baddies have their eyes on plugins. That seems to be the new PDF. So there was a time when every week I was telling you about a new hack on PDF. Browser plugins seem to be it. That's what they're going after these days. So I would say, obviously, run plugins if they give you value. So if it's a plugin that you actually use, like, say, 1Password for me, I've done installing 1Password, right? I'll keep it. But if there's a plugin I use once every three months, do you know something? No. That that's not worth the risk benefit analysis we can't even say only use it from developers you trust right it's got to be well you trust them but they may not be they may be in trouble something might have gone wrong so yeah that brings up a good point i definitely have some plugins especially in my chromium browser edge it's like yeah i use those once in a while you know those aren't critical to me yeah i did a little disable them yes or would you uninstall.
[1:03:25]I would disable them for a while, then decide, you know, after six months, go back in and go, which of these did I miss ever? And if the answer is none, it's a bit like clothes, right? You put them in a drawer in your press or whatever. And if they're still there six months later, then they go to good cause.
[1:03:42]That's my approach. Yeah. Okay. And the advice to corporations is to, I don't see this happening for the next while, but the advice now is that corporations should start to allow listing plugins and disable plugins by default and only allow plugins, one or two plugins for trusted reasons. I don't see that being something that's going to get resourced in anything but the most cybersecurity conscious companies. But if a bad enough thing happens, I could see it becoming a requirement for NIST or whatever that actually, no, you can't just allow any plugin. You have to start locking that down. But for now, it's advice. We shall see. It's why we can't have nice things. Yeah, I know. I know. Our Italian friends have given OpenAI a little bit of a lesson in GDPR. They got into quite a bit of trouble because ChatGPT had a data breach and didn't disclose it properly. And they don't quite seem to meet the letter of the law in terms of the GDPR in some things. So they have been fined 15 million euro, which is piddly nothing for a large company. How many billion has Microsoft invested in OpenAI, right? That's not going to hurt them. The interesting thing is that they're being forced by the court to do a national publicity campaign telling users how they can exercise their data protection rights on ChatGPT.
[1:05:11]So they have to pay for ads telling people how to turn on the settings to protect their privacy, which is interesting. Wow. Yeah, yeah.
[1:05:20]That's actually putting fine money for good use back to the benefit of the users. Yeah, actually, to be honest, because just putting some money into government coffers, money the company won't miss into a coffer the government won't notice. What does that achieve? Right, right. And what does it go towards? It might go towards something good, but you don't know. Yeah, it's just into the big pot, right? And it's a big pot and 15 million in government's coffers is kind of nothing. It's two minute operating or something. Anyway, 2024 in the United States was noteworthy in the huge amount of successful attacks against health care. Hospitals being taken out, insurance companies having all their data stolen. It was a very bad year for the health sector in the US. And that has not gone unnoticed. there are new rules being added to HIPAA. So a decade ago is the last time HIPAA revised their cybersecurity rules. It's now been realized that maybe that's about time to be revised, that advice from 10 years ago might be time to be updated. So there are a bunch of new, very sensible rules being added to HIPAA. So basically setting a new baseline for everyone in the healthcare industry of the united states to to do these minimum things to protect everyone's data so it's a good thing.
[1:06:46]All right. Well, that's good. Yeah. In terms of excellent explainers, then, I have one thing which I have. Can I back you up one? You can. There's one thing that came out, I believe it was this morning. Let me check the time on this. No, it was yesterday. This was about the settlement that Apple went into. Maybe it didn't make your cut, but I thought it was interesting. They will pay $95 million to people who were spied on by Siri. There was a suit started gosh how long ago was it uh i should have known that anyway oh this it was september 17th to 2014 to december 31st 2024 if you owned any of the an iphone ipad apple watch whatever that had siri uh you're gonna get 20 bucks if you're in the united states.
[1:07:38]Sure or is it in california is it even smaller no uh no i don't think so i think it's uh the pro settlement reported by bloomberg could pay many u.s based apple product owners up to 20 per device so apparently it was kind of accidentally inadvertently listening to us when they said they didn't but they didn't admit any wrongdoing well okay so what this is about is the fact that Hey Yes Lady doesn't only pick up on Hey Yes Lady. It would accidentally turn on randomly in the corner when you were saying, Hey Sweet Potato, and suddenly you go, Yes, I don't know what you're looking for. They're all unintended recordings being transmitted across the internet of what you're saying in the privacy of your house. That is a data breach.
[1:08:24]Yeah, certainly under California's strict laws. Yeah, this is this is U.S., but yeah, certainly under California's strict laws. It's ninety five million dollars, which is such a small amount of money. But it was still I thought it was kind of interesting since it's a light news day. I thought I'd throw it in. Yeah, it probably should have made the cut, actually. It's in my let's talk Apple pile, but it probably should have been in both piles because we did talk about that story here when that lawsuit was filed five or six years ago. The Verge title is nice and inflammatory too. Apple will pay $95 million to people who were spied on by Siri. Someone else had a snarkier one. I think, I can't remember who it was. It was basically Apple charge two seconds profit or something like that. Yeah, there has been some suggestion that this was a light fine. Yeah, yeah.
[1:09:17]So I was, yeah, yeah. Yeah, I was, I'm stretching the definition a little bit here for this excellent explainer, but it's a really good article. I'm not fully through it myself because there's a lot of meat here, but it is adjacent to our topic because AI has made a difference in cybersecurity. So what happens with large language models is going to affect all of our security because a lot of phishing and stuff is now being fine-tuned through ChatGPT and the like because they speak better English. The LLMs speak better English than your average attacker. So they make their lure sound better by running it through an LLM. And that's not going to stop. Anyway, this is a fantastic overview of the year. So what has happened in all of 2024, big picture wise, in the world of LLMs? It's actually fascinating, but a lot of meat. You're not going to read it in one sitting, but I'm enjoying it as I make my way through. Interesting. Interesting. Okay.
[1:10:17]And then i have one other sort of overview piece that caught my eye i didn't link to every overview of 2024 because we'd be here forever but the one from beeping computer was actually very good and the stories they picked really did chime with me now i i'd scanned it for the headlines and then read the first paragraph and like oh i remember that scrolled on read the next headline so you can dive as deep or not as deep as you like but i thought it was actually a very good choice of what really was important in 2024 for cybersecurity. That's linked in the show notes as well.
[1:10:51]All right. Well, I actually am going to add an interesting insight, and it's not from me. Both Bob Goodrich and Norbert Frasa posted in our Slack into two different channels, so they didn't see that each other did it. An article on Ars Technica entitled, Passkey Technology is Elegant, but it's most definitely not usable security. Now, before you jump down my throat on this, I read the article, and I think I agree with it wholeheartedly because it talks about how the design is good and the execution is at best incredibly frustrating and confusing depending on which site you're going to, what's going to happen. The author did a lot more work to test using an Android phone and a Windows box and a Mac and testing going between them, going from Chrome to Firefox to 1Password without 1Password, Apple passwords and highlights a lot of the confusion that I've run into. When passkeys work, it's a dream. But when one password works, it's a dream as well. I find that really easy to use, but I am finding so many places where I get the only offer I can go to to use my passkey is to get my phone out of my purse and hold it up and scan a barcode. The passkey is already on my Mac in one password, so I don't know why it doesn't let me do it. But anyway, it's a good conversation. It's not saying they're dead or anything like that. It's supportive of it, but walking through a lot of the things like, well, this isn't working as we hoped yet.
[1:12:20]I agree with most of it. And Dan Gooden is very good. It's a Dan Gooden article. And he never gets his facts wrong. Whether I agree with how the story he builds around the facts is a different question. But he's always very good. I have a lot of respect for Dan Gooden. That explains who. I didn't check the author. But yeah, Dan Gooden is really good. Yeah. So I quibble with some of the tenses used in the article. Like that instead of describing it as a work in progress, they're describing it as a failure. And I was like, no, I'm sorry, we're halfway through rolling this out. The protocol for how to sync past geese was only finalized a few months ago. So describe it as a work in progress and say, good start, more work to go. And the foundation is being laid right now. But saying it has failed in the past tense made me cranky. They didn't actually say fail. He didn't say fail, but his context for it was nerds are sitting down with their family. And I'm sure this happens to you and it happens to all of the people who are listening is you get together with your family and the instant you walk in the door, it's, hey, hey, Bart, on my iPhone, I've got this thing, right? And I love that because that stops me from having to have like human conversations. I enjoy doing the nerd stuff instead.
[1:13:34]And he did it in that context. So I think his bottom line was, should you tell Uncle George to use it? No, you shouldn't tell Uncle George to use it yet. Give it a year. And I just hope the implementation of it gets better, the consistency across sites, because it is wholly inconsistent. I literally don't know how to do it on a lot of sites where I know I have a passkey and I can't get it to go. Well, I would suggest a couple of reasons for optimism. And the biggest reason is that for the first time in the history of trying to replace passgards, there is actually a consortium here where everyone is working together. It's slow because it's a committee but they're all in there together so these kind of standards are being worked on by the people running the internet so this is going to get better.
[1:14:24]Maybe not fast but it is going to get better so i think yeah we're okay but we're not there yet i'm going to keep trying it and i want to see it start to converge because like i said a few sites do it well not very many of them though but uh i use it all the time, GitHub works reasonably well. That is one of the best ones. Uh you know i think amazon's always logged in for me i mean it's practically that's one way to avoid it yeah yeah but i mean i watch the way i log into my server my synology i mean i literally hit command backslash and it goes username password three you know uh two-factor authentication boom i'm in i mean i i hit two keys and i'm done so it's hard to beat that and uh anyway i i haven't given up by any means. But I still think it was a good walkthrough of the state of affairs if you take the tense out of it. I would agree with the tense.
[1:15:21]Yeah, like I say, Dan Gooden is never wrong. I just quibble about the story he puts around the facts, but he's always extremely good at explaining the facts. And like you say, he did a lot of homework. A lot of homework. Yeah, more than I did. Well, I'm going to take over at this point, give us a palate cleanser that absolutely delights me. Bart doesn't know what this is. So I'm a little bit of a grammar nerd. Sandy Foster, my wingwoman for the podcast does a lot of checking of my blog posts for grammatical errors and poor tense and, you know, duplicated words and things that Grammarly doesn't check. And so, if I ever have a question on grammar, I always ask her. And one of the grammar rules is that if you have two words that together modify a noun, then you hyphenate them. So, it's a really weird rule. If the first word ends, if one of the words ends in L-Y, you don't hyphenate it. The first of the two words ends in L-Y, you don't hyphenate it. But, oh, escaping me an example. A holy blue something over there, you wouldn't. But it can't be holy, you wouldn't. That's what I'm saying, so no hyphen because of the Y. Yeah, yeah. But if it didn't have a Y on it, that's an example I'm not being able to come up with. I might be able to in a second here. Baby-faced. Yeah, baby-faced Bart.
[1:16:42]That would be baby-faced Bart, because he's not a faced Bart. He's a baby-faced Bart. But my question that I put out to Mastodon that's been bothering me is I constantly get Grammarly telling me that I should be hyphenating open source. And I know it's not hyphenated. So why isn't it hyphenated? And I got so much traction. I got probably, I don't know, seven or eight people writing back to me on Mastodon telling me different reasons they thought it wasn't hyphenated. And mostly it was, people are uneducated and they don't know the rule. That's what they mostly answered. But a gentleman named Callum, who's on Mastodon.ie, by the way, but his name is Scottish Wildcat, he came up with the answer. They're at opensource.org, the open source initiative. There is an explanation entitled, is open source ever hyphenated. And here's the coolest thing. I learned a whole new word. I mean, this is grammar and nerds just blended so beautifully. Open source is what's called a lexicalized compound noun.
[1:17:46]Today I learned what the phrase lexicalized compound noun means. It's a compound noun that has meaning in itself that's different than the sum of the words. So open source, the open could mean, like, have you heard the phrase open source reporting for a newscaster? Yes. That would be something where it's open, right? It's transparent. That's what the open means. But open source has more meaning than transparency. It does have transparency, but it also means that you have certain rights as a user, rights to reuse it, to use the same license and reform the code. That means something different than open. And so open source together is this lexicalized compound noun, which is a phrase of itself. And the light bulb really went on for me when they used the word high school. I know you guys call it secondary school, but in our world, we call it high school. You would never hyphenate high school principal. Because high school is a thing, but it's two words. It's not one word. And the same with us in secondary school and primary school. Yeah. You would never hyphenate those. Why isn't it? But it isn't, well, but say secondary school principal. Yeah, we wouldn't hyphenate. Or secondary school classroom. You wouldn't hyphenate that, right? So that's a lexicalized compound noun. Isn't that awesome? That is awesome. Excellent.
[1:19:13]Don't get me started on the difference between if I were and if I was. That's my other favorite grammar rule. Write to me at alison at podfeet.com if you want to hear all about it. One of the wonderful ironies, which Alison will find hilarious because she's correcting my grammar all the time, is I'm a huge fan of Grammar Girl, and I really do try to learn all these things. And I really am fascinated by how language works. I'm just terrible at it, but I do like it. That's good. Well, it makes me feel like I bring value when I edit the show notes, Bart. You do, and I'm learning when to use semicolons by osmosis, because I read how you've changed my dashes to semicolons, and I go, oh, yeah, that probably should have been. Wait, wait, wait. See, one of my claims to fame is I don't know what semicolons are for. I'm learning what they are for. You put one in yesterday. You taught me about m dashes, so, you know, we got that going for us. It's your hyphenation. You put one in to the opening paragraph of yesterday's tidbit. Did I? Correctly. That's just a miracle. Maybe Grammarly did it. Okay, maybe, maybe. But I noticed that it's like, oh, that semicolon wasn't there. And yes, that's correct. All right. Well, we managed to flesh out some light news into a full-fledged episode, Bart. Indeed we did. However, even though it was quiet these two weeks, it won't stay quiet. So remember, stay patched so you stay secure.
[1:20:29]Well, that is going to wind up our first episode for 2025. And of course, it wasn't a rerun like every other show that's been going on this week. Anyway, did you know you can email me at alisonofpodfeed.com anytime you like? I love to get email from listeners. If you have a question or a suggestion, just send it on over. Remember, everything good starts with podfeed.com. If you want to follow me on Mastodon, just look for podfeed.com slash Mastodon. If you want to listen to the podcast on YouTube, you can go to podfeed.com slash YouTube. If you want to join the conversation, you can join our Slack community at podfeet.com slash Slack. In there, you can talk to me, all the other lovely Nocella Castaways. If you're a Programming by Stealth member, you might want to go in there and check out that channel and talk about whether you want to hear more about PowerShell. You can support the show at podfeet.com slash Patreon or with a one-time donation at podfeet.com slash donate with Apple Pay or any credit card. Or you can be cool like Kenneth and go to podfeet.com slash PayPal. If you want to join in the fun of the live show, you will have to wait until January 12th to head on over to podfeet.com slash live on Sunday nights at 5 p.m. Pacific time and join the friendly and enthusiastic Nosilla Castaways.
[1:21:37]Music.

Error: Could not load transcript. Please try again later.

Reload

Loading Transcript...