Tech News of the Week for 1/30/2024 [MTG-25]

[00:00:01.450]
Announcer: Welcome to Tech news of the Week.

[00:00:03.380]
Announcer: With your host, Ventura highway in the sunshine.

[00:00:08.930]
Ned: Welcome to Tag no one of the west.

[00:00:12.530]
Ned: This is our weekly tech news podcast. Where Chris and I go over four interesting stories that we found in the tech news that we think you might find interesting as well. I handled the main article that's coming up in a couple days. So, Chris, why don't you kick us off with a story that you found interesting.

[00:00:31.930]
Chris: New York City passes law aiming to limit AI based discrimination in the hiring process.

[00:00:38.410]
Chris: It's super ineffective.

[00:00:42.250]
Chris: So it's a well known complaint that more and more hiring at companies of all shapes and sizes are utilizing automated systems to scan candidates who apply for open positions.

[00:00:56.050]
Chris: Now, on the one hand, this is understandable as the number of applicants to jobs is skyrocketing. Just look at LinkedIn job postings that are, I don't know, a week old, and you will regularly see lists that stay 500 plus applicants in densely populated places like, say, for instance, large metropolitan areas. Now that is a legitimately hard number of resumes to go through. So these systems, which are referred to as automated employment decision tools, or AEDTs, supposed to help with that first line of cuts. Now, cynically, as an aside, this is also where the saying it's not what you know, it's who you know, comes ever more into play. Best to just skip the first line if you can.

[00:01:41.090]
Ned: Yep.

[00:01:42.270]
Chris: Anyway, increasingly, AEDTs are using AI or AI like decision making, and New York City was concerned that it was going to cause race and gender bias, as can very easily happen with AI or AI like tools. This particular law was listed as ll one four four passed in 2021 and finally went into effect in July of last year.

[00:02:09.530]
Chris: Earlier reports show that, well, doesn't seem like the law is super great.

[00:02:16.570]
Chris: So companies under this law are required to post audit reports online to show that a in the interest of full transparency, they are using these tools and b that these tools are not biased. Simple enough.

[00:02:33.010]
Chris: Out of 391 companies sampled, only 18 had thus far published anything at all. The reason for this, the researchers concluded, was simple. There's really no penalties, nor are there hard and fast benchmarks defined under the law to say what is and what is not discrimination. Ll 144 quote grants near total discretion for employers to decide if their system is within the scope of the law, Jacob Metcalf, researcher at Data and society, one of the study's authors, said. And there are multiple ways for employers to escape that scope, unquote. Yikes.

[00:03:16.760]
Chris: Yeah, hopefully this one can go into the annals of history as a good first try and we can get a new law enacted that fixes these glaring policy issues soon.

[00:03:30.640]
Ned: I've been listening to a really good book called Recoding America and it talks about the intersection of policy and implementation and this seems like an issue with policy.

[00:03:40.310]
Chris: Yeah.

[00:03:42.790]
Ned: Google ditches egress pricing, sorta. Despite the breathless headlines, the truth is slightly more mundane. Google Cloud has announced a change to data egress charges only if you are planning to terminate your Google Cloud account. The change does not impact normal egress charges, which continue to be extortionate across the entire cloud spectrum. If you would like to terminate your account on Google Cloud and move all of your data somewhere else, you can do so without incurring any egress charges.

[00:04:16.300]
Ned: Granted, this is definitely a step in the right direction, and if you have a few petabytes of data in Google Cloud, the egress charge wasn't going to be cheap, and Google is probably trying to get ahead of regulations that are being drafted in the EU about this very sort of lock in. So I guess good for you Google Cloud, maybe you could cut the normal egress fees to a reasonable amount.

[00:04:43.290]
Ned: The post then goes on to bemoan the true villain of cloud lock in Microsoft. Or I mean, quote certain legacy providers. To quote in full, certain legacy providers leverage their on premises software monopolies to create cloud monopolies using restrictive licensing practices that lock in customers and warp competition, end quote.

[00:05:08.850]
Ned: Jesus, Google, just say Microsoft. We all know what you mean, and you're not wrong when it comes to SQL and Windows licensing. Of course, both of those platforms are in serious decline when it comes to cloud applications, so I don't know if their arguments really holds water. Like I said, maybe focus on those other egress fees first.

[00:05:28.970]
Chris: Someone combined personally identifiable information from thousands of data breaches into one super breach.

[00:05:36.850]
Ned: Yay.

[00:05:38.030]
Chris: And here's the fun part. We apparently have no idea who nor why. Breaches, as we all know, happen all the time, and data from said breaches is sold when it can be, but eventually it all gets made public.

[00:05:55.330]
Chris: It is still a pain to collate. All this information from all these different breaches, but sites like have I been poned? And Cybernews, et cetera, et cetera do it all the time.

[00:06:07.220]
Chris: That way you can do one search and simply marvel at all the different companies that have lost your various pieces of personally identifiable information. I just checked my email and it's up to at least 41, ironically including my credentials on a training website called pii-protect.com fun.

[00:06:29.390]
Chris: This week security researchers from Cybernews and security Discovery jointly announced what they are calling, perhaps a bit hyperbolically the mother of all breaches, or MoAB, which, if you have a long enough memory, you realize why they use that acronym.

[00:06:47.330]
Chris: This particular breach contains 26 billion records from nearly 4000 identifiable breaches.

[00:06:57.430]
Chris: This is clearly the largest single collected trove of breach data ever found by a mile. It's not that any of this is new. There's a chance some of it might be, but really it's that it's all been collected into one place. It was found, quote, on an open instance, unquote, just like sitting there. That is super vague, I know, but it's the dark web. I think they still use Telnet there.

[00:07:30.130]
Ned: Or Binary boy.

[00:07:31.060]
Chris: Best not to ask a lot of questions.

[00:07:32.760]
Ned: Yeah.

[00:07:34.450]
Chris: So brightside, all the good guys have immediately downloaded this list and will be doing scanning on your behalf. Should you have already paid for it, to see if you have credentials that are in a breach and you have whether you know it or not, a lot of good guys trying to help you can enable this type of lookups in Microsoft Office 365, most likely in your password manager, basically any IAM platform worth its salt.

[00:08:02.250]
Chris: The bad news though, the bad guys have this giant list too.

[00:08:06.810]
Ned: Yeah

[00:08:08.750]
Chris: As always, the username and password can only get those bad guys so far. Don't reuse passwords, use MFA. Ideally not based on text messages. Answers to your security questions should be random. Disable old accounts that are no longer used, whether they are personal or professional et cetera, et cetera, et cetera line, et cetera. Basically, online security hygiene is just not going to go out of style.

[00:08:45.610]
Ned: Indeed, I've gotten an unusual number of emails asking me if I want to reset my password lately, and I think this is probably the reason why.

[00:08:56.010]
Ned: Tape is dead. Long live tape. For a long time I believed that tape was a dead medium, possibly due to personal grievances from my days running a disaster recovery program.

[00:09:09.310]
Ned: Nothing ruins a DR run quite like a bad tape. Pettiness aside, tape continues to be a thriving business, with the latest generation LTO nine storing 45 terabytes of compressed data on a single tape. That's pretty unrivaled in terms of cost and capacity for long term storage, but it does have some downsides in terms of write speed, 400 megabytes per second and the need for sequential retrieval and a need to copy to fresh tape about once a decade or so.

[00:09:42.730]
Ned: What's the alternative for long term archival storage? Startup Cerabyte offers a solution that uses ceramic nanolayers on ultra thin glass to store data, using lasers to etch a matrix on each layer. The matrix can be written in a single laser burst, writing 2 million bits per pulse, writing about 100 megabytes per second on their prototype system.

[00:10:09.650]
Ned: Cerabyte believes that they can scale that system to a capacity of five petabytes per rack, writing at 500 megabytes per second in 2025, with future models hitting the 30 to 60 petabytes per rack capacity.

[00:10:25.550]
Ned: The primary advantage of glass etching is its durability. Although the media is write once, that's fine for archive data, and Cerabyte estimates the durability to be 100 plus years. Like tape, it requires no maintenance or power when not being accessed.

[00:10:44.550]
Announcer: If this idea of glass and laser data storage sounds a little familiar, Microsoft has been working on Project Silica for like, eight years now with, as far as I can tell, nothing to show for it. The fact that Cerabyte has a working demonstration system puts them years ahead of Project Silica and primes them for investment.

[00:11:05.390]
Ned: With the explosion of data hitting the Yottabyte range, having stable, cheap, long term storage is becoming ever more necessary. Perhaps glass can finally kill tape, and I'll be vindicated.

[00:11:19.050]
Chris: A yacht. A bite. Yada byte. Is that just short for. Yo, that's a lot of bytes. Yo, that's a lot of bites.

[00:11:26.810]
Ned: All right, that's it. We're done. Go away now. Bye.