Tech Talk with Craig Peterson Podcast: Supply chain hacks, Nation-state spying, Tesla, Microsoft Exchange Server Hack and More

Tech Articles Craig Thinks You Should Read:

Tens of thousands of US organizations hit in ongoing Microsoft Exchange hack

Samsung just out-Googled the Pixel at guaranteeing Android updates

Google’s Getting Rid of Third-Party Cookies, But Their Replacement Is a Terrible Idea

Google claims it will stop tracking individual users for ads

Tesla asks fans to lobby the government on its behalf

Make Deepfake Videos of Your Ancestors, But Consider Your Data Privacy When Making MyHeritage 'Deepfakes'

China’s and Russia’s spying sprees will take years to Unpack

A new type of supply-chain attack with serious consequences is flourishing

---

Automated Machine-Generated Transcript:

Craig Peterson: [00:00:00] If you've been listening to me for a while, you may not believe this, but I've got a recommendation here on Android phones. Coming up we're going to talk about Google's new replacement for cookies, and a little bit about what Teslas' been up to. I don't like this.

I have never been a fan of Android phones, and you know why I haven't been a fan? The biggest problem with Android phones is the lack of security updates. That really does concern me a lot. Google also has not been the best when it comes to the Playstore and making sure that everything on the store is actually safe.

Here is some very promising news for people who like the Android platform or maybe dislike the Apple platform for one reason or another. Frankly, there's a lot of reasons there too.

Samsung has always been the leader when it comes to keeping their number one phones updated in the past. I've always said, make sure you can get updates. Samsung with its Galaxy phones has been good for about two years. They provide you with the security updates you need with some patches.

Even if Google comes out with a patch, most of the phones out there that are running Android, do not get the updates. Ever.

Some of these phones are older, they don't bother supporting them. Some manufacturers drop support within months after you buy the phone.

Samsung has been good for about two years. So my rule of thumb has always been, if you're going to buy Android, if you gotta do it. Stick with Samsung and stick with their number one model.

It is now promising four years of security updates for more than 130 Galaxy phones. That's pretty big when you consider that frankly, Android phones have been the butt of many a joke over the years.

Samsung is working pretty hard to make sure that they are really able to deliver for the Galaxy owners. Now, this is cool because Samsung just early, I think, this year it was that the Samsung promise that most new Galaxy phones would be getting about three generations of Android version updates. Now, that amounts to a few years, as a rule, the generations in the Android world are pretty much about a year.

Google has been providing updates for its own phone that it has. They provided to these other companies, like Samsung, to then take it and modify it to fit what they want and then they provide it to you. So, three generations are good. Now, they have said four years of security updates. Now, that's a pretty impressive promise. What they're trying to do is compete with Apple that has historically provided about five years of support. There's a big difference, obviously between two years and five years, but there isn't as much of a difference between four years' worth of security updates, and the five, six, seven years that Apple has been doing depending on what kind of security updates. That's very impressive.

Of course, Samsung just a year ago wasn't guaranteeing anything in terms of updates. Most new phone purchases were good for a year or two of updates, but only the Pixel, which is made by Google and Android. One base phones were on the record about how long you could be getting updates from the manufacturer.

Now Samsung is doing one better than Google. Remember, Google is the guy that actually provides the Android operating system. Google's only guaranteed three years of version and security updates for Pixel phones and that's not very many phones.

Frankly, Google Pixel is not been selling well. It's the standard that all of the Android manufacturers use in order to have a kind of proof of concept. So this is what it should look like. This just should be how it acts.

I'm looking at this list here. This thing is huge of all of these phones from Samsung that is going to be supported, here.

You've got the Galaxy foldable devices. The whole family of folds. The Galaxy S series and starts at the S 10 plus moving on to the S 20, S 25 G, S 20 plus blah, blah, blah. A bunch of different S 20 models and the S 21. That's pretty darn good. That's a lot of phones. Also, the Galaxy Note series, starting at the Note 10, all the way up to the current Note, 20 ultra-five GS the Galaxy AA series. Again, certainly, the 10 going up to eight 45, the Galaxy AMS, the up through the Galaxy X covers series and again tab series, which has been pretty popular for a lot of people.

If you're thinking about picking up one of your Android phones here soon, maybe you should give a second thought to the Galaxy. Now, they're guaranteeing that they're going to provide these security updates for you for four years. Yeah. Yeah. Okay, a guarantee we'll see how long that lasts. The other problem is how quickly are they going to get it out?

You'll see Apple devices, who just this week they had a security patch, they pushed it out and they expect to see 70, 80% of all of the phones with that security patch installed within a week. That's your Apple iPhones.

Google comes out with a security patch. They push it out. It has to go to the vendors like Samsung and then the vendor like Samsung has to take that add the device drivers that need for all of these models. Think about that for a minute. That's a lot of device drivers. That's a lot of different models. I think it's going to take them a while to do that and then they'll get it to you.

That security update that comes from Google, we've seen takes six months in the past before it gets on to your phone. If you're looking at. Security, if that's a real concern of yours and sure should be particularly after this disaster of a company called Microsoft and their windows products. Particularly now this Microsoft exchange server bug.

I'm so upset with Microsoft, but you know what? We'll get into that a little bit later.

The Samsung, the galaxies, the Google Androids are not designed for all of the safety and security that you really do need, frankly. When you think about the models were talking about 130 models that Samsung is going to be providing new updates for. Okay.

When we look at Apple and the iPhone models let me see how many iPhone models are there out there. I'm going to Google that right now, even as we're talking. So 2007, that is when they first came up with them. Okay. So since the very first iPhone, according to the pho iPhone Wiki, there have been 29 models of the iPhone. 29. Two nine. How many did I say Samsung is going to be updating? 130. So who has an easier time of providing updates, security, updates, testing the updates, pushing the updates, having people install the updates, the company that in the last, how many years has been making iPhones yet since 2007? Okay. So all the way up to 2021, that's a lot of years. Versus the Android who has been making these Galaxy's for many years, but is only going to be providing updates back to the Galaxy S 10 from 2019. That covers the 130 models. Are you getting what I'm selling here? Are you buying it? Yeah, it's impossible. Really? For Samsung, even with all that, they're trying to do here. They're trying to help out. It's impossible for them to keep up with security-based unless they have this massive team. I don't expect that they do have a massive team that's going to be working in parallel. 130 teams, one for each phone. That just isn't happening.

So again, if security is a concern, Android is not the way to go.

If, for some reason you morally, ethically, religiously cannot use an iPhone and then have a solid look at Samsung because of this promise they came up with, here in the last two weeks, of four years of security updates for more than 130 phones.

Finally, there is an Android phone that will have security updates at some point in time, versus what we've had over the years of really, you can only count on it for one or two years. It's just not worth it. Not a good thing.

Hey, I am sending out on my newsletter, not just my show Notes, but I have also been sending out one or two other emails a week that have some very narrow training. What I've been doing is making audiograms for you guys. This is a video that is of me speaking, explaining something. On that video, you can see all of the words you can read along, which is great for people who are hearing impaired, or maybe you want to have that computer muted for whatever reason. It makes it easy.

You can find me on YouTube, just go to Craig peterson.com/youtube, and you can catch those audiograms.

You can also get them. If you are an active subscriber to my newsletter, active means you open it. You read it. I know you do. If I don't consider you active you just don't get this extra information. So, make sure you open those emails.

A lot of us have been complaining about cookies and tracking for a long time. Google has finally heard us? I'm not sure about this. We're going to talk about third-party cookies, right now.

Hi, everybody. Thanks for joining me, Craig Peterson here.

Well, third-party cookies are where you go to a website, and that web browser kind of squeals on you, shall we say.

What happens is Google, for instance, is trying to track you as you go online. As you go between websites. They're calling this kind of an advertising surveillance industry on the web.

Frankly, this third-party cookie has really been an important part of this whole surveillance industry. What it does now is it allows a website to have a look at where you have been online. When I say it allows a website, it's really Google, that's doing the tracking. Obviously, you're going to a website, Google doesn't own every website out there. In fact, it barely owns any, when you look at the number of websites that are out on the internet.

So Google has this whole concept of if you're visiting this site and you have visited this site and this other site, I know something about you. So it sells that information because it's seeing the pattern, right? That's the whole idea behind the advertising.

Phasing out these tracking cookies and these other persistent third-party identifiers have been something people have been trying to get rid of for a very long time. The Electronic Frontier Foundation you'll find them online@eff.org has been jumping up and down trying to get everybody to pull up their socks if you will.

One of the first players to really jump into this was Apple. Apple has pretty much told the whole industry, you got to stop doing some of this tracking. Some of the tracking is okay.

Again, how many times have I said, if I'm looking for a Ford F-150 then I don't mind seeing ads for the Ford F-150. Why would I want to see ads for a motor scooter when I'm looking for a pickup truck. Frankly, if I'm looking for an F-150, I expect to see ads maybe for a Chevy Silverado or a Dodge truck, does that make sense to you? I'm looking for something and that's when I'm interested in seeing it.

Google is now jumping on this bandwagon because Apple has said we are going to be doing a couple of things. We are going to be forcing you, app developers, to tell everybody exactly what you are doing with their information, what you're tracking, who you're selling it to, what it's being used for. That's a very big deal.

It's got the whole advertising industry very worried. Google is coming along saying, okay, Apple will do you a little bit of one better. Of course, the biggest complaint from Facebook who ironically has been buying newspaper ads, if you can believe that. Google has been destroying the newspaper industry and now it's going to newspapers to try and get people to stop Apple from destroying Facebook's industry by blocking some of the advertising tracking that Facebook has been doing.

Now, what Google is doing is looking to replace these third-party cookies. How were they going to do that?

They are already doing a few rather sneaky things. For instance, they fingerprint your browser. Your browser has a fingerprint because you have certain extensions on your browser that you've added. You have your computer, which has an operating system that has a certain version. It has a certain amount of memory. It has a certain amount of disc storage. A lot of the private information, personal information about your computer can be gleaned by a website.

One of the things they've been doing this, you're blocking cookies. No problem. I can still figure out who you are and they don't necessarily know exactly who you are, but they have a very good idea.

One of the proposals Google has come out with is called the federated learning of cohorts, which is very ambitious and could be the replacement, if you will, for these third-party cookies that could be the most harmful. What it is is a way to make your browser do the profiling. Itself.

Historically they've been able to track your browser as you go around and then they have to pull all of that information together. They pull it together and they come up with a picture of you and who you are. Yeah. You're interested in buying a pickup truck, particularly an F150. This is an example.

That picture gets detailed about you, but it's something that the advertisers have to put together. What this flock or federated learning of cohorts is doing is it's boiling down your recent browsing activity into a category. They're calling this a behavioral label, and then they're sharing it with websites and advertisers.

The idea is basically your web browser itself is going to put you in one or more buckets and the websites that you're visiting and the advertisers that are advertising on those websites will be able to get that label that your browser has put on you. Yeah, you like that?

So what EFF is saying is that this could exacerbate many of the worst non-privacy problems with behavioral ads, including discrimination and predatory targeting. You can guess what those things mean, right? They're calling this a privacy sandbox, right? It's always the opposite.

If Congress is passing a bill, that is a COVID relief bill, you can bet that there's very little to do with COVID relief in the bill. Wait a minute, actually, that's true. There's only 9% of the money in this almost $2 trillion spending plan. 9%, that actually goes to COVID relief. Instant COVID relief bill.

Same thing here with Google, right? This is the privacy sandbox and it's going to be better, Google says.

In the world, we have today where data brokers and ad tech giants, track and profile everybody with complete impunity. Just like Equifax has. Just like Equifax lost our personal identifiable information, our social security numbers, or addresses or names or date of birth, et cetera, et cetera. Yeah. Yeah. Okay. We pay a small fine. Yet. We go on.

Are they out of business? Have they lost business? In fact, they gained business because people have been paying Equifax to monitor their credit. Oh my gosh.

That framing that Google is talking about is based on a false premise that you have to choose between tracking and new tracking. Does that sound familiar? Yeah. It's not an either-or. We really should be rejecting this whole new federated learning of cohorts proposal Google has come out with.

You can bet that Apple is going to reject this outright because it's really rather terrible.

If you care about your privacy on the other hand again, I look at it and say I want an F-150. I don't mind ads for pickup trucks, so what's wrong with that? Okay. There's two sides to this.

I just don't like them calling me by name when I walked past a billboard.

Stick around, we'll be right back.

I'm a fan of much of what Elon Musk has done, what he's trying to do when it comes to technology, and being a proponent of technology.

I'm not fond of Elon Musk taking over $3 billion from the taxpayers though.

Hi, everybody. I appreciate you spending a couple of hours with me here on the weekend. There's so much to cover.

Elon Musk it was $3 billion that he had received in government subsidies. Now we're looking at this, according to good jobs, first.org. We're looking at $4.9 billion dollars that Elon Musk has received basically from the taxpayer.

It's really sad when you get right down to it. Now, Tesla got money from taxpayers he's paid some of it back. It's really the government trying to name a winner.

There's a lot of competing technologies. There's even non-electric cars out there. How many of you even aware of this? That use, for instance, hydrogen instead of electricity. Now there's, of course, with any technology there's complications here and there. Hydrogen is absolutely amazing. It's an electric car. You fill it up with hydrogen and the only byproduct of the burning, if you will, the hydrogen, is water. In fact, it doesn't burn the hydrogen. It combines it with oxygen to make the water and produce electricity all at the same time. Very cool.

There are some prototypes out already on the roads out in California and some other places around the world.

When the government's giving out billions of dollars to electric cars, they're effectively naming a winner. Aren't they? Does that make sense? I don't think so. We've got to have a free market and this is not a way to have a free market.

It's just like with solar, wind, some of these other technologies where the government is taking our tax dollars and is saying this particular technology, and even worse, look at Solyndra, look at some of these others just absolute debacles.

Now, even worse they give money to a specific company within a certain industry. That is not a good thing. Government has a terrible record at picking winners. Even investors, you look at people who are angel investors and who are venture capitalists. They are lucky. If they make money in one of 10 of their investments. It is not a great way for them to make money.

A professional investor does terribly. Imagine how poorly a politician does. The politician is going to be listening to the people knocking on their door, saying here's some money for next time you run for the house or Senate. Or locally, in local elections, it even happens. That is a very bad thing.

It's been proven again, and again over particularly in the last about 140 years. Governments' terrible about picking winners. Yet they do it every day of the week. Tesla has gotten money, right? Some, of its tax benefits, some of it is actual cash. The bottom line, they've some great technology.

Now what's happening is Tesla is asking Tesla fans to lobby the government on its behalf. Great article by Rachel Kraus over on Mashable about this week. I love it.

She says a Tesla fan. Your mission. Should you choose to accept it is to go to bat politically for the company. Check this out online. You might want to too because Tesla has launched a new online portal called the Tesla engagement platform. CNBC spotted this about a week ago, and this is a hub where Tesla posts actions its users can take like contacting government officials when there is a potential law that would affect the company.

In fact, it says in a blog post on this hub Tesla built. Engage Tesla is a new platform for both Tesla's public policy team and Tesla owners clubs. Its goal is to create a digital Homebase for all of our work and to make it easier for Tesla community members to learn what's top of mind for us. Take meaningful action and stay in the loop. We hope you'll enjoy our, excuse me, will we hope you'll join us in getting involved? Oh my gosh.

So, I'm on Engage Tesla, it is at engage.tesla.com. Very pretty pictures. By the way, of some of these new Tesla cars, very cool cars. I would absolutely drive one of these things.

One exception, I don't like the handles. I talked about that a couple of years back. About door handles on the outside. Having been in emergency medicine for a while. EMS, I can tell you, in accidents, you want something you can grab onto and have serious leverage. The doors get bent, things happen. There's at least one case I'm aware of where someone got trapped inside the car that was involved in an accident and then burned to death because the people who were trying to rescue him could not get him out of the car because there are no door handles to pull on.

Yes. I know the handles come out automatically when everything's working right. I'm talking about the most extreme of problems here. Anyhow, I'm digressing again.

Uber is doing much the same thing, by the way. It isn't just Tesla. Uber is, in fact, they had their drivers this was October last year, sue Uber over what these drivers called pressure to vote and advocate for the proposition in California. Not a good thing when you get right down to it.

It is it's a real problem when you look at this in detail now. I'm not sure it's a terrible problem, but I do have a serious problem with companies soliciting the government in order to get things like tax subsidies in order to get special favors.

A lot of people do too. Look at all of the people who were upset with Tesla for trying to get a tax holiday for its battery plant and for some of its other facilities and things that they're doing.

By the way, there is currently a post on this Tesla engagement platform asking Nebraska residents to contact lawmakers about a law coming up for a vote that would enable Tesla to open showrooms and service stations in the state where it's currently prohibited.

Now I brought that one up, particularly because I think again, free market. There's no reason in today's world. No legitimate, let me put it that way, reason to have dealerships. I think we should be able to buy a vehicle directly from a manufacturer. If they want to have certified repair shops, knock yourselves out, but we don't need somebody sitting there anymore in a dealership. Same thing with most of these distributorships. I think we have been shown that a car can be ordered online, configured, online shipping to us. We can be pretty darn happy with it. By the way, that they are shipping it to us in our state gives them what's called a legal nexus. So, they do have a presence in the state. They can be sued in the state if there is a problem. This whole thing in Nebraska, I don't think there should be dealerships that are exclusively provided the right to sell vehicles within the state.

My opinion. All right. Hey, stick around. Cause we will be back.

We're going to talk a little bit about deep fakes. This is cool because MyHeritage is doing something that's scaring a few people.

You're listening to Craig Peterson.

Make sure you check out my website, Craig peterson.com and sign up.

You might've seen some of these deep fakes out there. Videos where it's putting Elon Musk's face on people or others in videos. Did you know that there's audio as well? They're using it to bring back our ancestors.

Hi guys. I really appreciate you listening to me.

There is a website out there called MyHeritage and it's very popular. It's a site that allows you to do a genealogical examination of yourself, a little look at DNA, they'll look at your family tree. They've got some research stuff up there. They have something new called Deep Nostalgia and I think this is very cool.

It really introduces some interesting problems, frankly. This allows you to animate a face in a photo. It's unnerving. When you have a look at this thing. You can check it out, again. MyHeritage.com/deep-nostalgia N O S T A L G I A. In case you're wondering how to spell it. They require you to create an account on their site and then you upload the photograph.

It takes that photograph and it has them pose it's really uncanny. I'm looking at a picture black and white that was taken it's right there on their site of a couple. I would guess this is a 1960-ish-era photograph based on the hairstyles and the glasses. It's just so weird because they have this photo. It's a head-on face-on photo and they've animated it so that the woman in this photo she's moving her head around. She's smiling. This is a really great smile. She blinked. She moves her head up and down and looks over to her and looks back again. Wowsers. It is absolutely amazing. You might want to check it out. It's a form of artificial intelligence that's doing this.

Of course, it has to make a bunch of assumptions. So if you look, you don't even have to look that closely, but if you look fairly closely at the picture, you'll see some detailed problems with her hair, the ends of her hair. At the top of her head, because you can't see the whole top of her head in the original picture. You can obviously not see both sides of her face or her head because that particular picture just a straight-on shot. It's making it up as it goes.

We're seeing deep fakes more and more. We're going to see a real problem, coming up in another couple of years, certainly by the time 2024 arrives with deep fakes.

We've already got Russians influencing our elections. Of course, not as much as the oligarchs out in Silicon Valley have been influencing our elections, but they are already influencing us in a very big way.

China, as well, imagine what'll happen when they start producing deep fakes of our presidential candidates saying things or doing things that they have never said nor done.

What I did is. I figured I want to give you guys an example. Audio seems to be a little bit harder for the deep fakers than some of the videos. At least the technology and audio hasn't quite come as far. I'm going to play for you right now. A deep fake of my voice.

This is not my voice, you're about to hear. Then I'm going to play a completely computer-generated deep, fake. So let's go here. I'm going to play my voice right now. This is an example of a deep fake using my voice. Did you catch that? That wasn't me. That was a computer again. I'm going to play it for you one more time.

This is an example of a deep fake using my voice. Now you can hear some of the problems with it. If you listen really closely that it's not really me, but it's close enough that if you weren't paying a whole lot of attention, you would not notice that it really wasn't me saying something.

Expect within the next year, that type of technology to get to the point where you won't be able to tell.

So think about it. What would happen? If a tape was released, talking about, Mitt Romney for instance, saying half of the voters that are never going to vote for me anyway, and that was recorded. I guess, by one of the waiters, it was at an event.

If you took this voice of mine and you created a deep fake, cause all you need is about five seconds worth of someone's voice to make a deep fake. You had politician X, let's say that Hillary is running again for precedent, okay in 24. You could have her say almost anything. The audio quality might not be up to it, but with most of these recordings that are made on people's cell phones either, is it.

I want to play another deep fake. This is a completely fabricated female voice. This is an example of a deep fake using a completely generated voice. Yes, indeed. I created that. I can make her say anything I want to.

Help me. Craig is holding me hostage inside his computer. Yeah. This is going to be a huge problem in the future.

There are concerns about what they are doing over at MyHeritage. Look at some of these pictures. Here's one it's cool. It's unnerving. Here's again, a guy with a family, this one's in color, he's got a right ear, the really pops out there, but he's looking around.

Have you used an iPhone and taken a picture and they call them live pictures. You can see the person right before the shutter is closed. You can see the person moving around. It's really a little video right in front of the picture. That's what these things look like.

Ah, here's this little kid he's looking around. Here's one, a very old one. Oh my goodness, it is creepy. You got to check this out online. MyHeritage is.com/deep nostalgia.

Now here's where the concern comes in. In an article on Life Hacker. By David Murphy, he is talking about taking these old pictures could be very old pictures of somebody sitting around somewhere, uploading it to the site. Then you get a little bit of nostalgia. I get creepy nostalgia that only comes from this static image now moving around on your screen.

I don't get it, really, I don't myself. I think that it's just plain creepy, but if you decide to do it, cause it is cool. Okay.

You probably should use a temporary account to make it to make your account over on MyHeritage and maybe also delete the photos that you upload and turn into these deep fakes. So many other websites out there, if you do go ahead and upload it, they go and claim the rights to it because it's a derivative piece. They made this little video from your photos. So, that's not your photo anymore. It's now theirs. It gives them a royalty-free worldwide perpetual and non-exclusive license to host copy, post, and distribute the content. It could be a problem, but I can tell you one thing that definitely would be a problem, that is if you use a username and the password you've used elsewhere.

Now, I have to bring this up because most of us are using the same password on every website or maybe, yeah we're really smart. We got three passwords and we vary them. I did that for years, but that was many decades ago. We just can't do that anymore.

If you are going to make an account on MyHeritage or anywhere else, make sure you don't use a password that you've used anywhere else because it is a problem.

Ultimately, it's a real problem for you and you can't believe your eyes or your ears anymore.

You share these pictures. I don't know that they allow you to download them because I did not put my own pictures up there. If these pictures are watermarked. Delete your account. Click that blue link under the big grid text to get started. That's supposed to delete anything anyways. You can figure it out but have a look anyway, it's in my newsletter that comes out on Sunday morning. There'll be a link in there that you can click on and see what they've been able to do.

Remember. When it comes to particularly things coming up in this next election where it really matters who we vote for, it really matters. Other countries have a very big opinion about who we should be electing to office.

Look at what happened with Rep Swalwell out in California. Here's a guy who was running for mayor the Chinese socialist government decided they would put a honeypot into his campaign. So they got this woman who was trained in seducing people. They seduced Swalwell and she raised money for him, for his campaign as mayor and stuck with him over the years, all the way until he was in Congress.

Then in Congress, she helped him get onto the very influential committee in Congress, where he had full access to our government secrets. Certain secrets that are. She apparently was feeding all the information right back to China. That is not a good thing, not a good thing at all. It goes to how much. China is willing to do to directly influence and infiltrate our government and our businesses.

If they will assign one of their spies to seduce a mayor of a small city in California, and then help elevate him to Congress and to the chairmanship in Congress. By the way, The speaker of the house, Nancy Pelosi has not removed him from that seat. She's got a Chinese spy problem herself. That's another story.

They're willing to do anything.

It's going to be a rough little time here going forward. Let me tell you these deep fakes are getting more and more real.

I'll be right back with a whole lot more.

You're listening to Craig Peterson.

I've been talking about this on the radio all week, at least since midweek. I want to talk about it now, and why I am so upset with Microsoft. I can hardly contain myself. This is crazy.

This is Craig Peterson here. You heard it right. The guy that's very upset with Microsoft. What shall I say? We're going to be getting into that in just a couple of minutes.

This is a real problem. What are we supposed to do? We have bad guys now doing what is called supply chain attacks.

The simple way to explain this is you have someone who is supplying software for you. It could be Microsoft. We heard about something, that happened very recently with SolarWinds and how they had software that they were providing their customers, which included government agencies. All kinds of them. It included many businesses. A lot of managed services providers were hacked by this.

A very, very big problem, because they were trusting the software that came from SolarWinds, and that software had been digitally signed, so they knew it was legitimate. Everything's good. Nothing to worry about here, let's go on with our lives.

However, the reality was that the SolarWinds software had been hacked many months prior to anybody really noticing. It was hacked in such a way that when SolarWinds provided their software to their customers were now infected.

Now, you might look at it and say SolarWinds, they should be signing their software. They should be watching the chain of custody for their software. They did, in both cases, they were signing it digitally so that their customers knew, okay, this is legit. This is really from us. You can install it. It's good.

But you're checking the signature didn't do any good. You were still going to be hacked because it was in SolarWinds software.

Microsoft has been providing us with software for many years. I helped develop some of the Windows NT code ways back when. Their new technology, that's what the current versions of Windows are based on. I can remember way back then, just what a mess it was I couldn't believe the way they did so many things. It was just absolutely crazy.

Of course, David Cutler, VMS guy, for those of you who remember all of that, really spearheaded that NT project. There were a lot of VMS systems in it, but