Tech Brew Ride Home - Tue. 04/30 – Underbaked Hardware Releases

Episode Date: April 30, 2024

The FCC has fined all the major telecom companies. You’ll never guess why. Why the DMA actions from the EU might be a constant thing. Devs, how about an AI-powered IDE? You’ll never guess why Peac...ock thinks it can raise prices again. And is Marquess Brownlee right about underbaked hardware releases? Sponsors: ZocDoc.com/techmeme ConstantContact.com Links: FCC fines AT&T, Sprint, T-Mobile, and Verizon nearly $200 million for illegally sharing location data (The Verge) Meta Risks EU Fines Over Kremlin Lies on Facebook, Instagram (Bloomberg) How an empty S3 bucket can make your AWS bill explode (Maciej Pocwierz) Copilot Workspace is GitHub’s take on AI-powered software engineering (TechCrunch) Peacock Hikes Subscription Prices Ahead of 2024 Paris Olympics (The Hollywood Reporter) Rabbit R1 Review (MKBHD) Marques Brownlee slams another AI product as “barely reviewable” after Humane AI Pin controversy (Dexerto) Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript
Discussion (0)
Starting point is 00:00:00 On April 4th, 2023, around 2 in the morning, a man was found stabbed multiple times on a sidewalk in downtown San Francisco. Hey, who did this to you? What happened next turned the story into a political firestorm. Reports have identified the victim as Bob Lee, the founder of Cash App. From Bloomberg Podcasts, this is Foundering, the Killing of Bob Lee, beginning April 16. Welcome to the Tech meme right home for Tuesday, April 30th, 2024. I'm Brian McCullough today. The FCC has fined all the major telecom companies. You'll never guess why. Why the DMA actions from the EU might be a constant thing.
Starting point is 00:00:48 Devs, how about an AI-powered IDE? You'll never guess why Peacock thinks it can raise prices again, and is Marquez Brownlee right about underbaked hardware releases? Here's what you miss today in the world of tech. The FCC has fined T-Mobile $80 million, AT&T-N-T-57 million, and Verizon $47 million. For what? Well, for allegedly illegally sharing customers' location data with aggregators, quote, without customer consent. Not great, Bob. Quoting the verge. T-Mobiles and Verizon's fines are actually lower than what was initially proposed by the agency based on their responses to the FCC's original notice. The FCC says it
Starting point is 00:01:32 found the carriers, quote, sold access to its customers' location information to aggregators who then resold access to such information to third-party location-based service providers, end quote. The agency says the carriers effectively, quote, attempted to offload their responsibility to get customers consent to share their location data with downstream recipients. Even after being made aware of the issue, the FCC claims the carriers still failed to limit access to the information. The FCC opened the investigation after it was publicly reported on by various outlets. Tech journalist Joseph Cox wrote about the issue in 2019 for Motherboard. While plans for the FCC fine were reported back in 2020, the final call was stalled by a prolonged deadlock at the agency
Starting point is 00:02:12 as it awaited a fifth commissioner's confirmation, according to the Wall Street Journal. AT&T spokesperson Alex Byers said the FCC's action, quote, lacks both legal and factual merit. It unfairly holds us responsible for another company's violation of our contractual requirements to obtain consent, ignores the immediate steps we took to address. that company's failures and perversely punishes us for supporting life-saving location services like emergency medical alerts and roadside assistance that the FCC itself previously encouraged. We expect to appeal the order after conducting a legal review, end quote. Meanwhile, the EU has opened a DSA investigation into Facebook and Instagram over deceptive
Starting point is 00:02:59 ad and political content. Sources say the move relates to a pro-Kremlin campaign, quoting Bloomberg. Meta platforms, social media platforms, Facebook and Instagram are under investigation from the European Union amid concerns their failing to call targeted disinformation peddled by Russia that aims to sow discord on the continent. The probe targets the so-called doppelganger campaign, a pro-Kremlin operation according to people familiar with the matter who spoke on condition of anonymity. The campaign attempts to replicate the appearance of traditional news sources while churning out content that is favorable to Russian President Vladimir Putin's policies, the people said,
Starting point is 00:03:36 The European Commission, the Block's executive arms, said in a statement that the probe, under its flagship Digital Services Act, will examine META's policies and practices relating to deceptive advertising and political content on its services in the run-up to the June European elections. It didn't mention Russia specifically. The DSA gives regulators new powers to take action against major tech companies for how they handle content on their platforms. Meta will be given five working days to respond to the EU's concerns before regulators escalate the procedure. Under the rules, tech giants must place curbs on the spread of dangerous content or face hefty penalties as much as 6% in certain cases. This commission has created means to protect European citizens
Starting point is 00:04:16 from targeted disinformation and manipulation by third countries. EU Commission President Ursula von der Leyen said in the statement. Regulators also said they are examining META's policies and practices relating to giving researchers access to election monitoring tools, particularly in the context of META's, quote, deprecation of its real-time public insolts. site's tool crowd-tangle without an adequate replacement. A meta-spokesperson said that the company has a well-established process for identifying and mitigating risks across their services in response to the announcement. The bloc's move comes after France's European Affairs Minister, Jean-Nuel Barrow, warned that a Russian-orchestrated disinformation campaign is seeking to destabilize public opinion ahead
Starting point is 00:04:57 of France's June ballot. Burrough revealed that 25 of the EU's 27 member states have been targeted in recent months spreading pro-Kremlin propaganda, end quote. I mean, we've spoken before about how there are so many big elections this year and folks are worried about foreign influence campaigns on social media. But I'm also pointing this out to make the point that when the whole DMA and DSA regimes came in, I thought they were just stricter rules to try to keep the big tech platforms in check over antitrust, business stuff and the like, maybe notices and actions would happen every so often. But do you get the sense that I was wrong about that? that the EU can do enforcement actions over a wide range of narrow gauge stuff like this,
Starting point is 00:05:40 and they can do it in almost real time. It seems like we could be talking about various DMA and DSA enforcement actions almost every week. A couple of dev-specific segments now. This first one is really in the weeds, but over on Medium, a developer discovered how an empty private AWS S3 bucket had around 100 million put requests in a day, racking up a substantial bill, all due to a popular open source tool using the same bucket name. In other words, if someone knows or even just guesses the name of your S3 bucket, they can basically bankrupt you by sending infinite put requests in. Quoting from the original developer. A few weeks ago, I began working on the POC of a document indexing system for my client. I created a single S3 bucket
Starting point is 00:06:34 in the EU West 1 region and uploaded some files there for testing. Two days later, I checked my AWS billing page, primarily to make sure that what I was doing was well within the free tier limits. Apparently it wasn't. My bill was over $1,300 with the billing console showing nearly 100 million S3 put requests executed within just one day. By default, AWS doesn't log requests executed against your S3 buckets. However, such logs can be enabled using AWS Cloud Trail or S3 server access. logging. After enabling Cloud Trail logs, I immediately observed thousands of write requests originating from multiple accounts or entirely outside of AWS. Was it some kind of DDoS-like attack
Starting point is 00:07:16 against my account against AWS? As it turns out, one of the popular open source tools had a default configuration to store their backups in S3, and as a placeholder for a bucket name, they used, the same name that I used for my bucket. This meant that every deployment of this tool with default configuration values attempted to store its backups in my S3 bucket. What did I learn from all this? Lesson 1. Anyone who knows the name of any of your S3 buckets can ramp up your AWS bill as they like. Other than deleting the bucket, there's nothing you can do to prevent it. You can't protect your bucket with services like Cloudfront or WAF when it's being accessed directly through the S3 API. Standard S3 put requests are priced at just 0.005 per thousand requests, but a single machine can easily execute thousands of such requests per second.
Starting point is 00:08:02 Lesson two, adding a random suffix to your bucket names can enhance security. This practice reduces vulnerability to misconfigured systems or intentional attacks. At least avoid using short and common names for your S3 buckets. Lesson three, when executing a lot of requests to S3, make sure to explicitly specify the AWS region. This way, you will avoid additional costs of S3 API redirects, end quote. Secondly, devs, GitHub has unveiled co-pilot workspace, a developer environment using copilot-powered agents to help brainstorm, plan, build, test, and run code in natural language. In other words, an AI-powered IDEE.
Starting point is 00:08:46 Quoting TechCrunch. Jonathan Carter, head of GitHub Next, GitHub's software R&D team, pitches workspace as somewhat of an evolution of GitHub's AI-powered coding assistant copilot into a more general tool building on recently introduced capabilities like copilot chat, which lets developers ask questions about code in natural language. Through research, we found that for many different. tasks, the biggest point of friction for developers was in getting started, and in particular, knowing how to approach a coding problem, knowing which files to edit, and knowing how to consider
Starting point is 00:09:15 multiple solutions and their trade-offs, Carter said. So we wanted to build an AI assistant that could meet developers at the inception of an idea or task, reduce the activation energy needed to begin, and then collaborate with them on making the necessary edits across the entire core base, end quote. At last count, co-pilot had over 1.8 million paying individual and 50,000 enterprise customers, but Carter envisions a far larger base drawn in by feature expansions with broad appeal like workspace. Since developers spend a lot of their time working on coding issues, we believe we can help empower developers every day through a thought partnership with AI, Carter said. You can think of co-pilot workspace as a companion experience and dev environment that
Starting point is 00:09:55 complements existing tools and workflows and enables simplifying a cloud. of developer tasks. We believe there's a lot of value that can be delivered in an AI native developer environment that isn't constrained by existing workflows, end quote. Co-pilot loses an average of $20 a month per user, according to a Wall Street Journal report, with some customers costing GitHub as much as $80 a month, and the number of rival services continues to grow. There's Amazon's Code Whisper, which the company made free to individual developers late last year. There are also startups like Magic, Tab 9, CodeGen, and Laredo. Given a GitHub repo or a specific bug within a repo workspace underpinned by OpenAISGPT4 Turbo
Starting point is 00:10:35 model can build a plan to attempt to squash the bug or implement a new feature, drawing on an understanding of the repo's comments, issue replies, and larger codebase. Developers get suggested code for the bug fix or new feature, along with a list of the things they need to validate and test that code, plus controls to edit, save, refactor, or undo it. The suggested code can be run directly in workspace and shared among team members via an external link. Those team members, once in workspace, can refine and tinker with the code as they see fit. Perhaps the most obvious way to launch workspace is from the new open-in workspace button to the left of issues and pool requests in GitHub repos. Clicking on it opens a
Starting point is 00:11:16 field to describe the software engineering task to be completed in natural language like add documentation for the changes in this pool request, which once submitted gets added to a list of sessions within the new dedicated workspace view. Workspace executes requests systematically step-by-step, creating a specification, generating a plan, and then implementing that plan. Developers can dive into any of these steps to get a granular view of the suggested code and changes
Starting point is 00:11:40 and delete, rerun, or reorder the steps as necessary. Workspace enters technical preview on Monday, optimized for a range of devices including mobile, end quote. I wanted to note real quickly that NBC Universal has recently announced plans to raise the price of Peacock Premium, with ads by $2 to $7.99 per month and their premium plus streaming tier by $2 to $1399 per month. This begins July 18th. It's the second price hike in two years for Peacock. Yeah, Brian, so what? All the streamers have raised their prices recently. Yes, but this is NBC,
Starting point is 00:12:21 which owns the rights to air what this summer, quoting the Hollywood reporter. The price changes will go into effect July 18th for new customers and beginning August 17th for existing subscribers. The Paris Olympics opening ceremony is scheduled for July 26th. The company is betting that it has a stronger value proposition coming off its exclusive NFL wildcard playoff game, the success of Oppenheimer, and the upcoming Olympics. The company has revamped its Olympics experience for this year's games, adding Multiview and Gold Zone Whiparound program to its roster, as well as a watch party hosted by Alex Cooper, end quote. Finally, today, the Rabbit R1. All of the various in-depth reviews should be coming out shortly, but Marcus Brownlee
Starting point is 00:13:14 already has one out. I'm not going to read it to you because obviously it's a YouTube video. I am linking to the video itself, but I also think that this is notable even beyond what he says about the Rabbit R1, because I don't know if you heard, but there was this big controversy around Marquez's recent scathing review of the Humane AI pin. Some people accused him of being too negative of potentially killing a nascent young product that was trying to find its way. Marquess hit back saying that his job is to review gadgets as they are right now, not like they could be sometime in the future. If a product is not worth your money, Marquez says his job is to say that. So his initial R1 review says something similar.
Starting point is 00:14:01 He says, $1.99 is a reasonable price for this thing, but he thinks that the same thing is going on here. The Rabbit R1 is not ready for prime time yet, not ready for your money. He says this is emblematic of a trend of startups and companies releasing unfinished hardware products at full price while vowing to fix various issues someday down the road. Quoting Dextero. Brownlee was quick to criticize various aspects of the R1 in his review from its physical and gooey design to the product's packaging, including just the R1 and a stand with no charging cable or instruction manual. And while he admitted that the R1's implementation of a large action model AI is a cool idea, he pointed out that Rabbit does not have enough training data to implement features buyers may want. This was the crux of Brownlee's review, as he reiterated that because the R1 lacks training data, it needs to be gathered more from users.
Starting point is 00:15:02 But for users to give Rabbit data, they'll need to buy the R1, which in itself, is lacking in features and results in consumers getting a lackluster product. Quote, a lot of these tech companies are developing tech kind of backward, Brownlee explained. They're delivering such unfinished products that it actually makes them nearly impossible to review. Brownlee compared it to a recent trend in video games where games are released at full price and early access with lots of missing features and bugs, and it's only later in the future when the full experience is finally released with features added and bugs squashed.
Starting point is 00:15:33 Quote, now these AI-based products are at like the apex of this horrible trend, where the thing you get at the beginning is like borderline non-functional compared to all the promises and all the features and all the things that are supposed to maybe someday be, but you still pay full price at the beginning, which is what makes it so crazy, Brownley said. The founder and CEO of Rabbit, Jesse Liu responded to Brownley's review of the R1, acknowledging that the R1 is still polishing itself as it gathers more user data, MKBHD for his review and saying he was looking forward to a re-review of the R1 in the future. We shall see how fast R1 improves and evolves. We are a tiny team trying to catch the fast pace of AI, Leo said. The current level of AI needs strong human-supervised fine-tuning. You can't take your time polishing features without real user testing, end quote. Yeah, along those lines, I'm eager to try that new Manor Lords game everyone is talking about
Starting point is 00:16:39 because there could not be a game more designed for my particular gaming tastes. But a cursory check of a few videos online will show you kind of how unfinished, or shall we say, how rough around the edges, Manor Lord still is. Now, in this case, this is just one solo developer, and he's up front about the fact that he's still refining things, and so you know what you're getting into when you buy the game on Steam right now. But still, Marquez's point is valid. but interesting to see this sort of philosophy of we'll refine as we go come to gadgets.
Starting point is 00:17:13 I suppose it's partially the Kickstarter culture of the last decade, but you kind of do expect multi-hundred dollar hardware to be closer to finished. When you buy one, talk to you tomorrow.

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.