Hacked - Hotline Hacked Vol. 2
Episode Date: May 2, 2024It’s our second call in show episode. Share your strange tale of technology, true hack, or computer confession at hotlinehacked.com. We discuss hacking e-bike networks, an act of white hat kindness,... an 1970's hack from the prairies, and how bots have turned everyone into a commodities trader. Learn more about your ad choices. Visit podcastchoices.com/adchoices
Transcript
Discussion (0)
Thank you for calling Hotline Hacked. Share your strange tale of technology, true hack, or computer confession after the bee.
Hey, Jordan and Scott. This is Andrew. I wanted to give you a feel-good story for the first one I submitted.
So a couple of years back, I had to get some sort of medical imaging done. And so I went in and got that done. And to get the results, you log into a portal to,
to see what the results were.
So went in, created an account, logged in,
and saw my results, which were good.
So nothing bad there.
But then I realized, like, this website looks kind of like janky.
Just pausing here quick, because I love the use of the term janky here.
Just need to say that.
I recently had some, like, medical tests done as well.
Jankiness on a medical website is a very different feeling.
than jankiness on any other website.
I feel, and this is off topic,
but I feel like fraudsters,
if they understood how janky their websites were,
if they were not janky,
would probably have way more success.
Oh, completely.
Anyway, back to the story.
And I don't know.
I should pull up the developer tools in Chrome
and see what's going on behind the scenes.
So I was looking at the network tab
and saw the API requests going back and forth
and realized that one of the API requests was,
I want to say it was like a procedure number or something like that,
and it was just an integer incrementing up it looked like.
So I thought, well, surely they've got this, you know,
they got some sort of access control around this,
and it just is tied to the patient, right?
So I, you know, edited the request, resent it,
you know, just incremented it up by one.
And suddenly I'm looking at someone else's medical results.
for the imaging that they had done.
And it was definitely not me.
I feel like this is so common.
Like an exposed Rest API
to access data
that should be behind lock and key
and just has made the front end development
so much quicker and easier
just to expose it.
I'd be like, yeah, here we go, this is easy.
Like, nobody will ever do this.
I feel like this story probably applies
to like a thousand sites
of confidential information.
Especially with the
just an integer going up part.
We have told other stories on this show
where it was just like,
and then I tried adding one more number
to that string and boom,
I was looking at someone else's
like social insurance
like number or their private information
or whatever it is.
Total.
It was just a number going up.
It's just the unique ID
in the database record
and they're sequential.
So it's like,
it's an easy bet
that if you just go up
or down one,
you'll probably pull another record.
Bingo.
I was thinking this is bad because we've got PII here
and we've got like medical information here that needs to get secured up.
So I wasn't sure who to call.
No IT number was listed or, you know, security number was listed.
So I was like, well, here's a medical records number.
So I'll call them up.
So I call the medical records people.
I'm just like, hey, there's a problem with the portal, and I can see other people's medical records.
And the lady was like, wait, I'm sorry, do you need your medical records?
No, no, no, no.
There's a problem with your computer system.
I logged in to get my medical records, and I'm seeing other people's.
I need to talk, like, to your IT director, and she goes, um, okay, hang on one sec.
and so the next thing I know I'm talking to their director of information technology
and I'm relaying this information to saying hey I'm just a patient I'm not trying to hack you
I'm not a sales guy I just wanted to let you know that I'm seeing this and you should probably
do something about it and I'm usually pretty protective of my identity because I don't want
them thinking that I am a hacker and you know I've got the police knocking on my door after that
so so the IT director was like
Well, I'd like to log in as you so that I can see what you're seeing.
And I was like, all right, this guy seems like he's, he's, he's not going to screw me over.
So I give him my name and he logs in while I'm on the phone.
And I was like, okay, go into developer tools, flip this.
And he does it and he goes, oh, this is bad.
We got to, you got to say, so trusting.
because like you're literally
trusting this person on the other end of the phone
that you've never met to not call the FBI
and have you arrested and persecuted
because that's literally what you're looking at in that case.
Even though you're like an altruist
and you're trying to do what's right,
the fact that you did it makes you like liable for the crime.
So it's like I'm just like, if I was in this person's shoes,
I don't think
would have given my personal information.
I would have been like you are the Director of Information Security.
Like just make an account, log in.
Here's the API call.
Sure.
You're calling in.
If they don't offer a bug bounty,
you assume they're going to be kind of shady about the whole thing.
And you're like,
I'm calling him with a voice like concealer.
I got a voice code.
I do not want you know who I am.
I don't trust that you're going to understand this.
Yeah.
I get that.
Like,
it's such a sad thing.
Like if they don't have a bug bounty program where they're like,
yeah,
we're like open to this.
information. It's like a, you don't know which way it's going to go. They're either going to see you as a threat and persecute or they're going to see you as a savior and celebrate. And it's like, that's such a trusting moment. Okay. Thank you for telling me this. Are you okay if, if, you know, if, like, do you want to keep your anonymity? I was like, yeah, let's just do that. He's like, okay, well, um,
Thank you for letting me know. I'm going to take care of this now. And so I think within like the hour,
the whole portal was taken offline. It was just like in maintenance mode. So like, okay, cool. I got taken
seriously. This is good. And then I get this email. I want to read this, you know, this is the whole
point of this call. So this is from the director of information technology of a large medical
imaging center in the city that I live. I wanted to thank you for calling to inform us of what you
found. I also wanted to let you know that we have shut the site down and the vendor is correcting
the problem now, all while protecting your anonymity, which seemed to be your wish. With that being said,
even with no one knowing your name, you are a popular guy around here. The CEO and the doctors have
asked me to convey their thanks to you. We all appreciate you taking the time.
to let us know that there was a problem.
It's refreshing that there are still people out there
whose first impulse is to do the right thing.
Sorry, I'm kind of choking up a little bit
because when I got that, I was just like, oh, my gosh.
Like, wow.
I don't know what to say.
Like, just such a good feeling to get an email like that.
Anyway, so that just made me think,
I got to keep doing this.
I got to keep, I got to be the white hat here.
let companies know when there's when there's problems.
That is like the bang-on response you want to hear about, you know?
Like, that's exactly what you want to hear.
Thank you so much for telling us there's asbesto in our walls.
Thank you so much for telling us the electrical wiring and the building is bad and is going to, you know, result in a fire.
Like, thank you for sharing this information with us.
Totally.
When I first listened to this story, I got to the, I got this email.
and I'm going to read it for you now
and I was fully expecting it to be like
Put your hands up.
We have notified the police
as much as we know that you were doing the right thing,
this is still a computer security crime
and I was just like, oh man, this poor guy.
And then it was just not that
and I was so thankful for it.
Good news story.
Just wanted to pass that along.
They did get the portal back up.
It was all secured.
I double checked.
So anyway, there's your feel good story.
Thanks for the podcast.
podcast. Really enjoy listening to it. And you guys do an amazing job with production as well as content.
So keep up the good work. Talk to you later. Thanks, Anonymous Guy. Thanks, Anonymous person.
Yeah, I don't know. I love that story. It's so refreshing to hear one of these situations go in a
positive manner. Like he really did mitigate a huge risk for the company. And I love that he even
went back and double-checked the new portal. Like, he was so thorough in his job that he went back to
verify that the vendor had done a good job, which is like totally, totally unnecessary, but
like kudos to you.
Completely.
I like that.
You are a popular guy around here is my favorite part of that one.
It's we've, because we've told these stories before, and the more we tell them, it's like,
there's sort of a spectrum of responses to getting a bad news email from somewhere, someone.
On one side, you know, very tech focus companies know this is a huge value, and so they have
bug bounties.
You got those on one side of the spectrum.
as you brought up on the other side, you have,
the only way you could have discovered this is if you broke into our system.
So get them is the other end.
And then this is just like a lovely little spot in the middle.
They're not a bug bounty kind of company,
but they recognize that bugs are bad and appreciate when people bring them to their attention.
If I'm that director of information security or information services or IT or whatever his title was,
I'm going to my boss and I'm asking for a for a budget and I'm buying this guy gift straight up.
We can't buy your gift.
So we're just going to say good job and thanks for the call.
Completely.
The one other.
So I remember when this first one, when this first came in, I wanted to go look up other.
I was like, oh, what are some of the biggest healthcare hacks of the last, say, five years kind of thing?
Like are there any parallel stories?
Is there anything worth talking about there?
I think it was wild to me is that when I went searching for that,
what came up was it the craziest health care hacks of all time?
It was the biggest healthcare hacks of 2024.
It is April 26th at time of recording.
We are a third of the way into the year.
And if you want to write about this problem,
you need to do a short list.
Like, oh, you want us to talk about 2024 health care leaks.
We're going to have to do a selection.
We're going to have to curate them.
Yeah.
Because it is the biggest source.
It's like one of the biggest targets.
It is one of the like least bug bountyified ones.
When you go digging for them, they're not the big ticket ones.
And that's still, that's, that strikes me as odd because it's starting to kind of be revealed that they're the some of the best people to target if you're trying to get someone to pay out.
And, uh, maybe some of the least secure.
Totally.
And like just the value of the information you're getting, you're getting names, you know, probably.
probably identifiers, whatever government identifier you use in the areas, wherever the hack is,
et cetera, et cetera. So it's like very, very valuable chunk of data. So yeah. So good job. I actually
did realize that we can buy you a gift. So if you email get at hackpodcast.com, I'm going to send
you a hack podcast hoodie. Nice. Oh, I like that. Yeah, I'm going to be your bug bounty. I think
that's such a good story. I'm so thankful you called in.
that I'm going to send you a hoodie.
I'm going to toss in a visor.
Did we end up making a visor?
Did we end up making visors?
Did we end up making it?
I know.
I'm literally wearing it.
Sick.
I'm drinking out of the enamel mug.
Store.
Dot hackpodcast.com.
Weird plug.
Story.
It's not.
Can't recommend it enough.
Okay.
Let's jump to the next one.
Let's do it.
In my residing city, a recent implementation introduced a system enabling
users to ride electric bicycles. To avail themselves of this service, users simply needed to download
a mobile application and make payment through it. Two days after the app's launch, a colleague
informed me about a significant flaw in its back end. The issue stemmed from a lack of input
verification, allowing users to exploit the system and ride without making the required payment.
Intrateg by this revelation, I downloaded the app, extracted the APK, and attempted to decompile it.
Unfortunately, my efforts resulted in nothing more than a glorified website posing as an app.
I proceeded to visit the original URL on my computer.
Initially, the website mirrored the app's functionality, but upon inspecting the web proxy logs,
I discovered that it provided a list of users whose birthdays match the computer.
current date. It appeared that the client-side filtering was rather naive. Further exploration revealed
that a specific endpoint of the web application returned a large response size. Upon investigation,
I found it to be a JSON-containing detailed information about all registered users. This included
phone numbers, account types, full names, social security numbers, and notably, password hashes.
identifying the hash type was swift as I possessed an account and knew the plain text.
Shockingly, there was no salt associated with the hashes.
That is shocking.
This whole thing is shocking, but unsalted hash is more shocking.
Almost as shocking as social security numbers on an e-bike app.
The what?
Why do you need that information?
Let's get through this one because it's not long and man, is it heady.
Delving deeper into the JSON, I uncovered users with administrator roles, and curiously, a
Test 12345 account that seemed to be a remnant of testing. Offline password cracking
quickly revealed that the password for this account was identical to the username. Logging in
as Test 12345, I discovered the account had privileged access, allowing me to view comprehensive
details about every user utilizing the bicycles, including their names, ride history.
and previous invoices.
Concerned about the security lapse,
I attempted to alert the company,
but unfortunately received no response.
That is wild.
A, from like a software engineering structure of the software application.
Like, it's no surprise that there's APKs
and App Store apps masquerading around that are just
Web apps.
Cheap web browser implementations of a crappy little mobile website.
Totally.
There's so many of those.
That makes sense to me.
But the fact that the API was returning essentially a payload of all of the user data,
just by default, is wild to me.
The software engineer in me is screaming at how poorly designed that that system would be.
If that was the ease of development path that they chose was like,
you know, it would just be easier if we sent the entire database to the front end
an adjacent query and then parse it from there.
Like that's crazy to me.
And unsalted hashes.
Right.
Like, don't even get me started.
Go listen to problem with passwords.
You don't know what a salt and a hash is.
But like, that is cryptography 101.
So they were giving out a lot of information at a point in that sort of like process that
they shouldn't have been.
and they weren't following basic best practices when it came to storing passwords in the first place.
Yeah, yeah.
And that's like the amount, and especially with like previous ride history, like, we're not even talking about just financial problems and like personal information.
We're talking about like location data on people and habits.
Like, you know, we talk about the world of privacy and security around like Apple Air tags and like making sure they're not used for stalking and et cetera, et cetera.
Being able to look at somebody's e-bike ride history and see that they go to the public library every Thursday at 4 p.m. and knowing where they're going to be, you know, whether you're going to go break into their house or whether you're going to.
Yeah, sure.
You know, like there's just so much of a confidential information violation there that it's blows me away.
Yeah. If the information that the, the caller, if all of this information was being stored by, again, we're talking about like an e-bike rental app here.
they skimmed past social security numbers and I don't want to get fixated on that but if this app was insisting on collecting that data which I find really weird what you basically as you said have a map is have is a map of where the person lives because you can reverse engineer that for where the bike went probably if it went to the same location four or five times that's either where they work or where they live and now their social security number yeah it's like you you can remember
person to
engineer a lot of
information out of this.
But it probably has their addresses,
has,
yeah,
and the passwords,
like,
and like a lot of people
reuse passwords,
we know this to be true.
And now you have their email address
and probably one of their common use passwords.
And it's totally unsalted,
easy to crack.
I don't know what city this is,
but I do not want to be,
next time I get,
I'm in a foreign city
and ask to sign up for an eBay.
program. I'm going to be pretty skeptical.
There is no city on earth I could be in where if they asked me for my social insurance number
or whatever it is. I guess social security number in this case, we can infer it's in the States.
Then I'm going to be like, no, I really, really need to rip around on this dandy little scooter.
Have all of my information. You're like, no, I'm walking. I'm taking the bus.
I love that his attack trajectory or like his, you know, white hat, black hat, whatever you want to
say, however you want to say it, his attack trajectory was like, I might be able to get free bike
rides. There's a problem in the system. And then like four hours later, he's like, oh my God.
Like, or they are like, oh my God. There's so much information being shared here. Yeah.
I wanted to go for a nice little bike ride and now I'm doing hard identity fraud. Like I, this is
escalated so rapidly. Not that they did that because they like the first callers, they called in.
And this is again, another data point on our spectrum of bug bounties to calling the police on a white hat
hacker. This is the most frustrating part of that spectrum is the you get ghosted part.
It's like that, that's the, that's the silliest one just to not respond whatsoever.
Yeah. And then like the other thing is too is like if it is a municipal service, you could
reach out to the government. But like the government has the worst track record of being like,
you hacked our stuff. We're calling the cops. Totally. But they should be the ones that are most
concerned is if it is a municipal program, they're going to be on the hook and liable
for the data breach that is active.
It's not even like could happen.
It's real and live.
The other two things that popped into my mind about this when I was, it was like,
I listened to this a little while ago.
We're like, oh, let's talk about this on the show.
And then it left me just thinking about these mobility networks.
They don't exist in the city I live in now, weirdly.
They exist where you live where you live.
And the two things about it.
One was just the economics of it.
I feel like we're almost at the tail end of these because I remember
reading a piece of like a few years ago when these mobility networks were starting to go really
wide and it was talking about how this is yet another thing where VC money is propping up a
really unsustainable economic model where the lifetime cost of the scooter like if you take how
long you can run the scooter for before it stops being usable the cost of it and then how many
rides you can get out of it before it reaches that point it's like you're in the red
on every single one of these.
Every time you see a pile of like 50 scooters,
each one of those is like lifetime negative money for this company.
But we got those VC bucks.
We can take a loss every single time.
And just the economics of it being on sustainable,
really fascinating to me.
Well, if I want to get into the economics of the scooter culture,
the thing that's always fascinated me is like,
they're not cheap.
Like for me to go jump on a portable scooter and ride it,
if there's more than one person,
just take an Uber.
It's way cheaper.
Even if you're going like six blocks.
If you're trying to go any distance,
it's like Uber almost,
Uber,
you know,
any of the ride share services
are generally cheaper
than a scooter rental
to do the same thing.
It's not a great,
I've been in cities where they,
I mean,
the city I actually does have bikes,
but I've been in cities
where the bikes were much more plentiful
and the bike itself didn't suck
to the point that I wanted to do it.
And it wasn't,
it wasn't a good transportation choice.
Like if I wanted to get from A to B, there's faster moves.
The bus will destroy it every time.
And in a lot of cases, as you said, an Uber is just going to be better off.
But there's something fun and recreational about it.
But they are typically not pitched as tourist things.
They're typically pitched as like, no, part of the mobility in a given city.
It's a neat idea, but I'm curious how the money's going to, the money side of it's going to shake out.
Yeah.
But the other part about hacking like e-bikes, and this is a total tangent, is,
So there's scooters.
Some places I have scooters, some places have e-bikes.
A lot of people ride e-bikes where I live.
They're very popular.
You see them on the bike trails.
I have no problem with that.
It's cool.
But when it comes to hacking e-bikes,
there's the side of hacking the actual hardware.
In order to be road legal as an e-bike, there's, I think in the UK and the US,
it's around 15 miles per hour is like the hard limit.
Yeah, speed limit.
The e-bikes, yeah, they're speed limiters and salt on them.
You can't sell them if they can go faster than that,
and you definitely can't ride them on bike infrastructure if they're faster than that,
because it's just an electric motorcycle at that point.
And I remember going down a rabbit hole reading about that being a very easy thing to overcome.
It's pretty easy to hack an e-bike to go.
They call them tuning kits.
They're like these third-party things that let you, I mean, they void the warranty.
They make the thing illegal, but boy, can you.
go fast on those things.
And every so often I'll be walking down the bike trail and someone will cook it past me and I'm
like, I think, I don't think that's off the shelf.
I think you mucked with that one.
I think you act your e-bike and you should probably be on the road.
But they can really go.
Yeah, the e- scooters, a friend of mine, Stefan, has a, I don't know, I'm assuming it's
legal in Alberta because Alberta is the Texas of Canada.
So I'm assuming if you know, freedom first and we've given people the right to go 78 kilometers an hour on a on like a little tiny scooter.
On a sidewalk.
I've tried it and it is, it goes past thrilling and exhilarating.
And for somebody like bikes and does things at speed, backcountry skis.
You go quick.
Totally.
Like I like going fast.
I like car racing.
And it's like going 80 kilometers an hour on one of those scooters.
maybe the scariest thing I've ever done.
That's, yeah, as scooter especially, I would feel way better doing it on a bike, but a scooter,
those things are kind of squirly at the best of times.
Exactly.
Imagine dumping it at 80K an hour.
Like you're just going to the hospital.
On a scooter?
You might be just dead.
Oh.
Yeah.
I feel like on a bike, it's at least kind of harder to go over.
You can go over the handlebars on a bike, obviously, but there's some, like, bike in the
way.
I feel like a scooter, it's just like, it's just going to yeat you into a different, like,
universe. Like you're gone at 80 kilometers per hour. Yeah, you're like, you're showing up on like meme accounts
on Instagram at that point. Totally. That no, nah, nah, no, no, song's going to play. You're going to
get thrown into the stratosphere. It's going to be a great time. When those scooters came to
Edmonton, I had like four different, I remember over the first year, a bunch of different friends
making the same joke about being tempted to throw it in the river. Yeah. And I remember that sticking out
in my brain that this was different people that I knew from different situations at different
points in time. So it couldn't be like it was that thing ripping around on the internet, all having
the same thought. The thing I really want to do is I'm cooking it across a bridge on this rental
scooter is just throw the scooter in the river. I don't know what that means, but it means something.
I think that my first experience with these things was I was in Miami and this was years and years
and these are right when they showed up, like the year zero of these things. Sure. And
They were street litter.
Like they were everywhere.
And they were in piles, in hedges.
Like they were, it was literally street litter.
There's no better way to describe it.
They were everywhere.
They were, none of them were, like, lined up and organized nicely and set aside.
They were, like, ghost ridden into, like, buildings and bushes.
Like, they just, like, it was a mess.
And I was like, oh, my God, like, this is what society does when given this power.
If you want to see the most extreme version of this, I was in, like, I was in mainland China a few years ago.
And I remember seeing this Google image bike sharing graveyard.
If you want to get a sense of what it looks like when you take a like, oh, that 30 scooter pile, it's like 50,000.
Imagine 50,000 bikes in a pile.
And they're identical bikes too, which makes it really insidious.
It's, it's pretty shocking when you see an image of it.
I'm looking at it right now and it is shocking.
Right?
It's pretty crazy.
It's like an oversupply problem of like the only way to get this off the ground is again to inject a ton of capital to it and operate it at a loss until people get used to it and it becomes a part of your day and your life and how you get around.
If it doesn't play, however, you just have 50,000 bikes to figure out what to do with.
You've been, you've been in Montreal, right?
We're totally off tangent here, but you've been to Montreal, right?
Yes, I have.
Have you ridden the bixies there?
because I feel like that is a place where they got it early enough.
Right.
And they built it into their infrastructure well enough.
And it was actually widely adopted.
They changed bylaws so you didn't need to ride with a helmet,
et cetera, et cetera.
Like it became a public service that people I knew actually used.
It was cheap enough.
And I have never seen it in another place implemented as well as it was in Montreal.
So kudos at least had been.
I'm not sure what the current state is.
it is, it could be total chaos, but, but kudos to you, Montreal.
Meanwhile, there's a 50,000 tall bike pile in the middle of the Montreal.
Yeah, yeah, yeah, Mount Royal is just covered in bikes.
Yeah, totally.
It's, Mount Royal's built on top of an old pile of bikes the way they do with tire fires and
like, just build a hill on it.
That's what the mountain's made of.
It's made of old bixies.
Should we get back to topic?
Let's, let's kick it over to a commercial.
break. Also, welcome to Hotline Hacks. We're so good at podcasting. We're really good at the basics of our job. Welcome to Hotline Hacked. We're going to kick it over to a break and when we come back a couple more messages from y'all.
I think we nailed it. You know, we got a little plug in for the store.com. That's true.
For Patreon to be plugged page. Hey, go to go to hackpodcast.com redirects to our Patreon because we, you know, big heart love our patrons.
We're great. And now messages from our sponsors.
after these messages from us.
I assume that would be after the ad break comes back.
That's probably the way to do it.
And we'll find, oh, man, we're creating an editing nightmare for me right now.
We sure are.
We sure are.
You just let it all in, make hotline hacked.
Just like totally rogue.
Hotline hacked.
It's loose.
It's loose.
We're very loose.
Looser than normal, hotline hacked.
Think about the last time you heard a breach story on this show.
It always starts the same way.
Someone somewhere saw something too late, an alert buried, a signal missed, an SOC that just couldn't keep up.
Arctic Wolf set out to solve that problem by rebuilding security operations from the ground up for a world where attackers are already using AI.
They created the Aurora superintelligence platform, a fully agentic system powered by the swarm of experts.
Instead of single-purpose bots or lucky-guess LLMs, this swarm is full of deterministic agents that handle whole entire workflows.
Humans stay in the loop and on the loop to validate the critical decisions and keep everything trustworthy,
and all of this is just off running on their secure operations graph.
A constantly updating intelligence engine fueled by more than 9 trillion telemetry events every week
and over a decade of real-world incident response.
The system reasons on real signals and real context not synthetic training data.
And the result is the new Aurora agent SOC.
It's the first SCC that is agent-led by design.
You get agents that coordinate, agents that investigate, agents that respond at machine,
speed and hundreds more that automate the repetitive work that normally buries human analysts.
Arctic Wolf didn't try and bolt AI onto an old model. They rebuilt the model entirely.
What makes it even more effective is how it works with Arctic Wolf's concierge experience.
The team brings customer-specific context directly into the platform so every AI-driven decision
reflects your environment instead of generic assumptions. The automation frees your
concierge security team to focus on higher value strategy and proactive risk reduction
while the agents handle the grind.
If you want to see what trustworthy, production-ready AI and security operations actually looks like,
go to arcticwolf.com slash hacked.
Never feel like cyber threats are evolving faster than anyone can keep up?
Last year, 2025 was nothing short of a record-breaking year for major breaches,
from sophisticated ransomware operators to AI-enabled attacks to turn defenses on their head.
Organizations around the world saw headlines they never expected,
than cybersecurity teams were tested like never before.
But here's the thing.
These incidents aren't just news headlines.
They're learning opportunities.
And that's why Arctic Wolf is hosting a live webinar on February 5th,
diving to the most impactful breaches of 2025.
Their field CTO and security leaders are going to unpack not just what happened,
but why these attacks succeeded.
And most importantly, what businesses can do to fortify their defenses for it's too late.
You're going to walk away with real insights in how threat actors are evolving,
how defenders are responding,
and what strategies can help you stay ahead of the next big breach.
It's not fearmongering.
It's practical, actionable, intelligence from experts in the trenches.
Register now at arcticwolf.com slash hacked.
Okay, so this next call that we got from a caller, we're just going to call in P.
Didn't have any audio included, but it came in as tech.
So I'm going to read this one to you, Scott.
I'm very curious for your thoughts on this because it is relevant.
Here is an idea for a story that occurred in Scott's territory almost half a century ago.
This is not an incident that I was directly involved with, but I believe this would be one of the first incidents of computer hacking.
It certainly did make legal history.
This incident of computer hacking took place in Edmonton in 1977, go Oilers.
That was me.
A little before my time.
Just going to note that.
A little before your time.
I was living in Edmonton at the time and recently purchased an Altair computer, which was assembled from like a kit of parts.
There was a group formed in Emmington at the time called E-A-C-H-Edminton area computer hobby.
This was before the days of Apple, Radio Shack, etc.
Floppy disks were only for the rich.
Many thought that bubble memory would be the next breakthrough.
Remind me to ask you what that is.
I became a close friend of one of the members who also owned an Altair.
He was taking computer science at the University of Alberta.
He was also a close friend of Michael McLaughlin,
although he was in no way involved in the hacking.
He told me that Michael's main goal in hacking the computer was to alter the billing for computer usage.
Michael did have an account on the computer, but the usage charges were very high.
In those days, from memory, he was using an IBM Selectric typewriter terminal using dial-up access to the computer.
This would be 300 BPS or less.
I did meet Michael briefly at a house party in 1984.
He told me his legal costs for beating the charges were quite high.
If he'd like to research it further, here are a few links that could help.
So what is our dear friend P talking about here?
Clicked on some of the links that he provided.
There's like an old Edmonton journal article and there's a bunch of court transcripts.
But what it sounds like happened here is in 1977 at the University of Alberta in Edmonton,
three students, Bruce Michael and Arnold, who were 19, 19 and 22 respectively,
were some of the first people ever charged with, I think the charges were mischief, theft of computer time,
and use of a computer as a telecommunications facility.
Bruce was convicted of theft, Michael, I think was convicted, and Arnold was acquitted of both charges.
It sounds like what they did was the U of A had this $9 million computer that builds time to it.
If you wanted to use the computer, you had to pay.
There was an account.
And they went digging around to try and get unauthorized access to change the billing system so they could use the computer more than they were supposed to.
In doing so, they caused this $9 million computer system to crash five times in one week.
I just want to jump in and say, I'm sure back in those days a computer crash was much more significant than it is today.
we just like reboot it.
I'm sure it was much more of a headache.
Totally.
So Christensen, one of the three, gets caught using this terminal that P was describing.
And there was, apparently it was a red-handed thing.
There was evidence of tampering and possessing like the IDs and profiles of, I think,
about 100 of the users.
They found computer prints out and tapes at McLaughlin's residence, which means they rated
his residence over this.
Assell admits to planning the scheme, but there's no evidence of execution around.
Anyway, they were.
some of the first people ever to be charged in regards to hacking in Canada. And it happened in,
in Edmonton. As a graduate of the University of Alberta's computer science program,
this is definitely my territory. A quiet salute.
Yeah, wild. I actually had no idea, truthfully, I had no idea this had happened in Emmetton.
I can see in 1978 how this would be a defining piece of legal trial because,
because networking is kind of like just starting to happen.
So like the whole idea of network computer security and network computing hacks is probably not really like a big deal then.
So like, you know, people trying to use a computer is like what the hack is.
And like that's, I don't know, a little wild to me.
It sounded like in order to render like a legal outcome of this, they had to, I use the phrase telecommunications.
facility. I found that I went through some of the court document. It's very long, but I found
the relevant parts. And it sounds like the legal response to this was basically saying, okay,
this computer is akin to a telecommunications facility. It's a machine, but we can think of it like
a building where there's a phone stuff happening. And what you basically did was you broke into that
building and you caused that infrastructure to stop working. That was kind of how they were charged.
It wasn't a computer crime because that didn't exist.
It was akin to you broke into the phone switching building and mucked with it.
And now we have to spend, I think it was 300K a year, was the number they said after this.
So we're going to dedicate money to hiring people to stop people from doing this in the future.
Inadvertly birthing cybersecurity in the prairie provinces of Canada.
Yeah.
It's like the now cybersecurity is like a major expense line on every company's, you know,
income statement.
Back then it was probably a, I assume it was a total afterthought, you know, like they would
have had, yeah, basic networking, you know, pretty, pretty primitive computer systems running,
you know, probably early versions of Unix, you know, BBSs were maybe just kind of kicking
around at that point, a little bit of dial up here and there.
So it would have been, it would have been, yeah, would have been like the genesis of like computer crimes,
you know, it would have been a really interesting.
time to be alive and be a hacker because the puzzles would be a lot more basic. Let's just say that.
The last detail I noticed in the court documents I found interesting. And I had a hard time parsing
the exact timeline of this, but this was the sense I got was that at the time that they
infiltrate, that they accessed this system, I think either Christensen or McLaughlin were actually
not supposed to be accessing it. My gut is that part of why this
happened was that for some reason they weren't supposed to use this system and the attempt to gain
access to these profiles. And the billing back end was to give themselves access to the system
again, which raises the question, if I am right, what did you do? This isn't actually the first
computer crime. What was the real one? What was the reason you got booted off in the first place that
you had to go and do this? Like, my first gut feeling is that they probably use that computer
for a specific class.
And then when the class finishes,
they get removed from it.
But the utility of having access
to a $9 million supercomputer
that's probably 1-100
than what our iPhones are today
was so valuable
that they didn't want to lose access to it.
So I could perceive that as being the main reason
why they wanted to get back into it.
But it's really interesting that like,
sure, like when you talk about the parallels
between utilities, you know,
telephones and things like.
that charge for use services and computing.
You know, this was essentially a utility.
It took power and converted it into computation,
which is what computers do.
But it was so primitive that it probably consumed a lot of power
to the point that they charged people for that computation.
So it's just such a cool look back in history.
Yeah.
The last little detail that sort of clarifies that moment in time
is that when they were arrested,
It was Christensen.
It was still paper notebooks.
He had a physical paper notebook that had the IDs of 100 other users,
like hand transcribed into it and a bunch of profiles he'd created it.
So it was like you do this sort of first ever in Canada computer hack,
but you're still writing it down by hand in a pen and paper notebook.
Because like what device are you going to store it on?
The only computer you have access to is a $9 million one or whatever it is.
that probably weighs a couple tons at your university.
So you got to scribble them down on paper.
And that's what the cops found when they arrested them.
An IBM Selectric Typewriter terminal.
If you don't know what those are,
they're essentially like dumb boxes that have a keyboard,
aka the typewriter.
And then there's a terminal,
which is literally like probably a monochrome screen.
Sure.
That they would dial into this computer to access it.
It's fascinating how much of like the Unix system, because it's from like 1969,
still has like the infrastructure of the Unix operating system still supports.
And you can see how it was built to deal with things like one mainframe with a bunch of
terminals connected to it.
Oh, cool.
Because that's kind of how it used to work.
Sure.
So it's like a lot of the pieces that build up the like Unix.
OS like terminals in them.
Like the like all come from like this generation.
We're like, yeah, we're Forbes company and we have a $10 million super computer and we have
13 terminals in the company that connect to it.
And it's like the computer on your desk was nothing except for a way to dial in our
network and connect to the like mainframe.
It's like a hub and spoke model for computing.
that same basic metaphor has like in some cases persisted to this day. Every time we have a technical
jump, I think of cloud gaming is what I'm working my way around to where it's like, nope, it doesn't
matter the device. The device is just a system for interacting with all of the processing that's
happening way over here. We're handling all of that. We're doing all the computing. You just need a way
to engage with that system. And that's why I only cloud game on an IBM Selectric typewriter computer.
Typewriter, yeah. 2741.
I like that.
That's the way to game.
The only way to game.
It's the only way to game.
You could be playing like muds.
Yeah.
Like old multiplayer text games.
Like that could be your world.
You could use your steamed deck OLED to connect.
I'm sure there's probably a lot of mud servers still kicking around out there in the world.
There's got to be people that are obsessed with this old style of gaming.
It honestly does sound pretty fun.
You get a little generative AI peppered into that and you got a little.
a little text-based dungeon master all your friends can jump into.
Pretty good time.
It's like a choose-choose-your-own-a-venture books, but like in computer land.
Totally.
So this next call maybe demands a little bit of preamble.
And I guess all I'll say is pay attention to the voices.
We were sent two different audio files.
They're the same content, the same words.
But the voice that was used to filter and kind of conceal the original speaker is different
in each one, and I'm curious if you recognize them, Scott.
Okay.
Hello, Jordan. Hello, Scott.
I hope this message reaches you well.
I also hope that you do not feel the sudden urge to sue me instantly for doing this.
I'm working as an AI researcher, and I value privacy, and I did not want to publicize
after my real name.
So I wanted to provide you with an alternative that you can use for playback.
That way, I decided to use your voices, but no worries.
This is not 11 labs.
It's not run on a public cloud, just a local machine and the models are already deleted.
I thought that was the ethical right way to do in this case.
I was like the first couple words, I was like,
Wait.
Did this guy break his nose 13 times too?
Because he sounds, he sounds nasely like me.
I feel seen.
Yes, sure.
A little different, notably different, but kind of the same.
Something similar going on there.
Sort of an accent.
What accent do you think it is?
We just got to do it now and jump over and hear yours, but what accent do I think it is?
Well, no, play mine first.
That might help.
Okay.
Give me a better state space to make this call.
But now that it did, I realize that it might be confusing for your listeners to hearing
your voices when it's actually not yours but a guest.
I'll see how you sorted out.
We could also redo this with a third non-jordan, non-scot voice for clarity.
Just contact me for that.
And in this I'll send you a version of both my voices,
so you can choose what you want to add it together.
Or like Polish maybe?
I flip-flopped because I listen to this.
So for context, this caller called in with three stories.
They're all pretty fun.
probably only end up talking about one of them here.
There's moments later in the recording where I was like, oh, maybe it could be like a
Polish or a German.
I'm re-listening to the beginning.
I'm 90% sure.
This is Irish hacked.
This is Irish Scott and Jordan, empowered by AI because I don't think I can do an Irish accent.
And if you're worried about getting sued, do not be.
This is fun.
Yeah.
You said to us.
Don't go do this for other things and don't do this without people's consent generally.
But for the purposes of this, kudos.
I think we're going to stay on Jordan's audio track here
because I think we all know Jordan has the better voice.
And now it's Irish.
The third thing is about something that you have already,
yeah, let's say touched in some of your shows.
It's about resellers and the, like, GPU scalpers or console scalpers.
three years ago coinciding with COVID
the whole chip shortage, the global chip shortage
I decided wanted to get my hands on a GPU
and funny enough I knew a friend
who knew a friend who was
very much involved in like the sneaker head
sneaker shot whatever you call it
like resetting sneakers for insane margins
and I wrote my friend
Yeah, tell the guy that they should get into GPU's
chip shortage is coming
And little did I know that they were on this
Way earlier than me
So he
So my friend who knew that friend
Thought that I should have a chat with his friend
Just because it might be interesting
And boy was it interesting
So after a couple of minutes talking with that friend's friend, I realized that that guy had an operation running that was absolutely beyond my imagination.
It was not just one person who was doing some reselling.
I thought that person might have some bots for shooting, for sniping, a couple of shoes.
no, there was a whole community completely organized over Discord, like with membership fees,
$30 per month, various channels where bots were frequently crawling various websites for
when something new appears and sometimes they could even predict when a new, like they call it a drop
happened of a certain product like new PlayStation 5s are coming on this and that website like in two
days be ready um they were insanely well organized can we talk briefly about the loss of economic utility
as a species that gets spent on shit like this oh for sure like when i listen to that all i hear is like
there's so many people like sure they can make a living doing it it's kind of insane that
they can make a living doing it but it's like if if if we could just direct all of this
utility that mankind spends on shit like this i know what you mean to describe it
we could like we could like cure cancer like yeah it's it's it's interesting how a really old
fashioned economic process, getting applied to a new thing in a weird situation,
sort of throws into sharp relief how odd it is.
Like, this is just asking something over here and you're selling it somewhere over here
for more money.
And the thing happens to be GPUs and it happened to be during the pandemic and you happen
to be using a bot to do it.
So it all feels very new, but it's like, it's not really any different than like buying
barley from where they have too much and selling it for more where they don't.
It's the same basic process, but it has this fun cyberpon.
spin to it.
That's true.
That's true.
And talking with that friend's friend, he also told me, yeah, you'll do some programming
I heard.
Would you be interested in creating some Chrome plugins for us?
I denied that request because I'm not that well of web dev.
But it turned out that there is a real market for these things.
Like that friend's friend who ran the whole operation told me,
so I don't know if we can take his...
take his word for granted but he said that he has bought like several tens of thousands of
dollars in various shopping bots who help him with sniping these shoes and GPUs and consoles
and these these plugins are not just one file that you get but it's proper license
management that you have to pay the checks over the web whether it's legit or not
And there is even an after-selling market for these plugins.
So when you donate and if you get your hands on better stuff,
you can sell these things to other scalpers.
We'll be very happy in buying these since there is actually artificial scarcity for these things.
So the developers just issue maybe 5,000 licenses of when they find one exploit for a website
so they can avoid staying in a queue.
And that whole operation was insane.
And these people were very crafty, not just on the tax side, but they were also scouting, like in the real world, for business opportunities.
So it was COVID, and in our region it was very evident that the first winter won't have any gastronomy open, so bars will be closed.
But it will be allowed to have some drinks outside in winter.
And what will people need in winter when they cannot stay inside, they will need these outdoor heaters?
So they figured out in autumn they should buy all available heaters of the area
so that they then could resell these for I think it was 30% more than their store price
just because these things will be rare in winter because everyone is getting these
and the following summer they realized that outdoor pools will be closed
so what will all families need they will need pools for their gardens
They scouted every available shop like the Walmarts and Costco's and what's around and just bought these things like crazy.
And the demand was just high enough so that they could upsell these things for 50% or even 100% more.
So just I call these crafty business.
So is this ethical?
I think it is.
I mean, it's just high demand and they fulfill the demand of people with a premium.
but yeah, one could argue with this,
and especially with a GPU scalperist
who everybody hated at the moment.
I believe it's called the Invisible Hand, right?
That's the name of one of the bots.
I wouldn't doubt it would be a good name for a bot that does that.
Pools in summer and heat lamps in winter for restaurants.
That is wild.
That is like buying and selling like a food,
commodity on the markets because you know that there's going to be like a drought in some country level of like chess mastery 4D kind of thing. That's wild to me.
They've just they've taken commodity trading and forecasting to like micro commodities. Totally wild.
Besides everything, I can just encourage you to to research and get into these communities because I think there is a lot to unpack in these communities.
communities like these scalperers and people who shop online and resell.
These are crazy, crafty people.
So yeah, that was it for me.
I hope you've found something interesting on my stories.
Thank you for a podcast.
Thank you for doing all this.
I really enjoy it every time you release a show.
Thank you very much.
See around.
It's like part of capitalism, you know?
they like figured out loopholes.
Like I'm not even going to lie.
Like I recently bought something.
I needed six tools that you have to buy in a set of like nine things.
And the ones that I didn't need are the most expensive.
So I just wanted the cheaper six, but you can't really buy them.
And they do sell them single, but they're hard to find.
So there's literally eBay stores that just buy the full sets, break them down.
to the most commonly purchased groupings and then resell them at a bit of a premium.
So instead of me spending $300 for the full set, I managed to get the six that I needed for 110.
But all in all, the people that broke it down probably sold the whole thing for like $450.
And it's like, I got a better service out of it.
I got exactly what I needed.
They made money doing it and they provided literally a service by buying something and breaking it down.
and selling the component parts.
So it's like, how can you be mad at it?
I'll find a way.
The best defense of it is that I called it Esker earlier.
I got that wrong.
It's like it is just it's arbitrage like we've known forever,
maybe kind of ramped up a little bit,
but that it's the same basic thing.
Yeah.
The best accusation is that it is bringing the tedium
and price inflation of scalping
that is usually reserved for like,
a couple of products, like concert tickets, it's bringing that to just anything.
It's like, oh, everyone seems to need the new iPhone switched to USBC, and so USBC cables are more
popular. So let's just buy a bunch of them and ratchet up the price. Like, it's just taking,
it's bringing commodities trading to every commodity. Maybe that's a better way of putting it.
It's like micro scarcity. And like artifice, it's weird. It is, it is interesting. I bet there is a lot to
unpacking those in those communities, but there's tons of stuff. I would like to get into one of those
Discord channels. I'm not sure what, which one to start with. So if caller, you know of some that
are cool, feel free to reach back out. Because I am genuinely curious to learn more about this.
The number of people that if you, if you narrow your search to like 20, 21-ish talking about
like learning how to program bots just to try and get a GPU, it really, really,
speaks to the amount of desperation people have for trying to get a hold of these things.
And the amount of money people were willing to spend on these bot services to pay.
I'm looking at the prices conservatively double what their MSRP is.
Like launch price on a gigabyte RTCX 3070 was $5.69 and it was selling on Amazon for about
$1,300.
I think another thing that it, well, it also like classic COVID economics here, but like
I think it honestly demonstrated to companies that they were undervaluing products that they were selling.
Like, Nvidia's 30 series GPUs were expensive, but their 40 series were like very expensive.
It's like I think the reseller market showed them that they could charge more.
It's like kind of what goes on in concert and sports tickets.
Like, you know, the hockey playoffs are on.
The cheapest ticket you can buy face value.
to a game is like 300 bucks or more.
But there's actually the opposite thing happening now
where like the other day we were looking at tickets
to go see the Emmington Oilers play in the playoffs.
And I could get seats 30 minutes before the game.
People fire sailing them for like 125 bucks a seat.
So like the people like saw that COVID boom,
raise their prices.
And now we're kind of in the,
law recession piece behind the boom and people are not willing the demands just not there anymore
like the like the invidia 50 series GPUs i could see them coming out at a lower price because i
just don't think that many people could justify $2,500 for a GPU mid-COVID sure like everybody was
like trying to get their hands on a 30-90 and they were spending but loads of money to get them
So,
Nvidia capitalism worked.
It pushed the prices up.
Next thing you know,
the demand's not there for it at that price point.
So it's going to correct back down and such as,
you know,
the market function.
Yeah,
it's,
the market did function.
It's this weird thing where like,
let's just talk,
I guess,
about how lucky Nvidia is.
That's a global event that costs people,
I would say lucky.
If you,
like,
look at the timeline.
They were profitable before,
COVID. COVID locked people indoors. So the thing they wanted to do is game. And through that process
and through stuff like this caller, the actual value of the product was revealed to be much higher than
they had been pricing it for. Again, during the years where they were still profitable, they weren't
operating at a loss. They were making a profit on each of these things. They was just revealed that
they were much higher. The price of Nvidia starts to go up as a company. Right. Is that supposed to be
stopping. And the market would be like, oh, you know what, let's start bringing these prices back
down. The demand isn't like quite as intense anymore. Boom, AI. Like AI just pops off right as that
line would have started to go down. AI starts happening. And we are looking at an Nvidia that is,
I think, the third biggest company by market cap in the United States. Correct. Which was not the case
before those two things that happened in rapid succession happened. Well, the, the, the one
thing you're leaving off that timeline is crypto mining.
So, so. Yeah, good call.
InVVVIA used to always have substantial benefit from the crypto miner market.
They bought tons of these, like part of the demand that led to the 30 series GPUs going
up was the increase in crypto prices that happened during COVID.
So all of a sudden, mining was in super high demand.
So people were buying so much, like so much capacity to mine.
They were shooting up the price.
prices of GPUs. That's true. That kind of went away to some portion with Ethereum and it totally
cut the knees out from the demand that had come from the crypto space. There were still some there,
but it wasn't nearly what it was before. And then the prices were too high. You can actually
see this arc in their stock chart as it goes from like, you know, $135 up to
$315
and then kind of waddles down over the like
2022 to like $120
and then you can just see AI hit
like May of 2023.
Yeah, right.
Go from $300 up to like $950.
Anyway, digressions aside.
It's fascinating.
Like Jensenifying is obviously an exceptionally
talented business person.
And they make a product like
it's the pickax method.
metaphor. Like they're making the pickax. I totally get that. But it does definitely feel like a person who jumped off a roof onto a trampoline bounced really high up into the air. And right as they start coming back down, the next trampoline delivery people show up and place the next trampoline below them in the forework. And they bounce off that one again. And then right as they start coming back down again, the next trampoline delivery people come in and place another trampoline in front of them. And they bounce off that one called AI.
it is this like wow like you just keep getting higher and higher it's impressive the commercial
in your i love your sports metaphors you know you got the sprinter with the needle full of
steroids we got the trampoline kids um that's great i was laying down the track as i was going
on that one it felt a little shaky so i appreciate you saying that but the the real like as a as an
avid investor the real question becomes like we were digressing hard here but like sure is there
going to be another trampoline or is like
Nvidia going to land in the treetops
and it's like or are they going to fall to the ground?
Like the commercial orders for like massive
AI computer systems
powered by Nvidia is huge.
Like Facebook I think is spending.
Like all of those big
tech companies
are probably spending more money with
Nvidia now than like anybody else.
Like they're,
they've gone from like a consumer graphics card
company to like yeah like like from one of our stories like a massive supercomputer company like
i bet if i just google facebook invidia supercomputer for sure oh for sure they i'll get some story
about facebook spending like you know 17 billion dollars on some supercomputer i think the other thing
it could happen is more people get thrown onto the trampoline like it's only a matter of time until
literally yesterday Apple released on device AI models that are obviously running on Apple Silicon.
Like we're going to get stuff running on AMD.
We're going to get stuff running on a bunch of on like Qualcomm.
We're going to get stuff running on things that aren't just Nvidia GPUs.
Because if this really is going to be how we like a core part of how we do all our computing moving forward,
it's not just going to be bound to that one one menu.
manufacturer. That doesn't mean they're not going to keep being a massive part of it, though.
Well, there's some, and like we're just talking consumer tech here.
Literally.
There's some really interesting stuff going on in the, like Qualcomm, like the Snapdragon X Elite chips.
Like the like AMD finally like Intel is not AMD's main rival anymore.
It's going to be Qualicom.
Like the new Microsoft Surface Pros are coming out with Qualcomm, Snapdragon X elites, which are essentially
for lack of a better comparison,
they're Mac chips.
Like they're super super,
super power efficient,
super high processing units.
So it's like, and they've come from the self world
where they needed to worry about power use.
They needed to worry about size.
They needed to worry about all those things.
And now they're building them into laptop
and tablet chips, you know,
and they're going to be,
I don't know if you follow the chip world at all,
but like Intel's new line of chips are having nothing but thermal throttling issues.
Like to the point that people are delitting them,
like they're taking the metal lids off of them and binding the cooling right to the actual processing chip,
which is like risky.
Sure.
But they're so thermally bound where then you go to something like a Mac,
like I'm sitting in front of my Mac laptop right now,
and it's got boatloads of processing power,
and it doesn't even have a fan in it.
Like it doesn't create that much heat.
So I think it's going to be an interesting, like, you know,
five, ten years in the chip space to see who comes out as the winner.
Like Intel used to be Big Blue and be the leader.
And then AMD was kind of the little, you know, punchy sidekick.
And now it's like, it's kind of shifting around.
And you're not quite sure who's going to be at the top.
I think it's only a matter of time before some of those other chips.
manufacturers managed to try and, if not catch up with what Apple's doing with that system
on a chip stuff on Mac, get very, very close because it was like they had this massive
jump forward.
They took out a huge lead.
And the thing that was holding it back is like Windows, you've been able to run Windows on
Arm for several years now.
I think it was Windows RT or something.
It was just by all accounts not very good, not because it didn't work well, but because
nothing, almost every piece of software that wasn't Windows had to run in an emulation later,
like layer in order just to work on it.
They still have that.
And so everything is just inadvertently slower.
But, you know, that's just a software problem.
It's like eventually most of that stuff.
That's solvable.
And eventually if more and more of those computers start getting sold, software manufacturers
will have an incentive to rebuild their stuff in it and eventually they'll catch up.
We were talking about Nvidia on our cybersecurity show.
We have drifted, and I stand by it.
Well, one last thing on the Nvidia thing is the chat.
I just actually found Facebook's, some analyst has done an evaluation of approximately what just Facebook is going to spend at Nvidia this year.
So apparently they're looking to buy 650,000 H-100 cars.
Wow.
long term, but just in this year, they're looking to spend approximately $9 billion on GPUs from
Nvidia. That's just meta. I think that honestly makes a ton of sense. Like, I don't see how you
try and keep that company aflo without building a bunch of headroom in. Like, to me, that's a,
that's a headroom acquisition. It's just like, whatever we do next, we're probably going to need
these. I remember, I don't know if I read it or heard it, but I remember,
hearing about how, say, the process of serving people content that they actually want to see on a
vertical video platform like Instagram Reels or TikTok gets way, way, way, way better, the more
processing power you have because it's the amount of like potential videos that we know you would like
that we can have ready to go. So the second you scroll, we have it ready. That is deeply bottlenecked
by the amount of these things that you have. So you buy more, it's like, well, we used to be able to have a thousand
videos ready to go based on your behavior. Now we can have like 50 million videos ready to go
based on what you do and go, okay, it's this one that they're going to want to watch next.
It has weird applications. Totally. Should we end our random digression there? I think so.
I think we call it there. If you want to submit your call and spark a giant tangent,
you should go to hotline hack.com where you can share your strange tale of technology, your true hack,
or computer confession.
We have a phone number that you can call.
1-888-281-8869, or you can go to the site to submit audio,
or you can use the email there and submit it that way.
Submit however you want.
Submit it is text.
Call in, submit a AI version of us with an accent.
That person used the term gastronomy to refer to restaurants,
and that feels like a clue.
Yeah, yeah.
Keep going, keep going.
And I'm like German, French?
I feel like I have a German friend who I heard you use that once.
And it totally shifted my guess of where they're from.
I don't know.
I think listening to the entire thing and not to snap judgments and the, yeah, well,
I think I'm going, here's my order.
I'm going hard Dutch.
Like 85% of me believes Dutch.
And then the other 15% is going to be the Germanics.
It's going to be Swiss German or it's going to be, you know,
hi German, but I'm thinking Dutch.
Yeah, I can see that.
Watch is from Manitoba and we're just really, really bad at accents.
Share your call.
Call in.
We want to hear from you.
If you want to support the show, hackedpodcast.com redirects to our patrons.
It's a great way to support it.
We're deeply appreciative.
And then since you made it to the end of this bad boy,
I think that would mean a lot to us right now is just tell someone you think would like
hacked about hacked, all the classic internet show stuff.
jump in and give us a real good rating and in a little comment.
It all helps a ton to get the show in front of new people and it means a lot to us.
Totally.
We love you all.
We love you all.
We'll catch you in the next one.