Tech Brew Ride Home - (Bonus) Listener Call-In 2- The Revenge!

Episode Date: July 18, 2020

The Twitter hack! Can Apple REALLY buy Arm? The Ad-tier being key to Peacock's strategy. Will open standards ever make a comeback? And much more! Learn more about your ad choices. Visit megaph...one.fm/adchoices

Transcript
Discussion (0)
Starting point is 00:00:00 On April 4th, 2023, around 2 in the morning, a man was found stabbed multiple times on a sidewalk in downtown San Francisco. Hey, who did this to you? What happened next turned the story into a political firestorm. Reports have identified the victim as Bob Lee, the founder of Cash App. From Bloomberg Podcasts, this is Foundering, the Killing of Bob Lee, beginning April 16. Welcome to another weekend bonus episode of the Tech Meme Ride Home. I'm Brian McCullough. Nothing much to explain here.
Starting point is 00:00:41 Just a listener-call-in episode. And I think this one went even better than it did last time. Much more of a free-ranging back-and-forth follow-up question sort of conversation, which is what I am looking to have. So tell me what you think about this episode. And hopefully we'll do another one soon. All right. So what is it? Seven minutes after, that's good enough to get started.
Starting point is 00:01:11 Less people than last time, but then I noticed, I don't know if anyone else noticed, but I forgot to actually put the link in the show notes yesterday. But it's up on the... It's in the audio, so if you read the transcript. Right. It's in the subreddit too now. So, but... So seven people, we should be able to get some decent questions. And I brought Chris in as my ringer.
Starting point is 00:01:36 here. Everybody, this is Chris Messina, who you might know as the inventor of the hashtag, but you should know now as your official ombudsman for the podcast. Thanks for waking up early, Chris. I mean, it is 10 a.m., but yeah, no problem. All right. So Andy says my audio sounds a little low. Does anyone else feel that way? It sounds good to me. Okay. All right. So let's first throw this open to anyone that wants to raise their hand with questions. And let's see. I've got some questions lined up here, but Chris, you actually came with a question. So do you want to talk about the Twitter hack?
Starting point is 00:02:30 Yeah. Let's see. You know, obviously, like this was like, a major moment momentary meltdown on the Twitterverse this week. And what I found so interesting about it is that what seems to have happened is a bunch of script kitties spread around the world who trade in OG usernames, original gangster usernames, like typically these are mononyms or single character or some short form of a username on social networks. social engineer in some way, it seems, maybe accessing an internal employee's Slack abilities
Starting point is 00:03:10 to then access an internal tool that would allow them to do various things, like sending an email reset. And if they were able to interrupt that, and essentially change the email address, which we reset link would go to, now all of a sudden, they had a way of actually grabbing that account
Starting point is 00:03:27 and, like, taking it over. And I can speak to this because this happened to me, because my username on Instagram is at Chris, and these same kids did the same thing to me through a social engineering attack against my AT&T account. So essentially what they did was they had a friend who worked at an AT&T store. And I mean, like, when I learned about how this like works,
Starting point is 00:03:52 my mind was blown, like how insecure the world is. And then the difficulty that I experienced, so first of all, let me just walk through that. Do you mind if I walk through that? Yeah, go ahead. Go ahead. Okay. This should give you some, like maybe the listeners have a sense of what this experience is like from someone who has been hacked.
Starting point is 00:04:11 You know, I had two factor on my accounts. And at the time, Instagram didn't allow you to, I believe, use a Google Authenticator style code generator. You had to use SMS. It was something like that. And there was also this weird inconsistency between the support for those. authenticate our apps and SMS between desktop and mobile. And so anyways, it was kind of like in a shit show situation. And so what they did was they, again,
Starting point is 00:04:41 had a friend who worked at an AT&T store, who was able to go in and change my account to basically change my phone number or whatever my service so that my SIM would then be associated with their phone number. And then they could basically reset my Instagram account password, which would send a code to the new phone number, which then would allow them to unlock my Instagram account and then take it over and then change the email address. So it's a little bit convoluted, but all you need is the weakest link, which is some poorly paid person in an AT&T store to make this happen.
Starting point is 00:05:15 Now, I don't know if the same vector was used on Twitter, but you can imagine that whatever the security policies are for the lowly interns or whoever it is that sort of deals with account issues on Twitter is probably not some executive that has like a 48-character password. and, you know, three factors or something. Well, I mean, that's kind of like the larger question is at a company like Twitter, what, I mean, we hope that the OPSEC is somewhat sophisticated, but would a company like Twitter know how many people exactly would be able to be a vector for something like this? Like if you're saying that anybody, I mean, listen, if someone hands you a paperback full of $50,000. You never know who might take that $50,000. But do they know, well,
Starting point is 00:06:07 there are 700 people that could be susceptible to being a vector in that capacity? I mean, you have to know, to know, you have to know, logging and all the backend systems that kind of track all this stuff. But ultimately, it is, it does come down to the people. And you could have one person, you know, that's got some friends or a friend of a friend, or, you know, someone used your laptop to do something that they shouldn't have and then they left themselves logged in and suddenly now you have like a way in. Like there's just all these human, you know, failures that can occur that even if you have a very robust security apparatus, you just have a bunch of inexperienced people who are on the system who don't even think
Starting point is 00:06:46 about this type of exploit and leave themselves vulnerable. So like just the fact, or at least as the New York Times is reporting, you know, the people who are doing these hacks were between 19 and 21. I feel like you just don't have, or your perspective of what is important in the world is so different at that age. And you're sort of like, okay, boomer, like you're using my social platform. And so I'm going to just like, you know, mess with your world and throw up a Bitcoin like scheme or something. Now, presuming this is all straightforward and not as some massive, you know, ploy by the Russians to detect, you know, to do sort of like a weakness probing or something. But presuming it is just a bunch of like, you know, script kitties who trade in these OG us
Starting point is 00:07:25 names and wanted to like demonstrate you know that they'd taken over these accounts and they also thought it would be a good way to make some crypto which you know $118,000 or however much it ended up being is a lot of money for 20 year old um you know uh Peter if you're there I go ahead and ask your question and by the way if you ask a question feel free to introduce yourself however you want or whatever. Hi I'm Peter I live in Manhattan and I'm wondering why would anyone buy a hacked Twitter user handle isn't it pretty obvious that Twitter would just reset it back to the original owner. So there are kind of like a couple answers to that.
Starting point is 00:08:01 First of all, there's just this like trade in like showing that or demonstrating that you have the ability to do it, even though they know it would get returned back. Like it was interesting. When I discovered that I, well, when I figured out my hack, at a later point, maybe several months in the future, the folks from Reply All, the podcast actually reached out to me to say they were putting together an episode and they want to interview me about my experience. And it turned out that they had screenshots of the Discord chat in which my username was being hacked. And then days later, they also had more chatter about the fact that I'd gotten my account back.
Starting point is 00:08:41 So this is part of what they know to happen. It's not like they're trying to grab it and then hold it forever. It's sort of like capture the flag. So that's one piece of it. The other thing is that there's just like an economic trade in short usernames. that are obscure. So, for example, one might be, you know, 10 BTC as a username, which if you're tweeting about Bitcoin,
Starting point is 00:09:02 that could actually be really good because it's short and you don't need to like, you know, have some obscure long thing that makes it look bad. It actually looks like an original username, which means that that account probably is older, which means people are willing to interact with it and imagine that it's actually like legit. So the trade in username says a lot to do with representation of authority
Starting point is 00:09:21 or of age or maturity or any of those things. And then there's another part of it, which is more about the gaming, of capture the flag, just to demonstrate that you could do it. So it's old school in two ways in the sense that maybe even the economic benefit is sort of secondary. It's more like the poning and like, hey, I can do this. And then it's it's the old school sense of like, well, if you've got a shorter domain name that or you've got it.com, it conferred. Same thing. whatever. You also saw the reporting, and I think Twitter acknowledged this, that at least eight of the accounts, they also downloaded the data. I saw that. And that's terrifying. Right. Now, I don't think
Starting point is 00:10:04 we've identified who those accounts were, but somebody said something that, like, well, that rules out it being either Biden or Obama or something. I haven't read all of that stuff yet. but so what do you what's your take on the idea that not that this is a false flag but that maybe these maybe this is a convenient cover story that there's a bunch of teenagers that did this for lulls i mean i think for the most part certainly it could be it's one i forget what the rule or the law is that like the simplest thing is probably you know the case um i do think that these kids, like, they have so much time on their hands. It's just, it's mind-blowing. And so, like, social engineering, something like this, where either they do like a password reset on
Starting point is 00:10:54 some, you know, employees, Slack account, which then allows them to gain access to an internal tool. And you can imagine it might be a bot or something, right, that gives them internal access to reset a user's password, where it's just like, you know, slash reset username and then a token or something and it just, you know, does the thing automatically. Those types of systems are now available. So the fact that there are these younger people that are seeking interesting challenges to work on, like does not surprise me. The question about downloading the data, though, is a deeper concern because the actual consequence of this may actually be much greater. So it might still be the same people with the same motivation, which was to sell a bunch of
Starting point is 00:11:32 Bitcoin. And what it turns out could be that they then take that data and it's even more valuable to sell that in a black market. And that becomes a bigger catastrophe. Because you can imagine all the DMs and all the other things that are like in there. And there could be a cascade of things that actually like happen as a result of that data being out there. Before we move on from this, when you said that those kids had been in touch with you, are you saying literally those same kids, you think? Or just those kids generally, yeah. That circle.
Starting point is 00:12:04 The same forum. Okay. It's sort of like, you know, like 8chan and like, you know, 4chan and stuff like that. There's this one forum which has been named like in a new time. where it's a pretty small forum, and yet, you know, they're just like trophy hunters. And that's, that's where they go to, like, share and swap these names. And it's fascinating. Like, there's a bunch of these names. Actually, it's on all media platforms. It could be on, you know, Xbox or it could be on PlayStation, like, all the places where you don't even think that these names are that valuable. It's just like that's how they collect their trophies. The, yeah, if you want to actually get the minute by minute, like that Brian Krebs piece that I mentioned yesterday, he names, he names the people, he names the forums, he's got screenshots and all and stuff. So if you're interested in learning about these exact forums, they're there.
Starting point is 00:12:51 One more question, take on this, Chris. Do you, what do you think that this does reputationalally to Twitter? I mean, Twitter, again, it's an old joke, running joke on the show, the lack of respect that Twitter has had. If you start from the bottom. You know, you're not really losing very much. You know, there's the jokes that maybe Twitter needs a full-time CEO. Of course. Right, right.
Starting point is 00:13:21 But in terms of the fact that, like, I don't think, I mean, I don't know, and maybe that's what this is revealing, but I don't think that something this dumb could have happened at Facebook, you know. Or maybe it happens all the time. Or maybe it happens all the time and they're better at, like, yeah. Yeah, yeah. You know, there'll be some, you know, like Russian preempts. like later that, you know, unearthed it and then like, you know, they issued our apology and like,
Starting point is 00:13:46 oh, we're learning and we're getting better. It just kind of goes on. I, like, I think to me, one, this does a couple things. You know, if anybody, and I know, of course, Facebook is the one that I think people look to for, you know, throwing the 2016 election. But increasingly, obviously, Twitter has become a much more important place for kind of, you know, live, real-time emerging conversations in the last, you know, three and a half, four years. Twitter used to be thought of as the place you'd go to sort of like share news about your breakfast. And now, of course, policy for the United States and other countries is being pushed to that platform. I have heard critique and criticism that suggests, you know, that Trump and other political leaders shouldn't be using insecure platforms or channels.
Starting point is 00:14:31 But the reality is, you know, there are people, there was a senator recently that published the op-ed in their Times that was full of, you know, lies and vitriol and stuff that didn't make any sense. And so I think it's important that people who are in these positions are able to talk to people, you know, through the channels that people use. And if you had to authenticate and send in a driver's license or add a credit card number or something to your Twitter account in order to use the platform, that would greatly diminish the use and adoption of that platform and its effectiveness to help people to communicate. Now, is that a tradeoff that, you know, we should, you know, force going forward? I don't really have a good answer for that. But I think this at least demonstrates the power of this platform. The fact that they recovered relatively quickly, the fact that they turned off all the check marks, for example, for a period of time,
Starting point is 00:15:17 was something that I never thought would be possible. It also, as I told you, gave me sort of a sense of like the fragility of my connection to my account. I don't really, as much as I think I own it, you know, it's controlled by a different system, somebody else. And so especially going into this election, I'm very concerned about just how it will be exploited, but I don't know if this single hack really discredits the platform. If anything, it sort of just shows how powerful it really is. You know, we're going to move on to something else, but put a pin in that because we might come back to that fragility question
Starting point is 00:15:51 vis-a-vis like TikTok if we have time. Sure, yes. But Alex, if I still have you unmuted, Alex wanted to ask a question about Peacock. Yes, my name is Alex. So I've just noticed that NBC launched Peacock this week
Starting point is 00:16:11 and it was a really great launch I think the approach of doing a free tier was a brilliant move although I still think that the fact that they are not on major platforms like Roku, FIRE TV
Starting point is 00:16:27 and Android TV I think it's really turned down the momentum because only having an Android app and an iOS app is not just good enough because that means that people it's like the quibble in some small way although i still feel it's more successful in its own way so my take is does peacock really aim to uh challenge for the global market or they're just
Starting point is 00:16:53 focusing on the u.s because with a free tier like they're on the offer ring one would think that they would open it up to more countries and just go after netflix like very quickly because Netflix has really grown over the last month. So I just want to get your take on why then we see you focused on going for the U.S. market specifically and also why they have restricted the platforms that they are wrong. Yeah, so I actually think you've hit on something that's key here that I want to talk more about, hopefully in the coming weeks, which is that free tier.
Starting point is 00:17:33 And what he means by free tier is that you can, You don't have to pay the subscription. If you're willing to submit yourself to five minutes of commercials an hour, it's essentially TV, as we've always understood it, for most the last 50 years, which is just you have to indoor ads. And the thing is that, and I have said this before, that's coming up quietly as the more interesting story here. Everyone thinks this is everyone taking a shot at Netflix and how successful Netflix is
Starting point is 00:18:05 and whatever Netflix market cap is. But the real money is going to be made if they can do this right, buy the NBC's, by the whoever can do the... It's essentially just taking the $120 billion a year TV advertising market and bringing it in-house. So imagine how powerful that will be for a Comcast slash NBC slash universal slash whatever.
Starting point is 00:18:32 Because think about it. advertising on television for 70 years has been, well, we get the ratings and we get the demos and things like that. Netflix has eschewed the idea that there's so much data in terms of what people are watching and who's watching. Netflix uses that data only to decide what to produce and what to maybe suggest to you, but everyone else is looking at it is like,
Starting point is 00:18:57 oh my God, if we know that there's a 23-year-old Latina female in California watching and, you know, like all of the data that social media has, essentially this is the first chance for Madison Avenue to apply that to old school media. And so while the headlines that we talk about a lot has been about the whole Netflix versus everybody else, everyone trying to knock Netflix off the crown, in the background, what's really going on in Hollywood is the jockeying for. or no one wants to, I mean, some people do want to create, I think Disney definitely does a Coke or a Pepsi to Netflix's Coke or Pepsi, right?
Starting point is 00:19:43 Everyone else in reality is just basically eventually seeing a scenario 10 years from now where they own the full stack of their content. So that it's under their brand. So they have the relationship with the consumer. They have the direct relationship with the advertisers that's not, intermediateed by, you know, going to Nielsen and things like that and having to figure out. Like, they would know. So the holy grail for everybody is instead of, well, you know, you're watching a football game and so you're inundated with beer ads because they know that they can guess the
Starting point is 00:20:22 demo of who's watching a football game. They'll, they will no longer have to guess because they'll know, all right, if I want to buy an ad that only targets 45-year-old men that are maybe in the market for a Roth IRA account, you'll be able to buy an ad that will only target. So, like, you'll have confidence that, like, 95% of your ad spend is going to the appropriate market. That's really where it's going to be at. Let me real quick, because I rambled on that a bit, but Alex, the question about why they're focusing on the U.S. right now is this is way beyond any of our pay grades, but there's so many rights issues and so many different. Like, even though it's Comcast, Comcast might not necessarily have the relationships
Starting point is 00:21:08 in Britain or in Nigeria or in India. So, whereas Netflix was basically a completely new entity, if you're a Comcast, you might have to go, if you're launching in Britain, you might want to do it with Sky. You might do it in partnership with somebody else. And we've seen that happen. is it Amazon? Amazon Prime has some partnership in India where they launched with some company in India as like a co-production or something like that. I don't know. But this is what Matthew Ball, the great Matthew Ball has said about when people say, well, if I was Netflix, I'd be nervous. He's always said, no, because Netflix is five years ahead of them. So that even if in the next two to three years, a Disney Plus, a peacock or whatever, does start to chip away at, Netflix here in North America. Netflix is already in 130 countries, and it's going to be five years before a peacock or whomever is going to be able to chase them into those other countries,
Starting point is 00:22:08 like in India or Nigeria or South America or wherever. So it is sort of a thing where they will want to get there eventually, but right now it's sort of walking before running. and I think it's also, though, about playing a bit of a safer game. I mean, I obviously have no insider knowledge about this, but just as an outside observer, I would imagine that launching the U.S. first allows them to do a number of things, you know, one of which is just figuring out, you know, is the app working, how do people like it, what does it feel like, where does it need to be improved? You know, there's a bunch of stuff on Quibi's launch that just, you know, seemed
Starting point is 00:22:46 asinine, you know, in retrospect. But they were able to like, you know, learn. and then adapt it and change it and improve it. I think all the rights issues are definitely at play and are important. I wonder if they can show a certain amount of traction or interest in the Peacock platform in the U.S. market that also puts them in a better leveraged position to have a different set of rights or value when they move into those other places when it comes to distributing content.
Starting point is 00:23:14 I think what Brian said is also right on. I think it's important to maybe sort of step back and take a look at what all these players have as assets and then to imagine what is it they need to do to continue to monetize or make use of those assets going forward vis-a-vis the personalization that Brian is alluding to. So for example, it's increasingly more important that any company has an individual relationship with you as an individual as opposed to a sort of like collective or group identity. And when it comes to interactive, you know, set-top boxes or computer screens or phones, or, for example, laptops, the fact that you can have multiple users signed in at the same
Starting point is 00:23:58 time is actually very important. And one thing that I would just point out that I've been seeing pushed a lot more recently is how Spotify now has a duo plan so that people in the same household can basically join. So it's no longer just like for family members. The Spotify duo is actually, I think, about segmenting listener habits. so that over time, Spotify can actually do a better job with either personalization or advertising or whatever is that they have for their long-term play and plan to basically build and keep that
Starting point is 00:24:26 relationship longer. And if you have a joint account, you know, where both people are assigned to the same thing and both people's preferences are expressed within the same identity, that actually leads to and erodes the user experience over time because your preferences start to, I think, calcify and become more specific the longer you're using a product. So that's also, I think, a big part of this, Peacock needs to get out there to be able to understand the personalization piece in order to build that relationship long term, in order to be able to present ads that convert at all relative to the industry standard, which in five years is going to be really, really good. Imagine if you had ads that were just TikTok-like style, like optimized for you. I mean, that is where this goes. That's why it's like why TikTok is like such an interesting and amazing platform. Chris, do you have a heart out or anywhere you need to be?
Starting point is 00:25:17 I'm good. Then let me get one question here from the subreddit, and then after that, TAL has a question that I specifically want you to speak to. But Neelish, who I don't think I see in the chat, had asked, how would Apple tackle soft bank selling arm holdings without having issues with antitrust? would Apple need to buy Arm outright, parts of their IP or employees, or blah, blah, blah, blah. Basically, I, you know, this was early in the week, but I find the idea of Arm possibly being available,
Starting point is 00:25:53 endlessly fascinating. And I do not think, first of all, so what do we know? We know that SoftBank needs to raise cash. SoftBank was considering spinning it out. you know, taking it public doing an IPO. But they got inbound from an unidentified company and wondering, you know, hey, we'll take arm off your hands. I don't think that that company was Apple.
Starting point is 00:26:22 I think everybody's agreed that it would be basically impossible for Apple to buy arm outright, not because they couldn't afford it, but because there's no way I think regulators would allow Apple to, because the regulators would look at it. Well, arm chips are essentially what power every smartphone, especially the Android phone, so you'd be undercutting your main market rival.
Starting point is 00:26:46 But I think that the more interesting thing here is, if you were going to threaten Apple, a Samsung or a Qualcomm or somebody who has not got the actual software platform themselves, I can see that you could make a case that maybe would convince regulators that you could take over arm. And then so the question is, is Apple going to be interested even if they don't think they can buy it? Would they have to somehow play in this game just for purely strategic reasons? I mean, the real interesting scenario here is what if a Google and a Samsung and a Qualcomm all combined forces?
Starting point is 00:27:35 to buy ARM. And then they could say that the regulators, look, we're jointly owning this and whatever. But then implicitly, who is that a threat against? And so then you could have a scenario where Apple is running to the regulators saying, don't allow the sale to go through because it's threatening us. I think that the most likely scenario is probably that ARM IPOs as an independent company, which it should. But if it, there's some scenario down the road.
Starting point is 00:28:05 There's plenty of precedent for this in tech history where all of the big boys get around a table and all agree to buy it equally for the purposes of either sharing the IP or whatever. But I think that's the thing, and I said this on the show, the fact that Arm exists as an independent entity and the fact that Softank was able to buy it and no one else strategically wanted to buy it four years ago blows my mind. But now that it's available, it'll be interesting to see if the guardrails come off this whole thing. Yeah. So, Tal, let me unmute you. Chris, I think you saw this one. I sent it to you yesterday. Tau wants to ask about open standards.
Starting point is 00:28:55 Yeah, basically just the internet was built on open standards. They kind of existed until the money came. and once the money came, all the big companies realized that open was not good for them. And as such, the last like real open standard that has taken hold feels like RSS, I mean, there's open, so there's tons of open standards out there, but like what are we all interacting with? The most interesting thing, one to me, in a large respect, is actually email even with that, because email can't be killed despite how much people are trying. and it's because it's still got its claws back in, you know, forever ago with SMTP and
Starting point is 00:29:35 IMAP, despite those being terrible. So my big question is, is that ever going to be able to come back? Like, is there any strategic reason that would make sense for any of these big players to bring it back? Or is there a world where maybe government regulation can force some sort of open standards? So I'm going to kick this to Chris because this is why I'm glad Chris is here. If you guys don't know about Chris's career, which I don't know, maybe why would you, but he's worked on questions like this his entire career. And this is sort of his ballet wick.
Starting point is 00:30:10 So go ahead, Chris. Yeah, I mean, you know, if you really want to get into the nitty-gritty of my scars and all, you can go listen to the Internet History podcast with Brian. I think there are so many ways that I can like pick apart this question to sort of, I think, understand it. I guess I might start by understanding what the purpose of open standards are in general. And I mean, standards at all. Like standards really are about interchange, interoperability, the ability to write code once and then have it work across a number of different systems. It's also about, I would say, you know, creating new opportunities for competition.
Starting point is 00:30:52 So, you know, like if you think about what baseball is or what soccer is or football, These are all essentially sort of a standard set of rules that everyone agrees to abide by. You know, you either put a ball in a net or in a hoop or out of a park and that's how you get at a point. And so everyone agrees that that's basically what we're going to do. And, you know, RSS basically is like, okay, let's have a format for expressing news so we can move content around and syndicate it, you know, just like newspapers would do. And then we'll create a competitive environment around the content that is expressed in that format. I would actually dispute the idea that, one, the last great sort of open standard was RSS. I think there's been dozens or hundreds since then.
Starting point is 00:31:36 And I guess as well, like, what do you mean by or what are the attributes of an open standard that are interesting? Because I do think that, for example, RSS is like highly hackable, HTML is like highly hackable, SMTP, IMAP. These are all relatively simple and easy to learn, whereas the standards that exist now, for example, WebRTC is what's causing the explosion in web streaming and in voice chat and in all these other things. And that is an open standard that has been adopted and used by tons of people in the industry. So when there is an opportunity for a bunch of companies to come together
Starting point is 00:32:09 and commoditize the interchange formats, then it creates a new level of competition elsewhere. I think if you're talking about maybe consumer size open standards, and in this, I think about the work that I was doing on Open ID and that led to Oath and other stuff like that. The nearest place where I'm seeing that type of standards work happen is probably in the blockchain in crypto space, where there, at least is an interest in people all agreeing to a set of interchange formats and then they're building kind of protocols and other stuff on top of it, but the underlying, you know, rails are kind of consistent. So, help me understand more about how you're thinking about this.
Starting point is 00:32:47 I think crypto is actually a great area. I don't really follow. I'm not terribly interested. in crypto, so that's a, but it makes a ton of sense as an open one. And I did forget about what about RTC. However, I would argue that WebRTC is not an example of something that has taken upkick. Take, for example, what we're talking on right now. Zoom doesn't use it. Slack doesn't use it. I think Slack does it.
Starting point is 00:33:08 Teams doesn't use it. Like all the major players don't use WebRTC. And most importantly, even when people do adopt WebRTC, there is no federation. There's no, I have my own WebRTC server. and I can talk to yours. And anybody can make a web RTC client. But decentral, yeah, I am more talking about decentralization, but that was, you know, the internet was built on decentralization.
Starting point is 00:33:35 A lot of these protocols I was describing earlier were built around decentralization. And that is the thing. Well, for the nuclear holocaust. Yes, exactly. So the threat model is different now, and the economic imperative is also different. And so the efficiency of, so basically like earlier,
Starting point is 00:33:52 was this need to build a robust network that could withstand a nuclear attack, and that also the people who were building it were largely academics and engineers and people that really like those problems. Now the people that seem to be building, you know, the building on the network, I suppose, are more content players. And they like the speed in which, you know, like, it becomes a coordination problem. And it's much easier to coordinate between two people who have no interest in actually helping anybody else besides helping themselves. And they can just, like, clude something together. I believe we've also got at the point where there are so many sort of, you know, sample codes, sample projects.
Starting point is 00:34:25 I mean, now we're living, you know, in the early ages of the no code movement. So the ability for people to build on those fundamental open standards, I think allows for, like, an enormous amount of expressiveness that the problems that those standards sought to solve were so basic in the early days of the internet that now we're working on different types of expression. So, for example, if you, and I think Mastodon is a really good example of this, where, and also it would be interesting to see what happens with Blue Sky, which is Twitter's theoretical open source decentralization effort. But when you build open standards, they end up getting sort of like set in stone for some
Starting point is 00:35:01 period of time. And so it's harder to have an incremental improvement of the software over time because now you have to get everyone to agree and everyone to move forward sort of in lockstep. And the thing that I'm very interesting to see is what's going to happen with the Apple Messages app going forward and what's going to happen with RCS on Android as messaging systems who have to fall back to SMS become more opinionated in their expression on individual hardware. So that like open standards sort of falls by the wayside and it becomes a question of how do you sort of upbreds these things. I think another analogous example of this is like what hey.com did with email where they're still using the underlying mechanisms to move stuff
Starting point is 00:35:45 around, but they're building an entirely new opinion interface on the front end. They could have been done much more easily if everyone just used, hey, as their messaging system. So I guess the question is, yes, you could set up your own like federated WebRTC platform and system. I guess what are the benefits that you see coming from that? Well, those are exactly it. And I mean, email is the biggest one. And I think your talk about messaging is very, is fairly interesting, but I think you missed the biggest portion of it, which was you're talking about whether it's, you're talking about whether It's interesting if Apple messages starts adopting RCS. But is Facebook Messenger ever going to adopt RCS?
Starting point is 00:36:32 Is, you know, WhatsApp, any of those? And that's the bigger thing. And that's the thing that really hits everybody's life. Any email account can hit any other email account. Can I interject something real quick here? Have you noticed that anything that involves social, anything that involves people, I guess in a way all of the internet involves people. But there's nothing that's ever been successful open other than email
Starting point is 00:36:56 and certainly not in the social media era that has been based on an open standard, right? I would, that framing feels off to me because it's all based on open standards. Right, right, right. I mean, we're all on the internet. I guess what I'm saying is I was thinking again about the idea of like, you know, Mastodon versus Twitter, right? Yeah. And the fact that nothing like Twitter, Twitter should be an open standard.
Starting point is 00:37:23 Like, it absolutely should be a web utility. It started out, like being able to interact with Jabber. Yeah, yeah, yeah. Right. Okay. Yeah, go ahead. The thing that I think is frustrating for me as a product designer and technologist, and as someone who's worked on these standards,
Starting point is 00:37:39 like Massadon is based on an open standard that I worked on. And, like, IBM spent, I don't know how much money, also working on the intellectual property to make it possible to give that standard away. It's actually very hard to give away intellectual property and also to have a bunch of companies come together and agree to not use patent against each other. And so we created the Open Web Foundation in order to do that to basically create a covenant that would say basically like if anybody else sues us for patent infringement, then we will all point our nukes at them and blow them up.
Starting point is 00:38:12 So the open standards thing is interesting in a lot of the machinery and mechanics. of it, but the question that I would have is more about how do you create sort of unique or bespoke product experiences that are really, really good and that people really love on top of open standards? Open standards tend to be a set of kind of rules for governing the very, very most basic expressions of an idea or like a way of transiting information from one place to another, as opposed to like Messenger, for example, adding stickers or adding, like, Telegram has their own version of animated stickers that I think uses Lottie as it's like animation framework. And you don't see that anywhere else. Then you see on Apple like Animoji, how would you encapsulate those things in a way that is cross-platform?
Starting point is 00:39:00 Well, the way in which an emoji goes from an iPhone user to an SMS user is as an MP4, which is a standard, an open standard. right? So there's open standards all around. I think what we're, I think what we're talking about is a very specific domain of potential open standards, which is in the identity space, which is in supportive decentralization, which is the ability for anybody to set up their own little computer or node or for any large provider to do so and to allow basically pairwise interactions between those nodes as equals. And that is something that I think the economics hasn't been proven out yet. Let me reframe it this way because this is inspired by Peter, who I'm going to let ask his question here in a second, But compare that to hardware standards, things like Bluetooth, Thunderbolt,
Starting point is 00:39:45 where all of the companies seemingly will join these confederations because it's in their interest for all of them to do that. And so maybe what I was trying to get at is I feel like when it comes to people connections, social connections, no one ever sees that it's in our interest to play widely. We want to grab everyone into our umbrella. Like, again, I would push back a little bit on that because I don't know. there is agreement necessarily. If you go to the w3.org, there is a social working group, and they have produced a number of standards in this space, some of which are used by some of the,
Starting point is 00:40:22 I wouldn't call them decentralized, but I would call them kind of, you know, discrete, like community platforms and community forums, for example. They will syndicate their activities to other people in the same sort of, you know, network or federation using activity pub or some of these other standards that do exist to represent this data, right? The question, though, is why do we not think about them? It might be because they're too small. And so it's actually a problem of the media and our attention that we're unable to see all the work that is going on to support these open standards, but they're being done by much smaller players that don't warrant the attention of, you know, like a Facebook or whatever. Like, it's interesting in the, just to say, like, put this
Starting point is 00:40:59 point to a head, Facebook was interested and actually did adopt Open ID back in 2008 or nine, partially because, yes, they wanted to compete on identity and they believed that they could win, and they did. However, there was an interest at the time to actually create an open standard for this. And so what I'm seeing now with what Apple is doing, where they're signing with Apple thing, to me, is the most, it breaks my brain a little bit because I'm kind of like, you know, we actually designed a protocol for enabling an open identity exchange over email addresses, email address as the identifier. That was what it was called, yeah, you two. And you could essentially type in your email address, it would use the domain, and it would pass you back over to the website that you came from, ask you to log in, and then it would pass a token back, which was an open ID token, and allow you to sign in.
Starting point is 00:41:45 So we had solved decentralized internet identity with email back in like 2009, and yet it wasn't adopted. Why? Well, that's exactly. That's really the crux of my original question, which is I'm not saying, I was not saying that these standards weren't created. I mean, open, I'm pretty sure Macedon is even using open social today. It is. And the problem is that it's not being adopted. And the problem is it's not being widely adopted, and that is a market force. But just a market force does not mean a natural equilibrium. These companies are incentivized to do it in that way. And I think it's a fair concern.
Starting point is 00:42:20 My question was way too broad. And I was more speaking about the identity and communication type decentralization and standards. Because I don't see a world in the current era. where it is in any of these companies, Ben Citros, and your Apple example is the exact one. Like, there is an open standard. They actually don't really care even that much about creating a standard that other people adopt.
Starting point is 00:42:42 They just chose not to use it because nobody else was. And I think the crux, where I was leading with my question is, actually, is this a place where governments, where we think governments, EU or US or whomever, could actually step in and say, hey, you need to provide these sort of things. And would that help with the monopoly issues that we're discussing today? Yeah, so the other thing that comes to mind, because I didn't touch on the hardware part of this,
Starting point is 00:43:07 you know, Bluetooth, Thunderbolt, et cetera. I think the reason why hardware consortions make more sense is just because of the turnover or the speed of innovation. You know, if I put out, you know, like a DVD standard, right, and I go and I spit up a supply chain and we produce, you know, hundreds of millions of DVD readers, those are going to sit and computers for five to 10 years, and they need to basically be backwards compatible for some period of time. Whereas if I build a social network and it's based on some standard and it's decentralized and all the clients have to be updated and they're running on machines that are behind some, I don't know, whatever it is. The circumstances and the environment are different.
Starting point is 00:43:52 And I think software, it's very hard to get a bunch of cats to herd to all agree to like do the same thing for any period of time when you're in a very volatile, volatile, very competitive environment where people are expecting and looking for the next next new thing before the previous thing is even fully understood by everyone. So those competitive pressures, I think, greatly disincentivize people from adhering to a set of standards, which by definition are the sort of laggard outputs of a process of figuring out what are the things that we all want as features in the software and then how do we standardize them so that they're all interoperable? Does that kind of make sense?
Starting point is 00:44:31 It does, but I think you're giving, I think you're giving too much credit to the feature set being the limiting factor here, because I really do believe it's the business interest in keeping the data internal, more that's the limiting factor than the feature, the feature set, because you can't always have like a minimum required compatibility. And yes, you know, Twitter, Open Blue can talk to Mastodon, but like the stickers won't come across well, or they'll come across as gifts instead of nice, lot of animations.
Starting point is 00:44:59 You can always fall back to these sorts of things. And that would be a great feature set first for one company to say, hey, come over here because it's a better experience over here. And there's still competitive pressures there. But from their current status, there's no real incentive for them to go broader. Let me jump in. Peter, you sure you didn't want to say anything? He's muted.
Starting point is 00:45:21 Alan. Oh, Peter, you're good. Okay. Alan, unmute yourself if you want to ask Chris your question. about WebAssembly. Hi, that. Brian. Web assembling is an interesting new technology,
Starting point is 00:45:36 which has been developed by like a consortium of all the major browser manufacturers that I think is primarily led by Firefox. But it's still not been widely adopted yet. I think it's going to maybe replace JavaScript in the future. that's the goal. I just wondered what Chris's view on this was. I'll have to acknowledge my ignorance in the specifics of WebAssembly. And I guess if I were to do some research to try to understand it, my question would be, what are the goals of it, who is it serving,
Starting point is 00:46:14 what are the competitors in the marketplace, and what are the motivations for either adopting this or not adopting it? Like, what does it enable people to do that's faster, better? Perhaps they can build more portable applications that appear more like applications, as opposed to looking like tabs. Or maybe it moves away from a more proprietary software development regime, like Swift UI or any of the iOS-type interface platforms,
Starting point is 00:46:39 stuff that you can sort of write at once and run it anywhere where you have a capable web rendering engine. In which case, that's very good for Mozilla. Mozilla wants to promote the free web. Mozilla is very focused, I think, on kind of like a global audience as opposed to focused on, let's say, enabling media players or advertisers to deliver richer or better ads. And so, you know, I don't really have an opinion on when or if it will happen, but that would be the things that I would be wondering about to figure out why they might.
Starting point is 00:47:08 Like, there's been a lot of stuff that Mozilla has put out over the years that are open standards for a lot of things. And they seem to really struggle to get off the ground. Because, again, I just think that either Mozilla doesn't have the same heft. that it used to. And as a result, the people who want to adopt, it's like, for example, I think they did web off or something. There was some identity thing that they were building that was like built on Oath and a bunch of other stuff. And I don't know that that stuff ever was adopted. I just think that the coordinating aspects between different companies and specifically product-led companies is different than it was
Starting point is 00:47:42 engineering led. I think there was an interest by engineers to do a lot more of this cooperation. I think product people, because they win by having better and more interesting and bespoke product experiences are less incentivized to slow themselves down to meet the needs of a protocol or standard. Yeah, thanks. I think the main idea behind it was to replace JavaScript
Starting point is 00:48:09 because JavaScript is quite slow and unwieldy. But it's super accessible and has a huge install base. It's sort of like, for me, with the hashtag, it's probably like the dumbest idea that could possibly work. And yet because it's ubiquitous, are going to convince everyone that uses social media and hashtags to, like, do something different, you know? So it can come exist.
Starting point is 00:48:30 In fact, it is quite totally integrated with. I think that's right. I think that's to the point about email and then messaging, that's probably maybe like the nearest thing where there will be a set of new applications that maybe are built with WebAssembly that start to phase out uses of JavaScript because either JavaScript becomes less efficient, less secure, it's too slow. It doesn't work on like, you know, VR headsets or glasses. or whatever, and so you need compiled software in order to get the efficiency gains that
Starting point is 00:48:58 are necessary for low-power computing contexts. Whereas most JavaScript is being used in a browser that's probably connected to a laptop, which probably is connected to a steady source of power. Yeah, but it's also when you know about phone JavaScript. Well, this is true. It's a fair point. So I actually work in the area, and I can't really speak to the intent of it, But the area that WebAssembly is getting the most active interest is less building one application everywhere that can be used, but building core aspects of an application.
Starting point is 00:49:31 So if you can build out your networking stack or your application models, like the data structures in one way, and then that can be shared, that's one thing that's one fewer thing that can diverge in implementation across all of your stacks. and web assembly is pretty much is different aspects of it are supported by all the major browsers right now but it is a broad and growing spec so like any web spec it takes time thanks oh Brian you're muted
Starting point is 00:50:08 there we go hey we are going to start to wrap up a bit but Lon you're the only one I think that hasn't spoken yet. So if you have a question, here's your chance. If you don't, go ahead and put yourself back on mute and no, no pressure there. Really, I was primarily here just to listen. But as long as I have you, the next time you're on Twitter, could you tell Leo to make the show shorter?
Starting point is 00:50:48 I don't need a three-hour podcast. Well, listen, let me tell you about what it's like to go on a three-hour show on a Sunday evening. It asks a lot of the people that go on that show as well. But I love Leo, and I love doing that show. Let me throw one more out there. Peter, ask your quick pixel question, and then I'll have one more question to Chris to wrap up here. Okay, my question was, does it seem like Google has given up on pixel phones with the pixel 4 and the... Yeah.
Starting point is 00:51:25 Yeah, it just seems kind of like a bad attempt. Well, it's funny because I kind of haven't done stories on this, but it's been percolating under the waves at the moment that like certain releases have been delayed and certain things that we thought announcement deadlines have come and gone. And so, I don't know, like, the reason that I haven't done any segments on it is because there's not, it's all been rumors and there's been nothing to hang our hat on. But yeah, if I see a story that, that, or an essay that sort of talks about this, there's a lot of, I mean, we've always wondered how committed, you know, again, this is another running joke. How committed is Google to, to, to, to hardware specifically. And I mean, like, look, you know, to the, to the point where they, they bought Motorola for, however many billion dollars and gave that a go for a couple years before, you know, letting that go. I, my question would be, I know why, I think that the main reason that Google is in hardware
Starting point is 00:52:31 is because they want to have a Halo smartphone. But I'm wondering, like, even if they did, even if the pixels, you know, were selling, like, the, you know, even a medium-sized Samsung phone sells. What does that really get them? And I don't know that Google knows the answer to that. I'm sure that there are people inside of Google that are very hot on hardware and, but I, like everything else with Google, talk about, you know, having so many fingers and so many pies, Google's like a god with, you know, 12 arms. that are, you know, trying to do 12 different things at once. And I just, I don't, I guess what I'm trying to say is I would not be surprised in the least
Starting point is 00:53:24 if the pixel brand maybe dies. I bet they will do one more release before they would kill it. But having said that, I wouldn't be surprised if we don't, if we've never got another pixel release, period. So it strikes me, though, that, you know, I think Tile made these points about Apple moving towards services as their new revenue stream, Google maybe moving towards hardware for revenue. I have a hard time imagining that Google is going to make that much money from hardware just because they're so behind in a way. And I think, Brian, to your point about their lack of,
Starting point is 00:54:01 I think, conviction, really, that they want to be in hardware. It's kind of like a necessary evil at this point. When again, to me, everything kind of comes down to like the relationship that you have with the consumer. And I do think that Google devices, tend to keep you in kind of like the Google world, using Google services with deep integration. And it may also be a way for Google to have a deeper sense of connection to the user experience of people who use phones that have Google services or Google Play Store services.
Starting point is 00:54:31 And let me say, primarily, I guarantee you the number one reason why Pixel existed in the first place and still exists is because it's there, instead of a stick to keep the Android ecosystem in check, it's sort of like, well, we'll lead by example. 100%. That is the main. So maybe that's always going to be valuable for them,
Starting point is 00:54:50 where it's like... I think it's not actually that expensive for them to keep running it and to keep doing it. I think that as a result, because there is less of a drive that connects their revenue or their business model to the releases of their new devices, whereas in Apple's case, it does. It seems to me that... Wow, I lost my chance of thought. Oh, that Google can continue to put these devices.
Starting point is 00:55:13 devices out and these products out, and it's not that big a deal. So, very last question, and I'm doing this abruptly so we can all get out of here. But, so Chris, you and I have been talking about this idea of better moderated conversations and audio. I've talked about it on the show. Chris and I have both been on Clubhouse. We've been talking about our experiences on Clubhouse. And so what you hopefully just heard for the last hour was my very strong attempt to try to run a call-in show that was closer to how conversations run on on clubhouse. And I think I said on the show that my thoughts around this are Clubhouse and also Zoom to a degree, although Chris and I are going to talk about this later,
Starting point is 00:56:01 about my ability to manage it. It's much easier to manage. But my main thesis is that there's a language of the structure of a conversation that is starting to come together here. And it is tiered and it is hierarchical where, you know, I was asking people in the chat, oh, that's a great question. I'm going to unmute you in a second. But my ability to manage, all right, this person's going to talk next. This person's going to talk. Like, for all of the things and Clubhouse has been controversial, I'll acknowledge,
Starting point is 00:56:30 listen, Chris and I are both privileged assholes that are on Clubhouse. I acknowledge all that. But my main interest in it is, like, the ability to podcasting is my interest. And podcasting is still a broadcast model where Brian Speak, you listen. I've been amazed by the conversations I've heard on Clubhouse where it is more, it's more than that. It's more than just one person talking and other people listening. I make the equation to like some of the best panels at a conference that you've ever had where, yes, there's people on stage, but you can also bring people up to the microphone to ask questions and things like that.
Starting point is 00:57:14 So, Chris, what's your take on my thesis that there does need to be some sort of hierarchy here? Because as I said on the show, the alternative is the feed structure, which is everybody's shouting at the same time and, you know, at the top of their lungs. So what do you think about that? The idea that there does need to be some sort of hierarchical structure, but once you, if you do that in the right way, you can craft interesting conversation. Yeah, you know, I think the thing that that comes to mind is that moderation is a somewhat new and underappreciated skill in live content. And so we have, you know, kind of like moderation in groups on Facebook and things like that. and that's mostly to kick people out or to mute comments and things like that in a fairly asynchronous format. What you're talking about right now and what I think Clubhouse does is it brings a form of very low hierarchy. In other words, they're sort of like the host and then there's
Starting point is 00:58:13 moderators who are up on stage and they can eat, like, demote and promote people. Let me describe that because that'll make you understand what I was trying to do this whole time. So on Clubhouse, someone starts a room. Anyone can go and the room, right? And the whoever started the room basically allows people to talk. Like, you raise your hand and it's like, all right, come on stage. On stage is the metaphor they use. And you can go back off stage or whatever. You can come and go. You can leave or whatever. But the tools that they have that are better that I've just experienced is the ability for me to see, all right, someone wants to talk. Okay, someone has a follow up. Someone, like I was sort of like
Starting point is 00:58:50 cutting and pasting that together on the fly to do that with the tools that that um i guess is what i'm saying is that yeah you're you're sort of like clinging this together yeah with the sort of tools that zoom provides and i think you can feel the scenes where the software is not smoothing that process out and you know there's another app that i've just started to explore called chalk which is kind of like clubhouse and signal had a baby where there's your live chat and there's um like voice and then there's also a chat room and you can share media and like There's like screenshot notifications, like all this stuff going on. And it's like so overwhelming.
Starting point is 00:59:30 But I think they're trying to merge these forms. Just as like you're asking for people to ask questions in the Zoom chat, you were then having partial attention in keeping your eyes kind of on the chat, which means you're sort of reading, which means that you're not like 100% here present. That's not a critique. That's just you're using the software. I think what Clubhouse does by keeping chat out of the experience and giving you
Starting point is 00:59:54 tools to basically promote people is that you stay very present and the type of energy that has created between the speakers and the people listening and then the people who come up on stage and say something and then people who are asked to sit back down again, it creates a much more flowing kind of experience. And so the reason why that is significant is twofold. One is that it makes for an engaging conversation that's live that's happening in real time. And I think as a secondary product, if you were to record that and then cut it and then publish it, that too would also possibly more engaging after the fact, right? Because if I'm listening to this conversation after the fact, and let's say there was like a side conversation going on in the chat, but I'm only
Starting point is 01:00:33 listening to this as a podcast, I've lost a lot of that context. So by forcing everyone to share meaning in the same channel, that I think is leading to the type of thing that you're describing as being possible with this type of semi-monerated conversation space. Yes, this is what we're all sort of feeling our way in the dark towards something. All I know is that, again, acknowledging Clubhouse controversies, Clubhouse is good in the sense that I have, it's the signal to noise ratio in the sense that if I tune into a random conversation, I'm likely to hear something interesting.
Starting point is 01:01:15 Like there's less, I mean, there's plenty of... Even if you do, so maybe this is another very important point, is that the, unfortunately, they read in the button. used to say got to go by with like little like piece fingers. But you can leave quietly, which essentially means that it's very easy to pop into a group or to a room, not say a goddamn thing, kind of like just listen along and see if there's anything that piques your interest. And if you're not interested, you can leave. And so there's no reservation. There's no sunning up on event bright. There's no kind of need for you to, you know, make your interest
Starting point is 01:01:45 overt. And you can kind of lean towards a conversation and kind of like listen in. And if it draws you in, then you stay. And you, you know, slowly find. a seat in the back and then as people leave towards the front, you sort of move up to this front. Like, you can become as engaged as you want progressively, as opposed to being either in or out or sort of, you know, shopping around. Yeah, and you, that point that you made about how you don't have to be very, like, you can literally put your phone in your pocket and walk around doing other things. And then just when something interests you, you can raise your hand and come in.
Starting point is 01:02:17 That idea that, like you're saying, you're not distracted by the emojis and the chat and the things like that, that's pretty crucial too. But my main overwhelming point about Clubhouse is that, and yes, there have been heated conversations that have happened in there, but in general, people are able to have conversations without shouting, at least thus far. And I'm just curious about how that can be brought out to other things. And I'm specifically curious about how that can be brought out to podcasts. So thank you, Chris. Thank you, everyone that joined us today for helping me actively feel my way in the dark to see if we can replicate that. And we'll do another one of these a month or two from now.
Starting point is 01:02:59 Thanks, guys. Thanks. Thank you. Cheers. Bye. See later, Brian. Later.

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.