I'm now officially convinced that the podcast schedule is completely dependant on grey releasing videos

I think someone needs to make a compilation of every time Grey sighs.

Grey, it's absolutely possible to get access to cameras/microphones/any other input device. If a piece of malware can get elevated privileges (which is remarkably easy to get on most systems), it can do anything it wants. The computer doesn't know the difference between your skype or someone else's malware. There are ways to get malware installed on systems even without social engineering (which, again, is remarkably easy). In addition to that, zero days come out all the time that basically give malicious people free access to many systems. Computers will do whatever they're told, even if you don't realize who's giving it commands. If a piece of software tells your computer to turn on the webcam or gather all keystrokes or encrypt all your files, it will gladly comply. The way you can protect yourself is to just practice proper computer security and keep everything updated. On phones, don't install apps you don't need and check permissions on everything.

"Believe in the people" GREY/HARAN 2020

Multi-track drifting!

Well, the director of the FBI recommended to tape over your mic/camera, so... Yeah. Assume they're already compromised.

these two always putting a smile on my face

That is correct, that the audio is pressed into the vinyl during the 'pressing'. The expensive part of the process is making the metal top and bottom of the mold. About 100 tonnes of force is applied via the hydraulic press, to squeeze the vinyl into the right shape, all at one go. Then the record is trimmed around the edge, removing excess. Nearly all vinyl records are being made on machines built in the 1960s and 1970s. CDs and DVDs are manufactured essentially the same way - warm plastic is squeezed against a metal plate which has a reverse image of the disc. Then the disc is coated with a reflective layer, and several coats of clear sealant. It's quite an interesting process, and you can find expanded descriptions of it with just a bit of searching.

Guess who is now procrastinating their history paper and ochem homework to listen to the podcast

After 3 months, I'm Finally caught up, can't wait to listen to these as they come out and get my actually new news from it :D

One day two normal guys decided to record their conversations and start a podcast, here we are on episode seventy one, they're eligible for a silver play button and they even have merchandise and advertising specifically for their fans! #GetInspired

Honestly I wish I knew this podcast existed before, or rather knowing it was worth listening to, honestly you should advertise this more and maybe get some more people.

I guess you guys never heard of Snowden

hotstopper follower up, finally.

the Trolley problem is far more interesting when applied to self piloted aircraft. I propose that it is equally inevitable that aircraft will become pilot-less, and that this is also the case for large passenger liners. Let's think of an aircraft with 100 passengers coming into a landing approach when a sudden mechanical failure causes the aircraft to lose all forward power - could be a fuel issue, maybe bird strike, whatever, doesnt matter. The onboard computer determines that the aircraft and all 100 people have a 66% chance of making it all the way to the runway. Maybe it can get power back up, maybe they are already close enough, whatever. The path of approach, though, is directly over a highly populated residential area, an if the aircraft falls short it will land on an unknown number of homes, cars, and people. The aircraft then determines that it has a 100% chance of rerouting to a flight path where the entire possible range of landing/crashing sites are 100% unpopulated, but the chance of survival for the passengers drops drastically to near zero. Think of this from the perspective of the passengers as well as the manufacturers and the airline itself. Think of the highly convoluted issues of liability, not just for life, but for property - corporate entities are, after all, primarily concerned with property and profit first - if possible loss of life prevented corporations from actions, we would still be living in the stone age. This scenario is where the question gets the most interesting.

After advert one 24:12 After advert two 42:14 After advert three 1:18:02

Maybe self driving cars could make it so they don't (or very rarely) get themselves into situations where they have to crash? I mean, it will know if there is a car suddenly stopping in front of it nearly instantly, so it won't need to crash. If a car cuts you off, however, that could be a bit harder. With instant reaction time and better safety features, a lot can be done before people need to die.

I'm so agreeing with you Grey about the trolley problem. And what annoys me even more, is that the solution (besides the "instantaneous obstacle" that even rarer) to that problem is so simple : Keep the safety distance right. This scenario shouldn't even be able to happen.

KZbin gets it faster than the podcasts app!

greys reaction to finding that order number

I've been a passenger in a car that braked by hitting something else, but there was no life in danger. The car spun out of control and the driver put it against a tree on purpose to avoid falling in a ditch. Everyone was fine, the car had a small dent, and we drove off after taking some time to let the shock ware off.

yeesssssss that freaking pumpfake this afternoon had me HEATED

On the security discussion: Physical access makes attacks easier for sure, but it isn't necessary. All you need is to trick a user or computer into running code that is malicious. Anti-virus and the like reduce the risk of this happening by analysing the behaviour of programs being run on the computer. Even more useful are the full-fledged Internet Security software packages that also include "safe browser" modes for doing critical internet-based work (i.e. banking) and encrypted password lockers - let's face it, many people do store their passwords somewhere, and that means your accounts are only as secure as the thing you store your passwords in. In the case of running code, Windows is super susceptible to this sort of thing. Many users will make their user accounts "administrators" for the convenience of not being told they can't do things by their computer. All it takes is for them to download one malicious piece of software that isn't noticed by their anti-virus, and run it (Windows' User Account Control feature can help here by adding another step of having to confirm whether the user wants the software to run, but most people just automatically press yes at this stage without thinking). At that point if the software has asked for admin elevation and the user gives the password, well the software can basically do anything. That attack vector is assuming all stages are running correctly with no known exploits. There are definitely exploits. The most obvious is the human running the computer: phishing or social-engineering can yield the password of the user, or a bad password choice can mean it is easily cracked, or a simple application-level key-logger could be used to obtain the password if it is used multiple times (these key-loggers appear to run as part of a legitimate program and send all keyboard strokes to a remote attacker). Then there's operating system vulnerabilities, these are bugs in the operating system that would allow a program to gain admin privileges without user-permission. Some vulnerabilities can even be in applications that are legitimate but require significant permissions to run (Adobe Flash is an example of being particularly bad for this); find the application's vulnerabilities and you have relatively easy access to any computer that runs that application. Once a malicious program has such privileges through whichever means they can, the program can inject what's called a "rootkit" into the computer wherever it likes. So, for example, in the kernel (the fundamental, lowest-level code of an operating system) or the firmware of connected hardware (the code on the hardware that allows it to communicate with other hardware and thus work as part of the computer). Once a rootkit has been injected, if it isn't poorly made it will be super-hard to detect (common anti-virus wouldn't suffice, typically) and if it's in the kernel or firmware, you're going to have to either reinstall the OS or replace the hardware respectively. Such rootkits being in such low-level systems give the attacker access to the subsystems they please. So webcams, USB ports, microphones, anything connected to the computer, would be essentially vulnerable. A reason why USB devices are not permitted in many top-secret locations, be it police comms, military establishments, corporate research labs etc. is that the USB devices can be injected with such rootkits in their firmware, which will then run when the device is plugged in. Unfortunately, for USB devices to work computers have to assume they are entirely trustworthy, and so such devices are very good vectors for attacking a system. Note: I am not an expert, per se, so any mistakes that people notice, please let me know! Edit: Not sure if I can provide links without being considered spam, but check out /r/technology and filter specifically for security. Some real interesting news is linked there day-to-day. A few interesting things of note as of today: a security firm that claims to have been able to break into cardiac implants and (theoretically) kill patients. A version-agnostic exploit of Windows that would allow an attacker to retrieve encrypted passwords and do various other super-damaging things - though this exploit requires the user to let the software run (so just be cautious, as always, in deciding which programs to let run). Finally the showcasing of a super-scary exploit at the hardware-level of essentially any device using RAM that would allow getting admin privileges, or even getting code that should run inside a browser sandbox to run in the operating system environment itself. That last one is super scary: if code can get itself ran in the OS environment when it should be ran in a browser's sandbox, that means that just visiting a website could see your computer compromised and things like rootkits injected.

About the trolley problem , i'm currently training to take my drivers license and one of the we are taught is to always be at least 3 seconds behind the car in front of us. This is so in case the car would suddenly break really hard we would have time to react and break. The solution to the trolley problem is not to program in a moral algorithm, it's simply driving further away from the car in front and installing better breaks. If the car gets into the position of either crashing into something cause it does not have the time to break or killing pedestrians, something has already gone very wrong.

When they brought up that school spying on students through school computer I got really uncomfortable because I'm listening to this on a school computer at home.

Jolly good podcast gentleman.

Grey, it's definitely possible. 1) Your laptop can be hacked, e.g. through a virus or worm. 2) If your laptop is hacked, the hacker could install software on it. 3) Installed malicious software could do anything, including doing the same as the software that school installed.

Oh shit catching an HI episode right as it releases.

Audio professional here. Yes, the moment in which that glob of vinyl is getting pressed to that flat record is the moment that the grooves along with the audio are pressed onto the record. You can etch audio into a blank record as well, but in that case the vinyl needs to be softer than the vinyl of a pressed record, which makes it wear out and sound crappy way more quickly. This is used mostly for dubplates, DJs and to cut the master from which they cast the stamper that will be used for pressing the final records.

Hey Grey, apologies for the trouble but yes there is such a way for people to "hack" into your video camera, or microphone without physical contact and by remote access. There's two main way's which one requires you to be close by proximity and the other way is by distance but it requires alot of time and effort, so you shouldn't be to worried unless your someone like Mark zuckerburg who's probably having multiple attempts of attacks on his personal computer. It's generally very time consuming so not many people attempt hacking into devices remotely since there are betters ways of gathering Data from users.

well I was going to sleep

yeah new notification of the Podcast. imma gonna download it now

I'm pretty sure that trolley problems will be very rare on AV's, since they will be programmed to maintain a safe distance, which reduces the likelyhood of situations, in which it is impossible to avoid collision by slowing. Also, they haven't mentioned the probability of bystanders. For example, in cities there are more bystanders, but cars are required to move slower, while in rural areas, cars move much faster and the likelyhood of severe traffic accidents is higher, but the probability of bystanders is miniscule. So as Gray says, it is more efficient and safer to program these cars to just avoid collision.

Right as I am going to bed. Looks like this one will have to wait for later.

42:30 Trolley problem

I'm also super curios about that stuff especially thanks to episode 3 of black mirror.

CGP Grey is a time traveler from a post apocalyptic future and is trying to change the future through the videos.

I lost my headphones a while back so I was walking to class while holding my phone next to my ear and listened to the topic of them hating people playing music out loud. That being said, I too hate when people play their music very loud in a public place so I only listen to my podcasts is open spaces where 98% of the time no one is close enough to hear the faint noise my phone makes at full volume. As soon as I get in a building or on a train the goal of being the quietest person there becomes one of my top three in the order of priority.

Dear Grey & Brady, On the topic of the hacking of microphones and cameras, every year some ex police officer comes and talks to use about how you should tape your camera when you are not using it. Where I am from it turns out hacking of the cameras happens a lot, so this might be why it is so serious at my school specifically. Maybe it is a really big problem, maybe just a ploy to keep kids safer. I hope this helps if not all the same. ~One of Your Fans

Goodness, I feel like I'm playing an extreme game of piano tiles...

You are mostly right grey, however there are cases where someone exploits a vulnerability to gain access to something remotely, and If I have learned anything as a security major, getting in is 95% of the battle to doing whatever you want.

Grey, Your version of the false positive ignores the severity of the sides. i.e. A false positive will cause the car to stop when it didn't need to. Hardly as bad. There will be injuries but that would be a small percentage then the false postitives

The groves (sound) are pressed into the vinyl by the big machine.

What if they introduce the trolley problem to self-driving cars and this incident occurs but there's another car behind you and the people in that car could only survive if your car turns and drives over the pedestrians? If that situation then caused more deaths because of the trolley problem code, would they add more code to also take other cars into the calculations? This could go on and on.

I was physically laughing at this part 1:21:30 - 1:21:54

Something else to keep in mind is that an AV would have a significantly better reaction time and overview of the situation, so would a scenario like crashing in to the truck even occur? I realize now that grey mentioned this.

Yes, it is very possible. No, you don't need physical access. How likely is it? Depending on how motivated and geared the attacker is, it could be very easy. Would be happy to cite if needed.

Cyber security is something that people talk about all the time, but the fact is that it is an entire field of study, while a lot of conversations about it act as though it's just a particular sort of anti-hacker software. I have only a comment on the photo of Zuckerberg taping over his camera: Most (perhaps all) webcams have an LED that is designed to come and, and not turn off, whenever the camera turns on, but in many cases this can be defeated. It is possible to design a circuit that supplies an LED and the camera with power so that if the camera is receiving power the light comes on, but a stunning number of manufacturers have decided to simply require in software that the light come on when the camera comes on, and this can be defeated remotely simply by rewriting the instructions for the device so that it doesn't turn on the light any more. In the case of a circuit that powers the camera and light at the same time the only way to defeat it is to physically have the device and modify the circuit.

Hey Brady and Grey, not sure when this was recorded or if either of you have heard, but a week ago there was an accident between a driver-less car and a lorry in Singapore. Here's a link to one article: www.straitstimes.com/singapore/driverless-car-hits-lorry-during-test-drive. The funny thing is that transport authorities introduced driver-less buses the day after, receiving a ton of complaints on facebook in response. I can't find any sources detailing what caused the accident or how the car's software may have prevented a more major incident, but hopefully we'll hear more soon.

Objectivity is the best.

we will have a moment when we hold it together...

What about if there was a way that whenever a trolley problem situation is about to happen the car can find away to put the driver and the passenger safe and then avoid hitting the pedestrians. Like if it happens then a parachute seat takes the the passengers out of the car safely and then the car drive to a place where no one is hurt? Expensive to achieve but it is a solution.

This comment will allegedly bother Brady ;)

The first link in the Show Notes doesnt work

As a Northern Irelander, I'd like to join Scotland, Wales and London in this free pass to stay within Europe

Why are subtitles white text on slightly-off-white background? Can I change that?

From an embedded engineer's perspective: Grey is spot on when he calls the trolley problem bike-shedding. He's also correct in saying that the designer should take the simplest approach that works. "Clever" is a four letter word when it comes to safety critical systems. He's also spot on when he talks about the concerns regarding false positives. Braking is the correct, simple answer that solves the problem of collision avoidance. The biggest side-effect of braking comes from getting rear-ended, which is again solved by braking faster than a human could react. The side-effects of incorrectly swerving to avoid a collision are far more dangerous and require third-parties to react to avoid in a complicated way. Since swerving can effect more than the party immediately behind you, the problem can quickly scale exponentially when 1 car swerves, causing 2 cars to swerve, which each cause another 2 cars to swerve, and soon every car in the general area is swerving to avoid other cars that are swerving to avoid a car that is swerving to avoid a pigeon. Trolley bike-shedding.

Grey, you're wrong. I had to make the decision, on an icy road with an on-coming car spinning towards me, to either keep going straight and get hit, or I could've swerved right and hit a minivan full of kids. It happened slow enough that I had the time to make peace with taking the on-coming car head-on, saving the minivan from the impending accident.

25:27

1:40:00 so you say scottland would be a island like a northern ireland

48:30 A self driving car would be programmed not to tail so closely at such high speed.

Grey does not seem to understand that the swerve or crash coding would only activate when braking does not slow the car, ie: the brakes break. Otherwise, breaking is exactly what it will do.

1:09:41 allegedly 1+1=2

1hr 03min programming additional evasive manoeuvres into a car's defensive toolkit doesnt need to be linked to trolley problem scenarios though. if a car recognises its surroundings as obstacles and open space, it can still be able to decide whether to brake or swerve, if there is space open to swere. if anything, adding the complexity of needing to recognise a person from any other obstacle seems like unnecessary complexity of code, when you want a car to avoid any obstacle.

Grey, hacking is possible in other ways. Be careful when you open links that strangers send you, because tese links force your devise to install a program and then they CAN activate your camera and microphone. Also never use a CD or flash player if you don't know what it contains! sorry for my bad English

love these

I know of people who use fishing links and can watch cameras on many peoples PC's

i was REEEEEing out listening while driving. Yes the penetation of your devices is easy and its fully wide spread. proximity isnt a factor. flash vulnerability leads to total device pwnership and its only one of thousands of vectors. this is not a joke. they have you. if you want specific sources i can provide but there are unknown sources that invade your phones and computers :)

As someone who will never, ever associate with iTunes, is there any way to get this ep on a downloadable .mp3 or somesuch?

I can't wait for 25:00-26:00 to be animated

Grey's reasoning on the topic of collision avoidance was really painful to digest.

A member of the Chaos Computer Club published a cloned fingerprint of the German defence minster in 2014. They used publicly available pictures of her. The same person unlocked a iphone 5s with a fake fingerprint in 2013.

53:33 what you do is, you don't have a lorry. you ban human cars so you don't have this problem.

"March seems like hilarious stalling" Ha

And of course my high school get mentioned again with the same stupid issue. Wonderful.

Trolley problem nuance: assuming there is only one person in the car, swerve just enough to hit with the side the person isnt on?

are you asking me to turn on your webcam?

The google SDC has programmed into it how bad it does not want to hit things. I can't remember exactly what the order is, but it's something like pedestrian/bicyclist, motorcyclist, car, truck/bus, building. So basically, the SDC would rather hit the thing that could take a hit than hit something that cannot, and as far as I'm aware it does not take its passengers into considerations, but I'm not a representative of google so take that with a grain of salt.

I am Scottish. I will be voting to stay as I personally believe that Unity is better, that the SNP won't bring us back to the EU because they are all for independance, that our economy won't handle it, and I just love being British as well as Scottish. But my friends and I have come to terms that independance is almost 100% happening, with a narrow Unity victory in 2014 and now Brexit. So we've started working towards ways to stabalise the country when it does happen, even though we're voting for untiy, because frankly no one has a plan for afterwards, it's like no one has learned from Brexit.

I never realized how the youtube channel is now tied with the normal podcast. I went on youtube just to subscribe to objectivity because i felt like brady was threatening me. he is mostly being a babe, it has about 95000 subs.

man in middle attack is one way you grab someone's password, then get a copy of their email or entire phone. which is extremely easy if you are in a Starbucks or a similar place. And hack your laptop's camera or mic is even more easy. One should assume one's digital device is compromised at the moment they connect them to a network or download anything on a network. The reason your pics or emails are not public on the internet is because nobody care to hack you. However getting access to a phone is an entire different story like the FBI case. because your device is not actively connect to a network or download malwares on its own while they are not accessed.

57:30 Look at that, a Bayesian argument. It's so rare to see rationality on this topic! :)

Probably shouldn't be starting this at Twenty to Two in the morning...

on the hacking thing no inhancing not possible but you can do alot of other things microphone and camres can be hacked

Trolley problem section was a little frustrating to listen to. Brady first summed up Grey's major misgiving perfectly (ie, you don't want your self-driving car's algorithm looking for ghosts), agreed that it was a convincing argument...and THEN proceed to argue against it as if he had never acknowledged the folly of writing code to accommodate very rare events. Seriously messed with my head and I had to rewind to make sure I heard him properly the first time. Yup.

On the hacking of devices cameras, yes it is possible. For example give instagram access to your camera and malware hidden in that download instagram doesn't even know about will give the makers the ability to turn your camera on covertly.

Finally!!

Re: Phone Security How much spyware do you install? How closely do you watch your permissions? What about the people in the room with you?

firts i want to say im really sorry for my writting i know i dont writte well but ive studied computer security and i can tell you it is totally do able to get in a computer turn on mic and cam and of course it would be harder to get in by being on another internet conection but if you are on the same wifi let say some one is outside your home cracks the password which is not that hard in general well the step to get in your computer and turn the cam on is actully pretty easy

1:27:15 grey's voice went a little shrill.

I don't know how you can say those accidents are "one in a million" surely almost every collision between vehicles has a moment to decided what to hit and which way to hit it but we don't have the ability to assess the situation logically in the moment as AV's would? Collisions on a 3 lane motorway would have lots of options, forget people on the street what about people in other cars?

900th like ... cherish the small victories

Send the car into the people, you have to add in the possibility that the people can jump/dive away so there is some doubt that you would kill the people on the side of the road

From what I understand, the FBI does have ways to turn on your cameras and microphones without you ever knowing. I'd assume that it's possible for that method to end up being leaked into the dark net.

the hacking of cameras is a thing, but its very rare. you would just need to install something on the computer or the camera would need its own IP the Indian "microsoft assistants" scammers will sometimes download a software like that. they would just need to install something that allows them to remote in to your computer

I wonder if Grey heard about the self-driving Budweiser truck. I know he doesn't care for the news, but that seems relevant to his interests.

here, here, here

Objectivity at 93k subscribers as of 10am 10/28/2016

The scary thing about programming the selfish serve to save the driver is when there is a false positive on something being in front of the car. What if the car swerves because a bag flies in front of the car but is registered as an obstruction? Do you really want a car that avoids a bag by crashing into pedestrians?

I know this video is old and you have double the amount of videos now but I would like a fully independent, truly United Kingdom. I know that the Britons want absolute independence but they need some sort of economic union. I propose an often thrown around idea of an Anglosphere, a union of English speaking countries. It could have an Inner Anglosphere for more devoted member states who get more representation along with more benefits and this would likely include the USA, UK, Australia, New Zealand, Guyana, and Canada. There could also be an Outer Anglosphere for nations with an English history and want to join but don't want full membership. This would give them both less benefits and less representation. Member states of this may include South Africa, India, Belize, etc. The Anglosphere would be different from the EU as it would hold no capital nor overarching government over the member states. Due to no overarching government the member states would be more allowed to hold patriotism and nationalism, a very large reason why Britain is going to leave the EU and America isn't part of any big union as both want to keep their nationalistic and patriotic views. The Anglosphere would be very pro-capitalist and it would support the businesses inside the member states and push out outsiders. Law making would be different as representatives would gather up and create laws that the member-states themselves would vote on and establish rather than a non-existent Anglo-Government.