Bootstrappin' Boogie: Why Your Secure Boot Might Not Be So Secure

Chaos Lever Podcast

Player FM - Internet Radio Done Right

Ditambah three tahun yang lalu

Kandungan disediakan oleh Chaos Lever, Ned Bellavance, and Chris Hayner. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh Chaos Lever, Ned Bellavance, and Chris Hayner atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.

State Secrets: Inside The Making Of The Electric State

1
Family Secrets: Chris Pratt & Millie Bobby Brown Share Stories From Set 22:08

26 days ago22:08

Main Kemudian

Senarai

Suka

Disukai

22:08

Host Francesca Amiker sits down with directors Joe and Anthony Russo, producer Angela Russo-Otstot, stars Millie Bobby Brown and Chris Pratt, and more to uncover how family was the key to building the emotional core of The Electric State . From the Russos’ own experiences growing up in a large Italian family to the film’s central relationship between Michelle and her robot brother Kid Cosmo, family relationships both on and off of the set were the key to bringing The Electric State to life. Listen to more from Netflix Podcasts . State Secrets: Inside the Making of The Electric State is produced by Netflix and Treefort Media.…

about a year ago 30:36

MP3•Laman utama episod

Ned and Chris explore a newly discovered flaw in UEFI Secure Boot that’s led to a critical OEM blunder that allows rootkit attacks, and the only fix is a potentially daunting firmware update.

Secure Boot’s Achilles’ Heel

Ned and Chris dive into a freshly uncovered flaw in the Secure Boot process of PCs using UEFI firmware. They trace the evolution of boot processes from ENIAC’s manual grind to today’s automated systems, highlighting the crucial role of cryptographic keys in blocking unauthorized code. Along the way, they expose a serious blunder where some OEMs carelessly included untrusted platform keys in their UEFI firmware, opening the door to rootkit attacks. The fix? A firmware update—if you’re brave enough to handle it.

Links

231 episod

#Tech News #Chaos Lever #Chris Hayner #Ned Bellavance #News #News Weekly

Chaos Lever Podcast

Bootstrappin' Boogie: Why Your Secure Boot Might Not Be So Secure

Chaos Lever Podcast

published about a year ago

Kongsi

MP3•Laman utama episod

Ned and Chris explore a newly discovered flaw in UEFI Secure Boot that’s led to a critical OEM blunder that allows rootkit attacks, and the only fix is a potentially daunting firmware update.

Secure Boot’s Achilles’ Heel

Links

231 episod

#Tech News #Chaos Lever #Chris Hayner #Ned Bellavance #News #News Weekly

सभी एपिसोड

Chaos Lever Podcast

1
Fast Flux DNS Threats, TikTok Faces EU Fury, NGINX Exposed | Tech News of the Week 9:41

2 days ago9:41

9:41

This week we talk lawsuits, leaks, and legacy code—all wrapped in Kubernetes vulnerabilities and good ol' DNS doom. It's everything you didn't know you needed to hear, and more. Let's dive in: 🧠 TikTok is getting slammed with a €500 million fine from the Irish Data Protection Commission for casually throwing GDPR into the sea. The Tok (yes, we're calling it that now) has been caught red-handed shuffling EU user data straight outta the continent. Meanwhile, April 5th was the US deadline for a sale-or-ban situation. You're in the future. You know what happened. We don’t. https://www.engadget.com/big-tech/tiktok-reportedly-faces-a-%25e2%2582%25ac500-million-fine-for-sending-private-user-data-to-china-162214079.html 🐙 NGINX Ingress controller vulnerability alert! Whizz disclosed a cluster of five issues that basically throw open the doors to your entire Kubernetes environment—if, and only if, the attacker is already inside. Still, maybe stop listening to this podcast and go patch your stuff. https://thehackernews.com/2025/03/critical-ingress-nginx-controller.html 💾 Bill Gates just released original Microsoft source code from 1975, and yeah, it’s both nostalgia bait and promo for his new autobiography. The code's printed. As a PDF. It's massive. And full of 1970s programming hacks that might hit a little too close to home for modern devs. https://www.gatesnotes.com/home/home-page-topic/reader/microsoft-original-source-code 🌐 DNS is always the problem. The latest? Fast Flux DNS attacks. CISA is waving red flags about a technique that helps malware stay stealthy by constantly changing IP addresses linked to C2 servers. It's a real “blink and you missed it” kind of threat. Patch your filters, folks. https://www.theregister.com/2025/04/03/cisa_and_annexable_allies_warn/ Don’t forget to patch your stuff and like, subscribe, or just go yell at a router. See you next week!…

Chaos Lever Podcast

1
Women Who Built the Future (and Got None of the Credit) | Chaos Lever 27:35

6 days ago27:35

27:35

This week on Chaos Lever, we take a detour through a moldy book, moldy cheese, and somehow land at a celebration of women in tech history. Because that’s how this show works. We kick things off with a hot take on Who Moved My Cheese? and an uncomfortably enthusiastic ode to Gorgonzola, then accidentally spiral into a cinematic sadness spiral featuring Robin Williams. You’re welcome? From there, it’s a genuine salute to some lesser-known (but no less badass) women who shaped the technology landscape. We’re talking Bletchley Park, US Navy Code Girls, early human computers, and the pioneers who helped birth the GUI and the Internet as we know it. There are historical facts, dubious metaphors, and a surprise cameo by the first-generation Prius. I'd say blink and you'll miss it, but this is a Prius we're talking about. So if you’re into awkward transitions, wildly underrated tech heroes, and a sprinkle of righteous rage, then buddy, have we got the episode for you. 📎 LINKS Chaos Lever Website → https://chaoslever.com Code Girls of the US Navy → https://usncva.org/history/women-in-cryptology/world-war-ii-code-girls.html The Rose Code → https://www.goodreads.com/book/show/53914938-the-rose-code Behind the Bastards - Steve Jobs → https://youtu.be/aEv08Zzunfc That good government tech book Ned forgot → https://www.recodingamerica.us Mashable article → https://mashable.com/article/unsung-women-in-tech Women of Bletchley Park → https://www.bbc.com/news/uk-england-beds-bucks-herts-27898997 Hedy Lamarr → https://www.history.com/articles/hedy-lamarr-inventor-frequency-hopping-wifi Annie Easley → https://www.nasa.gov/history/history-publications-and-resources/oral-histories/annie-easley-oral-history/ Dr. Adele Goldberg → https://www.extremenetworks.com/resources/blogs/women-who-changed-tech-dr-adele-goldberg Steve Jobs is a nutbar → https://www.uniladtech.com/apple/why-steve-jobs-soaked-feet-in-toilet-water-926274-20240628 Megan Smith on Net Neutrality → https://www.washingtonpost.com/news/the-switch/wp/2014/11/14/u-s-cto-on-net-neutrality-critics-are-you-supposed-to-argue-with-physics/…

Chaos Lever Podcast

1
Microsoft Azure Is Retiring Your Admin Access | Tech News of the Week 11:43

9 days ago11:43

11:43

It's a wild week in tech and we're taking you on a ride through the most ridiculous and revealing stories from the digital frontier. Buckle up. 🎵 Remember Napster? Of course you do. It was the soundtrack to many of our teenage years, sneaking MP3s over college Ethernet networks and dodging Metallica-shaped lawsuits. Well, guess what? It's back... again. Sort of. Another Web3 company has paid *$207 million* for the name and logo of a brand that hasn’t made a dime since Bush was in office. We break down the hilariously tragic life and times of Napster and why, in 2025, someone still thinks it's worth salvaging. https://www.theregister.com/2025/03/27/napster_gets_new_owner/ ☁️ Microsoft Azure is quietly retiring legacy services, and one of them could break your whole environment. Classic Subscription Administrators are officially on the chopping block, and if you don’t migrate to RBAC by April 30, 2025, you’re out of luck—and out of your own account. Chris takes you through the Azure Service Retirement Workbook (yes, that’s a real thing) and how not to get nuked by an expired admin setting. https://learn.microsoft.com/en-us/azure/advisor/advisor-workbook-service-retirement?tabs=impacted-services 🚀 Fermyon and Akamai just teamed up to drop *Wasm Functions*, a WebAssembly-based service with lightning-fast cold starts and a whole lot of polyglot potential. Think apps spinning up in half a millisecond, edge deployment, and basically a glimpse at the future of serverless. Ned explains why this might be WASM’s breakout moment—and why Azure should probably start taking notes. https://cloudnativenow.com/features/akamai-allies-with-fermyon-to-advance-wasm-adoption/ 📨 And finally, Troy Hunt—yes, *that* Troy Hunt from HaveIBeenPwned—got pwned himself. A very convincing phishing attack stole his Mailchimp credentials and leaked 16,000 email addresses. While the fallout isn’t catastrophic, it’s a humbling reminder that no one is immune. Chris breaks down what went wrong, what to do better, and throws a little shade in the name of cybersecurity hygiene. https://www.darkreading.com/cyberattacks-data-breaches/security-expert-troy-hunt-lured-mailchimp-phish…

Chaos Lever Podcast

1
OpenAI’s Freedom Salad and the Two-Page Apocalypse | Chaos Lever 33:25

13 days ago33:25

33:25

Biden’s executive order on AI safety was 111 pages of not-terrible ideas like protecting privacy and creating AI guidelines. Naturally, big tech was *not* a fan. Because when you ask Meta and Google to behave responsibly, they act like you just insulted their mom. Meanwhile in Europe: The EU held its AI Action Summit in Paris, making it clear they’re not messing around with AI governance. Public interest, worker protection, and global cooperation were on the table. Investors dangled €150B like a carrot—if only the EU would be a little less…protective of its citizens. 🙄 🧠 Then came Trump's executive order, aka the “let’s delete all the thoughtful stuff” memo. A whole two pages long, it replaced nuance with “make America #1 in AI because democracy and stuff.” Or, more accurately: “drill, baby, drill” but for GPUs. 📄 Enter OpenAI’s response to that call for action. On the surface, it’s just another document—but wow, the vibes are chaotic. There’s flag-waving, fear-mongering about China, and a healthy dose of “we want your data and your blessings.” Also, violently incoherent sentences that barely represent English. 📉 What *wasn’t* in OpenAI’s proposal? Anything about ethics, safety, upskilling displaced workers, or protecting vulnerable communities. But don’t worry—they did include buzzwords, bad logic, and more patriotic tech posturing than a Fourth of July parade. LINKS: 🔗 Executive order 14110: https://www.federalregister.gov/documents/2023/11/01/2023-24283/safe-secure-and-trustworthy-development-and-use-of-artificial-intelligence 🔗 OpenAI’s Response to the RFI: https://cdn.openai.com/global-affairs/ostp-rfi/ec680b75-d539-4653-b297-8bcf6e5f7686/openai-response-ostp-nsf-rfi-notice-request-for-information-on-the-development-of-an-artificial-intelligence-ai-action-plan.pdf 🔗 The original RFI: https://www.federalregister.gov/documents/2025/02/06/2025-02305/request-for-information-on-the-development-of-an-artificial-intelligence-ai-action-plan 🔗 Trumps AI EO: https://www.federalregister.gov/documents/2025/01/31/2025-02172/removing-barriers-to-american-leadership-in-artificial-intelligence 🔗 Forbes Article: https://www.forbes.com/sites/dianaspehar/2025/02/10/paris-ai-summit-2025-5-critical-themes-shaping-global-ai-policy/…

Chaos Lever Podcast

1
Facebook’s Legal Meltdown & Google’s $32B Power Move | Tech News of the Week 10:03

16 days ago10:03

10:03

This week we get into Facebook's ongoing saga of being the actual worst, a massive Google acquisition, some shady AI data scraping, and why the FCC is basically handing over rural America’s internet to the wolves. Buckle up. 📘 Facebook is Literally the Worst, Part One: Leadership Edition Mark Zuckerberg tries to suppress a former Facebook exec’s memoir, *Careless People*, and accidentally Streisand-effects the entire thing. From board game tantrums to predatory ad targeting of teens, this segment is a greatest hits of dysfunction. LINK: https://www.rollingstone.com/culture/culture-features/careless-people-facebook-memoir-1235299645/ 💰 Google Buys Wiz for $32 Billion Remember when Wiz said no to $23 billion and wanted to IPO instead? Well, turns out $32 billion can change a lot of minds. What does this mean for multi-cloud security? Spoiler: nothing good. LINK: https://blog.google/inside-google/company-announcements/google-agreement-acquire-wiz/ 🤖 Facebook is Literally the Worst, Part Two: AI Shenanigans LLaMA, Facebook's open-source AI darling, was apparently trained on a treasure trove of pirated books and papers from LibGen—with exec sign-off. Internal emails show employees questioning the legality while still hitting "Download." Classic. LINK: https://www.theatlantic.com/technology/archive/2025/03/libgen-meta-openai/682093 📞 Say Goodbye to Your Copper Lines FCC’s new head Brendan Carr wants to let ISPs rip out copper lines without proving they’re replacing them with better service. It’s deregulation theater at its finest. Rural internet users, prepare to get fleeced. LINK: https://arstechnica.com/tech-policy/2025/03/fcc-chairman-brendan-carr-starts-granting-telecom-lobbys-wish-list/…

Chaos Lever Podcast

1
Thor, Thumb Drives, and Terrible Tech: Blackhat 2015 | Chaos Lever 41:14

19 days ago41:14

41:14

We’ve got bruised shins, sketchy USB drives, and a surprisingly judgmental cat—so you know it’s a classic Chaos Lever episode. This week, Chris walks us through the wonderfully terrible 2015 movie *Blackhat*, a film that tried really hard to be tech-savvy and instead gave us Thor doing cybercrimes. Ned’s never seen it, which is great, because now he gets to be appalled in real time. Join us as we unravel: 🎬 A plot powered entirely by bad computer graphics 🖥️ Ankle bracelet hacking and thumb drive nonsense 🧠 A hacker who’s apparently too jacked to fail 🐱 A feline who's both off-camera and always judging There’s also a deep dive into why a nuclear plant *doesn’t* explode in 12 seconds (you're welcome), some shouty FBI negotiating, and one very suspicious biometric thumb drive.…

Chaos Lever Podcast

1
Apple AI Fail, Quantum Hype & SUSE’s Bold Move | Tech News of the Week 9:35

22 days ago9:35

9:35

🚀 Welcome back to Tech News of the Week, where Chris and I break down the biggest, weirdest, and occasionally most questionable tech stories from the past week. 🧪 **D-Wave’s Dubious Quantum Supremacy Claim** D-Wave is back at it again, this time claiming "quantum supremacy" (insert dramatic echo here). They say their quantum chip solved a complex magnetic field simulation in 20 minutes—something they claim would take a classical supercomputer 200 years. But some researchers aren't buying it. Teams at NYU and EPFL Switzerland have already shown that a laptop or a few GPUs can solve parts of the problem much faster than D-Wave suggests. So, is this true supremacy or just more quantum marketing hype? 🤔 https://siliconangle.com/2025/03/12/d-wave-claims-achieved-quantum-supremacy-last-others-disagree/ 🐧 **SUSE Wants to Support Red Hat (Yes, Really)** In a move that has everyone doing a double take, SUSE announced at SUSECon that they’re launching the "SUSE Multi My Linux" support program—meaning they’ll support older Red Hat Enterprise Linux (RHEL) systems, even after Red Hat stops maintaining them. It's a bold strategy, Cotton. The program covers proactive and reactive support for different Linux versions, and, oh yeah, SUSE Enterprise Linux 16 is dropping soon with support through *2047*. Optimistic much? 🌍 https://thenewstack.io/suse-displays-enhanced-enterprise-linux-at-susecon/ 🚗 **Hacking Infotainment Systems: A New Cybersecurity Nightmare** If your car has a Pioneer DMH infotainment system, you might want to pay attention. Researchers at NCC Group exploited multiple zero-day vulnerabilities to inject spyware, track locations, and gain access to system data—all through a flaw in the Gracenote music database. While the proof-of-concept required physical access, they say it could be adapted for remote attacks. Pioneer has issued patches, so update your system… or just rip it out and go back to that 5-disc CD changer. 🎶 https://www.darkreading.com/vulnerabilities-threats/car-exploit-spy-drivers-real-time 🍏 **Apple Delays AI-Powered Siri Updates—Blames Marketing** Apple’s much-hyped "Apple Intelligence" features for Siri have been shelved, possibly for up to a year, after internal testing revealed they don’t actually work. Success rates hovered between 66–80%, which is, uh, *not great*. Apple’s decision to pull back has led to some well-deserved mockery, but let’s be real—shipping half-baked AI features would’ve been way worse. Still waiting on that flying car, though. 🚁 https://9to5mac.com/2025/03/14/siri-delays-hurt-but-apple-averted-disaster-by-not-shipping-half-baked-product/…

Chaos Lever Podcast

1
Quantum Computing, Sandwiches, and Superconductors | Chaos Lever 40:05

26 days ago40:05

40:05

This week on Chaos Lever, we explore a heartwarming yet launch into an in-depth (and completely correct, don’t question us) discussion about quantum computing and the hardware solutions behind a qubit. 🧠⚛️ Google, IBM, Amazon, and even Microsoft have been making big moves in quantum tech, each promising advancements that may or may not totally destroy encryption as we know it. Superconducting qubits, quantum tunneling, and the mysterious Majorana zero modes—it’s all here, and it’s all *probably* real. Stick around for deep dives into how different qubit architectures compare, what quantum error correction means for scalability, and why tech companies are obsessed with giving their chips weird animal names. If you make it to the end, congratulations—you've earned yourself a snack from the fridge, preferably one that doesn’t require quantum coherence to stay intact. 🍕 --- 📌 **LINKS** 🔗 Superconducting Qubit Physics: https://web.physics.ucsb.edu/~martinisgroup/classnotes/finland/LesHouchesJunctionPhysics.pdf 🔗 Google's Willow chip: https://blog.google/technology/research/google-willow-quantum-chip/ 🔗 Microsoft's Majorana chip: https://azure.microsoft.com/en-us/blog/quantum/2025/02/19/microsoft-unveils-majorana-1-the-worlds-first-quantum-processor-powered-by-topological-qubits/ 🔗 Amazon's Ocelot chip: https://www.technologyreview.com/2025/02/27/1112560/amazon-quantum-computing-chip-makes-its-debut/ 🔗 IBM's Heron chip: https://newsroom.ibm.com/2024-11-13-ibm-launches-its-most-advanced-quantum-computers,-fueling-new-scientific-value-and-progress-towards-quantum-advantage 🔗Topological state of matter paper: https://journals.aps.org/prb/pdf/10.1103/PhysRevB.107.245423 🌀 Thanks for listening! Follow Chaos Lever for more questionable but entertaining tech discussions. See you next week! 🚀…

Chaos Lever Podcast

1
VMware Under Attack Again—Three New Zero Days! | Tech News of the Week 9:40

29 days ago9:40

9:40

Welcome to another round of tech news! This week, we're diving into the resurrection of a once-popular social media site, the EU's big bet on RISC-V, fresh zero days for VMware, and Broadcom's bold money-making moves. 🎯 **Reddit's Co-Founder Wants to Fix Social Media... With More Social Media?** Alexis Ohanian, one of Reddit’s original creators (the one who *doesn’t* suck), is teaming up with the founder of Digg to bring it back from the dead. Digg was a big deal in the mid-2000s before it collapsed under bad management, but now it’s making a comeback with AI in tow. Will it be the next big thing or another failed revival? Only time will tell. Want to get in early? They’re taking email sign-ups now. 🔗 https://www.nytimes.com/2025/03/05/technology/digg-alexis-ohanian-kevin-rose.html 💾 **The EU Goes All-In on RISC-V for Supercomputing** Europe is pushing hard for digital independence with a $260 million investment in RISC-V-based supercomputing chips. The project, named DAR (Digital Autonomy with RISC-V for Europe), aims to develop three chiplets for high-performance computing. It’s a bold move to move away from x86 and ARM dominance, but can they deliver on their aggressive timeline? 🔗 https://www.theregister.com/2025/03/07/dare_europe_risc_v_project/ ⚠️ **Three New VMware Zero Days—Because One Isn't Enough!** VMware ESX is under attack again, with three fresh zero-day vulnerabilities actively exploited in the wild. The worst of the bunch (CVE-2025-22224) lets attackers execute code on an ESXi host. Microsoft actually reported these to Broadcom, which is a fun little twist. If you haven't patched your VMware hosts yet, now would be a *really* good time. 🔗 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390 💰 **Broadcom's VMware Cash Grab is Working... For Now** Broadcom is cashing in on its $69 billion VMware acquisition by slashing products, jacking up prices, and locking in big customers. The strategy seems to be working—at least in the short term—as revenue soars. But with frustrated customers looking for alternatives, could VMware's long-term future be in jeopardy? Competitors like Nutanix are already gaining ground. 🔗 https://investors.broadcom.com/news-releases/news-release-details/broadcom-inc-announces-first-quarter-fiscal-year-2025-financial That’s it for this week! Like, subscribe, and maybe, just maybe, we'll see you again next time. 🚀…

Chaos Lever Podcast

1
How the Internet Became a Glorious Mess | Chaos Lever 32:25

5 weeks ago32:25

32:25

The Internet: it was never supposed to work this well, and yet, here we are. This week, we’re diving into how we went from isolated, room-sized computers to a global, decentralized network that somehow (mostly) functions. We break down the early days of networking, when computers had to physically dial each other up, and how we eventually arrived at the distributed, self-healing, packet-switching magic that powers everything today. Along the way, we cover the different network models—centralized, decentralized, and fully distributed—and why only one of them could survive a nuclear attack (always an important design consideration). We also touch on ARPANET, the first real Internet, and how a bunch of researchers, military contractors, and a few weirdly named computers set the stage for what we have now. Spoiler: it involves a lot of improvised problem-solving and some very lonely PDP-10s. So if you’ve ever wondered how routing actually works, why the Internet doesn’t just collapse under its own weight, or what an “IMP” is, we’ve got you covered. Just don’t blame us if you leave this episode with a sudden urge to dig through RFCs. 🚀 LINKS 🔗 RFC 1206: https://www.rfc-editor.org/rfc/rfc1206 🔗BGP episode: https://pod.chaoslever.com/break-the-glass-and-walk-away-a-very-brief-overview-of-bgp/ 🔗Supercomputing episode: https://pod.chaoslever.com/from-cray-1-to-el-capitan-the-evolution-of-supercomputers-chaos-lever/ 🔗Classical computing: https://pod.chaoslever.com/turing-to-transistors-classical-computing-101/ 🔗Brief history of the internet: https://www.internetsociety.org/internet/history-internet/brief-history-internet/…

Chaos Lever Podcast

1
GPT-4.5 Drops & The Biggest Crypto Heist Ever | Tech News of the Week 9:37

5 weeks ago9:37

9:37

📢 Welcome to another episode of Tech News of the Week, where Chris and I break down the biggest stories in tech—sometimes with insight, sometimes with sarcasm, but always with desks. Maybe? This week, we're talking about IBM finally sealing the deal with HashiCorp, Microsoft's continued Notepad nonsense, OpenAI's latest attempt to justify its existence, and the biggest crypto heist of all time. Buckle up! 🟡 **HashiCorp Joins IBM** After 10 long months of regulatory limbo, IBM’s $6.4 billion acquisition of HashiCorp is finally official. Now that the deal has closed, IBM is set to integrate Terraform with Ansible, strengthen HashiCorp Vault with OpenShift, and generally try to make their aging product lineup more cloud-native. As a HashiCorp fan, I wasn’t exactly thrilled, but hey—at least IBM is dumping money into R&D. Cautiously optimistic? Maybe. Full breakdown here: https://www.hashicorp.com/en/blog/hashicorp-officially-joins-the-ibm-family and convo with Armon Dadgar here: https://www.youtube.com/live/p9VZMDRJ6m0 🟡 **Microsoft Notepad Gets AI Because… Reasons?** Notepad was perfect. It was simple. It was beautiful. And now, Microsoft is stuffing it with AI features nobody asked for—just like they’re doing with Paint. Oh, and they killed off WordPad, pushing people toward paid Microsoft Word instead. At least the AI-infested versions of Notepad and Paint are optional (for now), but this is a slippery slope, folks. More details: https://www.pcworld.com/article/2614943/microsoft-is-paywalling-these-features-in-notepad-and-paint.html 🟡 **GPT-4.5: Bigger, Better, and Full of Lies** OpenAI just dropped GPT-4.5, and it’s… well, it’s a thing. It’s bigger, more power-hungry, and claims to be "friendlier" and "more truthful"—which means it only lies to you **37%** of the time instead of **59%**. Progress? Maybe. Desperation? Definitely. Sam Altman’s money-burning machine continues, and SoftBank is still writing checks, so here we are. The full scoop: https://www.technologyreview.com/2025/02/27/1112619/openai-just-released-gpt-4-5-and-says-it-is-its-biggest-and-best-chat-model-yet/ 🟡 **Bybit Suffers the Largest Crypto Heist Ever** Dubai-based crypto exchange Bybit just lost **$1.5 billion** to North Korea’s Lazarus Group, making it the biggest crypto theft in history. Hackers exploited Bybit’s Ethereum wallet system, faked transactions, and walked away with an absolute fortune. The good news? Bybit says it’ll reimburse customers. The bad news? This whole mess proves, once again, that "faster" and "secure" are rarely friends. More on this wild story: https://www.reuters.com/technology/cybersecurity/cryptos-biggest-hacks-heists-after-15-billion-theft-bybit-2025-02-24/ Now, go away. Bye. 🚀…

Chaos Lever Podcast

1
The Rise of NAT: A Necessary Evil in Networking | Chaos Lever 49:25

6 weeks ago49:25

49:25

Fifth-generation programming languages? Generations don’t even matter anymore. We’re basically at iPhone generation 16-and-a-half, and at some point, people are just making stuff up. Speaking of making things up, today’s episode of Chaos Lever is all about NAT (Network Address Translation), a necessary evil—or maybe just evil—that helped shape the internet as we know it. To break it all down, we’re joined by the legendary Ivan Pepelnjak, a CCIE Emeritus, BGP wizard, and all-around networking guru. He’s here to walk us through the chaotic history of NAT, why it happened, and why, despite all efforts, it’s never really going away. We dive into the days when IP was just one of many competing protocols, when grabbing an IP block was as easy as sending an email, and when the first NAT implementations were only meant to be a temporary fix. Spoiler alert: that temporary fix became the foundation of modern networking. Ivan shares his firsthand experience from decades in the field, discussing why IPv6 adoption has been slow, how carrier-grade NAT is making things even messier, and why the dream of a fully end-to-end connected internet never really stood a chance. Plus, we touch on some truly wild networking trivia—like how stock exchanges measure fiber cable lengths to the nanosecond. If you’ve ever wondered why your home Wi-Fi setup still relies on NAT, why cloud providers and ISPs are desperate to push IPv6, or what networking challenges we’ll still be complaining about in another 20 years, this episode is for you. Stick around for some networking history, a bit of good-natured industry snark, and of course, a little chaos. And if you make it all the way to the end? Congrats, you’ve earned the right to set up your own double-NAT configuration at home—for "fun". --- LINKS 🔗 Chaos Lever Website: https://chaoslever.com 🔗 Chaos Lever LinkedIn: https://www.linkedin.com/company/chaoslever 🔗 Ivan Pepelnjak’s Blog & Networking Resources: https://blog.ipspace.net 🔗 NetLab Open Source Project: https://netlab.tools…

Chaos Lever Podcast

1
ARM Making Chips for Meta – Big Industry Shift? | Tech News of the Week 8:44

6 weeks ago8:44

8:44

Welcome back to Tech News of the Week, where Chris and I break down the biggest and weirdest stories in tech. We're a week behind because Chris decided to lose power—how selfish! But we’re back, and we’ve got four spicy news stories to dive into. Let’s go! 🧠 **Meta Wants ARM-Made Chips** ARM might start making its own chips, and Meta is reportedly first in line to buy them. This is a big shift for ARM, which has historically just designed and licensed chip architectures rather than manufacturing its own. If true, this could shake up the chip industry and make ARM a competitor to companies it currently licenses to. The first chips are rumored to launch this summer, so we won’t have to wait long to see what happens. Will this push companies toward RISC-V? Fingers crossed! 🔗 https://techcrunch.com/2025/02/13/arm-is-launching-its-own-chip-this-year-with-meta-as-a-customer 📖 **Facebook’s AI Reads Minds (Kind Of)** FAIR (Facebook’s Fundamental AI Research unit) teamed up with scientists in Spain to create a machine that can read your mind—well, sort of. By analyzing brain activity using M-E-G and E-E-G, they achieved an 80% accuracy rate in predicting what subjects were typing or saying. Right now, the tech is clunky and requires a controlled environment, but smaller, scarier versions are likely on the way. What could go wrong? 🔗https://www.techspot.com/news/106721-meta-researchers-unveil-ai-models-convert-brain-activity.html 💰 **SolarWinds Goes Private for $4.4B** Remember SolarWinds? The company that got hit with a massive supply chain attack in 2020? Well, private equity firms have decided it’s still worth squeezing for cash. Silver Lake and Tomo Bravo bought up a majority stake, and now TurnRiver is taking the whole thing private for $4.4 billion. Expect less innovation, more “cost optimization,” and an eternal cycle of rent-seeking. Somewhere in Middle-earth, Sauron is proud. 🔗 https://www.darkreading.com/cybersecurity-operations/solarwinds-private-billions 🖥️ **AI is Just Fancy Copy-Paste, Confirms Study** A new report shows that AI-assisted coding is leading to lower code quality. GitClear analyzed 200 million lines of code and found that, surprise surprise, AI-generated code is often just old code copied and pasted with minimal thought. Google’s own research backs this up, showing rising defect rates in published code. Microsoft even warns that overreliance on AI is killing critical thinking skills. So, uh… we’re definitely headed toward a bright, bug-free future, right? 🔗 https://www.gitclear.com/ai_assistant_code_quality_2025_research…

Chaos Lever Podcast

1
Why Sneakers (1992) is Still One of the Most Accurate Hacking Movies | Chaos Lever 44:39

8 weeks ago44:39

44:39

What happens when you mix cryptography, heists, social engineering, and a dash of early '90s tech paranoia? You get **Sneakers**—a movie that might be more relevant today than it was in 1992. In this episode, we break down the film’s tech, its realism (or lack thereof), and the undeniable truth that **people are always the weakest security link**. Because at the end of the day, it’s not about the tech—it’s about **People, Process, Technology**, in that order. Along the way, we take some delightful detours, including a discussion of **Tim Curry chewing scenery in *Legend***, whether a Braille Playboy was a real thing (spoiler: it was), and why the best security measures can be defeated with a birthday cake and some good old-fashioned social engineering. So, grab your popcorn and your best anagram-solving skills, and let’s dive into the world of Sneakers—a movie that understood the power of ones and zeros long before our social feeds did. Oh, and if you’re planning to crawl around in a drop ceiling like Robert Redford, please don’t.…

Chaos Lever Podcast

1
AWS Spends $100B on AI While OpenAI Fumbles Security | Tech News of the Week 7:40

8 weeks ago7:40

7:40

Welcome back to another jam-packed episode of Tech News of the Week! Chris and I are diving into four big stories that caught our attention this week. From sketchy ISP routers to OpenAI’s latest security fail, let’s break it all down. 🔹 **Stop Using Your ISP Router—Seriously** If you're still using the router your internet provider gave you, it's time for an upgrade. Not only are ISP-provided routers outdated and full of security holes, but they might also be spying on you—and, in some cases, even harboring actual bugs (the creepy-crawly kind). A new website, [RouterSecurity.org], lays out just how bad these devices can be. Investing in a good third-party router is a small price to pay for better security and performance. Also, if you haven’t looked into mesh routing yet, you’re missing out! LINK: https://routersecurity.org/ISProuters.php 🔹 **AWS Goes on an AI Spending Spree** Amazon reported solid Q4 earnings, but apparently, a 19% growth in AWS wasn't enough to impress investors. So, what's Amazon’s solution? Throw more money at AI! They’re planning to invest a whopping $100 billion in AI hardware this year, with much of that going toward NVIDIA-powered chips. The hope is that supply chain issues will ease up, allowing AWS to scale its AI efforts even further. But will all this spending pay off in the long run? We’ll see. LINK: https://ir.aboutamazon.com/news-release/news-release-details/2025/Amazon.com-Announces-Fourth-Quarter-Results/default.aspx 🔹 **Phishing Tests Are Getting… Meaner?** We all know about phishing tests—those fake scam emails companies send to see if employees fall for them. But lately, these tests have been pushing the limits, with some using emotionally charged messages like fake Ebola outbreaks or rescinded bonuses. The Wall Street Journal reports that while these tactics may be effective, they’re also making employees furious. One particularly controversial example? A phishing email promising free Eagles tickets to people in Philadelphia. Ouch. LINK: https://www.wsj.com/tech/cybersecurity/phishing-tests-the-bane-of-work-life-are-getting-meaner-76f30173 🔹 **OpenAI’s New Model Helps… Write Malware?** Well, that didn’t take long. OpenAI's new "secure" GPT-4 variant, O3 Mini, was supposed to be better at filtering out harmful requests. But within days, a security researcher tricked it into generating code to exploit Windows security processes. OpenAI insists the exploit wasn’t serious, but the fact remains—these models still aren’t as locked down as they claim. Maybe a little more internal testing before release wouldn’t hurt? LINK: https://www.darkreading.com/application-security/researcher-jailbreaks-openai-o3-mini That’s it for this week! Drop a comment, let us know your thoughts, and we’ll catch you in the next one. 🚀…

Selamat datang ke Player FM

Player FM mengimbas laman-laman web bagi podcast berkualiti tinggi untuk anda nikmati sekarang. Ia merupakan aplikasi podcast terbaik dan berfungsi untuk Android, iPhone, dan web. Daftar untuk melaraskan langganan merentasi peranti.