Sharp Tech with Ben Thompson - Amazon and the “Just Walk Out” Parable, Mythbusting on Meta and TSMC, The XZ Backdoor and Its Implications
Episode Date: April 8, 2024Updated thoughts on Amazon rolling back “just walk out” in grocery stores, context for a viral Meta tweet and a year of pessimism surrounding TSMC in Arizona, and Ben walks through what happened w...ith the XZ backdoor and the changes that should come next.
Transcript
Discussion (0)
Hello and welcome back to another episode of Sharp Tech.
I'm Andrew Sharp and on the other line, Ben Thompson.
Ben, how you doing?
Doing okay, Andrew.
How are you?
I'm doing all right.
I'm here to save you from thinking about the Milwaukee Bucks here.
I can promise nothing on this show will be as depressing as their last seven days.
Yeah, we're starting late because I had to figure out the right tweet to compose.
I feel duty, you know, when you're, if you talk a lot, you have to accept the L's.
and the bucks are accumulating a lot of them right now.
Yeah.
I came up with,
you want to hear my tweet?
I'll read it on air.
Please.
The floor is yours.
Reminding myself that I love basketball because interteam dynamics are so fascinating
in ineffable as I accept the reality that fascinating and ineffable interteam dynamics
appear to be unsolvable for the bucks this year.
I believe this is a long way to say, hoisted by my own pittard.
is the phrase.
Well, but though, nice and restrained.
Finding a silver lining in the massive cloud that's currently hovering over the
Look, if you're, if you talk a lot when it's good, you got to at least put something out
there when it's bad.
So that's done my duty.
That's right.
Done my duty is a Twitter takes them in.
Basketball is not a math problem, ladies and gentlemen.
Sometimes the interpersonal dynamics can get a little complex.
It gets a little hairy.
That's where things are in Milwaukee.
Death by DeVincenzo on Sunday night.
But in brighter news, we've got a lot of great stuff to get to on this episode.
We'll start with an email from Bernardo.
The subject line of his email was,
the AI was a thousand Indians, question mark, question mark, question mark, question mark.
And then he writes,
on dithering, Ben mentioned Amazon retiring the just walkout technology on Amazon Fresh
stores because it was based on a thousand.
Indian workers following you in your shopping journey. Ben mentioned it as a great example of the
normally laudable strategy of build things that don't scale. Except that's not how it worked. The workers were
obviously doing post facto data annotation and verifying low confidence transactions. It's kind of
annoying that this is being reported as Amazon having built a mechanical Turk. They're replacing the
technology in Amazon Fresh stores with dash carts, which also use machine vision,
but require less infra,
and the Amazon Go convenience stores
will continue to use just walkout technology.
So I look at all this as sort of a modern tech parable.
I know you talked about it a little bit on dithering,
but I find this story pretty interesting.
What do you make of what's happening here
with a couple extra days to digest everything?
One of the things that happens with dithering
is we usually actually record more like 17 or 18 minutes
and parts get edited.
I can't remember if this got edited or not.
I do a rough edit and then another editor gets it down to the 15 minutes sort of exactly.
What I did say, I did express some skepticism that this was actually just like a thousand Indians calculated the transaction.
Survealing you.
Probably verifying, yeah, just verifying and making sure that it worked.
I mean, just a thousand is not that many, to be totally honest, to be doing something like this.
So I can't remember if that was in there or not, but that was my position in which I stand by and more report.
seems to be verifying that that's the case.
And it makes sense.
Now I feel good about my do stuff that doesn't scale sort of idea.
I mentioned on dithering that one of my best experiences with technology was at the United
Center in Chicago, you know, what's the worst thing at a game?
Try and just you want to drink, right?
Like there's a huge line of the concession stand and I am a huge believer.
If you go to a basketball game, go watch the basketball game.
It drives me bonkers when people are not in their seats, particularly being in the third
quarter and the game is going.
on. So in this case, I would walk a quarter of the way or halfway around the stadium to go to the, once I discovered it, you could just go in and grab a, grab a drink and then walk out. It was awesome. It was, yeah, it was fantastic. And that, and that was a great sort of use case for that. And it sounds like that is not just continuing, but actually expanding. And so this is good. This is good. I, I, I, you know, there was some, you know, there's always, this is a self, a self, a self,
introspection episode, I guess, starting with the Milwaukee Bucks on.
Who knows where we'll go from here?
There is a bit, and maybe this is still antitrust hangover, where I feel like vaguely guilty
about, like, defending the big tech companies too much. And so, like, when there's an opportunity
to, like, jump in, it's like, well, you know, you have to like sort of take that, you know,
just like you celebrate the Ws, you got to sort of go in on the yells, as it were.
Right. But this seems good, right? Like, you get stuff out there. You experiment.
you figure out what works.
Sounds like larger scale implementations of this don't work very well.
Okay, so you shut them down.
Small scale things like at a stadium where, again, from the customer perspective,
the worst thing in the world I want at that particular moment is any sort of friction in this process.
This idea I can just go in.
And by the way, you're dealing with super high margin goods, right?
You're getting a bottle of Diet Pepsi and whatever leakage there is, I think is the technical term,
is fine because they're making like $4.
and 95 cents of profit on every single one of those bottles that I'm grabbing, right?
And so a great use case, same to with the airports, right?
You know, captive audience, you want to go and grab something, walk out, that's good.
And it's good for everyone.
So by all accounts, yes, I regret the relatively short snippet in how it perhaps game
crosses over a negative when it sounds like this is pretty admirable.
You figure out there's a new technology.
You put it out there.
You figure out where it works, where it doesn't work.
Then you double down on where it does work.
in other areas, you keep experimenting.
So, kudos to Amazon.
Yeah, well, go big tech.
And for anybody who's new to the story or wasn't following it last week, just to give people
a sense of how it was framed, I'll read a tweet from a guy named Max Burns.
He wrote, Amazon Build It's Just Walk Out Stores as some triumph of AI.
In reality, it was powered by thousands of low-paid Indian workers, manually adding up items
in your cart as you shopped.
how insanely dystopian.
And he was linking to this Gizmodo story.
Yeah, probably should have been a red flag right there.
Right.
They wrote, they wrote Amazon is phasing out its checkout list grocery stores with Just Walkout
technology.
The technology allows customers to skip checkout all together by scanning a QR code when they
enter the store.
Though it seemed completely automated, just walkout relied on more than a thousand people
in India watching and labeling videos to ensure accurate.
checkouts. The cashiers were simply moved off site and they watched as you shopped.
And it's interesting to me because it just sort of underscores how confusing all of this can
be for normies trying to make sense of what's actually happening in tech. Because when you go back
to when this was announced, I remember trying it for the first time. And it felt almost wrong.
Like it certainly felt like I was living in the future.
And you had Amazon who was pretty opaque about how exactly the technology worked and was happy to let people believe that this was all being done by magic machine learning that was proprietary and, you know, eons beyond any other competitor.
And then you go back to last week.
Apparently mostly was.
Exactly.
And the way it was characterized by the media was even.
more misleading because they made it seem like the machine learning was entirely a lie. And the only
way this worked was by having a bunch of workers in India surveil shoppers the entire time. And that's
not what was happening. This is machine learning, which does involve humans, you know, helping to
ensure accuracy. And grocery stores, just strategically speaking, grocery stores present a much
trickier challenge. So you can understand why Amazon looks at this and says, the margins are
here and the spectrum of items that need to be cataloged is just way more diverse than what you're
getting at a stadium or an airport. So it's not necessarily worth the investment.
I have another long-winded salp cystic take that actually I think is kind of funny. It impacts
the dithering episode. Are you ready for this? Please.
So as you are probably aware, there was an earthquake in Taiwan last Wednesday,
which really was not a big deal.
I mean, it's hard to talk about
because nine people did die.
The vast majority,
I think actually almost everyone was not in a building
because it was like people hiking,
like a truck driver and like,
unfortunately one woman went back in after a pet
into one of those buildings.
But there should have been a clue
that kept only showing two buildings
and all the footage,
which were not even fully collapsed.
They were just sort of like tipped over.
Yeah.
And the long and short of it is Taiwan had a very devastating
earthquake. That was actually about the same size
in 1999. And
a lot of buildings did fall over then. It was very
bad. But since then, obviously
building standards have been
increased, but more importantly,
the sort of attention to detail of
the workers, everyone knows what could go
wrong, right? And so the reality
is, it just wasn't,
particularly in Taipei, it was a non-event.
Like, it was a big earthquake. It's the biggest I've ever been in,
but there was no meaningful
damage or whatever. I think one of the MRT lines
had had some issues, things on those lines.
And meanwhile, I'm getting a gazillion text and messages because of, you know, it's being framed, particularly in the Western media, as this huge disaster.
And Taiwan's been in the center of the news for a while.
Massive earthquake, it's Taiwan.
And to be fair to the West, the rating for the earthquake was so much more serious than the earthquake that nearly shut down New York City for a day last week.
So I think people were just reacting to the Richter scale on some level.
A thousand times more powerful because the Richter scale is.
is logarithmic. But part of the issue here is, so number one, I was kind of annoyed at the media
in general. It's like this is, this is like, I am at the epicent, no pun intended, accidental
pun of this like media sensationalism. And I feel obligated to, again, I deeply appreciate all the
messages and reachouts, but also it's like, look, it was fine. Like there's nothing even fell over
in my house. Pick up the phone and call someone in Taiwan. So you can stop framing this as this sort
cataclysmic available. It was literally cataclysmic. They had reporters in Taiwan that are playing
into it, right? Like, oh, this, you know, this big deal. So I was traveling last weekend with my
family and my daughter had a softball tournament and one of my thoughts was there wasn't a lot
happening in tech. Maybe we should not do dithering. And what I was like, no, I need to do dithering or
else people are going to like freak out that like I didn't publish, you know, that's my first
publishing opportunity post earthquake. I published an interview, I guess, that evening. And I'm like,
no, we should definitely do the earthquake. Or we should definitely post just because I don't want
people to sort of like worry about it. And I screwed up in that I bought this story. Again, like,
I think I said that I think was probably just verification, but I pride myself when I'm publishing
of making sure I actually dig in and understand exactly what's going on. I don't buy the media
narrative. And there's a bit where actually maybe I did a little too much sort of in that take.
And it was downstream of the big responding to emails.
No, like the media narrative at the airport. Yeah.
This is a long story. All to say of which is, number one, I'm really irritated at the media,
both about this Amazon story and about the earthquake story. Number two, the blame lies with me
for not digging deep before I published something that sort of was talking about.
it. We're talking about it now. But number three, your point about this being a parable about tech,
I think is actually really accurate. Like, whose fault is it the normies don't get it, right? Like,
like, it does feel like, you know, again, I don't want to be like an, I'm a part of the media that it was
part of the problem sort of in this case. But if you did think about it for a couple seconds, which I
did insufficiently, or at least talked about it insufficiently, the number is not big enough. A thousand
people is not enough people to actually be verifying all these transactions.
It has to be working sort of at some level.
And I don't know.
That was sort of a long, it's occurring to me now as I'm talking to you, how all these pieces sort of combined to inspire Bernaro's email, which I got to take the L, just a lot of L taking by me today.
And it's just all the dynamics about how that happened are kind of interesting to sort of think about.
Yeah, well, and while you're over there wallowing in blame, blame for yourself, I will just focus on gratitude because when I first heard the story, I was immediately skeptical. It was one of those things that would be like a storyline on Silicon Valley, the HBO show. And it just seemed a little bit too cartoonish to be real. And then we got a number of just really good emails from listeners explaining what was really going on. And the reason Normies would maybe be confused on this point is because,
You hear machine learning and you think it's almost entirely automated.
So you hear a thousand humans are involved.
And then it's like, well, wait a second.
They're pulling the rug out from underneath me here.
This was all like an outsourcing operation by Amazon, which isn't the reality of how that technology works.
So in case anyone's curious, I'll just read this note from Matt before we move on.
He says, it's likely that AI is handling the majority of the work on this project,
particularly through computer vision.
However, there will be instances where AI may encounter confusion or have low confidence in its assessments, such as differentiating between items or sizes. In these cases, human oversight is crucial to supervise and assist the AI in making accurate decisions. While the goal is to minimize the need for human intervention over time as AI improves, it is essential to recognize that initially human involvement is necessary to refine and improve the AI through labeled data. This approach.
is not a weakness, but a strategic and necessary part of building autonomous systems.
And that's going to be true for everything that happens in AI for the next 10 years.
It's true for all this stuff we're talking about right now, right?
A huge part, we talk about RLHF, reinforcement wording from human feedback.
Right.
That is, that was the big breakthrough for chat GPT.
We had GPT3, which would put out this content.
And if you looked at the kind of like, wow, that's pretty incredible what it is putting out.
but it would devolve into gibberish sort of over time,
and it would do sort of weird stuff, right?
And so what OpenAI really nailed wasn't just the sort of the model itself,
but was they really figured out how to do RLHLHF sort of effectively.
And it's interesting because that's where all the questions and challenges of bias
and pushing things and putting directions,
that also comes through RLHF.
I think actually my first interview with Nat and Daniel,
sort of an ongoing series of trajectory about AI.
We did that before chat GPT.
And I believe we had a discussion about R-LHF in there in that our concern was like,
this is going to be a thing.
Are we going to get sort of the hectoring sort of HR sort of voice to this and it's going
to turn people off from AI?
It turned out that yes, we were going to get that.
And yes, it would turn people off.
But also it was also essential.
That's what actually made it sort of breakthrough, right?
And so this human aspect is really important.
And at the beginning, you need a ton of it.
Like they have a huge host of, you know, there's a whole company,
Scalii that's like all about, you know, they have like contractors like all over the world,
basically.
They're just doing grunt work of like checking is this answer right or is it not or is sort
of X, Y, Z.
And like there's a lot of grut work that goes into this.
And to the emailer's point, the better this gets ideally the less you need.
And then also ideally, as it's in the real world and real people are using it, you're getting feedback in real time.
So that's why it's really important.
Like that's why AI, open AI to specify, oh, hey, the corporate one, we're not collecting the question of information.
The implication of that is the general consumer one, of course they are, because that feedback mechanism of people's responses and they all have the thumbs up, thumbs down sort of thing there is even though that might be low quality feedback because people aren't incentivized to do it, just getting that feedback.
is so valuable to making these systems work and work better.
And yeah, it's integral to the process.
And again, I want to self-flagellate myself more.
I've probably done enough on it.
But, like, this was obviously the case.
And thank you to email.
Matt of myself.
Well, Ben's going to be self-flagellating throughout this episode.
It's great.
Self-flagellation episodes.
You know, no-tech Ben is leading the way here.
Just taking L.
When I was on the train back from New York City this afternoon, I took it upon myself to make it the myth-busting episode, at least at the top here. So there were two other myth-busting items I wanted to mention quickly. And there was also last week the story, a venture investor named Dedy tweeted, this is shocking. Facebook gave Netflix all your private messages on Messenger in exchange for all your watch history, while Netflix paid them $100 million for ads. Meta will sell your
data at a heartbeat for profit. And he was linking to a lawsuit that didn't say that explicitly,
but sort of implied it. Meta executive Andy Stone called that claim shockingly untrue. So, Ben,
in one corner you have Dede the Venture Investor, whose tweet now has close to 50,000 likes.
In the other corner, you have Andy Stone, choose your fighter in terms of what happened here.
Of course, Andy Stone. I'm pretty sure I wrote about this at the time. This was a story sort of
previously. This, I mean, maybe this is a little bit of an anti-media episode. This was the,
not this story specifically, but a very similar story was one of the ones that really opened my
eyes to what I think is fair to call a systemic anti-tech lens in the mainstream media,
in this particular case in the New York Times specifically. So in the sort of, this is 2017,
2018, somewhere out then. The New York Times runs this front page story. Facebook gives
user data to Huawei.
Sounds bad, right?
Huawei's in the news, you know,
they're the Chinese sort of manufacturer making smartphones.
What was happening in the story is that there was a Facebook app on the phone that was
installed, right?
Which if there's a Facebook app on the stone, on the phone, there's going to be user data.
That's what the app does.
And the reality is that the phone manufacturer has root access.
Like whoever they have access to everything.
It's the way computers work.
Right.
Right.
Like so the whole bit about trust and all these sorts of things, there's an aspect of you have to trust your phones manufacturer because they have root access to everything.
Even stuff that's encrypted has to be unencrypted in memory for you to be able to operate on it.
The whole bit about encryption is, you know, is it encrypted end to end?
What that means is so if I send a WhatsApp message to you, it has to.
it has to be unencrypted so I can read it.
I'm going to imagine about messages or just a bunch of ashes, right?
That has to then be, it's encrypted on my phone, it's sent to you, Facebook has facilitated a key exchange, so you have the key to unlock my messages, I have the key to unlock your messages.
It gets to your phone, it's unlocked on your phone.
But it's unlocked on the phone, that's the point.
Encryption will handle all the in-between points, but it has to be in-memory at some point.
The company that made the phone can put in, Apple could have a backdoor into user memory space.
And we wouldn't know about it.
It's just the reality of a computer.
And so did Huawei have access to user data?
Yes, they did, because that's how computers work.
And if they were making phones and there was a Facebook app on the phone and the Facebook was pre-installed, whatever might be, then yes, they did.
And for that to be framed as Facebook is giving user data Huawei was one of the singular most dishonest stories I've ever read.
It was on the front page of the New York Times.
Yeah.
Well, and this was dishonest also.
What actually happened, Andy Stone clarified meta didn't share people's private messages with Netflix.
The agreement that was in place allowed people to message their friends on Facebook about what they were watching on Netflix directly from the Netflix app.
And that's a common agreement in the industry.
Guess what?
How is Netflix going to sort of send and receive Facebook messages?
It has to have access to.
out without Facebook's help.
And this idea that Facebook is selling, this implies selling user data, again,
breathtakingly dishonest.
And also implausible along the lines of the Amazon story, the idea that Facebook would
breach the privacy of every user for this relatively small deal with Netflix.
Like the risk is not worth the reward.
Yeah.
No, exactly.
Exactly.
Like if you just sort of think about it for two seconds, it doesn't make any sense.
And, you know, I've gone on and on about, no, Facebook's not selling your data.
That doesn't mean there aren't data questions around Facebook.
It's not the exact same, but it is a similar dynamic to the phone maker sort of thing.
I think that the Facebook sort of approach has been very privacy positive because, particularly pre-ATT,
where you have this situation where the whole point, if I'm a small business and I want to advertise on
Facebook, guess what I don't want to do, particularly as a small business with limited resources.
I don't want any user data.
It's a nightmare.
It's a really hard problem.
Like one of the things people complain about, you know, with passport is like, well, why don't
you support passwords?
Guess what?
Because it sucks, right?
And I don't, that's a responsible.
So we have password risk login.
I think it's fundamentally more secure.
It's, in some sense, I'm offloading security to the email providers because of your email
account gets compromised, then that's a good, but that's the case for everything, right? Because
password reset sort of exists. But, but in this case, what what small businesses could do is
basically offload all of their user management to Facebook, in that you would see an ad on Facebook,
you go to a website, you would sort of make the purchase, and Facebook would give you sort of an
SDK or pixel that you'd put on your web page that would track that, and all the data stayed internal
to Facebook. And again, that sounds devious. It sounds bad. From my perspective, as a small business
proprietor, that sounds great. From my perspective as a user, yes, that makes Facebook into a big,
fat target for sort of bad actors. Facebook is, I would trust Facebook much more to have effective
defenses and do have massive security teams and all the watching and all the sorts of things
to protect that data more than I would
random small business, right?
And so this is a real challenge.
Like I was at a call, you know,
with about the security stuff with someone,
you know, in the government sort of a couple years ago.
And this was like sort of my take.
I'm like, look, if you're worried about this sort of thing,
what you need to do is I think you should push people
to get off of self-hosted, like particularly for email.
I think it was what the discussion was about.
And I'm like, yes.
And, you know, a couple of years or like last year, there was some big issue with Office 65 and its email and some sort of vulnerability is discovered.
And that's the downside.
You have one big fat honeypot that if there is sort of an issue, that's bad for everyone.
But in the sort of when you balance the pros and cons, do I have more faith in Microsoft sort of fixing and solving and being aware of and rectifying sort of issues there?
And having random business X or government agency.
Why?
That's right.
That's right.
Yeah.
And so this is like, so sorry, that was a broader sort of digression about this point.
It would be incredibly dumb for Facebook to just willy-nilly.
Oh, yeah, let's do a, you know, $10 million or $100 million deal or whatever.
Or let's get Netflix to buy some more ads.
Guess what?
Netflix will buy ads on Facebook because it's a good ad platform.
Right.
Yeah.
There's a combination of lack of understanding of how technology works and this assumption that tech companies are bad actors.
that really infuses a lot of these stories.
And it's, yeah, it's frustrating.
Also, it's kind of like why I have a job and why I'm mad at myself about that.
Because I did not do my job properly.
Okay, so final myth.
I don't know that I would call this a full-blown myth,
but for the past year, there's been a lot of talk about TSMC construction in Arizona
and how it's being held up by labor and environmental disputes and all the red tape.
in the Chips Act and how basically American bureaucracy is getting in the way of the project actually
getting off the ground. The economists wrote about it recently. The Wall Street Journal has weighed in.
The New York Times, Bloomberg wrote about it last year. And then last week, there was a report
from Data Center Dynamics that said three months after TSMC announced further delays at its
$40 billion Arizona fabs, the chip manufacturer has now said the plant is expected to be operating
at full capacity by the end of the year.
The announcement comes several weeks after it was first reported that TSM is set to be awarded
more than $5 billion in federal grants under the U.S. Chips and Science Act.
So, Ben, I'm still not entirely clear what processes are ahead of schedule, and TSM is going
to hold a press conference in mid-April to provide more specifics in that regard.
But I'm mainly just flagging it as another myth that might be busted.
and some of the pessimism from TSM might have been something of a negotiating tactic as they tried to actually secure this funding and get things rolling.
So I found it interesting.
Well, if I could make it about myself once again, I think one way to reach trajectory, not always.
I don't want to oversell this.
There is a dog didn't bark sort of aspect.
I haven't written about this particular issue in a while because I have wondered if there is some degree of over.
overblowness happening here.
And part of the dynamics is a Taiwanese dynamic, which is TSM is in this very interesting
strategic position.
I think interesting is one word that you can use, which is you have, it's obviously a massive
astronomical part of the Taiwanese economy, number one.
Number two, there is this, you know, the Silicon Shield sort of concept where, yes, we're
all, you know, we Americans are all happy that, you know, Taiwan is a thriving democracy.
Is that actually going to inspire us to go to war to defend it? Or is chip dependency going
to inspire us to go to war to sort of defend it? And how important is to maintain that. And so
they're stuck in the middle. You have the TSMC sort of perspective, which is a company
wants to keep growing and to live forever, which means they should be diversifying outside of
Taiwan. It's also a Taiwanese company. I believe the government is still a bit of a shareholder,
but regardless still has a lot of influence and sort of impact. And they want to preserve that aspect.
At the same time, they want to play nice with the U.S. because they need the U.S.
They need the U.S.'s sort of protection sort of in the long run. So you have all these dynamics going on,
which means there is an incentive and impetus within Taiwan and within the Taiwanese media to
downplay and see this in Arizona not turn out well, right?
And so you, and so this dynamic, it's not quite the same as like, it is a, there's just
incentives you have to be careful about in sort of like parsing these stories, particularly
the ones that come out of the Taiwanese media.
Interesting.
And even within TSMC, there's different factions.
I mean, TSMC built in the U.S. like 25 years ago, it's been, it was a kind of a disaster.
It's the plant the chip plant foundry is still operating.
It's in Washington.
Yeah, Morris Chang, when he's interviewed about it, he'll just tee off on how inefficient and unprofitable it is.
He doesn't mince words talking about the U.S. operations.
No, he thinks all this is dumb, right?
Yeah.
And economically speaking, it is dumb.
But the reality is, you know, this is like sort of our basketball thing.
There's stuff beyond, you know, sort of like true shooting percentage or whatever.
There's lots of stuff going on, right?
And I think one of the interesting dynamics with TSM is as they've shifted from being a trailing edge provider to being a leading edge provider, which we've talked about, and the risks with that are astronomical.
The newest fabs cost like $20 billion plus.
They have been helped along by the largest customers, particularly Apple, which basically, you know, Apple fronted the most.
money for them to move down this chain and then Apple gets like the first year of chips,
right? And then everyone else sort of benefits from that on the back end. The implication of that
is despite the fact TSM has had sort of monopoly on the leading edge for the last five to seven
years, which I think they've under monetized, by the way, but they are increasingly dependent on
just a couple of buyers. Like it's almost like a monopsony sort of situation. They need Apple just as
much as Apple needs them. They need
Nvidia just as much as
Nvidia needs them. They're the
ones with billions of dollars
of KAPX at stake. That's being
spent and has to be utilized.
And the reality
is that Apple
and Nvidia and
AMD watt fabs
in the U.S. And so
that is the most important
dynamic here. That's more important than the
U.S. wanting fabs there.
It's that their biggest
companies that are essential. Absolutely, absolutely. And so that is why this is going, is happening,
is continuing to happen, is going to happen, I think is going to be sort of expanded. You know,
you mentioned sort of the rumor about this month. And, you know, I think is, and I think the hope
on the U.S. side is the more that TSM builds in Arizona, all of these challenges will be
overcome by sheer inertia. Like once you get big enough, just the scale dynamic.
you start, it starts becoming more economically viable to do lower margin things like packaging
around that sort of area, to do things like testing, which all of which remain larger
challenges because they're more labor intensive and they're lower margin.
So you have less room to sort of play with.
From the TSM perspective, my critique of TSMC over the last five to seven years is they
had them basically a monopoly and they underpriced.
They should have charged more money.
And now Intel is going gung-ho.
Maybe they're not going to fully catch up, but they're going to be much more competitive than they were.
Obviously, you know, Samsung is still in the game.
And so their pricing power, I think, is going to decrease a bit over time.
And that's a lot of money I think they left on the table that they're never going to going to sort of get back.
But the, but at the same time, what's one way they can increase price?
They can give Apple and VINV what they want, which is Fabs in the U.S.
They're going to pay.
And TSM has been very consistent about that.
the way they've always framed all the questions about the U.S.
and like the earnings calls and stuff is we are we serve our customers.
We're going to give our customers what we need and obviously we'll charge for that.
And so that's basically what's happening.
Wow.
Okay.
Well, I look forward to continuing to peel the onion on some of this.
On the U.S. side, I've been following it in D.C.
and following sort of the political narratives that have emerged over the last couple of years.
And there are elements of what the government's done with the Chipsack funding that I don't love.
I think it's particularly stupid to incentivize chip companies to build fabs in the U.S.
knowing that it's not economically optimal, but you're doing it for national security purposes.
If that's the logic, I don't understand why there's this haggling process over profit sharing on the back end.
If it's truly a national security imperative to have some sort of fab manufacturing in the United States, then let those companies, if they take the risk, let them have the upside on the other side.
interesting. I agree with you. It should be grants as opposed to like investments. Like that's not
the government's job. The government job is to like spend money uneconomically because they're in a
position to do so. The key thing in the broader sort of critique of the Chips Act is and this gets
to the point here. At the end of the day, these investments are so large and the way for them to be
economical is so dependent on the long run that it's all about demand. Like you can't, you can't
you can't sort of incentivize it from the supply side.
You can't sort of build it and they will come.
Like there has to be,
you have to make sure there is real and sustainable
long-term sort of demand that's going to uphold this
and keep this going.
But I don't know,
I'm somewhat more optimistic about it.
Their first grant was to Global Foundries,
which I think is great.
Like that's some of the stuff I'm worried about,
like more trailing edge sort of stuff, right?
The Intel one, you know, I think makes sense.
This TSM one is coming.
I'm somewhat optimistic.
I am too.
Now that I know that TSM is answering to Apple and not just the U.S. government, I'm more optimistic.
And mainly what I'm interested in is there's this notion that all these companies are struggling to build anything in America because of equity programs and environmental lawsuits and everything else.
And all those are real challenges, I'm sure.
But it's possible at least that all this stuff is going to get figured out regardless because of the economic incentives and because the U.S.
government's going to throw its weight behind making it work in due time.
So yeah.
I think it's some of those things.
There, like, there is some truth there and there are like some challenges.
Again, it's easy to sort of spin up, you know, just the reality is the reality of
these fabs is one of the advantages TSM has being in Taiwan is and being sort of the
the largest and most important company here is they get the best and the best and the brightest.
Yeah.
And they get the best in the brightest.
And what the best of the brightest have to commit to is they're going to go.
live in Shinshu, or
worse, from their
perspective, maybe Ta-Nan, which is in the south.
Ta-Nan is beautiful. Food is
amazing. It's also
like not Taipei, right?
It's sort of like, and you're
going to go there and you're going to live in corporate housing
and you're going to work long hours.
You're going to be on-call 24-7.
And like that is, you know, there's a
dynamic where they get
the best people with a pretty
crappy sort of work-life balance. And
get paid well relative to Taiwan, well relative to the world, maybe not so much, but they get away with it because they're in Taiwan.
And that is harder to pull off just independent of environmental reviews or sort of diversity programs or whatever they might be in the U.S.
There's just a fundamental issue that if you're the best in the brightest in the U.S., you go to San Francisco and you work for a tech company.
Yeah.
Yeah.
I mean, the whole talent dynamic is really maybe the single most important dynamic in the world that is really hard to sort of unpack and get to.
You know, in the U.S., like there's worries about like the competency crisis and like all these sorts of things.
And the fact of the matter is in the, you know, 80s and 90s, anyone that was smart and, you know, to the extent their skills are sort of generalizable, you go work in finance.
That's where you're going to really make, make your money.
90s and 2000s and even to now you go work in tech.
And, you know, the U.S. has a very liquid job market.
Mobility is pretty high.
And so the problem is that in a previous world where the best and the brightest would be dispersed much more amongst our, say, airplane manufacturers or sort of like, you know, those sorts of things.
everyone just goes to work in tech.
And that's a really hard.
By the way, this is a worldwide problem too.
Like this is part of the sort of pro-immigration argument in the U.S.,
particularly amongst like the tech sector is, look, we need to make sure we have the smartest people coming here to work in our industry.
What does that mean for the rest of the world, right?
If you're skimming off basically every country, this is one of the U.S. is just huge advantage.
is they're playing with a stack deck.
Like they're literally taking the smartest people from every country in the world, right?
Yeah.
And as an American, it's like, yeah, that's great.
But it leads to lots of sort of interesting dynamics that are difficult to unpack.
And something that Taiwan has managed to preserve to a certain extent.
And what the U.S., I think, is really trying to, and this is why I'm skeptical of this,
the certain sort of like critiques.
I'm a little skeptical of them because I think the U.S. is well aware of the importance of this going.
And part of that is spurring this ecosystem of making this desirable place for the best and the brightest to go and work.
That's why they want to really build this up in Arizona is a big focus.
They want to have other manufacturers there.
Intel has stuff there.
They want it to become a magnet where you get a virtuous cycle.
And then when you look back in 30 years, it's like,
one of, you know, it's not just Shinshu, Taiwan, it's also Arizona.
And, you know, we'll see, we'll see how it plays out. But by definition, the, it's kind of like
the do stuff that doesn't scale bit that we talked about with Amazon, you have to start really messy
and really sort of brute force it. But the goal is that it becomes self-sustaining, not just
from a customer demand perspective, but also from a talent perspective and all the things that sort of go
into that. Yep. No, that makes sense. Well, I just wanted to put a marker down because I was
interested with the update that emerged last week. And the theme of all those stories is that they
just prey on people's confirmation bias where if you hate big tech, then you're like, oh, my God,
Amazon was completely full of shit. And if you hate government regulation, you're like, oh, God,
we're never going to be able to build a fab in this country. Yep. Or you hate government subsidies.
And you're like, oh, this is all going to be a disaster sort of X, Y, Z. The reality with all this stuff,
and I sort of mentioned before, there's a little bit of truth to everything, right? Exactly.
But that's the flip side of everything is a tradeoff.
The reason why we come back to this again and again,
where you can't take absolute positions on any of this stuff,
everything is a weighing of tradeoffs and what matters and priorities.
And choosing one route always includes bad outcomes.
Like that's just the point.
And so much of the bad commentary and bad framing of things comes from people who
they live in a fantasy world where they critique without acknowledging that the alternative has also bad outcomes as well.
And the truth is that everything is a tradeoff.
And that applies to a chipsax funding.
It applies to things like these regulations.
Like environmental regulations are pretty good for quality of life, right?
Like it turns out when the U.S. was at its most dominant, we also had like rivers on fire and terrible smog, all of which no one liked.
Right.
And can you veer too much in one direction or the other? Absolutely.
But what we should do a good job of, at least on this show, is keep in mind that like everything is a tradeoff.
Right.
There's a lot of gray baked into any of it.
And all of it is a very good example of why it's important to get your news from more than just Twitter.
No, that's why you subscribe to a Shrekry Plus, but sorry about the very episode.
So a perfect opportunity for me to be a salesman.
I was just going to say, don't be Kyrie Irving, but we will keep it moving here.
Proud graduate at Instagram University, Kyrie Irving.
Shifting gears entirely.
Can you explain what was happening with the XZ hack last week?
You wrote about it.
I read it.
I'm not sure I fully internalized it.
So this is a chance for you to make it even more relatable to the podcast audience.
Yeah.
This is a hard thing to write a,
about for sure, but it's actually an unbelievably fascinating story.
So, where to start?
I'm going to get comfortable, put my feet up on my desk here.
I can't wait.
So you've gotten like a zip file, right?
It's like a, you click it and it expands or something else.
Ben, I pirated music for like 20 years.
So yes, I'm familiar with the zip file format.
Yeah, so this is, I'm not talking about zip files.
I'm talking about compression.
Compression is idea.
You have a very large file and you make it much smaller for transfer.
on the internet because it's big files are hard to move around.
XZ is a compression algorithm.
It's actually way more efficient than Zip.
It mostly works on sort of large monolithic sort of things like say a Linux distribution, right?
And so it's been around for a long time.
There was a previous algorithm before.
This has been sort of the go-to compression thing in Linux for the last 15 years or so.
And it's just standard.
Like it's one of those things like it's a super important thing to have.
but once it's built, it's kind of built, right?
And there's a ton of stuff.
We're using stuff from like the, you know, the 70s or 80s, you know, that still today,
because it does the job.
And that's what sort of needs to be done.
One of those things that sort of does the job is a thing called SSH.
So if you're logging into a server, generally you don't have a GUI for like servers.
You just open up a command line.
So the terminal app on your Mac would be an example of this.
And you type, you know, SSH username at the address of the server.
You put in your password and you logged in.
Now you can have more security there.
Like you might have to have a key on your side that has to be verified as opposed to just a password.
Like there's a lot.
Obviously there's a lot of work to make the secure.
And obviously these are very hard and worked on sort of vectors because anyone's on the internet.
Anyone can sort of attack a computer.
And this is sort of the where you're opening up access to the computer to the outside.
It's really important that this is made secure.
So the standard sort of library here, it's a broader project called OpenSSH.
You know, rock solid, bit around for years and years and years and years.
Okay.
Meanwhile, Linux installed a new sort of init manager.
This is the sort of the program.
When you first turn on a computer, how does a computer get started?
Like, you can understand you open an application, right?
The operating system is there.
It opens the application.
It presents all these sorts of things.
You have to actually, like, turn on the computer.
So Winix shifted to this new system called System D.
That's basically the master process.
It's like process zero.
It's like it starts the computer and it manages what other processes run.
So processes are just like the core programs that run your computer.
It is the most important sort of basic sort of thing.
And so what happened was System D does logging.
It keeps track of everything, which is super important.
So you can know sort of like what's happened.
You can have diagnostics.
You can figure different stuff out.
And so System D is generally packaged with XZ, a compression out of it.
Because guess what?
Log files get very long.
large, they have a lot of text and space. They can be compressed very effectively. And so it's
often sort of just put together. Meanwhile, open SSH is a standalone program. But a lot of distributions
use a patched version of open of SSH, which integrates with system D. Why? When someone logs into
your computer, you might want other stuff to happen. Oh, someone's logged in. I want to turn on this
logging software. Someone logs in, I want to start a sort of window manager. So it makes sense to integrate
SSH with System D
because System D starts all that other stuff.
System D needs a compression
sort of algorithm to force logging files
to keep them small.
Okay.
I'm not sure.
So this is this is sort of the,
how these three things became sort of intertwined
in a lot of Linux distributions.
Okay.
Everyone pay attention.
There will be a quiz after all of this.
SSAH, System D.
Okay, continue.
So XZ was created and maintained by like one guy.
I think he's in the Netherlands.
And this is sort of the blessing of the curse of open source.
This guy created this program, this suite of utilities that is used all over the world.
What a triumph, right?
It's amazing.
Like, imagine like the fulfillment, right?
Everyone in the world uses XZ.
This is amazing.
I'm understanding it as like the Microsoft Excel of large scale compression tools.
Much more basic than that.
But yes, everyone uses it.
And one guy, one guy made it, right?
what an amazing testament to the scalability of software, right?
The problem, and it's mostly done, right?
Again, how much work is there to do?
Yes, there's advancements and there's certain things that need to be, you know, in computers
and stuff like that.
But suddenly a couple years ago, this guy starts getting harassed.
So all open source projects have like mailing list where we can do it.
People can submit like changes or XYZ.
And it's like, why isn't this being updated?
What's happening?
Dada, da, da, da.
There's this sort of thing that doesn't,
exist. And like it's a bunch of different accounts that are on there sort of giving this guy a hard time who's said that he's like, you know, I've had some, you know, mental health issues and he's known for taking like long internet breaks, which by the way is probably a good idea for everyone. You know, and, and suddenly this guy, Jatan shows up and he contributes a couple patches, which again are like different versions of it. And then he starts contributing actual changes to the code, which are addressing these issues that the people on the mailing list are complaining about. It's like the savior shows.
up from this poor guy who made this project 15 years ago and now is like, you know,
the burden of the world is on his shoulders.
He has people complaining to him.
He's like, oh, I got, you know, I'm now stuck with this.
And this guy shows up, Jatan shows up to sort of fix his problems.
And over time, he fixes more things, does X, Y, Z.
And the guy's like, look, I needed help here, Jatan, you come on as a co-maintainer
of the project because he got access to like the master sort of files.
And he could update stuff without this guy sort of approving it, right?
you could take his internet breaks and Jatan would sort of be there responsible.
Just, you know, a wonderful example of the open source community really stepping up to support
each other.
Oh, boy.
I have a feeling there's a twist coming.
So you fast forward to like a few weeks ago or a couple weeks ago.
Microsoft researcher is running a beta version, like an alpha version of, I think it was Debbie in, like one of the Linux distributions, that did that sort of,
sort of integration I talked about before.
It used System D, which included XZ, and it used a patch version of SSH because it wanted to
tie into the unit system.
And as he's logging in, he's like, this is taking forever.
Now forever, because he benchmarked it, was 0.3 seconds versus 0.8 seconds.
But he could perceive, why is it, why is SSH so slow?
He starts digging in.
And it turns out when you would sort of build the system.
you would pull down the stuff that you need.
Now you don't pull down the source code like XZ.
It will sort of pre-package it for different sort of architectures
and what are called tar balls,
another sort of compressed sort of thing.
And so it pulled down the tarball.
It turned out Jatan had been editing in binary code,
just like ones and zeros,
the tar balls that were pulled down
that would go into these systems.
And those would introduce via this integration
a vulnerability into SSH.
And that vulnerability was basically
it would scan for one particular key.
So the way we talked about keys before
sort of WhatsApp, where I send you my private,
I send you my public key,
and I have a private key.
That public key only works with the private key.
So I encrypt those messages on my phone.
They're sent to you.
You have the public key that will only work with the one
I used to sort of encrypt it
and then it unlocks the message.
and you can see the message that I sent you.
This is the same sort of thing,
but it introduces like an extra keyhole on the door,
but that keyhole would only work for one key,
and that keyhole was only exposed if you brought the right key.
So you couldn't like scan systems to sort of find this.
And basically jot on by finding this project
that through this Confluence events was built into these different mixtures of products
and building trust and having an army of sock puppets
that were putting pressure on the maintainer
and then Jatan could show up as a savior,
got access to XZ to introduce a vulnerability,
not in XZ, but into SSH,
which had this made it into the default distributions,
would have meant that the vast majority of servers in the world
would have had an extra keyhole
that only Jaton, whoever supporters, would have had the key for.
And it would have been...
You could have, you wouldn't have been able to discover it.
You can't scan for it.
Ben, you want to talk about building trust.
For the first 30 minutes of the episode, we were saying, you know, some of this big tech backlash is overblown.
When you actually look at the incentive structure and the realities of how this tech works and everybody just settle down.
Things are actually okay.
It's not as dystopian as it seems.
Now, this is unbelievably complex.
And clearly we were teetering on the break of something truly disastrous in terms of global vulnerability.
So I gather we don't know exactly.
We don't know very much about the original creator.
How much detail do we have on Jatan?
We don't know.
I mean, so this is the pluses and minuses of open source.
The downside is super clear, right?
It was like there was a way into the system that depended on one guy in the Netherlands.
and someone could worm their way in and do this project, right?
Like that's all the sort of downside.
The upside is you had lots of people like this Microsoft engineer,
not a researcher, who's an engineer, using this stuff.
Like many eyes, right?
No, it's just an aspect of it was a very lucky discovery,
but the way you solve luck problems is you roll the dice more, right?
If you just need the dice to hit once,
if you roll the dice a thousand times versus ten times,
you're more likely to get the result that you want.
So that is a good part of open source.
Everyone's using the same stuff.
Everyone's working on the same stuff.
The downside is one vulnerability could infect a bunch.
On the other side, there's a lot of eyes on it.
There's a lot of people working to figure this out.
Number two, there is documentation and traces of everything.
So that's how people quickly discovered all these sock puppets,
which were clearly part of this operation.
All of Jaton's activities, every commit he's made everywhere is all there
and all documented everyone sort of looking and seeking and figure out who this person is.
I mean, it seems pretty clear this was state sponsored.
I mean, the amount of time and effort and sort of resources that appear to have gone into it.
The fact that it's Jatan, a Chinese name, makes me think it's not China, right?
Because like that would seem like an obvious thing to do.
But who knows?
I actually have not caught up over the last couple days if there's been any new discoveries about who it is or what it is.
But, you know, so the flip side is, well, you should have private code.
This should not, it should be able to join.
Well, but then what if there's, we have the story of the Google employee who is a Chinese spy.
If a vulnerability gets put in in a private system and you don't have all the eyes on it and it's sort of like implicitly sort of more trusted, that's like the downside of close source, right?
And so I still, I think in this case, this is ultimately a win for open source.
but it exposed some real vulnerabilities, to be clear.
And there's a bit that ties back into the chip stuff where leading edge obviously super important draws a lot of headlines.
I'm concerned about the trailing edge, right?
And one thing, by the way, that we never haven't talked to is Japan's doing a ton on the trailing edge.
TSMC's had a lot of success there.
They're building more.
The EU is subsidizing TSM building in the EU.
In both cases, it's really the auto industry driving these investments.
But the auto industry needs trailing edge.
So I think, like, from a Western coalition perspective,
trailing edge is getting addressed, which is encouraging.
But there's a similar dynamic when it comes to open source,
where you have tech companies invest a ton in open source.
Like a lot of the biggest project and most important things really do come from big tech companies.
But they're mostly building new stuff.
And they're building stuff that is freely distributed,
but is driving their sort of initiatives.
There's no real incentive.
for anyone to be taking care of the maintainer in the Netherlands.
And I think that this is something where, again, another committee, another coalition,
it's always a challenge in open source is coordinating this.
But what's the inventory of all the XZ type utilities that everyone sort of depends on, right?
Number one, maybe that list exists, but it needs to exist.
Then number two, there needs to be a collective funding of, if not the contributors per se,
Like it's always dodgy how money flow works in open source.
And just like there's ideological issues, all that sort of thing.
At least there's people watching it.
Right.
Like there's a new maintainer on the XZ project.
We should be digging into everyone.
What's going on here?
Maybe it's not public, right?
Maybe you don't want it to be like, I think this does fall in the big tech companies.
They have the money.
They would pay the price, had this made it through.
It does raise the concern question.
Are there similar exploits that have happened?
there needs to be some sort of inventory of,
are there core projects that were mostly done
that have gotten a flurry of activity
in the last X number of years?
That would be a sort of a good place to start.
And, you know, open source is great
because there's a lot of collective problems
that need to be solved
that provide zero business differentiation.
They just, like, you just,
and that's why it's flourished in the server space.
Everyone needs to run servers.
Everyone has to run infrastructure.
And so basically pooling resources,
is a positive thing in that regard.
There needs to be even more aggressive pooling of resources
in terms of security.
And security isn't just automating stuff.
It's actually having people committed to doing this sort of like, you know,
Jaton ultimately covered their tracks very effectively,
but they assumed they'd never be discovered.
Once it was figured out, it was actually very easy to uncover them.
Again, because everything is sort of documented.
You know, the pluses and minus of computers.
They track everything and they track everything.
So it's a really, really interesting story.
One of the most momentous stories actually intact, I think, in a while.
It's incredible, even though it's really hard to sort of understand, but it has big, big implications.
Okay, so I have two questions as the common man before we close out.
Number one, what could this have turned into?
Like, what's the worst case scenario?
It just stays dormant.
No, this goes back to the Huawei issue.
If you have access to the computer, you have access to everything, right?
So we're talking about some entity having root level access to the computer.
To launch like a truly crippling cyber attack on any number of-
Crucial infrastructure systems.
Okay.
Yeah, or like, you know, obviously there's protections on top of protections.
But ultimately at the day, if you're in at root, you can work your way around.
Like Huawei made the phone.
they ultimately, at the other day, it might be a lot of work,
but all security has to devolve to something.
There has to be some point of security.
So for Apple talks about the secure enclave, right?
The idea is in their chip, that is the root of all your security.
It has to go down to something.
It's not an infinite loop.
There has to be, it's like we're talking about everything's a tradeoff.
Everything is gray.
How do you operate in that world?
Well, you need to have some sort of like moral principles where it's some,
you know, if you have moral relatives all the way down, it just ends in nihilism because
there's nothing means anything. You have to have some sort of bedrock assumptions that ground
your view of the world that lets you navigate gray areas, that lets you navigate tradeoffs because
it comes down to something that you actually believe, that you choose to believe. Computers work
the same way. It has to come down to something is the root of security. And this was potentially
so so crippling because it would get,
nearly down to the route.
Not all the way to the route.
The route is actually hardware.
This was root level access still on a software level,
but about as close as you can get.
Yeah, it stressed me out just listening to it.
Thank you, Andre's friend,
the Microsoft developer who helped avert disaster here.
Last question.
Just incredible.
Like, this seems slow.
This seems to 0.5 seconds.
I mean, the guy's a hero.
It's a sincere.
Thank you.
Yeah, it's incredible.
I mean, this story should be a Netflix show or something.
The final...
I'd be a little boring, we told me about us.
I'm into it.
Look, I fear the dramatization.
Listen, you need to watch Halt and Catch Fire.
You can make computers cool.
I promise you.
Last question, you won't have an answer,
but is closed source actually all that safer than open source in terms of cybersecurity and
hacking concerns. I think it's less safe. I think it's less safe. Now this again, it doesn't have this
issue, right? Like, you can't just like make friends with the guy at Apple and start doing sort of
XYZ. And so that is the advantage of closed source, right? And they're, you know, the reality though
is so number one, a spy could be employed by Apple. Like this happened to Google. It's fair to say that's
happening everywhere. Well, that's why I asked. Like with Sharp China, there's such an expansive
PLA state-sponsored hacking campaign, and I'm sure other countries are doing it as well.
And so I just sort of wonder whether it's a distinction without a difference in terms of closed source first open source.
I agree with the cynic sort of take that every tech company is deeply infiltrated.
I mean, I think like this is this also ties into the immigration point I made before, right?
We get the best surprise for everywhere.
Not everyone changes their allegiances.
And, and like, so that's, and so this is a broader.
point. This goes like, go back to our free speech discussions. I think for the U.S.
and for if you're on the cutting edge of innovation, the more openness and transparency, the better
in every degree. Yes, it entails risks. Absolutely. Yes, it entails downsides. But being
more open, more transparent, I think is the best approach. I think this is a good example. I see
André's friend's sort of discovery as a triumph of open source. There's a lot of people using the
software.
Yes, it's amazing that a guy noticed a 0.5 second delay, but what are the, what are the
chances of just an Apple engineer noticing a compromise in an iPhone versus every
developer in the world having to test the software because mission critical infrastructure
is running out?
I'm like, man, what's up with this?
It's something, you know, he just assumed there was a bug because it shouldn't slow down
and then discovers there's actually this, this back door was sort of put in.
So I ultimately do think this is a triumph for open source.
And I think there's routes to solve.
You're always, this was a very clever and intelligent.
And to some extent, we could see it coming.
I went to that.
There's a very famous XKCD comic about how the entire world's infrastructure is resting
on like some guy in Nebraska.
This was literally that.
But we can do better in that regard.
And we should.
And hopefully this is a wake-up call to address a problem that everyone kind of knew
existed, but no one was doing anything about.
but ultimately I do think having more eyes on it was better in this I think was an example of that.
Okay. Well, on that note, a lot to consider on the way out of that story.
But thank you, Andre's front is I think the top level takeaway for the short term here.
And Ben, I look forward to getting into all sorts of non-buck's topics later in the week.
And we'll keep the good vibes going here.
Maybe more myth-busting. Who can say?
Well, there is a broader point.
It's funny that you feel so shook by this story because this does tie back into the earlier part.
There is a, when you don't understand technology, like, Benedict Evans made this point on the interview with me last week.
Like, he has a framework, like when companies say no, regulators don't know how to handle that.
Because sometimes it's no and I don't want to do it.
Sometimes it's no and like that's a bad idea.
And sometimes it's no and that that's not actually possible.
And if you don't understand the technology, you don't know which of those categories that's sort of falling.
into. I thought it's a brilliant framework. I think it really does apply in sort of lots of areas.
And this, you know, we talk about some of these things. If you don't understand what's going on,
you take the, your interpretation is very easy to fall into the confirmation bias. Like,
it's probably because they're bad companies. It's because they're, you have bad incentives,
XYZ. I will just add that it's gotten so much more bewildering over the last 12 to 24 months with AI
because the big companies have their own spectrum of incentives in terms of what AI is going to do.
There's opacity.
And so everybody on the outside is like, what the hell is going on?
And it's just, it's tough.
I have good news and bad news.
The good news is this isn't new.
The bad news is that's because computers are actually way more complicated and fragile than you probably ever realized.
Right, like at the end of the day,
it is stacks and stacks of human-created
code on top of each other,
on top of human-created chips that themselves are,
we experience computers as these magical devices
that theoretically are completely reduced to ones and zeros
and totally binary.
And a thing I always say,
like bugs are usually not bugs.
The computer is doing what the device
developer told them to. The developer just accidentally told them to do the wrong thing, right? And, uh,
there is a bit where if people actually understood what all of our civilization is built on,
there probably would be a lot more coloring and fear to be totally honest with you. Ignorance is
absolutely. That's the takeaway from this episode. Even if that ignorance drives bad takes in the media,
right? Because they like assume this, these magical capabilities and whatever that don't necessarily
exist that you should be able to see through. So again, everything's a tradeoff. It sort of cuts both ways.
I made the joke about people in tech complain. People in the media don't understand tech.
Maybe that's a good thing for everyone involved.
I mean, Microsoft Excel is powering our entire finance industry. The internet is built on scaffolding that's been around for like 40 years and doesn't appear to have been updated.
So there's all sorts of fun infrastructure nuggets out there. But we'll get into all that and more as we keep rolling here.
Sharp Tech. But for now, Ben, have a good couple of days and we'll keep it rolling later in the week.
Sounds good. I'll talk to you later.